Click to jump to signature section
Source: Curriculum Vitae Catalina Munoz.exe | Avira: detected |
Source: http://www.duobao698.com/ff4v/?4h=LVfH/OXwoF79o2r68Z//edB1CD2wHwJvvAzVR8ioN4kZT9t7ttcPOR+uxhJHzze41PCTSWmMujBUW/EaEzEZD5zZNBA7OVz8Vpr8h3iEYlpLT06Bb1IAlYNp8C2ydDS2jK3yMNhnhgns&623=YLI8v8eXd0Y | Avira URL Cloud: Label: malware |
Source: http://www.gett.hu/1df8/ | Avira URL Cloud: Label: malware |
Source: http://www.drdavidglassman.com/61qh/ | Avira URL Cloud: Label: malware |
Source: http://www.lets-goo.ru/jcz4/ | Avira URL Cloud: Label: malware |
Source: http://www.duobao698.com/ff4v/ | Avira URL Cloud: Label: malware |
Source: http://www.drdavidglassman.com/61qh/?4h=3koAA3SOIywIBRC3td/m9uAOoJ2vUr08254YEzy+UHnBLa5Tf1e0Y2d1G2geOsid5v6Dlmz0jNB7DtbaJOUrRYZ3Loo9fHLeEOQbNs9kRl4b14/G3iavBmGoo3V0HXEiPICNmWgJ3+Za&623=YLI8v8eXd0Y | Avira URL Cloud: Label: malware |
Source: http://www.lets-goo.ru/jcz4/?4h=WdxcKFuQ7mYOQBn+p/nyxXlogtPhyiv1qK8yWbAPdcz8dy7KnvGu92vbpUccmm37j4MpRjiQV1qWt/RV+FnqAomjDZURMhccC9NzYUb/SGoQANKT0/qbRrolcopRkFHPlXwp4+ZNAZOj&623=YLI8v8eXd0Y | Avira URL Cloud: Label: malware |
Source: duobao698.com | Virustotal: Detection: 5% | Perma Link |
Source: gett.hu | Virustotal: Detection: 5% | Perma Link |
Source: http://www.drdavidglassman.com/61qh/ | Virustotal: Detection: 7% | Perma Link |
Source: http://www.duobao698.com/ff4v/ | Virustotal: Detection: 5% | Perma Link |
Source: Curriculum Vitae Catalina Munoz.exe | ReversingLabs: Detection: 63% |
Source: Curriculum Vitae Catalina Munoz.exe | Virustotal: Detection: 56% | Perma Link |
Source: Yara match | File source: 2.2.Curriculum Vitae Catalina Munoz.exe.400000.0.raw.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 2.2.Curriculum Vitae Catalina Munoz.exe.400000.0.unpack, type: UNPACKEDPE |
Source: Yara match | File source: 00000002.00000002.1457438353.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match | File source: 0000000F.00000002.3658674267.0000000003480000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match | File source: 00000010.00000002.3665046974.00000000048F0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Source: Yara match | File source: 0000000F.00000002.3662944861.0000000004E70000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY |
Source: Yara match | File source: 0000000F.00000002.3657466018.0000000002FC0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY |
Source: Yara match | File source: 00000002.00000002.1459154555.0000000001850000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY |
Source: Yara match | File source: 0000000E.00000002.3662794432.0000000004B50000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY |
Source: Yara match | File source: 00000002.00000002.1459314243.00000000037F0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY |
Source: Submited Sample | Integrated Neural Analysis Model: Matched 100.0% probability |
