systembc | a0a5ebd512b7685798ac966c0b05415df9eff585a79af11c9ff99d7aa17e2101

max time kernel
1208s
max time network
1204s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
15/04/2024, 11:39 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2579be109c1035cb96942951710020a8.exe
Size

147KB
MD5

2579be109c1035cb96942951710020a8
SHA1

6987472967c8ce5e3d5fd6730a9da2964afacd10
SHA256

a0a5ebd512b7685798ac966c0b05415df9eff585a79af11c9ff99d7aa17e2101
SHA512

191ea3d7edc69f1cb9d1ec4967074667c5e1c6b02fdaa8bbc5a4414bf5ca00ccafadc49670c5b3065133915d78e482572545f1d0c8c3382e6a767c1f08a33a21
SSDEEP

3072:9NuSXw/c4JHdNX8PAzCABaxg0r27f8EjQspDNJJAksa:9oSXw/hfNXmAzbYg02Ok

Score

10^/10

systembc trojan upx

Malware Config

Extracted

Family

systembc

advertspace10.club:4044

logstat17.club:4044

Signatures

SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
trojan systembc

Executes dropped EXE 1 IoCs

pid	Process
3996	foca.exe

UPX packed file 9 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral4/memory/2604-0-0x0000000000400000-0x000000000044D000-memory.dmp	upx
behavioral4/memory/2604-1-0x0000000000400000-0x000000000044D000-memory.dmp	upx
behavioral4/memory/2604-3-0x0000000000400000-0x000000000044D000-memory.dmp	upx
behavioral4/memory/2604-6-0x0000000000400000-0x000000000044D000-memory.dmp	upx
behavioral4/files/0x000300000000070f-15.dat	upx
behavioral4/memory/3996-21-0x0000000000400000-0x000000000044D000-memory.dmp	upx
behavioral4/memory/3996-25-0x0000000000400000-0x000000000044D000-memory.dmp	upx
behavioral4/memory/3996-26-0x0000000000400000-0x000000000044D000-memory.dmp	upx
behavioral4/memory/3996-31-0x0000000000400000-0x000000000044D000-memory.dmp	upx

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
52	api.ipify.org
53	api.ipify.org

Uses Tor communications 1 TTPs
Malware can proxy its traffic through Tor for more anonymity.

Proxy
T1090

Drops file in Windows directory 2 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\foca.job	2579be109c1035cb96942951710020a8.exe
File opened for modification	C:\Windows\Tasks\foca.job	2579be109c1035cb96942951710020a8.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2604	2579be109c1035cb96942951710020a8.exe
2604	2579be109c1035cb96942951710020a8.exe

C:\Users\Admin\AppData\Local\Temp\2579be109c1035cb96942951710020a8.exe
"C:\Users\Admin\AppData\Local\Temp\2579be109c1035cb96942951710020a8.exe"
1⤵
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
PID:2604

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4036 --field-trial-handle=2676,i,447940133669489189,1353734109898858672,262144 --variations-seed-version /prefetch:8
1⤵
PID:2304

C:\ProgramData\qbwekn\foca.exe
C:\ProgramData\qbwekn\foca.exe start2
1⤵
- Executes dropped EXE
PID:3996

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5412 --field-trial-handle=2676,i,447940133669489189,1353734109898858672,262144 --variations-seed-version /prefetch:8
1⤵
PID:4436

Network

DNS

58.55.71.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

58.55.71.13.in-addr.arpa

IN PTR

Response
DNS

35.244.122.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.244.122.92.in-addr.arpa

IN PTR

Response

35.244.122.92.in-addr.arpa

IN PTR

a92-122-244-35deploystaticakamaitechnologiescom
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

140.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

140.32.126.40.in-addr.arpa

IN PTR

Response
DNS

28.118.140.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.118.140.52.in-addr.arpa

IN PTR

Response
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

171.39.242.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.39.242.20.in-addr.arpa

IN PTR

Response
DNS

133.211.185.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.211.185.52.in-addr.arpa

IN PTR

Response
DNS

8.179.89.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.179.89.13.in-addr.arpa

IN PTR

Response
DNS

advertspace10.club

foca.exe

Remote address:

8.8.8.8:53

Request

advertspace10.club

IN A

Response
DNS

logstat17.club

foca.exe

Remote address:

8.8.8.8:53

Request

logstat17.club

IN A

Response
DNS

api.ipify.org

foca.exe

Remote address:

8.8.8.8:53

Request

api.ipify.org

IN A

Response

api.ipify.org

IN A

104.26.13.205

api.ipify.org

IN A

172.67.74.152

api.ipify.org

IN A

104.26.12.205
GET

https://api.ipify.org/

foca.exe

Remote address:

104.26.13.205:443

Request

GET / HTTP/1.0
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.1 200 OK

Date: Mon, 15 Apr 2024 11:42:58 GMT
Content-Type: text/plain
Content-Length: 14
Connection: close
Vary: Origin
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 874bace1995f9557-LHR
DNS

205.13.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.13.26.104.in-addr.arpa

IN PTR

Response
GET

http://131.188.40.189/tor/status-vote/current/consensus

foca.exe

Remote address:

131.188.40.189:80

Request

GET /tor/status-vote/current/consensus HTTP/1.0
Host: 131.188.40.189
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:43:29 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Mon, 15 Apr 2024 12:00:00 GMT
Vary: X-Or-Diff-From-Consensus
DNS

189.40.188.131.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.40.188.131.in-addr.arpa

IN PTR

Response

189.40.188.131.in-addr.arpa

IN PTR

despari informatikuni-erlangende
DNS

131.11.98.141.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.11.98.141.in-addr.arpa

IN PTR

Response

131.11.98.141.in-addr.arpa

IN PTR

srv-141-98-11-131serveroffernet
DNS

84.231.230.50.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.231.230.50.in-addr.arpa

IN PTR

Response

84.231.230.50.in-addr.arpa

IN PTR

tordefconorg
DNS

84.231.230.50.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.231.230.50.in-addr.arpa

IN PTR

Response

84.231.230.50.in-addr.arpa

IN PTR

tordefconorg
GET

http://216.218.219.41/tor/server/fp/f22a238894e85d2d25036553a4601961ebfc2f03

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/f22a238894e85d2d25036553a4601961ebfc2f03 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:43:38 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:43:38 GMT
GET

http://216.218.219.41/tor/server/fp/7451225cba6b689530738af26e5b9ca2b051827e

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/7451225cba6b689530738af26e5b9ca2b051827e HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:43:38 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:43:38 GMT
DNS

41.219.218.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

41.219.218.216.in-addr.arpa

IN PTR

Response
DNS

221.156.217.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

221.156.217.95.in-addr.arpa

IN PTR

Response

221.156.217.95.in-addr.arpa

IN PTR

static22115621795clientsyour-serverde
DNS

253.121.5.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

253.121.5.163.in-addr.arpa

IN PTR

Response

253.121.5.163.in-addr.arpa

IN PTR

hms15010
GET

http://216.218.219.41/tor/server/fp/602433c2b6015be64427182dc0c887359d09261f

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/602433c2b6015be64427182dc0c887359d09261f HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:43:47 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:43:47 GMT
DNS

181.213.180.207.in-addr.arpa

Remote address:

8.8.8.8:53

Request

181.213.180.207.in-addr.arpa

IN PTR

Response

181.213.180.207.in-addr.arpa

IN PTR

vmd65763 contaboservernet
DNS

221.181.143.79.in-addr.arpa

Remote address:

8.8.8.8:53

Request

221.181.143.79.in-addr.arpa

IN PTR

Response

221.181.143.79.in-addr.arpa

IN PTR

srv2coretoomanynodeseu
GET

http://193.23.244.244/tor/server/fp/7c86c73db17ce20cd26537c9e3ec0fd7a55e5c6d

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/7c86c73db17ce20cd26537c9e3ec0fd7a55e5c6d HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:43:48 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:43:48 GMT
DNS

244.244.23.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

244.244.23.193.in-addr.arpa

IN PTR

Response

244.244.23.193.in-addr.arpa

IN PTR

dannenbergtorauthde
DNS

157.235.9.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.235.9.192.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/f2ab0e62ef6d632ba47ab1ba7336de24003f6e0f

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/f2ab0e62ef6d632ba47ab1ba7336de24003f6e0f HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:44:01 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:44:01 GMT
DNS

19.240.144.45.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.240.144.45.in-addr.arpa

IN PTR

Response

19.240.144.45.in-addr.arpa

IN PTR

gigabit-fiber westcoastlos-angeleslaxmetroispcom
GET

http://193.23.244.244/tor/server/fp/3474570174a97dd74648023e937f2428db97e726

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/3474570174a97dd74648023e937f2428db97e726 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:44:17 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:44:17 GMT
DNS

89.45.181.135.in-addr.arpa

Remote address:

8.8.8.8:53

Request

89.45.181.135.in-addr.arpa

IN PTR

Response

89.45.181.135.in-addr.arpa

IN PTR

static8945181135clientsyour-serverde
GET

http://193.23.244.244/tor/server/fp/025e042d17a3bffae2c5d1a86af7b4d95aa6ac0e

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/025e042d17a3bffae2c5d1a86af7b4d95aa6ac0e HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:44:21 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:44:21 GMT
DNS

97.53.160.77.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.53.160.77.in-addr.arpa

IN PTR

Response

97.53.160.77.in-addr.arpa

IN PTR

77-160-53-97fixedkpnnet
GET

http://216.218.219.41/tor/server/fp/3cea56b817455e13c4b063e7d3e7726c286f7c9b

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/3cea56b817455e13c4b063e7d3e7726c286f7c9b HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:44:32 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:44:32 GMT
GET

http://216.218.219.41/tor/server/fp/d6ada048980eb4314990d7f2bb40b848d605f985

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/d6ada048980eb4314990d7f2bb40b848d605f985 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:44:33 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:44:33 GMT
DNS

241.130.211.80.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.130.211.80.in-addr.arpa

IN PTR

Response

241.130.211.80.in-addr.arpa

IN PTR

tor2ientunet
DNS

159.28.168.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.28.168.104.in-addr.arpa

IN PTR

Response

159.28.168.104.in-addr.arpa

IN PTR

104-168-28-159-hostcolocrossingcom
GET

http://193.23.244.244/tor/server/fp/3ae74ebea528da1aac728d359f2b673d4849cef7

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/3ae74ebea528da1aac728d359f2b673d4849cef7 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:44:37 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:44:37 GMT
DNS

47.59.242.94.in-addr.arpa

Remote address:

8.8.8.8:53

Request

47.59.242.94.in-addr.arpa

IN PTR

Response

47.59.242.94.in-addr.arpa

IN PTR

vperdel29ahblasuxru
DNS

47.59.242.94.in-addr.arpa

Remote address:

8.8.8.8:53

Request

47.59.242.94.in-addr.arpa

IN PTR

Response

47.59.242.94.in-addr.arpa

IN PTR

vperdel29ahblasuxru
GET

http://193.23.244.244/tor/server/fp/7044955a4d7b04cf70011d73b467b13ce5e69d41

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/7044955a4d7b04cf70011d73b467b13ce5e69d41 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:45:00 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:45:00 GMT
DNS

70.126.126.97.in-addr.arpa

Remote address:

8.8.8.8:53

Request

70.126.126.97.in-addr.arpa

IN PTR

Response

70.126.126.97.in-addr.arpa

IN PTR

97-126-126-70tukwqwestnet
DNS

70.126.126.97.in-addr.arpa

Remote address:

8.8.8.8:53

Request

70.126.126.97.in-addr.arpa

IN PTR

Response

70.126.126.97.in-addr.arpa

IN PTR

97-126-126-70tukwqwestnet
GET

http://216.218.219.41/tor/server/fp/11daffa5cf22587aecc6b87d59d9b1df3958ff21

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/11daffa5cf22587aecc6b87d59d9b1df3958ff21 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:45:15 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:45:15 GMT
GET

http://216.218.219.41/tor/server/fp/a1a2924158198592c3e88cb0df23c14d9fe64328

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/a1a2924158198592c3e88cb0df23c14d9fe64328 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:45:17 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:45:17 GMT
DNS

74.56.81.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.56.81.51.in-addr.arpa

IN PTR

Response

74.56.81.51.in-addr.arpa

IN PTR

ns1000800ip-51-81-56us
DNS

74.56.81.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.56.81.51.in-addr.arpa

IN PTR

Response

74.56.81.51.in-addr.arpa

IN PTR

ns1000800ip-51-81-56us
DNS

216.188.19.84.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.188.19.84.in-addr.arpa

IN PTR

Response

216.188.19.84.in-addr.arpa

IN PTR

km20939-04 keymachinede
DNS

216.188.19.84.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.188.19.84.in-addr.arpa

IN PTR

Response

216.188.19.84.in-addr.arpa

IN PTR

km20939-04 keymachinede
GET

http://216.218.219.41/tor/server/fp/e4e4018dfcdae84f4d97ac89e582d96093603758

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/e4e4018dfcdae84f4d97ac89e582d96093603758 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:45:30 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:45:30 GMT
DNS

62.36.254.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

62.36.254.178.in-addr.arpa

IN PTR

Response

62.36.254.178.in-addr.arpa

IN PTR

v303971blude
DNS

62.36.254.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

62.36.254.178.in-addr.arpa

IN PTR

Response

62.36.254.178.in-addr.arpa

IN PTR

v303971blude
GET

http://216.218.219.41/tor/server/fp/f73e6fc9f0730d86afe5c88c4e63a10383df7e32

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/f73e6fc9f0730d86afe5c88c4e63a10383df7e32 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:45:34 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:45:34 GMT
DNS

