| 15421 |
2023-03-05 02:07
|
http://103.147.185.68/j/p15ww/...
PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
2
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
5.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15422 |
2023-03-05 02:06
|
http://103.147.185.68/j/p18gf/...
PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
|
|
5.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15423 |
2023-03-05 02:06
|
http://103.147.185.68/j/p16za/...
AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
|
|
4.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15424 |
2023-03-05 02:05
|
http://103.147.185.68/j/p2/log...
PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
|
2
104.21.22.107
103.147.185.68 - mailcious
|
2
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
5.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15425 |
2023-03-05 02:04
|
http://103.147.185.68/j/p17qz/...
AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
|
|
4.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15426 |
2023-03-05 02:04
|
http://103.147.185.68/j/p21fh/...
PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
|
|
6.2 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15427 |
2023-03-05 02:03
|
http://103.147.185.68/j/p19xw/...
AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
|
|
4.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15428 |
2023-03-05 02:01
|
http://103.147.185.68/j/p9fr/l...
PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
|
|
5.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15429 |
2023-03-05 02:01
|
http://103.147.185.68/j/p22pw/...
AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
|
|
4.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15430 |
2023-03-05 02:00
|
http://bartonmcgill.co.nz/.wel...
PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM BitCoin MSOffice File PNG Format JPEG Form Code Injection Creates executable files RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
77
http://bartonmcgill.co.nz/.well-known/sand.php
http://www.bartonmcgill.co.nz/wp-content/uploads/2016/11/barton-mcgill-logo.png
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/ie10-viewport-bug-workaround.js
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVQ.woff
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVQ.woff
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/style.css?ver=9.7.12
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/csstransforms3d.js?ver=9.7.12
https://www.google-analytics.com/g/collect?v=2&tid=G-0R9S7RLPRV>m=45je3310&_p=553900694&cid=440705435.1677906184&ul=&sr=1365x1024&_s=1&sid=1677906183&sct=1&seg=0&dl=https%3A%2F%2Fwww.bartonmcgill.co.nz%2F.well-known%2Fsand.php&dt=Page%20not%20found%20-%20Barton%20McGill%20Pools%20Tables&en=page_view&_fv=1&_nsi=1&_ss=1
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/fancyBox/helpers/jquery.fancybox-thumbs.js?ver=9.7.12
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/bootstrap/js/bootstrap.min.js?ver=9.7.12
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/jquery.theme.js?ver=9.7.12
https://www.bartonmcgill.co.nz/wp-content/uploads/2019/12/Silver-Spas-logo-REV-V2.jpg
https://www.bartonmcgill.co.nz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
https://www.google-analytics.com/analytics.js
https://www.bartonmcgill.co.nz/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.2.0
https://www.bartonmcgill.co.nz/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.css
https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexg.woff
https://www.bartonmcgill.co.nz/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.1.1
https://cdnjs.cloudflare.com/ajax/libs/ekko-lightbox/5.3.0/ekko-lightbox.min.js
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css
https://www.bartonmcgill.co.nz/wp-content/uploads/2017/01/montfront-logo-3.png
https://www.bartonmcgill.co.nz/wp-content/uploads/2016/11/logo-brunswick.png
https://www.bartonmcgill.co.nz/wp-includes/js/hoverIntent.min.js?ver=1.10.1
https://www.bartonmcgill.co.nz/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
https://www.bartonmcgill.co.nz/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6.1
https://www.bartonmcgill.co.nz/wp-content/uploads/2017/01/aramith-logo-transparent-2.png
https://www.bartonmcgill.co.nz/wp-content/uploads/2017/01/170th-anniversary-logo-2.png
https://www.bartonmcgill.co.nz/wp-content/uploads/2017/07/mbm-logo-2.png
https://use.fontawesome.com/releases/v5.0.8/js/all.js
https://www.bartonmcgill.co.nz/wp-content/uploads/alterna/alterna-styles.css?ver=100
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/flexslider/flexslider.css?ver=9.7.12
https://www.bartonmcgill.co.nz/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
https://www.bartonmcgill.co.nz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
https://www.bartonmcgill.co.nz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
https://www.bartonmcgill.co.nz/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.12
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/fancyBox/helpers/jquery.fancybox-thumbs.css?ver=9.7.12
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C300%2C300italic%2C700%2C700italic&ver=5.8.6
https://www.bartonmcgill.co.nz/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.0.7