Source: Curriculum Vitae Catalina Munoz.exe | Joe Sandbox ML: detected |
Source: Curriculum Vitae Catalina Munoz.exe | Static PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
Source: Curriculum Vitae Catalina Munoz.exe | Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Source: | Binary string: R:\JoeSecurity\trunk\src\windows\usermode\tools\FakeChrome\Release\Chrome.pdb source: OZCzxhvCDDlUqJnCoH.exe, 0000000E.00000000.1377872255.0000000000B2E000.00000002.00000001.01000000.0000000E.sdmp, OZCzxhvCDDlUqJnCoH.exe, 00000010.00000002.3662366685.0000000000B2E000.00000002.00000001.01000000.0000000E.sdmp |
Source: | Binary string: TSTheme.pdb source: Curriculum Vitae Catalina Munoz.exe, 00000002.00000002.1457615887.0000000000F18000.00000004.00000020.00020000.00000000.sdmp, OZCzxhvCDDlUqJnCoH.exe, 0000000E.00000002.3661296507.00000000010D8000.00000004.00000020.00020000.00000000.sdmp |
Source: | Binary string: wntdll.pdbUGP source: Curriculum Vitae Catalina Munoz.exe, 00000002.00000002.1457839890.00000000014C0000.00000040.00001000.00020000.00000000.sdmp, TSTheme.exe, 0000000F.00000003.1457676756.0000000004D79000.00000004.00000020.00020000.00000000.sdmp, TSTheme.exe, 0000000F.00000002.3663554386.000000000526E000.00000040.00001000.00020000.00000000.sdmp, TSTheme.exe, 0000000F.00000002.3663554386.00000000050D0000.00000040.00001000.00020000.00000000.sdmp, TSTheme.exe, 0000000F.00000003.1459524541.0000000004F20000.00000004.00000020.00020000.00000000.sdmp |
Source: | Binary string: wntdll.pdb source: Curriculum Vitae Catalina Munoz.exe, Curriculum Vitae Catalina Munoz.exe, 00000002.00000002.1457839890.00000000014C0000.00000040.00001000.00020000.00000000.sdmp, TSTheme.exe, TSTheme.exe, 0000000F.00000003.1457676756.0000000004D79000.00000004.00000020.00020000.00000000.sdmp, TSTheme.exe, 0000000F.00000002.3663554386.000000000526E000.00000040.00001000.00020000.00000000.sdmp, TSTheme.exe, 0000000F.00000002.3663554386.00000000050D0000.00000040.00001000.00020000.00000000.sdmp, TSTheme.exe, 0000000F.00000003.1459524541.0000000004F20000.00000004.00000020.00020000.00000000.sdmp |
Source: | Binary string: TSTheme.pdbGCTL source: Curriculum Vitae Catalina Munoz.exe, 00000002.00000002.1457615887.0000000000F18000.00000004.00000020.00020000.00000000.sdmp, OZCzxhvCDDlUqJnCoH.exe, 0000000E.00000002.3661296507.00000000010D8000.00000004.00000020.00020000.00000000.sdmp |
Source: C:\Windows\SysWOW64\TSTheme.exe | Code function: 15_2_02FDBE90 FindFirstFileW,FindNextFileW,FindClose, | 15_2_02FDBE90 |
Source: C:\Users\user\Desktop\Curriculum Vitae Catalina Munoz.exe | Code function: 4x nop then jmp 07891CE1h | 0_2_07891317 |
Source: C:\Windows\SysWOW64\TSTheme.exe | Code function: 4x nop then xor eax, eax | 15_2_02FC96D0 |
Source: C:\Windows\SysWOW64\TSTheme.exe | Code function: 4x nop then pop edi | 15_2_02FD23FD |