121.30.142.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

121.30.142.193.in-addr.arpa

IN PTR

Response
DNS

121.30.142.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

121.30.142.193.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/05ea90fd649e00905ee8e5fceefcc6c4e2f044f3

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/05ea90fd649e00905ee8e5fceefcc6c4e2f044f3 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:45:39 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:45:39 GMT
DNS

129.132.164.173.in-addr.arpa

Remote address:

8.8.8.8:53

Request

129.132.164.173.in-addr.arpa

IN PTR

Response

129.132.164.173.in-addr.arpa

IN PTR

173-164-132-129-SFBAhfccomcastbusinessnet
DNS

129.132.164.173.in-addr.arpa

Remote address:

8.8.8.8:53

Request

129.132.164.173.in-addr.arpa

IN PTR

Response

129.132.164.173.in-addr.arpa

IN PTR

173-164-132-129-SFBAhfccomcastbusinessnet
GET

http://216.218.219.41/tor/server/fp/e6ffdd585133c6554ce8a226cc080a938d3e5424

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/e6ffdd585133c6554ce8a226cc080a938d3e5424 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:45:47 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:45:47 GMT
DNS

159.113.53.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.113.53.23.in-addr.arpa

IN PTR

Response

159.113.53.23.in-addr.arpa

IN PTR

a23-53-113-159deploystaticakamaitechnologiescom
DNS

159.113.53.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.113.53.23.in-addr.arpa

IN PTR

Response

159.113.53.23.in-addr.arpa

IN PTR

a23-53-113-159deploystaticakamaitechnologiescom
DNS

79.121.231.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.121.231.20.in-addr.arpa

IN PTR

Response
DNS

79.121.231.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.121.231.20.in-addr.arpa

IN PTR

Response
DNS

77.7.214.103.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.7.214.103.in-addr.arpa

IN PTR

Response
DNS

77.7.214.103.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.7.214.103.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/2c7db0b9e3e32ae1fed78457e7700beb26d64c3d

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/2c7db0b9e3e32ae1fed78457e7700beb26d64c3d HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:46:04 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:46:04 GMT
DNS

159.233.76.99.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.233.76.99.in-addr.arpa

IN PTR

Response

159.233.76.99.in-addr.arpa

IN PTR

99-76-233-159 lightspeedsnantx sbcglobalnet
DNS

159.233.76.99.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.233.76.99.in-addr.arpa

IN PTR

Response

159.233.76.99.in-addr.arpa

IN PTR

99-76-233-159 lightspeedsnantx sbcglobalnet
GET

http://216.218.219.41/tor/server/fp/96ee2b7c66689192ffc064467c50b7ca4c8e7613

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/96ee2b7c66689192ffc064467c50b7ca4c8e7613 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:46:06 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:46:06 GMT
DNS

120.112.230.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

120.112.230.157.in-addr.arpa

IN PTR

Response

120.112.230.157.in-addr.arpa

IN PTR

tor xn--sb-lkaorg
DNS

120.112.230.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

120.112.230.157.in-addr.arpa

IN PTR

Response

120.112.230.157.in-addr.arpa

IN PTR

tor xn--sb-lkaorg
GET

http://216.218.219.41/tor/server/fp/6cde3363f9f9ad5a6ea484defb58217cc9685e31

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/6cde3363f9f9ad5a6ea484defb58217cc9685e31 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:46:32 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:46:32 GMT
DNS

113.37.181.135.in-addr.arpa

Remote address:

8.8.8.8:53

Request

113.37.181.135.in-addr.arpa

IN PTR

Response

113.37.181.135.in-addr.arpa

IN PTR

static11337181135clientsyour-serverde
DNS

113.37.181.135.in-addr.arpa

Remote address:

8.8.8.8:53

Request

113.37.181.135.in-addr.arpa

IN PTR

Response

113.37.181.135.in-addr.arpa

IN PTR

static11337181135clientsyour-serverde
GET

http://216.218.219.41/tor/server/fp/ba539f33014e46bcf768d61b46204d9ddea17e44

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/ba539f33014e46bcf768d61b46204d9ddea17e44 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:46:53 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:46:53 GMT
DNS

252.3.123.176.in-addr.arpa

Remote address:

8.8.8.8:53

Request

252.3.123.176.in-addr.arpa

IN PTR

Response
DNS

252.3.123.176.in-addr.arpa

Remote address:

8.8.8.8:53

Request

252.3.123.176.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/13860c1dc65065df20e02c91b28c27a83c86830d

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/13860c1dc65065df20e02c91b28c27a83c86830d HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:47:09 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:47:09 GMT
DNS

2.223.216.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.223.216.88.in-addr.arpa

IN PTR

Response

2.223.216.88.in-addr.arpa

IN PTR

222321688kemmitde
DNS

2.223.216.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.223.216.88.in-addr.arpa

IN PTR

Response

2.223.216.88.in-addr.arpa

IN PTR

222321688kemmitde
GET

http://193.23.244.244/tor/server/fp/66cc7059f89514dd604a3fcb5ded02dea859d5b2

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/66cc7059f89514dd604a3fcb5ded02dea859d5b2 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:47:25 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:47:25 GMT
DNS

24.28.136.45.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.28.136.45.in-addr.arpa

IN PTR

Response

24.28.136.45.in-addr.arpa

IN PTR

nobodyyourvservernet
DNS

24.28.136.45.in-addr.arpa

Remote address:

8.8.8.8:53

Request

24.28.136.45.in-addr.arpa

IN PTR

Response

24.28.136.45.in-addr.arpa

IN PTR

nobodyyourvservernet
GET

http://216.218.219.41/tor/server/fp/8d3d9bbff1b835543b9eb0f5a579a2356935b552

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/8d3d9bbff1b835543b9eb0f5a579a2356935b552 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:47:32 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:47:32 GMT
DNS

113.58.108.65.in-addr.arpa

Remote address:

8.8.8.8:53

Request

113.58.108.65.in-addr.arpa

IN PTR

Response

113.58.108.65.in-addr.arpa

IN PTR

static1135810865clientsyour-serverde
DNS

113.58.108.65.in-addr.arpa

Remote address:

8.8.8.8:53

Request

113.58.108.65.in-addr.arpa

IN PTR
GET

http://193.23.244.244/tor/server/fp/1c7c6841d0b7f10b72608dd37f992f186afb5342

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/1c7c6841d0b7f10b72608dd37f992f186afb5342 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:47:40 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:47:40 GMT
DNS

125.209.47.78.in-addr.arpa

Remote address:

8.8.8.8:53

Request

125.209.47.78.in-addr.arpa

IN PTR

Response

125.209.47.78.in-addr.arpa

IN PTR

static1252094778clientsyour-serverde
DNS

125.209.47.78.in-addr.arpa

Remote address:

8.8.8.8:53

Request

125.209.47.78.in-addr.arpa

IN PTR

Response

125.209.47.78.in-addr.arpa

IN PTR

static1252094778clientsyour-serverde
GET

http://216.218.219.41/tor/server/fp/0e694423ed2e59bd403f66c629dd7d96fb245e0d

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/0e694423ed2e59bd403f66c629dd7d96fb245e0d HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:47:42 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:47:42 GMT
DNS

215.253.42.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.253.42.192.in-addr.arpa

IN PTR

Response

215.253.42.192.in-addr.arpa

IN PTR

mailuetrechtme
DNS

215.253.42.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.253.42.192.in-addr.arpa

IN PTR

Response

215.253.42.192.in-addr.arpa

IN PTR

mailuetrechtme
GET

http://193.23.244.244/tor/server/fp/568b6913ae5123edba304909a569afe8f9e73c4c

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/568b6913ae5123edba304909a569afe8f9e73c4c HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:47:54 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:47:54 GMT
DNS

13.184.245.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.184.245.157.in-addr.arpa

IN PTR

Response

13.184.245.157.in-addr.arpa

IN PTR

blysrfitzgeraldcom
DNS

13.184.245.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.184.245.157.in-addr.arpa

IN PTR

Response

13.184.245.157.in-addr.arpa

IN PTR

blysrfitzgeraldcom
GET

http://193.23.244.244/tor/server/fp/121ecc8a7bd881823daea3c0858d51fdf19b1990

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/121ecc8a7bd881823daea3c0858d51fdf19b1990 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:48:09 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:48:09 GMT
DNS

212.9.93.45.in-addr.arpa

Remote address:

8.8.8.8:53

Request

212.9.93.45.in-addr.arpa

IN PTR

Response
DNS

212.9.93.45.in-addr.arpa

Remote address:

8.8.8.8:53

Request

212.9.93.45.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/ceaa157b0dc10e79847cc46b5fe724c5ece1fa5b

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/ceaa157b0dc10e79847cc46b5fe724c5ece1fa5b HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:48:18 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:48:18 GMT
DNS

224.156.250.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

224.156.250.54.in-addr.arpa

IN PTR

Response

224.156.250.54.in-addr.arpa

IN PTR

ec2-54-250-156-224ap-northeast-1compute amazonawscom
DNS

224.156.250.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

224.156.250.54.in-addr.arpa

IN PTR

Response

224.156.250.54.in-addr.arpa

IN PTR

ec2-54-250-156-224ap-northeast-1compute amazonawscom
GET

http://216.218.219.41/tor/server/fp/ca62266a9ba8ecd9a0dd7afd85a36b0ae52c0872

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/ca62266a9ba8ecd9a0dd7afd85a36b0ae52c0872 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:48:30 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:48:30 GMT
DNS

73.35.114.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.35.114.37.in-addr.arpa

IN PTR

Response

73.35.114.37.in-addr.arpa

IN PTR

733511437 threatoffeu
DNS

73.35.114.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.35.114.37.in-addr.arpa

IN PTR

Response

73.35.114.37.in-addr.arpa

IN PTR

733511437 threatoffeu
GET

http://193.23.244.244/tor/server/fp/013ad81926572519ebcb7048e78462b5e9f1319d

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/013ad81926572519ebcb7048e78462b5e9f1319d HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:48:53 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:48:53 GMT
DNS

154.35.107.109.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.35.107.109.in-addr.arpa

IN PTR

Response

154.35.107.109.in-addr.arpa

IN PTR

cip-109-107-35-154gb1 brightboxcom
DNS

154.35.107.109.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.35.107.109.in-addr.arpa

IN PTR

Response

154.35.107.109.in-addr.arpa

IN PTR

cip-109-107-35-154gb1 brightboxcom
GET

http://216.218.219.41/tor/server/fp/21b55072c00f4522857655fbb0f3e25d75a5357b

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/21b55072c00f4522857655fbb0f3e25d75a5357b HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:49:10 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:49:10 GMT
DNS

3.71.191.77.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.71.191.77.in-addr.arpa

IN PTR

Response

3.71.191.77.in-addr.arpa

IN PTR

dynamic-077-191-071-00377191pool telefonicade
DNS

3.71.191.77.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.71.191.77.in-addr.arpa

IN PTR

Response

3.71.191.77.in-addr.arpa

IN PTR

dynamic-077-191-071-00377191pool telefonicade
GET

http://193.23.244.244/tor/server/fp/3e1a647ba558f3d55b56016a491e2c495f9ac2b3

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/3e1a647ba558f3d55b56016a491e2c495f9ac2b3 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:49:35 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:49:35 GMT
GET

http://193.23.244.244/tor/server/fp/07c3567bfd42effb1f78c027eb7fc2980fe2a26a

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/07c3567bfd42effb1f78c027eb7fc2980fe2a26a HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:49:36 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:49:36 GMT
DNS

185.148.102.62.in-addr.arpa

Remote address:

8.8.8.8:53

Request

185.148.102.62.in-addr.arpa

IN PTR

Response
DNS

185.148.102.62.in-addr.arpa

Remote address:

8.8.8.8:53

Request

185.148.102.62.in-addr.arpa

IN PTR

Response
DNS

60.24.31.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

60.24.31.193.in-addr.arpa

IN PTR

Response

60.24.31.193.in-addr.arpa

IN PTR

v2202311209498243044happysrvde
DNS

60.24.31.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

60.24.31.193.in-addr.arpa

IN PTR

Response

60.24.31.193.in-addr.arpa

IN PTR

v2202311209498243044happysrvde
GET

http://216.218.219.41/tor/server/fp/1937d5358c7db213f751ad00ace9720058838a2c

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/1937d5358c7db213f751ad00ace9720058838a2c HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:49:44 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:49:44 GMT
DNS

6.57.141.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.57.141.185.in-addr.arpa

IN PTR

Response

6.57.141.185.in-addr.arpa

IN PTR

h185-141-57-6reverse clouvidernet
DNS

6.57.141.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.57.141.185.in-addr.arpa

IN PTR

Response

6.57.141.185.in-addr.arpa

IN PTR

h185-141-57-6reverse clouvidernet
GET

http://193.23.244.244/tor/server/fp/2f95c32b7ef5f3620c529bd48a533c8f793357e5

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/2f95c32b7ef5f3620c529bd48a533c8f793357e5 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:50:06 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:50:06 GMT
GET

http://216.218.219.41/tor/server/fp/014bd09636373b78cc28ba70e36c7190e3de236a

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/014bd09636373b78cc28ba70e36c7190e3de236a HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:50:07 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:50:07 GMT
DNS