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVQ.woff
https://www.googletagmanager.com/gtag/js?id=G-0R9S7RLPRV&l=dataLayer&cx=c
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/flexslider/jquery.flexslider-min.js?ver=9.7.12
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js
https://www.google.com/recaptcha/api.js?render=6Lehx64UAAAAAOMUjOHgp5BeVL5MUPT277XXsyBR&ver=3.0
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/bootstrap/css/bootstrap.min.css?ver=9.7.12
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/img/custom/icon_chevron_top.png
https://www.bartonmcgill.co.nz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/css/animate.min.css?ver=9.7.12
https://www.bartonmcgill.co.nz/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.12
https://www.bartonmcgill.co.nz/wp-includes/css/dashicons.min.css?ver=5.8.6
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/weka.css?ver=044208
https://www.bartonmcgill.co.nz/wp-content/plugins/wp-retina-2x/app/picturefill.min.js?ver=1676569731
https://www.bartonmcgill.co.nz/wp-includes/js/wp-embed.min.js?ver=5.8.6
https://www.bartonmcgill.co.nz/wp-content/uploads/2017/07/logo-mbm-billiardi.png
https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAexg.woff
https://fonts.googleapis.com/css?family=Oswald:400,700
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/fontawesome/css/font-awesome.min.css?ver=9.7.12
https://www.bartonmcgill.co.nz/wp-content/uploads/2019/12/logo_swimart_inverse.png
https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAexg.woff
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/img/search_icon.png
https://www.bartonmcgill.co.nz/wp-includes/fonts/dashicons.eot?99ac726223c749443b642ce33df8b800
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/fancyBox/jquery.fancybox.css?ver=9.7.12
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/fancyBox/jquery.mousewheel-3.0.6.pack.js?ver=9.7.12
https://www.google-analytics.com/g/collect?v=2&tid=G-0R9S7RLPRV>m=45je3310&_p=553900694&cid=440705435.1677906184&ul=&sr=1365x1024&_s=2&sid=1677906183&sct=1&seg=1&dl=https%3A%2F%2Fwww.bartonmcgill.co.nz%2F.well-known%2Fsand.php&dt=Page%20not%20found%20-%20Barton%20McGill%20Pools%20Tables&en=page_view&_et=1
https://www.bartonmcgill.co.nz/.well-known/sand.php
https://www.bartonmcgill.co.nz/wp-content/uploads/maxmegamenu/style.css?ver=af3bd7
https://www.bartonmcgill.co.nz/wp-content/uploads/2016/12/logo.png
https://www.bartonmcgill.co.nz/wp-content/plugins/search-filter/style.css?ver=1
https://downloads.mailchimp.com/js/signup-forms/popup/embed.js
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/fontawesome/fonts/fontawesome-webfont.eot?
https://www.googletagmanager.com/gtm.js?id=GTM-PCD28WK
https://www.bartonmcgill.co.nz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
https://www.bartonmcgill.co.nz/wp-content/themes/alterna/js/fancyBox/jquery.fancybox.pack.js?ver=9.7.12
|
25
www.googletagmanager.com(142.250.207.104)
cdn-images.mailchimp.com(54.230.178.94)
www.bartonmcgill.co.nz(172.67.204.97)
www.google.com(142.250.76.132)
www.gstatic.com(142.250.206.227)
fonts.googleapis.com(142.250.207.106)
downloads.mailchimp.com(54.230.167.28)
use.fontawesome.com(172.64.133.15)
www.google-analytics.com(142.250.206.206)
fonts.gstatic.com(142.250.207.99)
cdnjs.cloudflare.com(104.17.25.14) - mailcious
s3.amazonaws.com(52.216.222.32) - malware
bartonmcgill.co.nz(104.21.22.107)
172.64.132.15
142.250.206.206 - mailcious
104.21.22.107
142.250.206.227
54.231.233.120
54.230.167.114
142.250.76.132
104.17.24.14
18.64.7.91
172.217.24.227
142.250.66.40
142.250.66.106
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
|
|
4.6 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15431 |
2023-03-05 02:00
|
http://103.147.185.68/j/p11bg/...
AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
|
|
4.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15432 |
2023-03-05 01:58
|
http://103.147.185.68/j/p5rt/l...
AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
2
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
|
|
4.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15433 |
2023-03-05 01:56
|
http://103.147.185.68/j/p6re/l...
PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM PNG Format MSOffice File JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
|
|
5.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15434 |
2023-03-05 01:55
|
http://103.147.185.68/j/p7gf/l...
AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities Tofsee Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
|
|
4.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 15435 |
2023-03-05 01:53
|
http://103.147.185.68/j/p8cv/l...
PWS[m] Downloader Create Service DGA Socket ScreenShot DNS Internet API Code injection Hijack Network Sniff Audio HTTP Steal credential KeyLogger P2P Escalate priviledges persistence FTP Http API AntiDebug AntiVM MSOffice File PNG Format JPEG Format Code Injection RWX flags setting exploit crash unpack itself Windows utilities malicious URLs Tofsee Windows Exploit DNS crashed |
|
1
103.147.185.68 - mailcious
|
2
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO TLS Handshake Failure
|
|
5.8 |
|
|
guest
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|