Source: Traffic | Snort IDS: 2855465 ETPRO TROJAN FormBook CnC Checkin (GET) M2 192.168.2.7:49710 -> 124.156.151.111:80 |
Source: Joe Sandbox View | IP Address: 203.161.43.228 203.161.43.228 |
Source: Joe Sandbox View | IP Address: 188.114.96.3 188.114.96.3 |
Source: Joe Sandbox View | IP Address: 188.114.96.3 188.114.96.3 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic | HTTP traffic detected: GET /y4a0/?4h=SNHD3K3PParXHnkwUXmJyoZGSKzPVxiMFdor0NFDe3qARdFDsr6bi2Hm1bNI3aFCJ45VE8SHGaBHgDSe2Sonpz6bDHAjQ/z+aswAPE+xiOEsS724wCH7dMecgb+s+6E26U1cI5uvI0Mp&623=YLI8v8eXd0Y HTTP/1.1Host: www.crxwdix.storeAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /1df8/?4h=HKzVUqf1aEuVi+2sXpcO0QRiAr3gocmC4R78U/lSG5GPWeqrEM/dj7KCi/m7j8wlbFRbxXaftyt8S80LR8LDtnhaMK2/eM8I7y9bqMxgYhPG1v0QEsNv7Olz+oqDA3TDqZmGkZkE9/dY&623=YLI8v8eXd0Y HTTP/1.1Host: www.gett.huAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /jcz4/?4h=WdxcKFuQ7mYOQBn+p/nyxXlogtPhyiv1qK8yWbAPdcz8dy7KnvGu92vbpUccmm37j4MpRjiQV1qWt/RV+FnqAomjDZURMhccC9NzYUb/SGoQANKT0/qbRrolcopRkFHPlXwp4+ZNAZOj&623=YLI8v8eXd0Y HTTP/1.1Host: www.lets-goo.ruAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /o2z4/?4h=o4btfdz60D114qnlpPkAL4ysHPNnnpnlNvMaE18djeqdyh8JxI4to+dkcTQv5jDwTFNUiMSIZUwmUqoSbZzkAVBLptEej4dkSw0Rp5qMw46dSxiTGxGYdrzYQnQsEiM3dvL1u5YQIt8O&623=YLI8v8eXd0Y HTTP/1.1Host: www.emgeecontracting.shopAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /ff4v/?4h=LVfH/OXwoF79o2r68Z//edB1CD2wHwJvvAzVR8ioN4kZT9t7ttcPOR+uxhJHzze41PCTSWmMujBUW/EaEzEZD5zZNBA7OVz8Vpr8h3iEYlpLT06Bb1IAlYNp8C2ydDS2jK3yMNhnhgns&623=YLI8v8eXd0Y HTTP/1.1Host: www.duobao698.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /61qh/?4h=3koAA3SOIywIBRC3td/m9uAOoJ2vUr08254YEzy+UHnBLa5Tf1e0Y2d1G2geOsid5v6Dlmz0jNB7DtbaJOUrRYZ3Loo9fHLeEOQbNs9kRl4b14/G3iavBmGoo3V0HXEiPICNmWgJ3+Za&623=YLI8v8eXd0Y HTTP/1.1Host: www.drdavidglassman.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /faug/?4h=gQ1rcTKRTEdEYijsQ7RFFauKs4+hYTESjtLv7rh/BlgU+Ddcsh0s2+qhlb94LlvEhZt7Uc7VfShGPHZ40PDTJ1kF4z42d0MBHK6AIRS14RYMt5cJ4UQYX3B6sCkK/z4FUX6qhl+TCqln&623=YLI8v8eXd0Y HTTP/1.1Host: www.friendsfavorites.petAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /arkx/?4h=izrOBqjDGn6K81VAqiLvdxq7h8n9iXY4J1uyWiaqUuNHOvNf2Hoypk/h4at0tdb9bQxTH+Zf8GFGMv9cn3TC2h6uZHILfUjXpIKlVyIf/DctIe5AU17J5zebd8IAEKXGkCDEtoBzkAdY&623=YLI8v8eXd0Y HTTP/1.1Host: www.featuringnature.deAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /nsxv/?4h=pYuJRq+8cLDcL7HBjbC+/g/Mh4BWEuLgiK2rXGhb3IwhxBD1Y9l6lru26CW/IEGwQ6X80EHXbCPAETHU89p1owS3Fy9cgcx9jNYuN7s7s2Oj/CYEgsKi16b0MMZfzW5XOEPuTfm+FgSa&623=YLI8v8eXd0Y HTTP/1.1Host: www.kohfour.