135.240.57.5.in-addr.arpa

Remote address:

8.8.8.8:53

Request

135.240.57.5.in-addr.arpa

IN PTR

Response
DNS

57.129.3.134.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.129.3.134.in-addr.arpa

IN PTR

Response

57.129.3.134.in-addr.arpa

IN PTR

ip-134-003-129-057um41poolsvodafone-ipde
DNS

57.129.3.134.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.129.3.134.in-addr.arpa

IN PTR

Response

57.129.3.134.in-addr.arpa

IN PTR

ip-134-003-129-057um41poolsvodafone-ipde
GET

http://193.23.244.244/tor/server/fp/e0286d8886d7710a995dc160b1ce98cca360970c

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/e0286d8886d7710a995dc160b1ce98cca360970c HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:50:19 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:50:19 GMT
DNS

141.63.160.103.in-addr.arpa

Remote address:

8.8.8.8:53

Request

141.63.160.103.in-addr.arpa

IN PTR

Response
DNS

141.63.160.103.in-addr.arpa

Remote address:

8.8.8.8:53

Request

141.63.160.103.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/596ef7f438fb92276bd8158325af6ecaeb21f038

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/596ef7f438fb92276bd8158325af6ecaeb21f038 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:50:24 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:50:24 GMT
DNS

137.53.71.198.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.53.71.198.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/2322f9a66d456ad9c880d14ecea83960d36541d4

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/2322f9a66d456ad9c880d14ecea83960d36541d4 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:50:35 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:50:35 GMT
DNS

159.153.162.212.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.153.162.212.in-addr.arpa

IN PTR

Response

159.153.162.212.in-addr.arpa

IN PTR

signalscom
DNS

159.153.162.212.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.153.162.212.in-addr.arpa

IN PTR

Response

159.153.162.212.in-addr.arpa

IN PTR

signalscom
GET

http://216.218.219.41/tor/server/fp/85b86d9d2862b4a24fcc742447442827260b59c8

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/85b86d9d2862b4a24fcc742447442827260b59c8 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:50:39 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:50:39 GMT
GET

http://193.23.244.244/tor/server/fp/72284ef77a7763d9532bab0891700a3c3594826d

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/72284ef77a7763d9532bab0891700a3c3594826d HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:50:40 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:50:40 GMT
DNS

207.211.240.79.in-addr.arpa

Remote address:

8.8.8.8:53

Request

207.211.240.79.in-addr.arpa

IN PTR

Response

207.211.240.79.in-addr.arpa

IN PTR

p4ff0d3cfdip0t-ipconnectde
DNS

207.211.240.79.in-addr.arpa

Remote address:

8.8.8.8:53

Request

207.211.240.79.in-addr.arpa

IN PTR

Response

207.211.240.79.in-addr.arpa

IN PTR

p4ff0d3cfdip0t-ipconnectde
DNS

37.118.231.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

37.118.231.93.in-addr.arpa

IN PTR

Response

37.118.231.93.in-addr.arpa

IN PTR

p5de77625dip0t-ipconnectde
DNS

37.118.231.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

37.118.231.93.in-addr.arpa

IN PTR

Response

37.118.231.93.in-addr.arpa

IN PTR

p5de77625dip0t-ipconnectde
GET

http://216.218.219.41/tor/server/fp/013878270cda8ec3d5bb4d4251410e6e8c7764ac

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/013878270cda8ec3d5bb4d4251410e6e8c7764ac HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:51:27 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:51:27 GMT
GET

http://193.23.244.244/tor/server/fp/43af24071b400911629d5bc9fc20de335f9dfc00

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/43af24071b400911629d5bc9fc20de335f9dfc00 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:51:28 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:51:28 GMT
DNS

104.160.53.161.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.160.53.161.in-addr.arpa

IN PTR

Response

104.160.53.161.in-addr.arpa

IN PTR

cursaCARNethr
DNS

104.160.53.161.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.160.53.161.in-addr.arpa

IN PTR

Response

104.160.53.161.in-addr.arpa

IN PTR

cursaCARNethr
DNS

76.242.240.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.242.240.185.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/a84a43eed9366544f2092bdc3976dcc23fadf412

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/a84a43eed9366544f2092bdc3976dcc23fadf412 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:51:33 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:51:33 GMT
DNS

148.206.213.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

148.206.213.54.in-addr.arpa

IN PTR

Response

148.206.213.54.in-addr.arpa

IN PTR

ec2-54-213-206-148 us-west-2compute amazonawscom
DNS

148.206.213.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

148.206.213.54.in-addr.arpa

IN PTR

Response

148.206.213.54.in-addr.arpa

IN PTR

ec2-54-213-206-148 us-west-2compute amazonawscom
GET

http://193.23.244.244/tor/server/fp/9195827ea4fdcfb7d0041d2c9fbe55af5b1f3a3f

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/9195827ea4fdcfb7d0041d2c9fbe55af5b1f3a3f HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:52:01 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:52:01 GMT
DNS

211.10.154.188.in-addr.arpa

Remote address:

8.8.8.8:53

Request

211.10.154.188.in-addr.arpa

IN PTR

Response

211.10.154.188.in-addr.arpa

IN PTR

xdsl-188-154-10-211adslplusch
DNS

211.10.154.188.in-addr.arpa

Remote address:

8.8.8.8:53

Request

211.10.154.188.in-addr.arpa

IN PTR

Response

211.10.154.188.in-addr.arpa

IN PTR

xdsl-188-154-10-211adslplusch
DNS

51.252.37.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.252.37.193.in-addr.arpa

IN PTR

Response
DNS

51.252.37.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

51.252.37.193.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/dee89ac85b48582f10f5c3814a29a8ebc932731b

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/dee89ac85b48582f10f5c3814a29a8ebc932731b HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:52:20 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:52:20 GMT
DNS

204.84.102.38.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.84.102.38.in-addr.arpa

IN PTR

Response
DNS

204.84.102.38.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.84.102.38.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/4bc4f3cffbcb96b31ee525633abcc827bc8bfa94

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/4bc4f3cffbcb96b31ee525633abcc827bc8bfa94 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:52:29 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:52:29 GMT
DNS

25.68.121.98.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.68.121.98.in-addr.arpa

IN PTR

Response

25.68.121.98.in-addr.arpa

IN PTR

syn-098-121-068-025resspectrumcom
DNS

25.68.121.98.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.68.121.98.in-addr.arpa

IN PTR

Response

25.68.121.98.in-addr.arpa

IN PTR

syn-098-121-068-025resspectrumcom
GET

http://216.218.219.41/tor/server/fp/4d44e1a878c352edb7d82c5fda6b11c2652cf2e7

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/4d44e1a878c352edb7d82c5fda6b11c2652cf2e7 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:52:38 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:52:38 GMT
DNS

126.209.47.78.in-addr.arpa

Remote address:

8.8.8.8:53

Request

126.209.47.78.in-addr.arpa

IN PTR

Response

126.209.47.78.in-addr.arpa

IN PTR

static1262094778clientsyour-serverde
DNS

126.209.47.78.in-addr.arpa

Remote address:

8.8.8.8:53

Request

126.209.47.78.in-addr.arpa

IN PTR

Response

126.209.47.78.in-addr.arpa

IN PTR

static1262094778clientsyour-serverde
GET

http://216.218.219.41/tor/server/fp/5221eb30304479d4dc16f6f22c40046de1aec4ff

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/5221eb30304479d4dc16f6f22c40046de1aec4ff HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:52:49 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:52:49 GMT
DNS

25.117.130.102.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.117.130.102.in-addr.arpa

IN PTR

Response
DNS

25.117.130.102.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.117.130.102.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/9a0aaf2e43be3744cd1d6cd532c861f5a568f7a9

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/9a0aaf2e43be3744cd1d6cd532c861f5a568f7a9 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:53:08 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:53:08 GMT
DNS

52.12.189.107.in-addr.arpa

Remote address:

8.8.8.8:53

Request

52.12.189.107.in-addr.arpa

IN PTR

Response
DNS

52.12.189.107.in-addr.arpa

Remote address:

8.8.8.8:53

Request

52.12.189.107.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/8712e17fbd0d6bbab60e3e897b326fae51e15b09

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/8712e17fbd0d6bbab60e3e897b326fae51e15b09 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:53:12 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:53:12 GMT
DNS

183.36.15.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.36.15.51.in-addr.arpa

IN PTR

Response

183.36.15.51.in-addr.arpa

IN PTR

tor10terjannet
DNS

183.36.15.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.36.15.51.in-addr.arpa

IN PTR

Response

183.36.15.51.in-addr.arpa

IN PTR

tor10terjannet
GET

http://193.23.244.244/tor/server/fp/9b3e7a0ad9a054984cc87e7ca9d5c117202d45d4

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/9b3e7a0ad9a054984cc87e7ca9d5c117202d45d4 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:53:16 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:53:16 GMT
DNS

149.47.6.81.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.47.6.81.in-addr.arpa

IN PTR

Response

149.47.6.81.in-addr.arpa

IN PTR

81-6-47-149init7net
DNS

149.47.6.81.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.47.6.81.in-addr.arpa

IN PTR

Response

149.47.6.81.in-addr.arpa

IN PTR

81-6-47-149init7net
GET

http://193.23.244.244/tor/server/fp/60fd4fc8ae76af71d3af70010eedee39b58d0296

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/60fd4fc8ae76af71d3af70010eedee39b58d0296 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:53:28 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:53:28 GMT
DNS

2.26.159.67.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.26.159.67.in-addr.arpa

IN PTR

Response
DNS

2.26.159.67.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.26.159.67.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/34dcadcc65fcd96aac4ffcd7f2a997de519eba3b

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/34dcadcc65fcd96aac4ffcd7f2a997de519eba3b HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:53:33 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:53:33 GMT
DNS

128.211.172.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

128.211.172.163.in-addr.arpa

IN PTR

Response

128.211.172.163.in-addr.arpa

IN PTR

nsecasperlefantomnet
DNS

128.211.172.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

128.211.172.163.in-addr.arpa

IN PTR

Response

128.211.172.163.in-addr.arpa

IN PTR

nsecasperlefantomnet
GET

http://216.218.219.41/tor/server/fp/5732b489fade4b75fa9863f75d83722217d3e2b8

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/5732b489fade4b75fa9863f75d83722217d3e2b8 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:53:52 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:53:52 GMT
DNS

132.223.239.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.223.239.178.in-addr.arpa

IN PTR

Response
DNS

132.223.239.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.223.239.178.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/f6fd371cc3ddf6001e949e48ac2550fe724ff6a0

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/f6fd371cc3ddf6001e949e48ac2550fe724ff6a0 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:54:23 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:54:23 GMT
DNS

109.144.112.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

109.144.112.185.in-addr.arpa

IN PTR

Response

109.144.112.185.in-addr.arpa

IN PTR

vps-185-112-144-1091984is
DNS

109.144.112.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

109.144.112.185.in-addr.arpa

IN PTR
GET

http://193.23.244.244/tor/server/fp/4b1dc090fc78afd7ae06568853daf18f2476c62f

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/4b1dc090fc78afd7ae06568853daf18f2476c62f HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:54:25 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:54:25 GMT
DNS

77.253.137.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.253.137.23.in-addr.arpa

IN PTR

Response
DNS

77.253.137.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.253.137.23.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/f9deafeb5e79f42b7da85f3cf4cbbc3414271458

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/f9deafeb5e79f42b7da85f3cf4cbbc3414271458 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:54:42 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:54:42 GMT
DNS

246.15.53.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

246.15.53.152.in-addr.arpa

IN PTR

Response

246.15.53.152.in-addr.arpa

IN PTR

v2202404221384263956luckysrvde
DNS

246.15.53.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

246.15.53.152.in-addr.arpa

IN PTR

Response

246.15.53.152.in-addr.arpa

IN PTR

v2202404221384263956luckysrvde
GET

http://216.218.219.41/tor/server/fp/684401ed908e572504f9b522d2fdc112b24276a0

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/684401ed908e572504f9b522d2fdc112b24276a0 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:55:17 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:55:17 GMT
DNS

210.254.211.190.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.254.211.190.in-addr.arpa

IN PTR

Response

210.254.211.190.in-addr.arpa

IN PTR

hostedbyprivatelayercom
DNS

210.254.211.190.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.254.211.190.in-addr.arpa

IN PTR

Response

210.254.211.190.in-addr.arpa

IN PTR

hostedbyprivatelayercom
GET

http://193.23.244.244/tor/server/fp/046a2841a526e3d5690ed33d568e9891c39503d8

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/046a2841a526e3d5690ed33d568e9891c39503d8 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:55:20 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:55:20 GMT
DNS

109.110.135.147.in-addr.arpa

Remote address:

8.8.8.8:53

Request

109.110.135.147.in-addr.arpa

IN PTR

Response

109.110.135.147.in-addr.arpa

IN PTR

echidna2brandonkuschelcom
DNS

109.110.135.147.in-addr.arpa

Remote address:

8.8.8.8:53

Request

109.110.135.147.in-addr.arpa

IN PTR

Response

109.110.135.147.in-addr.arpa

IN PTR

echidna2brandonkuschelcom
GET

http://193.23.244.244/tor/server/fp/7c0fa36c13dda7566b08ef4b428dc352565cb6b6

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/7c0fa36c13dda7566b08ef4b428dc352565cb6b6 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:55:29 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:55:29 GMT
DNS