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /sdqf/?4h=/Um9ojVdkbfnISaoGVsuQzSOUzKaaLgSbEiIsV4+zKdo/XoiJWjCg4n0fCMWfuuxI3x/+HlmtSdoreUzjia5ktzQg+QfuhD9Tyqg/FbSK60Z9xhxRrThQnyA3fP8fU7MydtKBAbYK1CU&623=YLI8v8eXd0Y HTTP/1.1Host: www.getmall.onlineAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /yfa0/?4h=0WhDsKDlEsw2U2hGDN8VHtGa3OHmwnAep36jQbkxMA/yUt9OY1uk5sHeApFDjZn3CMzAWurlvftixp+c+vBUGrqZNxyLTULtMs5Dxygy6ogz213YpKfivi2Kz6VhB8QL1f0m+iF6WOns&623=YLI8v8eXd0Y HTTP/1.1Host: www.uqdr.cnAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /w912/?4h=vZKT0BokUz0Nxao4mcSjanYirAH1q7MhbEC9IA+OY5sgrADNPU0JrQkM0waXTw1UtcTvO26zHEpWIbySxhuqYeEN75iL48Y+nSKxcRhJvbqJM0ozumkczTZ0r6h/7BELTqwTup5gX3mE&623=YLI8v8eXd0Y HTTP/1.1Host: www.kernelphysics.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /zxqv/?4h=OundE2exmel4zoR2h8DaiP5rA6rWpfsTmCodHa3wAeftE7HOQeIovEJMwiGRwn5EG1Ay+Vr7sNzWsvI7Z9ouBjSqQ9kX1TTXpDayR3bilNm8LgIuib/ea4tO/6BxMsTG0spQdKgoBIvM&623=YLI8v8eXd0Y HTTP/1.1Host: www.theppelin.onlineAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /xvcs/?4h=C9I48TAnIDWUJjArfDMWJdViUh6nNPGow05e1uC1tfhZsbhFFmHmX4wCjHXOtJR+EmF88tR6GQ9yogFnvhAEpy/ktKFnGfRg/4wLMWSu7Ir3MPWPBJr4ouRSVqpeqHbqcPt/HmBjByDG&623=YLI8v8eXd0Y HTTP/1.1Host: www.botcsllc.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: global traffic | HTTP traffic detected: GET /wy0r/?4h=WzjQ5Lku/CcVmfYMLh2se4NW5p5EcwqyA3YiOMIwT77nsakaLKShRywTCni07+Ypglha0We7/XFNEOgzZwpW0Iau+HgTJhKyqKoR5usZjmbjCMnZJqH26R2XpANM+dd2J9nsS8vZ76/r&623=YLI8v8eXd0Y HTTP/1.1Host: www.shengniu.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USConnection: closeUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2 |
Source: TSTheme.exe, 0000000F.00000002.3666682659.0000000008050000.00000004.00000800.00020000.00000000.sdmp, TSTheme.exe, 0000000F.00000002.3664896761.0000000006F4E000.00000004.10000000.00040000.00000000.sdmp, TSTheme.exe, 0000000F.00000002.3664896761.0000000006774000.00000004.10000000.00040000.00000000.sdmp | String found in binary or memory: <li><a rel="nofollow" href="https://twitter.com/hover"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 100 100"><circle cx="50" cy="50" r="50" /><g transform="scale(0.3 0.3) translate(-200 -300)"><path d="m 453.82593,412.80619 c -6.3097,2.79897 -13.09189,4.68982 -20.20852,5.54049 7.26413,-4.35454 12.84406,-11.24992 15.47067,-19.46675 -6.79934,4.03295 -14.3293,6.96055 -22.34461,8.53841 -6.41775,-6.83879 -15.56243,-11.111 -25.68298,-11.111 -19.43159,0 -35.18696,15.75365 -35.18696,35.18525 0,2.75781 0.31128,5.44359 0.91155,8.01875 -29.24344,-1.46723 -55.16995,-15.47582 -72.52461,-36.76396 -3.02879,5.19662 -4.76443,11.24048 -4.76443,17.6891 0,12.20777 6.21194,22.97747 15.65332,29.28716 -5.76773,-0.18265 -11.19331,-1.76565 -15.93716,-4.40083 -0.004,0.14663 -0.004,0.29412 -0.004,0.44248 0,17.04767 12.12889,31.26806 28.22555,34.50266 -2.95247,0.80436 -6.06101,1.23398 -9.26989,1.23398 -2.2673,0 -4.47114,-0.22124 -6.62011,-0.63114 4.47801,13.97857 17.47214,24.15143 32.86992,24.43441 -12.04227,9.43796 -27.21366,15.06335 -43.69965,15.06335 -2.84014,0 -5.64082,-0.16722 -8.39349,-0.49223 15.57186,9.98421 34.06703,15.8094 53.93768,15.8094 64.72024,0 100.11301,-53.61524 100.11301,-100.11387 0,-1.52554 -0.0343,-3.04251 -0.10204,-4.55261 6.87394,-4.95995 12.83891,-11.15646 17.55618,-18.21305 z" /></g></svg></a></li> equals www.twitter.com (Twitter) |