210.210.198.206.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.210.198.206.in-addr.arpa

IN PTR

Response
DNS

210.210.198.206.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.210.198.206.in-addr.arpa

IN PTR

Response
DNS

210.210.198.206.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.210.198.206.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/c8b30d48c11968ff96c0f9aa1ac7c1b1d6f5f6c2

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/c8b30d48c11968ff96c0f9aa1ac7c1b1d6f5f6c2 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:55:39 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:55:39 GMT
DNS

3.48.16.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.48.16.51.in-addr.arpa

IN PTR

Response

3.48.16.51.in-addr.arpa

IN PTR

ec2-51-16-48-3il-central-1compute amazonawscom
DNS

3.48.16.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.48.16.51.in-addr.arpa

IN PTR

Response

3.48.16.51.in-addr.arpa

IN PTR

ec2-51-16-48-3il-central-1compute amazonawscom
GET

http://216.218.219.41/tor/server/fp/1f6e2d69cb904bf812ac7fcc4c3b19eeea4242a9

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/1f6e2d69cb904bf812ac7fcc4c3b19eeea4242a9 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:55:48 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:55:48 GMT
DNS

221.126.165.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

221.126.165.178.in-addr.arpa

IN PTR

Response

221.126.165.178.in-addr.arpa

IN PTR

178-165-126-221-khmaxnetua
DNS

221.126.165.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

221.126.165.178.in-addr.arpa

IN PTR

Response

221.126.165.178.in-addr.arpa

IN PTR

178-165-126-221-khmaxnetua
GET

http://193.23.244.244/tor/server/fp/2b94fef968c9949fd2f10eb154938494b2f50527

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/2b94fef968c9949fd2f10eb154938494b2f50527 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:55:51 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:55:51 GMT
GET

http://216.218.219.41/tor/server/fp/bd815c93e9d87ffb32206c3540bd8559003d3325

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/bd815c93e9d87ffb32206c3540bd8559003d3325 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:56:04 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:56:04 GMT
DNS

161.177.235.167.in-addr.arpa

Remote address:

8.8.8.8:53

Request

161.177.235.167.in-addr.arpa

IN PTR

Response

161.177.235.167.in-addr.arpa

IN PTR

static161177235167clientsyour-serverde
DNS

161.177.235.167.in-addr.arpa

Remote address:

8.8.8.8:53

Request

161.177.235.167.in-addr.arpa

IN PTR

Response

161.177.235.167.in-addr.arpa

IN PTR

static161177235167clientsyour-serverde
GET

http://193.23.244.244/tor/server/fp/530bc13fe24d7c4849e16d459631b5a6538deb11

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/530bc13fe24d7c4849e16d459631b5a6538deb11 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:56:08 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:56:08 GMT
DNS

111.154.233.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

111.154.233.172.in-addr.arpa

IN PTR

Response

111.154.233.172.in-addr.arpa

IN PTR

172-233-154-111iplinodeusercontentcom
DNS

111.154.233.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

111.154.233.172.in-addr.arpa

IN PTR

Response

111.154.233.172.in-addr.arpa

IN PTR

172-233-154-111iplinodeusercontentcom
GET

http://216.218.219.41/tor/server/fp/dccdafb7f57641716a7ab0bbc0fba21b3642a3db

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/dccdafb7f57641716a7ab0bbc0fba21b3642a3db HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:56:15 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:56:15 GMT
DNS

182.106.226.46.in-addr.arpa

Remote address:

8.8.8.8:53

Request

182.106.226.46.in-addr.arpa

IN PTR

Response

182.106.226.46.in-addr.arpa

IN PTR

xvm-106-182dc0ghstnet
DNS

182.106.226.46.in-addr.arpa

Remote address:

8.8.8.8:53

Request

182.106.226.46.in-addr.arpa

IN PTR

Response

182.106.226.46.in-addr.arpa

IN PTR

xvm-106-182dc0ghstnet
GET

http://193.23.244.244/tor/server/fp/8d5392a1fe568211ef62ccaf257dae584aa5cda5

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/8d5392a1fe568211ef62ccaf257dae584aa5cda5 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:56:24 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:56:24 GMT
DNS

220.220.151.80.in-addr.arpa

Remote address:

8.8.8.8:53

Request

220.220.151.80.in-addr.arpa

IN PTR

Response

220.220.151.80.in-addr.arpa

IN PTR

p5097dcdcdip0t-ipconnectde
DNS

220.220.151.80.in-addr.arpa

Remote address:

8.8.8.8:53

Request

220.220.151.80.in-addr.arpa

IN PTR

Response

220.220.151.80.in-addr.arpa

IN PTR

p5097dcdcdip0t-ipconnectde
GET

http://193.23.244.244/tor/server/fp/fb32976f43501fc5abb8588531979b9d195e37f7

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/fb32976f43501fc5abb8588531979b9d195e37f7 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:57:26 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:57:26 GMT
DNS

177.161.79.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

177.161.79.178.in-addr.arpa

IN PTR

Response

177.161.79.178.in-addr.arpa

IN PTR

flatcaporg
DNS

177.161.79.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

177.161.79.178.in-addr.arpa

IN PTR

Response

177.161.79.178.in-addr.arpa

IN PTR

flatcaporg
GET

http://216.218.219.41/tor/server/fp/355340273e78dac664b2328ec46d61998d797141

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/355340273e78dac664b2328ec46d61998d797141 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:57:33 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:57:33 GMT
DNS

173.13.160.217.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.13.160.217.in-addr.arpa

IN PTR

Response

173.13.160.217.in-addr.arpa

IN PTR

barkshassospace
DNS

173.13.160.217.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.13.160.217.in-addr.arpa

IN PTR

Response

173.13.160.217.in-addr.arpa

IN PTR

barkshassospace
GET

http://193.23.244.244/tor/server/fp/2a0fad3ca7a190c43d8ed7896727bd426e8c2efa

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/2a0fad3ca7a190c43d8ed7896727bd426e8c2efa HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:57:35 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:57:35 GMT
DNS

159.121.185.205.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.121.185.205.in-addr.arpa

IN PTR

Response
DNS

159.121.185.205.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.121.185.205.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/1379db904266e12ca9d720d70edba9c54b58d708

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/1379db904266e12ca9d720d70edba9c54b58d708 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:57:38 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:57:38 GMT
DNS

7.133.230.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

7.133.230.93.in-addr.arpa

IN PTR

Response

7.133.230.93.in-addr.arpa

IN PTR

p5de68507dip0t-ipconnectde
DNS

7.133.230.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

7.133.230.93.in-addr.arpa

IN PTR

Response

7.133.230.93.in-addr.arpa

IN PTR

p5de68507dip0t-ipconnectde
GET

http://216.218.219.41/tor/server/fp/f77d5810c7ac4f81c9e74fd8c00aa6e382864b49

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/f77d5810c7ac4f81c9e74fd8c00aa6e382864b49 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:57:42 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:57:42 GMT
DNS

216.226.41.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.226.41.193.in-addr.arpa

IN PTR

Response

216.226.41.193.in-addr.arpa

IN PTR

v70686php-friendsde
DNS

216.226.41.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.226.41.193.in-addr.arpa

IN PTR

Response

216.226.41.193.in-addr.arpa

IN PTR

v70686php-friendsde
GET

http://216.218.219.41/tor/server/fp/d1336d48ca4075ed14e052d55d3a60e0f2157dfb

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/d1336d48ca4075ed14e052d55d3a60e0f2157dfb HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:57:50 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:57:50 GMT
DNS

103.111.210.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.111.210.51.in-addr.arpa

IN PTR

Response

103.111.210.51.in-addr.arpa

IN PTR

cedar-gatewayalbertlarsanfr
DNS

103.111.210.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.111.210.51.in-addr.arpa

IN PTR

Response

103.111.210.51.in-addr.arpa

IN PTR

cedar-gatewayalbertlarsanfr
GET

http://216.218.219.41/tor/server/fp/c388f5a09620a5d76275324eebb90a06a8bd95cd

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/c388f5a09620a5d76275324eebb90a06a8bd95cd HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:58:02 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:58:02 GMT
DNS

102.113.42.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

102.113.42.192.in-addr.arpa

IN PTR

Response

102.113.42.192.in-addr.arpa

IN PTR

spigenip-eendnl
DNS

102.113.42.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

102.113.42.192.in-addr.arpa

IN PTR

Response

102.113.42.192.in-addr.arpa

IN PTR

spigenip-eendnl
GET

http://216.218.219.41/tor/server/fp/874d84382c892f3f61cc9e106bf08843de0b865a

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/874d84382c892f3f61cc9e106bf08843de0b865a HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:58:08 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:58:08 GMT
DNS

102.140.147.194.in-addr.arpa

Remote address:

8.8.8.8:53

Request

102.140.147.194.in-addr.arpa

IN PTR

Response

102.140.147.194.in-addr.arpa

IN PTR

tor102 ip-connectinfo
GET

http://193.23.244.244/tor/server/fp/3f6cedcf8ca8f8af550f6545a44738a343b65fbd

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/3f6cedcf8ca8f8af550f6545a44738a343b65fbd HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:58:14 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:58:14 GMT
DNS

61.228.238.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

61.228.238.140.in-addr.arpa

IN PTR

Response
DNS

61.228.238.140.in-addr.arpa

Remote address:

8.8.8.8:53

Request

61.228.238.140.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/738ae0309675c36201b83283c1898f4b841db96b

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/738ae0309675c36201b83283c1898f4b841db96b HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:58:24 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:58:24 GMT
GET

http://216.218.219.41/tor/server/fp/2ee7f49728d03f8bc0dc1d67558499290c5f09ff

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/2ee7f49728d03f8bc0dc1d67558499290c5f09ff HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:58:35 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:58:35 GMT
DNS

172.248.195.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.248.195.199.in-addr.arpa

IN PTR

Response

172.248.195.199.in-addr.arpa

IN PTR

tor-exit-doughnutninja
DNS

172.248.195.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.248.195.199.in-addr.arpa

IN PTR

Response

172.248.195.199.in-addr.arpa

IN PTR

tor-exit-doughnutninja
DNS

251.165.227.212.in-addr.arpa

Remote address:

8.8.8.8:53

Request

251.165.227.212.in-addr.arpa

IN PTR

Response
DNS

251.165.227.212.in-addr.arpa

Remote address:

8.8.8.8:53

Request

251.165.227.212.in-addr.arpa

IN PTR

Response
GET

http://216.218.219.41/tor/server/fp/083c52051140db8af770bd40c7c8883efff4caf3

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/083c52051140db8af770bd40c7c8883efff4caf3 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:58:40 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:58:40 GMT
DNS

132.111.182.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.111.182.193.in-addr.arpa

IN PTR

Response

132.111.182.193.in-addr.arpa

IN PTR

tor-relay5 flashdancecx
DNS

132.111.182.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.111.182.193.in-addr.arpa

IN PTR

Response

132.111.182.193.in-addr.arpa

IN PTR

tor-relay5 flashdancecx
GET

http://193.23.244.244/tor/server/fp/5e24ef47236bc5fc14431fd9c2bf45e8b38b8fcd

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/5e24ef47236bc5fc14431fd9c2bf45e8b38b8fcd HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:58:48 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:58:48 GMT
DNS

82.223.131.80.in-addr.arpa

Remote address:

8.8.8.8:53

Request

82.223.131.80.in-addr.arpa

IN PTR

Response

82.223.131.80.in-addr.arpa

IN PTR

p5083df52dip0t-ipconnectde
GET

http://216.218.219.41/tor/server/fp/cfb8ce28d1b12eeb8662511afbc1d0c6f79065a8

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/cfb8ce28d1b12eeb8662511afbc1d0c6f79065a8 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:58:50 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:58:50 GMT
DNS

223.168.19.146.in-addr.arpa

Remote address:

8.8.8.8:53

Request

223.168.19.146.in-addr.arpa

IN PTR

Response

223.168.19.146.in-addr.arpa

IN PTR

hms14072
DNS

223.168.19.146.in-addr.arpa

Remote address:

8.8.8.8:53

Request

223.168.19.146.in-addr.arpa

IN PTR

Response

223.168.19.146.in-addr.arpa

IN PTR

hms14072
GET

http://193.23.244.244/tor/server/fp/1e4394dcd757e9f4ee871f5831c796ba4fcf7eb4

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/1e4394dcd757e9f4ee871f5831c796ba4fcf7eb4 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:58:57 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:58:57 GMT
DNS

173.84.13.49.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.84.13.49.in-addr.arpa

IN PTR

Response

173.84.13.49.in-addr.arpa

IN PTR

static173841349clientsyour-serverde
DNS

173.84.13.49.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.84.13.49.in-addr.arpa

IN PTR

Response

173.84.13.49.in-addr.arpa

IN PTR

static173841349clientsyour-serverde
GET

http://216.218.219.41/tor/server/fp/f2312b8f9663827441c686d44e3d26577e649d0b

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/f2312b8f9663827441c686d44e3d26577e649d0b HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:59:02 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:59:02 GMT
DNS

18.82.18.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.82.18.18.in-addr.arpa

IN PTR

Response

18.82.18.18.in-addr.arpa

IN PTR

gridedgedmmitedu
DNS

18.82.18.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.82.18.18.in-addr.arpa

IN PTR

Response

18.82.18.18.in-addr.arpa

IN PTR

gridedgedmmitedu
GET

http://193.23.244.244/tor/server/fp/bf54ee3193751481579ba7cc7d8e1df0a01afb30

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/bf54ee3193751481579ba7cc7d8e1df0a01afb30 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:59:09 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:59:09 GMT
GET

http://193.23.244.244/tor/server/fp/83aadc17e539e7a0b3cf0dd9b4e58c3abd268ca7

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/83aadc17e539e7a0b3cf0dd9b4e58c3abd268ca7 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:59:11 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:59:11 GMT
DNS

163.213.181.135.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.213.181.135.in-addr.arpa

IN PTR

Response

163.213.181.135.in-addr.arpa

IN PTR

static163213181135clientsyour-serverde
DNS

163.213.181.135.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.213.181.135.in-addr.arpa

IN PTR

Response

163.213.181.135.in-addr.arpa

IN PTR

static163213181135clientsyour-serverde
DNS

206.225.156.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.225.156.104.in-addr.arpa

IN PTR

Response

206.225.156.104.in-addr.arpa

IN PTR

enzuru
DNS

206.225.156.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.225.156.104.in-addr.arpa

IN PTR

Response

206.225.156.104.in-addr.arpa

IN PTR

enzuru
DNS

128.160.215.85.in-addr.arpa

Remote address:

8.8.8.8:53

Request

128.160.215.85.in-addr.arpa

IN PTR

Response

128.160.215.85.in-addr.arpa

IN PTR

ip85215160128pbiaascom
DNS

128.160.215.85.in-addr.arpa

Remote address:

8.8.8.8:53

Request

128.160.215.85.in-addr.arpa

IN PTR

Response

128.160.215.85.in-addr.arpa

IN PTR

ip85215160128pbiaascom
GET

http://193.23.244.244/tor/server/fp/e1c428ea28b7e8cadbd4b514fc55388fe80231c4

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/e1c428ea28b7e8cadbd4b514fc55388fe80231c4 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:59:28 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:59:28 GMT
DNS

66.52.74.198.in-addr.arpa

Remote address:

8.8.8.8:53

Request

66.52.74.198.in-addr.arpa

IN PTR

Response

66.52.74.198.in-addr.arpa

IN PTR

samicorg
DNS

66.52.74.198.in-addr.arpa

Remote address:

8.8.8.8:53

Request

66.52.74.198.in-addr.arpa

IN PTR

Response

66.52.74.198.in-addr.arpa

IN PTR

samicorg
GET

http://216.218.219.41/tor/server/fp/3b91903a5f3e22defffe52fd8da8da30001a8b97

foca.exe

Remote address:

216.218.219.41:80

Request

GET /tor/server/fp/3b91903a5f3e22defffe52fd8da8da30001a8b97 HTTP/1.0
Host: 216.218.219.41
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:59:36 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:59:36 GMT
DNS

188.78.181.135.in-addr.arpa

Remote address:

8.8.8.8:53

Request

188.78.181.135.in-addr.arpa

IN PTR

Response

188.78.181.135.in-addr.arpa

IN PTR

static18878181135clientsyour-serverde
DNS

188.78.181.135.in-addr.arpa

Remote address:

8.8.8.8:53

Request

188.78.181.135.in-addr.arpa

IN PTR

Response

188.78.181.135.in-addr.arpa

IN PTR

static18878181135clientsyour-serverde
GET

http://193.23.244.244/tor/server/fp/8d67f612da8decfd9c90f97249c1ff7c04723324

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/8d67f612da8decfd9c90f97249c1ff7c04723324 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:59:38 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:59:38 GMT
GET

http://193.23.244.244/tor/server/fp/d09daa1ebe22c99578fdbb8ad61e02c521a78e51

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/d09daa1ebe22c99578fdbb8ad61e02c521a78e51 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:59:39 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:59:39 GMT
DNS

59.65.109.65.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.65.109.65.in-addr.arpa

IN PTR

Response

59.65.109.65.in-addr.arpa

IN PTR

static596510965clientsyour-serverde
DNS

59.65.109.65.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.65.109.65.in-addr.arpa

IN PTR

Response

59.65.109.65.in-addr.arpa

IN PTR

static596510965clientsyour-serverde
DNS

163.240.168.206.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.240.168.206.in-addr.arpa

IN PTR

Response
DNS

163.240.168.206.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.240.168.206.in-addr.arpa

IN PTR

Response
GET

http://193.23.244.244/tor/server/fp/bac96e40c3752bb87167d8ef06ff6fead2b9cd68

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/bac96e40c3752bb87167d8ef06ff6fead2b9cd68 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:59:49 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:59:49 GMT
DNS

197.65.243.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.65.243.92.in-addr.arpa

IN PTR

Response

197.65.243.92.in-addr.arpa

IN PTR

�
DNS

197.65.243.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.65.243.92.in-addr.arpa

IN PTR

Response

197.65.243.92.in-addr.arpa

IN PTR

�
GET

http://193.23.244.244/tor/server/fp/a91276b9164669b2d3f6b34455a6e8ca21e5cb61

foca.exe

Remote address:

193.23.244.244:80

Request

GET /tor/server/fp/a91276b9164669b2d3f6b34455a6e8ca21e5cb61 HTTP/1.0
Host: 193.23.244.244
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept:*/*
Connection: close

Response

HTTP/1.0 200 OK

Date: Mon, 15 Apr 2024 11:59:59 GMT
Content-Type: text/plain
X-Your-Address-Is: 191.101.209.39
Content-Encoding: identity
Expires: Wed, 17 Apr 2024 11:59:59 GMT

142.250.187.202:443

46 B
40 B
1
1
104.26.13.205:443

https://api.ipify.org/

tls, http

foca.exe

906 B
5.6kB
10
12

HTTP Request

GET https://api.ipify.org/

HTTP Response

200
86.59.21.38:80

foca.exe

260 B
200 B
5
5
86.59.21.38:80

foca.exe

260 B
200 B
5
5
194.109.206.212:80

foca.exe

208 B
4
131.188.40.189:80

http://131.188.40.189/tor/status-vote/current/consensus

http

foca.exe

65.2kB
3.3MB
1293
2381

HTTP Request

GET http://131.188.40.189/tor/status-vote/current/consensus

HTTP Response

200
141.98.11.131:443

tls, https

foca.exe

1.3kB
3.4kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/f22a238894e85d2d25036553a4601961ebfc2f03

http

foca.exe

492 B
4.0kB
6
7

HTTP Request

GET http://216.218.219.41/tor/server/fp/f22a238894e85d2d25036553a4601961ebfc2f03

HTTP Response

200
95.217.156.221:443

tls, https

foca.exe

1.3kB
3.5kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/7451225cba6b689530738af26e5b9ca2b051827e

http

foca.exe

492 B
2.9kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/7451225cba6b689530738af26e5b9ca2b051827e

HTTP Response

200
163.5.121.253:9200

tls

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/602433c2b6015be64427182dc0c887359d09261f

http

foca.exe

630 B
11.4kB
9
12

HTTP Request

GET http://216.218.219.41/tor/server/fp/602433c2b6015be64427182dc0c887359d09261f

HTTP Response

200
207.180.213.181:9001

tls

foca.exe

383 B
132 B
5
3
79.143.181.221:2010

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/7c86c73db17ce20cd26537c9e3ec0fd7a55e5c6d

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/7c86c73db17ce20cd26537c9e3ec0fd7a55e5c6d

HTTP Response

200
92.119.126.163:9001

foca.exe

208 B
4
192.9.235.157:443

tls, https

foca.exe

1.3kB
3.6kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/f2ab0e62ef6d632ba47ab1ba7336de24003f6e0f

http

foca.exe

492 B
2.9kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/f2ab0e62ef6d632ba47ab1ba7336de24003f6e0f

HTTP Response

200
45.144.240.19:9001

tls

foca.exe

1.3kB
3.5kB
9
10
193.23.244.244:80

http://193.23.244.244/tor/server/fp/3474570174a97dd74648023e937f2428db97e726

http

foca.exe

492 B
2.6kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/3474570174a97dd74648023e937f2428db97e726

HTTP Response

200
135.181.45.89:65535

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/025e042d17a3bffae2c5d1a86af7b4d95aa6ac0e

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/025e042d17a3bffae2c5d1a86af7b4d95aa6ac0e

HTTP Response

200
77.160.53.97:9001

tls

foca.exe

1.3kB
3.4kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/3cea56b817455e13c4b063e7d3e7726c286f7c9b

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/3cea56b817455e13c4b063e7d3e7726c286f7c9b

HTTP Response

200
80.211.130.241:443

tls, https

foca.exe

1.3kB
3.4kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/d6ada048980eb4314990d7f2bb40b848d605f985

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/d6ada048980eb4314990d7f2bb40b848d605f985

HTTP Response

200
104.168.28.159:9001

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/3ae74ebea528da1aac728d359f2b673d4849cef7

http

foca.exe

492 B
3.7kB
6
6

HTTP Request

GET http://193.23.244.244/tor/server/fp/3ae74ebea528da1aac728d359f2b673d4849cef7

HTTP Response

200
94.242.59.47:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/7044955a4d7b04cf70011d73b467b13ce5e69d41

http

foca.exe

492 B
2.8kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/7044955a4d7b04cf70011d73b467b13ce5e69d41

HTTP Response

200
97.126.126.70:8255

tls

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/11daffa5cf22587aecc6b87d59d9b1df3958ff21

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/11daffa5cf22587aecc6b87d59d9b1df3958ff21

HTTP Response

200
51.81.56.74:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/a1a2924158198592c3e88cb0df23c14d9fe64328

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/a1a2924158198592c3e88cb0df23c14d9fe64328

HTTP Response

200
84.19.188.216:443

tls, https

foca.exe

1.3kB
3.5kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/e4e4018dfcdae84f4d97ac89e582d96093603758

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/e4e4018dfcdae84f4d97ac89e582d96093603758

HTTP Response

200
178.254.36.62:443

tls, https

foca.exe

1.3kB
3.6kB
10
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/f73e6fc9f0730d86afe5c88c4e63a10383df7e32

http

foca.exe

538 B
5.3kB
7
8

HTTP Request

GET http://216.218.219.41/tor/server/fp/f73e6fc9f0730d86afe5c88c4e63a10383df7e32

HTTP Response

200
193.142.30.121:995

tls, pop3s

foca.exe

1.3kB
3.5kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/05ea90fd649e00905ee8e5fceefcc6c4e2f044f3

http

foca.exe

492 B
2.6kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/05ea90fd649e00905ee8e5fceefcc6c4e2f044f3

HTTP Response

200
173.164.132.129:9001

tls

foca.exe

1.3kB
3.5kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/e6ffdd585133c6554ce8a226cc080a938d3e5424

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/e6ffdd585133c6554ce8a226cc080a938d3e5424

HTTP Response

200
103.214.7.77:2083

tls

foca.exe

1.3kB
3.4kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/2c7db0b9e3e32ae1fed78457e7700beb26d64c3d

http

foca.exe

492 B
3.3kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/2c7db0b9e3e32ae1fed78457e7700beb26d64c3d

HTTP Response

200
99.76.233.159:9002

tls

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/96ee2b7c66689192ffc064467c50b7ca4c8e7613

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/96ee2b7c66689192ffc064467c50b7ca4c8e7613

HTTP Response

200
157.230.112.120:19001

tls

foca.exe

1.3kB
3.5kB
9
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/6cde3363f9f9ad5a6ea484defb58217cc9685e31

http

foca.exe

492 B
3.0kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/6cde3363f9f9ad5a6ea484defb58217cc9685e31

HTTP Response

200
135.181.37.113:9001

tls

foca.exe

1.3kB
3.6kB
9
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/ba539f33014e46bcf768d61b46204d9ddea17e44

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/ba539f33014e46bcf768d61b46204d9ddea17e44

HTTP Response

200
176.123.3.252:22

tls, ssh

foca.exe

1.3kB
3.5kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/13860c1dc65065df20e02c91b28c27a83c86830d

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/13860c1dc65065df20e02c91b28c27a83c86830d

HTTP Response

200
88.216.223.2:80

tls, http

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/66cc7059f89514dd604a3fcb5ded02dea859d5b2

http

foca.exe

492 B
4.8kB
6
6

HTTP Request

GET http://193.23.244.244/tor/server/fp/66cc7059f89514dd604a3fcb5ded02dea859d5b2

HTTP Response

200
45.136.28.24:9001

tls

foca.exe

1.3kB
3.6kB
10
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/8d3d9bbff1b835543b9eb0f5a579a2356935b552

http

foca.exe

492 B
3.3kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/8d3d9bbff1b835543b9eb0f5a579a2356935b552

HTTP Response

200
65.108.58.113:10101

tls

foca.exe

1.4kB
3.5kB
11
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/1c7c6841d0b7f10b72608dd37f992f186afb5342

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/1c7c6841d0b7f10b72608dd37f992f186afb5342

HTTP Response

200
78.47.209.125:444

tls

foca.exe

1.3kB
3.4kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/0e694423ed2e59bd403f66c629dd7d96fb245e0d

http

foca.exe

492 B
2.9kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/0e694423ed2e59bd403f66c629dd7d96fb245e0d

HTTP Response

200
192.42.253.215:9001

tls

foca.exe

1.3kB
3.4kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/568b6913ae5123edba304909a569afe8f9e73c4c

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/568b6913ae5123edba304909a569afe8f9e73c4c