Source: TSTheme.exe, 0000000F.00000002.3666682659.0000000008050000.00000004.00000800.00020000.00000000.sdmp, TSTheme.exe, 0000000F.00000002.3664896761.0000000006F4E000.00000004.10000000.00040000.00000000.sdmp, TSTheme.exe, 0000000F.00000002.3664896761.0000000006774000.00000004.10000000.00040000.00000000.sdmp | String found in binary or memory: <li><a rel="nofollow" href="https://www.facebook.com/hover"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 100 100"><circle cx="50" cy="50" r="50" /><g transform="scale(0.25 0.25) translate(30 50)"><path d="M182.409,262.307v-99.803h33.499l5.016-38.895h-38.515V98.777c0-11.261,3.127-18.935,19.275-18.935 l20.596-0.009V45.045c-3.562-0.474-15.788-1.533-30.012-1.533c-29.695,0-50.025,18.126-50.025,51.413v28.684h-33.585v38.895h33.585 v99.803H182.409z" /></g></svg></a></li> equals www.facebook.com (Facebook) |
Source: global traffic | DNS traffic detected: DNS query: www.crxwdix.store |
Source: global traffic | DNS traffic detected: DNS query: www.gett.hu |
Source: global traffic | DNS traffic detected: DNS query: www.lets-goo.ru |
Source: global traffic | DNS traffic detected: DNS query: www.emgeecontracting.shop |
Source: global traffic | DNS traffic detected: DNS query: www.duobao698.com |
Source: global traffic | DNS traffic detected: DNS query: www.drdavidglassman.com |
Source: global traffic | DNS traffic detected: DNS query: www.friendsfavorites.pet |
Source: global traffic | DNS traffic detected: DNS query: www.featuringnature.de |
Source: global traffic | DNS traffic detected: DNS query: www.kohfour.com |
Source: global traffic | DNS traffic detected: DNS query: www.getmall.online |
Source: global traffic | DNS traffic detected: DNS query: www.uqdr.cn |
Source: global traffic | DNS traffic detected: DNS query: www.kernelphysics.com |
Source: global traffic | DNS traffic detected: DNS query: www.theppelin.online |
Source: global traffic | DNS traffic detected: DNS query: www.botcsllc.com |
Source: global traffic | DNS traffic detected: DNS query: www.shengniu.com |
Source: unknown | HTTP traffic detected: POST /1df8/ HTTP/1.1Host: www.gett.huAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-USAccept-Encoding: gzip, deflate, brOrigin: http://www.gett.huConnection: closeContent-Length: 215Content-Type: application/x-www-form-urlencodedCache-Control: max-age=0Referer: http://www.gett.hu/1df8/User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/6.1.6 Safari/537.78.2Data Raw: 34 68 3d 4b 49 62 31 58 63 7a 32 62 30 61 71 74 59 47 77 53 62 49 55 75 43 67 58 48 72 7a 44 73 38 69 45 37 42 76 6b 5a 4d 70 41 50 65 62 63 57 4b 61 4d 58 62 37 35 6c 4c 57 67 2b 39 4f 44 73 74 63 32 42 32 4a 6a 78 46 4b 6c 77 53 6f 49 4a 76 51 6c 52 35 33 36 77 45 64 52 4d 49 71 59 63 65 49 30 32 56 35 73 30 75 46 66 47 77 2b 51 79 59 6f 55 43 2f 74 6f 79 76 42 32 38 64 50 36 58 31 65 6e 74 73 7a 56 73 37 4d 4e 6f 63 64 65 74 6a 4f 57 7a 59 63 5a 7a 63 4b 4f 31 4a 55 67 69 46 36 62 6b 53 4b 42 59 75 57 4d 30 49 2f 54 53 52 38 59 42 6c 67 5a 73 4c 7a 72 5a 56 72 5a 6d 68 65 57 79 77 74 45 36 78 43 34 31 73 6c 33 38 6c 34 37 2b 77 3d 3d Data Ascii: 4h=KIb1Xcz2b0aqtYGwSbIUuCgXHrzDs8iE7BvkZMpAPebcWKaMXb75lLWg+9ODstc2B2JjxFKlwSoIJvQlR536wEdRMIqYceI02V5s0uFfGw+QyYoUC/toyvB28dP6X1entszVs7MNocdetjOWzYcZzcKO1JUgiF6bkSKBYuWM0I/TSR8YBlgZsLzrZVrZmheWywtE6xC41sl38l47+w== |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 27 May 2024 10:34:07 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingAccess-Control-Allow-Origin: *Access-Control-Allow-Methods: *Access-Control-Allow-Headers: Content-Type,Access-Token,Appid,Secret,Authorization,TokenData Raw: 30 0d 0a 0d 0a Data Ascii: 0 |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 27 May 2024 10:34:24 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html> |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 27 May 2024 10:34:27 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html> |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 27 May 2024 10:34:29 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html> |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 27 May 2024 10:34:32 GMTServer: ApacheContent-Length: 315Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html> |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 27 May 2024 10:34:38 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFfBmjngeefoQXmwhIwusgCfJraR3M1FEcCdHCY%2Bs1IxfHaFkXcmyw6o3YuwCh0hr6B2e1mOClgnTbI90mkg5mRJatLAIlE3hnIMP%2BDXHRbMeT3u%2Bv6QJJMiTZgQRMSXvkw%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 88a55a827f2ac33d-EWRContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 61 38 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8e 3d 0f 82 40 10 44 fb fb 15 2b bd 2c 18 ca cd 15 f2 11 49 10 89 39 0a 4b 0c 6b 8e 04 39 e4 0e 8d ff de 00 8d ed cc 9b 97 a1 5d 72 89 d5 ad 4a e1 a4 ce 05 54 f5 b1 c8 63 f0 f6 88 79 aa 32 c4 44 25 5b 73 f0 03 c4 b4 f4 a4 20 ed 9e bd 24 cd 4d 2b 05 b9 ce f5 2c a3 20 82 d2 38 c8 cc 3c b4 84 5b 28 08 57 88 ee a6 fd 2e bb 50 fe 31 3a 94 82 46 a9 34 c3 c4 af 99 ad e3 16 ea 6b 01 9f c6 c2 60 1c 3c 16 0e cc 00 4e 77 16 2c 4f 6f 9e 7c c2 71 f1 ae 46 c2 f5 c9 0f 00 00 ff ff 0d 0a 62 0d 0a e3 02 00 f3 7c 15 3c c4 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: a8L=@D+,I9Kk9]rJTcy2D%[s $M+, 8<[(W.P1:F4k`<Nw,Oo|qFb|<0 |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 27 May 2024 10:34:40 