HTTP Response

200
157.245.184.13:9001

tls

foca.exe

1.3kB
3.5kB
9
10
193.23.244.244:80

http://193.23.244.244/tor/server/fp/121ecc8a7bd881823daea3c0858d51fdf19b1990

http

foca.exe

492 B
2.8kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/121ecc8a7bd881823daea3c0858d51fdf19b1990

HTTP Response

200
45.93.9.212:444

tls

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/ceaa157b0dc10e79847cc46b5fe724c5ece1fa5b

http

foca.exe

492 B
3.4kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/ceaa157b0dc10e79847cc46b5fe724c5ece1fa5b

HTTP Response

200
54.250.156.224:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/ca62266a9ba8ecd9a0dd7afd85a36b0ae52c0872

http

foca.exe

492 B
3.5kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/ca62266a9ba8ecd9a0dd7afd85a36b0ae52c0872

HTTP Response

200
37.114.35.73:9001

tls

foca.exe

1.3kB
3.5kB
10
10
193.23.244.244:80

http://193.23.244.244/tor/server/fp/013ad81926572519ebcb7048e78462b5e9f1319d

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/013ad81926572519ebcb7048e78462b5e9f1319d

HTTP Response

200
109.107.35.154:443

tls, https

foca.exe

1.3kB
3.6kB
10
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/21b55072c00f4522857655fbb0f3e25d75a5357b

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/21b55072c00f4522857655fbb0f3e25d75a5357b

HTTP Response

200
77.191.71.3:443

tls, https

foca.exe

1.3kB
3.6kB
10
10
193.23.244.244:80

http://193.23.244.244/tor/server/fp/3e1a647ba558f3d55b56016a491e2c495f9ac2b3

http

foca.exe

492 B
2.9kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/3e1a647ba558f3d55b56016a491e2c495f9ac2b3

HTTP Response

200
62.102.148.185:16374

tls

foca.exe

1.4kB
3.5kB
11
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/07c3567bfd42effb1f78c027eb7fc2980fe2a26a

http

foca.exe

492 B
2.8kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/07c3567bfd42effb1f78c027eb7fc2980fe2a26a

HTTP Response

200
193.31.24.60:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/1937d5358c7db213f751ad00ace9720058838a2c

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/1937d5358c7db213f751ad00ace9720058838a2c

HTTP Response

200
185.141.57.6:6531

tls

foca.exe

1.3kB
3.6kB
9
10
193.23.244.244:80

http://193.23.244.244/tor/server/fp/2f95c32b7ef5f3620c529bd48a533c8f793357e5

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://193.23.244.244/tor/server/fp/2f95c32b7ef5f3620c529bd48a533c8f793357e5

HTTP Response

200
5.57.240.135:993

tls, imaps

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/014bd09636373b78cc28ba70e36c7190e3de236a

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/014bd09636373b78cc28ba70e36c7190e3de236a

HTTP Response

200
134.3.129.57:9001

tls

foca.exe

1.3kB
3.6kB
10
10
193.23.244.244:80

http://193.23.244.244/tor/server/fp/e0286d8886d7710a995dc160b1ce98cca360970c

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/e0286d8886d7710a995dc160b1ce98cca360970c

HTTP Response

200
103.160.63.141:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/596ef7f438fb92276bd8158325af6ecaeb21f038

http

foca.exe

492 B
2.8kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/596ef7f438fb92276bd8158325af6ecaeb21f038

HTTP Response

200
198.71.53.137:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/2322f9a66d456ad9c880d14ecea83960d36541d4

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/2322f9a66d456ad9c880d14ecea83960d36541d4

HTTP Response

200
212.162.153.159:9002

tls

foca.exe

1.3kB
3.4kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/85b86d9d2862b4a24fcc742447442827260b59c8

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/85b86d9d2862b4a24fcc742447442827260b59c8

HTTP Response

200
79.240.211.207:9001

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/72284ef77a7763d9532bab0891700a3c3594826d

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/72284ef77a7763d9532bab0891700a3c3594826d

HTTP Response

200
93.231.118.37:9001

tls

foca.exe

1.3kB
3.6kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/013878270cda8ec3d5bb4d4251410e6e8c7764ac

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/013878270cda8ec3d5bb4d4251410e6e8c7764ac

HTTP Response

200
161.53.160.104:9090

tls

foca.exe

1.3kB
3.5kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/43af24071b400911629d5bc9fc20de335f9dfc00

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/43af24071b400911629d5bc9fc20de335f9dfc00

HTTP Response

200
185.240.242.76:9001

tls

foca.exe

1.3kB
3.5kB
9
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/a84a43eed9366544f2092bdc3976dcc23fadf412

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/a84a43eed9366544f2092bdc3976dcc23fadf412

HTTP Response

200
54.213.206.148:9001

tls

foca.exe

1.3kB
3.4kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/9195827ea4fdcfb7d0041d2c9fbe55af5b1f3a3f

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/9195827ea4fdcfb7d0041d2c9fbe55af5b1f3a3f

HTTP Response

200
188.154.10.211:9001

tls

foca.exe

383 B
132 B
5
3
193.37.252.51:61457

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/dee89ac85b48582f10f5c3814a29a8ebc932731b

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/dee89ac85b48582f10f5c3814a29a8ebc932731b

HTTP Response

200
38.102.84.204:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/4bc4f3cffbcb96b31ee525633abcc827bc8bfa94

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/4bc4f3cffbcb96b31ee525633abcc827bc8bfa94

HTTP Response

200
98.121.68.25:9001

tls

foca.exe

1.3kB
3.5kB
9
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/4d44e1a878c352edb7d82c5fda6b11c2652cf2e7

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/4d44e1a878c352edb7d82c5fda6b11c2652cf2e7

HTTP Response

200
78.47.209.126:555

tls

foca.exe

1.3kB
3.5kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/5221eb30304479d4dc16f6f22c40046de1aec4ff

http

foca.exe

492 B
2.9kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/5221eb30304479d4dc16f6f22c40046de1aec4ff

HTTP Response

200
102.130.117.25:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/9a0aaf2e43be3744cd1d6cd532c861f5a568f7a9

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/9a0aaf2e43be3744cd1d6cd532c861f5a568f7a9

HTTP Response

200
107.189.12.52:443

tls, https

foca.exe

1.3kB
3.5kB
9
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/8712e17fbd0d6bbab60e3e897b326fae51e15b09

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/8712e17fbd0d6bbab60e3e897b326fae51e15b09

HTTP Response

200
51.15.36.183:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/9b3e7a0ad9a054984cc87e7ca9d5c117202d45d4

http

foca.exe

538 B
3.2kB
7
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/9b3e7a0ad9a054984cc87e7ca9d5c117202d45d4

HTTP Response

200
81.6.47.149:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/60fd4fc8ae76af71d3af70010eedee39b58d0296

http

foca.exe

492 B
2.8kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/60fd4fc8ae76af71d3af70010eedee39b58d0296

HTTP Response

200
67.159.26.2:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/34dcadcc65fcd96aac4ffcd7f2a997de519eba3b

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/34dcadcc65fcd96aac4ffcd7f2a997de519eba3b

HTTP Response

200
163.172.211.128:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/5732b489fade4b75fa9863f75d83722217d3e2b8

http

foca.exe

492 B
3.0kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/5732b489fade4b75fa9863f75d83722217d3e2b8

HTTP Response

200
178.239.223.132:9001

tls

foca.exe

1.3kB
3.6kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/f6fd371cc3ddf6001e949e48ac2550fe724ff6a0

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/f6fd371cc3ddf6001e949e48ac2550fe724ff6a0

HTTP Response

200
185.112.144.109:6443

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/4b1dc090fc78afd7ae06568853daf18f2476c62f

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/4b1dc090fc78afd7ae06568853daf18f2476c62f

HTTP Response

200
23.137.253.77:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/f9deafeb5e79f42b7da85f3cf4cbbc3414271458

http

foca.exe

492 B
3.0kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/f9deafeb5e79f42b7da85f3cf4cbbc3414271458

HTTP Response

200
152.53.15.246:8434

tls

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/684401ed908e572504f9b522d2fdc112b24276a0

http

foca.exe

492 B
2.9kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/684401ed908e572504f9b522d2fdc112b24276a0

HTTP Response

200
190.211.254.210:9001

tls

foca.exe

1.3kB
3.5kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/046a2841a526e3d5690ed33d568e9891c39503d8

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/046a2841a526e3d5690ed33d568e9891c39503d8

HTTP Response

200
147.135.110.109:80

tls, http

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/7c0fa36c13dda7566b08ef4b428dc352565cb6b6

http

foca.exe

538 B
5.3kB
7
7

HTTP Request

GET http://193.23.244.244/tor/server/fp/7c0fa36c13dda7566b08ef4b428dc352565cb6b6

HTTP Response

200
206.198.210.210:9001

tls

foca.exe

1.3kB
3.5kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/c8b30d48c11968ff96c0f9aa1ac7c1b1d6f5f6c2

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/c8b30d48c11968ff96c0f9aa1ac7c1b1d6f5f6c2

HTTP Response

200
51.16.48.3:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/1f6e2d69cb904bf812ac7fcc4c3b19eeea4242a9

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/1f6e2d69cb904bf812ac7fcc4c3b19eeea4242a9

HTTP Response

200
178.165.126.221:666

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/2b94fef968c9949fd2f10eb154938494b2f50527

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/2b94fef968c9949fd2f10eb154938494b2f50527

HTTP Response

200
50.230.231.84:80

tls, http

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/bd815c93e9d87ffb32206c3540bd8559003d3325

http

foca.exe

492 B
3.1kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/bd815c93e9d87ffb32206c3540bd8559003d3325

HTTP Response

200
167.235.177.161:443

tls, https

foca.exe

1.3kB
3.4kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/530bc13fe24d7c4849e16d459631b5a6538deb11

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/530bc13fe24d7c4849e16d459631b5a6538deb11

HTTP Response

200
172.233.154.111:9001

tls

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/dccdafb7f57641716a7ab0bbc0fba21b3642a3db

http

foca.exe

492 B
2.9kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/dccdafb7f57641716a7ab0bbc0fba21b3642a3db

HTTP Response

200
46.226.106.182:443

tls, https

foca.exe

1.3kB
3.4kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/8d5392a1fe568211ef62ccaf257dae584aa5cda5

http

foca.exe

492 B
2.8kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/8d5392a1fe568211ef62ccaf257dae584aa5cda5

HTTP Response

200
80.151.220.220:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/fb32976f43501fc5abb8588531979b9d195e37f7

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/fb32976f43501fc5abb8588531979b9d195e37f7

HTTP Response

200
178.79.161.177:9001

tls

foca.exe

1.5kB
3.6kB
11
11
216.218.219.41:80

http://216.218.219.41/tor/server/fp/355340273e78dac664b2328ec46d61998d797141

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/355340273e78dac664b2328ec46d61998d797141

HTTP Response

200
217.160.13.173:6574

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/2a0fad3ca7a190c43d8ed7896727bd426e8c2efa

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/2a0fad3ca7a190c43d8ed7896727bd426e8c2efa

HTTP Response

200
205.185.121.159:9001

tls

foca.exe

1.9kB
3.5kB
11
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/1379db904266e12ca9d720d70edba9c54b58d708

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/1379db904266e12ca9d720d70edba9c54b58d708

HTTP Response

200
93.230.133.7:8000

tls

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/f77d5810c7ac4f81c9e74fd8c00aa6e382864b49

http

foca.exe

544 B
2.8kB
7
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/f77d5810c7ac4f81c9e74fd8c00aa6e382864b49

HTTP Response

200
193.41.226.216:9100

tls

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/d1336d48ca4075ed14e052d55d3a60e0f2157dfb

http

foca.exe

630 B
11.4kB
9
12

HTTP Request

GET http://216.218.219.41/tor/server/fp/d1336d48ca4075ed14e052d55d3a60e0f2157dfb

HTTP Response

200
51.210.111.103:9001

tls

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/c388f5a09620a5d76275324eebb90a06a8bd95cd

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/c388f5a09620a5d76275324eebb90a06a8bd95cd

HTTP Response

200
192.42.113.102:9001

tls

foca.exe

1.3kB
3.6kB
9
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/874d84382c892f3f61cc9e106bf08843de0b865a

http

foca.exe

492 B
2.9kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/874d84382c892f3f61cc9e106bf08843de0b865a

HTTP Response

200
194.147.140.102:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/3f6cedcf8ca8f8af550f6545a44738a343b65fbd

http

foca.exe

492 B
3.0kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/3f6cedcf8ca8f8af550f6545a44738a343b65fbd

HTTP Response

200
140.238.228.61:9001

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/738ae0309675c36201b83283c1898f4b841db96b

http

foca.exe

492 B
3.0kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/738ae0309675c36201b83283c1898f4b841db96b

HTTP Response

200
92.205.161.164:443

foca.exe

208 B
4
199.195.248.172:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/2ee7f49728d03f8bc0dc1d67558499290c5f09ff

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/2ee7f49728d03f8bc0dc1d67558499290c5f09ff

HTTP Response

200
212.227.165.251:443

tls, https

foca.exe

1.3kB
3.6kB
9
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/083c52051140db8af770bd40c7c8883efff4caf3

http

foca.exe

492 B
3.0kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/083c52051140db8af770bd40c7c8883efff4caf3

HTTP Response

200
193.182.111.132:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/5e24ef47236bc5fc14431fd9c2bf45e8b38b8fcd

http

foca.exe

492 B
3.1kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/5e24ef47236bc5fc14431fd9c2bf45e8b38b8fcd

HTTP Response

200
80.131.223.82:9005

tls

foca.exe

1.3kB
3.4kB
9
8
216.218.219.41:80

http://216.218.219.41/tor/server/fp/cfb8ce28d1b12eeb8662511afbc1d0c6f79065a8

http

foca.exe

492 B
2.7kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/cfb8ce28d1b12eeb8662511afbc1d0c6f79065a8

HTTP Response

200
146.19.168.223:9300

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/1e4394dcd757e9f4ee871f5831c796ba4fcf7eb4

http

foca.exe

630 B
11.3kB
9
11

HTTP Request

GET http://193.23.244.244/tor/server/fp/1e4394dcd757e9f4ee871f5831c796ba4fcf7eb4

HTTP Response

200
49.13.84.173:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
216.218.219.41:80

http://216.218.219.41/tor/server/fp/f2312b8f9663827441c686d44e3d26577e649d0b

http

foca.exe

492 B
2.8kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/f2312b8f9663827441c686d44e3d26577e649d0b

HTTP Response

200
18.18.82.18:9001

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/bf54ee3193751481579ba7cc7d8e1df0a01afb30

http

foca.exe

492 B
2.8kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/bf54ee3193751481579ba7cc7d8e1df0a01afb30

HTTP Response

200
135.181.213.163:443

tls, https

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/83aadc17e539e7a0b3cf0dd9b4e58c3abd268ca7

http

foca.exe

492 B
2.7kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/83aadc17e539e7a0b3cf0dd9b4e58c3abd268ca7

HTTP Response

200
5.255.99.189:443

foca.exe

260 B
200 B
5
5
104.156.225.206:9999

tls

foca.exe

383 B
132 B
5
3
85.215.160.128:443

tls, https

foca.exe

1.3kB
3.5kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/e1c428ea28b7e8cadbd4b514fc55388fe80231c4

http

foca.exe

492 B
3.3kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/e1c428ea28b7e8cadbd4b514fc55388fe80231c4

HTTP Response

200
198.74.52.66:444

tls

foca.exe

1.3kB
3.5kB
9
10
216.218.219.41:80

http://216.218.219.41/tor/server/fp/3b91903a5f3e22defffe52fd8da8da30001a8b97

http

foca.exe

492 B
2.9kB
6
6

HTTP Request

GET http://216.218.219.41/tor/server/fp/3b91903a5f3e22defffe52fd8da8da30001a8b97

HTTP Response

200
135.181.78.188:9200

tls

foca.exe

1.3kB
3.4kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/8d67f612da8decfd9c90f97249c1ff7c04723324