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w40qH%2BXGSRJfiJagOpcaw3Usw%2BBQTZ%2FMBbIIc3J11902iE8ey2YXzrrs4HDU5Fro%2BFq5yxiVNJqPsApT8o2kC9%2BqqxBI5E8XSdypPzK8Bt3a7DA2SNKkl9yghmXx4qpK15I%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 88a55a9249ca4234-EWRContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 62 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8e 3d 0f 82 40 10 44 fb fb 15 2b bd 2c 18 ca cd 15 f2 11 49 10 89 39 0a 4b 0c 6b 8e 04 39 e4 0e 8d ff de 00 8d ed cc 9b 97 a1 5d 72 89 d5 ad 4a e1 a4 ce 05 54 f5 b1 c8 63 f0 f6 88 79 aa 32 c4 44 25 5b 73 f0 03 c4 b4 f4 a4 20 ed 9e bd 24 cd 4d 2b 05 b9 ce f5 2c a3 20 82 d2 38 c8 cc 3c b4 84 5b 28 08 57 88 ee a6 fd 2e bb 50 fe 31 3a 94 82 46 a9 34 c3 c4 af 99 ad e3 16 ea 6b 01 9f c6 c2 60 1c 3c 16 0e cc 00 4e 77 16 2c 4f 6f 9e 7c c2 71 f1 ae 46 c2 f5 c9 0f 00 00 ff ff e3 02 00 f3 7c 15 3c c4 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: b3L=@D+,I9Kk9]rJTcy2D%[s $M+, 8<[(W.P1:F4k`<Nw,Oo|qF|<0 |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 27 May 2024 10:34:43 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O84MJQ%2BCfOwHgoOw6VvBemqh7w0bDrwdaNPU%2BGnnQ1Ry2g55xtgUeLo4xfsOCR8xioY%2FDPewGnr7of2s46kOKXA%2FoQUR2O0GrSCvYMhyH4%2BkrfKBqpbL9GvCpW5kTl7oXSw%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 88a55aa29a62437b-EWRContent-Encoding: gzipalt-svc: h3=":443"; ma=86400Data Raw: 62 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 4c 8e 3d 0f 82 40 10 44 fb fb 15 2b bd 2c 18 ca cd 15 f2 11 49 10 89 39 0a 4b 0c 6b 8e 04 39 e4 0e 8d ff de 00 8d ed cc 9b 97 a1 5d 72 89 d5 ad 4a e1 a4 ce 05 54 f5 b1 c8 63 f0 f6 88 79 aa 32 c4 44 25 5b 73 f0 03 c4 b4 f4 a4 20 ed 9e bd 24 cd 4d 2b 05 b9 ce f5 2c a3 20 82 d2 38 c8 cc 3c b4 84 5b 28 08 57 88 ee a6 fd 2e bb 50 fe 31 3a 94 82 46 a9 34 c3 c4 af 99 ad e3 16 ea 6b 01 9f c6 c2 60 1c 3c 16 0e cc 00 4e 77 16 2c 4f 6f 9e 7c c2 71 f1 ae 46 c2 f5 c9 0f 00 00 ff ff e3 02 00 f3 7c 15 3c c4 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: b3L=@D+,I9Kk9]rJTcy2D%[s $M+, 8<[(W.P1:F4k`<Nw,Oo|qF|<0 |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 27 May 2024 10:34:45 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOxdo5ZR4k7ZWkEDIh8ot9bqD6ouRWQ%2B7n%2BUZ%2FTfGKZrTQ9gp8hqkopfUzCIqKZr8RM0SsawC8DEKtzBJw8e%2FAyQq1tJQcoe%2FUTr4lLxp0ktkAZ1l9T41aV03QKbW%2BcPqg0%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 88a55ab26a100f4b-EWRalt-svc: h3=":443"; ma=86400Data Raw: 63 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a 30 0d 0a 0d 0a Data Ascii: c4<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>0 |
Source: global traffic | HTTP traffic detected: HTTP/1.1 404 Not Foundkeep-alive: timeout=5, max=100cache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1251date: Mon, 27 May 2024 10:34:51 GMTserver: LiteSpeedx-turbo-charged-by: LiteSpeedconnection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 |