http

foca.exe

492 B
2.9kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/8d67f612da8decfd9c90f97249c1ff7c04723324

HTTP Response

200
65.109.65.59:9002

tls

foca.exe

1.3kB
3.5kB
10
9
193.23.244.244:80

http://193.23.244.244/tor/server/fp/d09daa1ebe22c99578fdbb8ad61e02c521a78e51

http

foca.exe

492 B
3.5kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/d09daa1ebe22c99578fdbb8ad61e02c521a78e51

HTTP Response

200
206.168.240.163:443

tls, https

foca.exe

1.3kB
3.6kB
10
10
193.23.244.244:80

http://193.23.244.244/tor/server/fp/bac96e40c3752bb87167d8ef06ff6fead2b9cd68

http

foca.exe

492 B
3.4kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/bac96e40c3752bb87167d8ef06ff6fead2b9cd68

HTTP Response

200
92.243.65.197:9001

tls

foca.exe

1.3kB
3.4kB
9
8
193.23.244.244:80

http://193.23.244.244/tor/server/fp/a91276b9164669b2d3f6b34455a6e8ca21e5cb61

http

foca.exe

492 B
2.6kB
6
5

HTTP Request

GET http://193.23.244.244/tor/server/fp/a91276b9164669b2d3f6b34455a6e8ca21e5cb61

HTTP Response

200
50.230.231.84:443

tls, https

foca.exe

1.2kB
3.3kB
7
6

8.8.8.8:53

58.55.71.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

58.55.71.13.in-addr.arpa
8.8.8.8:53

35.244.122.92.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

35.244.122.92.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

140.32.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

140.32.126.40.in-addr.arpa
8.8.8.8:53

28.118.140.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

28.118.140.52.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

171.39.242.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

171.39.242.20.in-addr.arpa
8.8.8.8:53

133.211.185.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

133.211.185.52.in-addr.arpa
8.8.8.8:53

8.179.89.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

8.179.89.13.in-addr.arpa
8.8.8.8:53

advertspace10.club

dns

foca.exe

64 B
131 B
1
1

DNS Request

advertspace10.club
8.8.8.8:53

logstat17.club

dns

foca.exe

60 B
127 B
1
1

DNS Request

logstat17.club
8.8.8.8:53

api.ipify.org

dns

foca.exe

59 B
107 B
1
1

DNS Request

api.ipify.org

DNS Response

104.26.13.205

172.67.74.152

104.26.12.205
8.8.8.8:53

205.13.26.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

205.13.26.104.in-addr.arpa
8.8.8.8:53

189.40.188.131.in-addr.arpa

dns

73 B
121 B
1
1

DNS Request

189.40.188.131.in-addr.arpa
8.8.8.8:53

131.11.98.141.in-addr.arpa

dns

216 B
319 B
3
3

DNS Request

131.11.98.141.in-addr.arpa

DNS Request

84.231.230.50.in-addr.arpa

DNS Request

84.231.230.50.in-addr.arpa
8.8.8.8:53

41.219.218.216.in-addr.arpa

dns

73 B
130 B
1
1

DNS Request

41.219.218.216.in-addr.arpa
8.8.8.8:53

221.156.217.95.in-addr.arpa

dns

73 B
131 B
1
1

DNS Request

221.156.217.95.in-addr.arpa
8.8.8.8:53

253.121.5.163.in-addr.arpa

dns

72 B
94 B
1
1

DNS Request

253.121.5.163.in-addr.arpa
8.8.8.8:53

181.213.180.207.in-addr.arpa

dns

74 B
114 B
1
1

DNS Request

181.213.180.207.in-addr.arpa
8.8.8.8:53

221.181.143.79.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

221.181.143.79.in-addr.arpa
8.8.8.8:53

244.244.23.193.in-addr.arpa

dns

73 B
108 B
1
1

DNS Request

244.244.23.193.in-addr.arpa
8.8.8.8:53

157.235.9.192.in-addr.arpa

dns

72 B
157 B
1
1

DNS Request

157.235.9.192.in-addr.arpa
8.8.8.8:53

19.240.144.45.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

19.240.144.45.in-addr.arpa
8.8.8.8:53

89.45.181.135.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

89.45.181.135.in-addr.arpa
8.8.8.8:53

97.53.160.77.in-addr.arpa

dns

71 B
111 B
1
1

DNS Request

97.53.160.77.in-addr.arpa
8.8.8.8:53

241.130.211.80.in-addr.arpa

dns

73 B
101 B
1
1

DNS Request

241.130.211.80.in-addr.arpa
8.8.8.8:53

159.28.168.104.in-addr.arpa

dns

73 B
123 B
1
1

DNS Request

159.28.168.104.in-addr.arpa
8.8.8.8:53

47.59.242.94.in-addr.arpa

dns

142 B
214 B
2
2

DNS Request

47.59.242.94.in-addr.arpa

DNS Request

47.59.242.94.in-addr.arpa
8.8.8.8:53

70.126.126.97.in-addr.arpa

dns

144 B
228 B
2
2

DNS Request

70.126.126.97.in-addr.arpa

DNS Request

70.126.126.97.in-addr.arpa
8.8.8.8:53

74.56.81.51.in-addr.arpa

dns

140 B
216 B
2
2

DNS Request

74.56.81.51.in-addr.arpa

DNS Request

74.56.81.51.in-addr.arpa
8.8.8.8:53

216.188.19.84.in-addr.arpa

dns

144 B
220 B
2
2

DNS Request

216.188.19.84.in-addr.arpa

DNS Request

216.188.19.84.in-addr.arpa
8.8.8.8:53

62.36.254.178.in-addr.arpa

dns

144 B
200 B
2
2

DNS Request

62.36.254.178.in-addr.arpa

DNS Request

62.36.254.178.in-addr.arpa
8.8.8.8:53

121.30.142.193.in-addr.arpa

dns

146 B
256 B
2
2

DNS Request

121.30.142.193.in-addr.arpa

DNS Request

121.30.142.193.in-addr.arpa
8.8.8.8:53

129.132.164.173.in-addr.arpa

dns

148 B
264 B
2
2

DNS Request

129.132.164.173.in-addr.arpa

DNS Request

129.132.164.173.in-addr.arpa
8.8.8.8:53

159.113.53.23.in-addr.arpa

dns

144 B
274 B
2
2

DNS Request

159.113.53.23.in-addr.arpa

DNS Request

159.113.53.23.in-addr.arpa
8.8.8.8:53

79.121.231.20.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

79.121.231.20.in-addr.arpa

DNS Request

79.121.231.20.in-addr.arpa
8.8.8.8:53

77.7.214.103.in-addr.arpa

dns

142 B
268 B
2
2

DNS Request

77.7.214.103.in-addr.arpa

DNS Request

77.7.214.103.in-addr.arpa
8.8.8.8:53

159.233.76.99.in-addr.arpa

dns

144 B
262 B
2
2

DNS Request

159.233.76.99.in-addr.arpa

DNS Request

159.233.76.99.in-addr.arpa
8.8.8.8:53

120.112.230.157.in-addr.arpa

dns

148 B
212 B
2
2

DNS Request

120.112.230.157.in-addr.arpa

DNS Request

120.112.230.157.in-addr.arpa
8.8.8.8:53

113.37.181.135.in-addr.arpa

dns

146 B
262 B
2
2

DNS Request

113.37.181.135.in-addr.arpa

DNS Request

113.37.181.135.in-addr.arpa
8.8.8.8:53

252.3.123.176.in-addr.arpa

dns

144 B
274 B
2
2

DNS Request

252.3.123.176.in-addr.arpa

DNS Request

252.3.123.176.in-addr.arpa
8.8.8.8:53

2.223.216.88.in-addr.arpa

dns

142 B
214 B
2
2

DNS Request

2.223.216.88.in-addr.arpa

DNS Request

2.223.216.88.in-addr.arpa
8.8.8.8:53

24.28.136.45.in-addr.arpa

dns

142 B
214 B
2
2

DNS Request

24.28.136.45.in-addr.arpa

DNS Request

24.28.136.45.in-addr.arpa
8.8.8.8:53

113.58.108.65.in-addr.arpa

dns

144 B
129 B
2
1

DNS Request

113.58.108.65.in-addr.arpa

DNS Request

113.58.108.65.in-addr.arpa
8.8.8.8:53

125.209.47.78.in-addr.arpa

dns

144 B
258 B
2
2

DNS Request

125.209.47.78.in-addr.arpa

DNS Request

125.209.47.78.in-addr.arpa
8.8.8.8:53

215.253.42.192.in-addr.arpa

dns

146 B
206 B
2
2

DNS Request

215.253.42.192.in-addr.arpa

DNS Request

215.253.42.192.in-addr.arpa
8.8.8.8:53

13.184.245.157.in-addr.arpa

dns

146 B
214 B
2
2

DNS Request

13.184.245.157.in-addr.arpa

DNS Request

13.184.245.157.in-addr.arpa
8.8.8.8:53

212.9.93.45.in-addr.arpa

dns

140 B
270 B
2
2

DNS Request

212.9.93.45.in-addr.arpa

DNS Request

212.9.93.45.in-addr.arpa
8.8.8.8:53

224.156.250.54.in-addr.arpa

dns

146 B
284 B
2
2

DNS Request

224.156.250.54.in-addr.arpa

DNS Request

224.156.250.54.in-addr.arpa
8.8.8.8:53

73.35.114.37.in-addr.arpa

dns

142 B
220 B
2
2

DNS Request

73.35.114.37.in-addr.arpa

DNS Request

73.35.114.37.in-addr.arpa
8.8.8.8:53

154.35.107.109.in-addr.arpa

dns

146 B
246 B
2
2

DNS Request

154.35.107.109.in-addr.arpa

DNS Request

154.35.107.109.in-addr.arpa
8.8.8.8:53

3.71.191.77.in-addr.arpa

dns

140 B
266 B
2
2

DNS Request

3.71.191.77.in-addr.arpa

DNS Request

3.71.191.77.in-addr.arpa
8.8.8.8:53

185.148.102.62.in-addr.arpa

dns

146 B
274 B
2
2

DNS Request

185.148.102.62.in-addr.arpa

DNS Request

185.148.102.62.in-addr.arpa
8.8.8.8:53

60.24.31.193.in-addr.arpa

dns

142 B
234 B
2
2

DNS Request

60.24.31.193.in-addr.arpa

DNS Request

60.24.31.193.in-addr.arpa
8.8.8.8:53

6.57.141.185.in-addr.arpa

dns

142 B
240 B
2
2

DNS Request

6.57.141.185.in-addr.arpa

DNS Request

6.57.141.185.in-addr.arpa
8.8.8.8:53

135.240.57.5.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

135.240.57.5.in-addr.arpa
8.8.8.8:53

57.129.3.134.in-addr.arpa

dns

142 B
258 B
2
2

DNS Request

57.129.3.134.in-addr.arpa

DNS Request

57.129.3.134.in-addr.arpa
8.8.8.8:53

141.63.160.103.in-addr.arpa

dns

146 B
268 B
2
2

DNS Request

141.63.160.103.in-addr.arpa

DNS Request

141.63.160.103.in-addr.arpa
8.8.8.8:53

137.53.71.198.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

137.53.71.198.in-addr.arpa
8.8.8.8:53

159.153.162.212.in-addr.arpa

dns

148 B
200 B
2
2

DNS Request

159.153.162.212.in-addr.arpa

DNS Request

159.153.162.212.in-addr.arpa
8.8.8.8:53

207.211.240.79.in-addr.arpa

dns

146 B
232 B
2
2

DNS Request

207.211.240.79.in-addr.arpa

DNS Request

207.211.240.79.in-addr.arpa
8.8.8.8:53

37.118.231.93.in-addr.arpa

dns

144 B
230 B
2
2

DNS Request

37.118.231.93.in-addr.arpa

DNS Request

37.118.231.93.in-addr.arpa
8.8.8.8:53

104.160.53.161.in-addr.arpa

dns

146 B
204 B
2
2

DNS Request

104.160.53.161.in-addr.arpa

DNS Request

104.160.53.161.in-addr.arpa
8.8.8.8:53

76.242.240.185.in-addr.arpa

dns

73 B
157 B
1
1

DNS Request

76.242.240.185.in-addr.arpa
8.8.8.8:53

148.206.213.54.in-addr.arpa

dns

146 B
274 B
2
2

DNS Request

148.206.213.54.in-addr.arpa

DNS Request

148.206.213.54.in-addr.arpa
8.8.8.8:53

211.10.154.188.in-addr.arpa

dns

146 B
236 B
2
2

DNS Request

211.10.154.188.in-addr.arpa

DNS Request

211.10.154.188.in-addr.arpa
8.8.8.8:53

51.252.37.193.in-addr.arpa

dns

144 B
264 B
2
2

DNS Request

51.252.37.193.in-addr.arpa

DNS Request

51.252.37.193.in-addr.arpa
8.8.8.8:53

204.84.102.38.in-addr.arpa

dns

144 B
272 B
2
2

DNS Request

204.84.102.38.in-addr.arpa

DNS Request

204.84.102.38.in-addr.arpa
8.8.8.8:53

25.68.121.98.in-addr.arpa

dns

142 B
242 B
2
2

DNS Request

25.68.121.98.in-addr.arpa

DNS Request

25.68.121.98.in-addr.arpa
8.8.8.8:53

126.209.47.78.in-addr.arpa

dns

144 B
258 B
2
2

DNS Request

126.209.47.78.in-addr.arpa

DNS Request

126.209.47.78.in-addr.arpa
8.8.8.8:53

25.117.130.102.in-addr.arpa

dns

146 B
256 B
2
2

DNS Request

25.117.130.102.in-addr.arpa

DNS Request

25.117.130.102.in-addr.arpa
8.8.8.8:53

52.12.189.107.in-addr.arpa

dns

144 B
262 B
2
2

DNS Request

52.12.189.107.in-addr.arpa

DNS Request

52.12.189.107.in-addr.arpa
8.8.8.8:53

183.36.15.51.in-addr.arpa

dns

142 B
202 B
2
2

DNS Request

183.36.15.51.in-addr.arpa

DNS Request

183.36.15.51.in-addr.arpa
8.8.8.8:53

149.47.6.81.in-addr.arpa

dns

140 B
210 B
2
2

DNS Request

149.47.6.81.in-addr.arpa

DNS Request

149.47.6.81.in-addr.arpa
8.8.8.8:53

2.26.159.67.in-addr.arpa

dns

140 B
260 B
2
2

DNS Request

2.26.159.67.in-addr.arpa

DNS Request

2.26.159.67.in-addr.arpa
8.8.8.8:53

128.211.172.163.in-addr.arpa

dns

148 B
220 B
2
2

DNS Request

128.211.172.163.in-addr.arpa

DNS Request

128.211.172.163.in-addr.arpa
8.8.8.8:53

132.223.239.178.in-addr.arpa

dns

148 B
268 B
2
2

DNS Request

132.223.239.178.in-addr.arpa

DNS Request

132.223.239.178.in-addr.arpa
8.8.8.8:53

109.144.112.185.in-addr.arpa

dns

148 B
115 B
2
1

DNS Request

109.144.112.185.in-addr.arpa

DNS Request

109.144.112.185.in-addr.arpa
8.8.8.8:53

77.253.137.23.in-addr.arpa

dns

144 B
286 B
2
2

DNS Request

77.253.137.23.in-addr.arpa

DNS Request

77.253.137.23.in-addr.arpa
8.8.8.8:53

246.15.53.152.in-addr.arpa

dns

144 B
236 B
2
2

DNS Request

246.15.53.152.in-addr.arpa

DNS Request

246.15.53.152.in-addr.arpa
8.8.8.8:53

210.254.211.190.in-addr.arpa

dns

148 B
226 B
2
2

DNS Request

210.254.211.190.in-addr.arpa

DNS Request

210.254.211.190.in-addr.arpa
8.8.8.8:53

109.110.135.147.in-addr.arpa

dns

148 B
230 B
2
2

DNS Request

109.110.135.147.in-addr.arpa

DNS Request

109.110.135.147.in-addr.arpa
8.8.8.8:53

210.210.198.206.in-addr.arpa

dns

222 B
222 B
3
3

DNS Request

210.210.198.206.in-addr.arpa

DNS Request

210.210.198.206.in-addr.arpa

DNS Request

210.210.198.206.in-addr.arpa
8.8.8.8:53

3.48.16.51.in-addr.arpa

dns

138 B
264 B
2
2

DNS Request

3.48.16.51.in-addr.arpa

DNS Request

3.48.16.51.in-addr.arpa
8.8.8.8:53

221.126.165.178.in-addr.arpa

dns

148 B
232 B
2
2

DNS Request

221.126.165.178.in-addr.arpa

DNS Request

221.126.165.178.in-addr.arpa
8.8.8.8:53

161.177.235.167.in-addr.arpa

dns

148 B
266 B
2
2

DNS Request

161.177.235.167.in-addr.arpa

DNS Request

161.177.235.167.in-addr.arpa
8.8.8.8:53

111.154.233.172.in-addr.arpa

dns

148 B
256 B
2
2

DNS Request

111.154.233.172.in-addr.arpa

DNS Request

111.154.233.172.in-addr.arpa
8.8.8.8:53

182.106.226.46.in-addr.arpa

dns

146 B
222 B
2
2

DNS Request

182.106.226.46.in-addr.arpa

DNS Request

182.106.226.46.in-addr.arpa
8.8.8.8:53

220.220.151.80.in-addr.arpa

dns

146 B
232 B
2
2

DNS Request

220.220.151.80.in-addr.arpa

DNS Request

220.220.151.80.in-addr.arpa
8.8.8.8:53

177.161.79.178.in-addr.arpa

dns

146 B
196 B
2
2

DNS Request

177.161.79.178.in-addr.arpa

DNS Request

177.161.79.178.in-addr.arpa
8.8.8.8:53

173.13.160.217.in-addr.arpa

dns

146 B
208 B
2
2

DNS Request

173.13.160.217.in-addr.arpa

DNS Request

173.13.160.217.in-addr.arpa
8.8.8.8:53

159.121.185.205.in-addr.arpa

dns

148 B
266 B
2
2

DNS Request

159.121.185.205.in-addr.arpa

DNS Request

159.121.185.205.in-addr.arpa
8.8.8.8:53

7.133.230.93.in-addr.arpa

dns

142 B
228 B
2
2

DNS Request

7.133.230.93.in-addr.arpa

DNS Request

7.133.230.93.in-addr.arpa
8.8.8.8:53

216.226.41.193.in-addr.arpa

dns

146 B
216 B
2
2

DNS Request

216.226.41.193.in-addr.arpa

DNS Request

216.226.41.193.in-addr.arpa
8.8.8.8:53

103.111.210.51.in-addr.arpa

dns

146 B
232 B
2
2

DNS Request

103.111.210.51.in-addr.arpa

DNS Request

103.111.210.51.in-addr.arpa
8.8.8.8:53

102.113.42.192.in-addr.arpa

dns

146 B
208 B
2
2

DNS Request

102.113.42.192.in-addr.arpa

DNS Request

102.113.42.192.in-addr.arpa
8.8.8.8:53

102.140.147.194.in-addr.arpa

dns

74 B
110 B
1
1

DNS Request

102.140.147.194.in-addr.arpa
8.8.8.8:53

61.228.238.140.in-addr.arpa

dns

146 B
314 B
2
2

DNS Request

61.228.238.140.in-addr.arpa

DNS Request

61.228.238.140.in-addr.arpa
8.8.8.8:53

172.248.195.199.in-addr.arpa

dns

148 B
224 B
2
2

DNS Request

172.248.195.199.in-addr.arpa

DNS Request

172.248.195.199.in-addr.arpa
8.8.8.8:53

251.165.227.212.in-addr.arpa

dns

148 B
278 B
2
2

DNS Request

251.165.227.212.in-addr.arpa

DNS Request

251.165.227.212.in-addr.arpa
8.8.8.8:53

132.111.182.193.in-addr.arpa

dns

148 B
224 B
2
2

DNS Request

132.111.182.193.in-addr.arpa

DNS Request

132.111.182.193.in-addr.arpa
8.8.8.8:53

82.223.131.80.in-addr.arpa

dns

72 B
115 B
1
1

DNS Request

82.223.131.80.in-addr.arpa
8.8.8.8:53

223.168.19.146.in-addr.arpa

dns

146 B
190 B
2
2

DNS Request

223.168.19.146.in-addr.arpa

DNS Request

223.168.19.146.in-addr.arpa
8.8.8.8:53

173.84.13.49.in-addr.arpa

dns

142 B
254 B
2
2

DNS Request

173.84.13.49.in-addr.arpa

DNS Request

173.84.13.49.in-addr.arpa
8.8.8.8:53

18.82.18.18.in-addr.arpa

dns

140 B
204 B
2
2

DNS Request

18.82.18.18.in-addr.arpa

DNS Request

18.82.18.18.in-addr.arpa
8.8.8.8:53

163.213.181.135.in-addr.arpa

dns

148 B
266 B
2
2

DNS Request

163.213.181.135.in-addr.arpa

DNS Request

163.213.181.135.in-addr.arpa
8.8.8.8:53

206.225.156.104.in-addr.arpa

dns

148 B
190 B
2
2

DNS Request

206.225.156.104.in-addr.arpa

DNS Request

206.225.156.104.in-addr.arpa
8.8.8.8:53

128.160.215.85.in-addr.arpa

dns

146 B
228 B
2
2

DNS Request

128.160.215.85.in-addr.arpa

DNS Request

128.160.215.85.in-addr.arpa
8.8.8.8:53

66.52.74.198.in-addr.arpa

dns

142 B
188 B
2
2

DNS Request

66.52.74.198.in-addr.arpa

DNS Request

66.52.74.198.in-addr.arpa
8.8.8.8:53

188.78.181.135.in-addr.arpa

dns

146 B
262 B
2
2

DNS Request

188.78.181.135.in-addr.arpa

DNS Request

188.78.181.135.in-addr.arpa
8.8.8.8:53

59.65.109.65.in-addr.arpa

dns

142 B
254 B
2
2

DNS Request

59.65.109.65.in-addr.arpa

DNS Request

59.65.109.65.in-addr.arpa
8.8.8.8:53

163.240.168.206.in-addr.arpa

dns

148 B
276 B
2
2

DNS Request

163.240.168.206.in-addr.arpa

DNS Request

163.240.168.206.in-addr.arpa
8.8.8.8:53

197.65.243.92.in-addr.arpa

dns

144 B
172 B
2
2

DNS Request

197.65.243.92.in-addr.arpa

DNS Request

197.65.243.92.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Proxy

T1090

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\qbwekn\foca.exe

Filesize
147KB

MD5
2579be109c1035cb96942951710020a8

SHA1
6987472967c8ce5e3d5fd6730a9da2964afacd10

SHA256
a0a5ebd512b7685798ac966c0b05415df9eff585a79af11c9ff99d7aa17e2101

SHA512
191ea3d7edc69f1cb9d1ec4967074667c5e1c6b02fdaa8bbc5a4414bf5ca00ccafadc49670c5b3065133915d78e482572545f1d0c8c3382e6a767c1f08a33a21

Download Submit
memory/2604-6-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/2604-19-0x00000000007A0000-0x00000000007D4000-memory.dmp

Filesize
208KB

Download
memory/2604-3-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/2604-0-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/2604-9-0x00000000007A0000-0x00000000007D4000-memory.dmp

Filesize
208KB

Download
memory/2604-10-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/2604-2-0x0000000000600000-0x0000000000601000-memory.dmp

Filesize
4KB

Download
memory/2604-11-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/2604-1-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/3996-17-0x0000000000A10000-0x0000000000A11000-memory.dmp

Filesize
4KB

Download
memory/3996-21-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/3996-25-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/3996-26-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/3996-31-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/3996-32-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download
memory/3996-33-0x0000000000400000-0x000000000044D000-memory.dmp

Filesize
308KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request