Your IP : 172.28.240.42

Current Path : /home/striker/
Upload File :
Current File : //home/striker/tcpdump2.log

11:26:35.155940 IP manu32.manufrog.com.http > 172.28.240.3.53388: Flags [.], seq 3331010682:3331012030, ack 1358949689, win 219, options [nop,nop,TS val 250260099 ecr 1700851], length 1348: HTTP
11:26:35.155946 IP 172.28.240.3.53388 > manu32.manufrog.com.http: Flags [.], ack 1348, win 296, options [nop,nop,TS val 1700926 ecr 250260099], length 0
11:26:35.156198 IP 172.28.240.3.ssh > 172.30.237.120.64092: Flags [P.], seq 1519581226:1519581434, ack 4280349275, win 3103, length 208
11:26:35.156808 IP 172.28.240.3.48491 > web-server.e-nk.ru.domain: 57945+ PTR? 3.240.28.172.in-addr.arpa. (43)
11:26:35.156961 IP lx8.hoststar.hosting.https > 172.28.240.3.58830: Flags [.], ack 1632894672, win 133, length 0
11:26:35.156981 IP lx18.hoststar.hosting.http > 172.28.240.3.34287: Flags [S.], seq 3367996817, ack 3210202335, win 65535, options [mss 1460,nop,wscale 9], length 0
11:26:35.157005 IP 172.28.240.3.34287 > lx18.hoststar.hosting.http: Flags [.], ack 1, win 229, length 0
11:26:35.643272 IP linux.nedahosting.ir.http > 172.28.240.3.48641: Flags [.], seq 2890321968:2890323416, ack 4014886812, win 235, options [nop,nop,TS val 1051199137 ecr 1700977], length 1448: HTTP
11:26:35.643280 IP 172.28.240.3.48641 > linux.nedahosting.ir.http: Flags [.], ack 1448, win 636, options [nop,nop,TS val 1701048 ecr 1051199137,nop,nop,sack 1 {2896:4344}], length 0
11:26:35.643766 IP 172.28.240.3.33684 > web-server.e-nk.ru.domain: 25694+ PTR? 6.186.201.195.in-addr.arpa. (44)
11:26:35.645499 IP 83.217.89.8.static.hosted.by.combell.com.https > 172.28.240.3.40769: Flags [.], seq 2635672251:2635673699, ack 3707322222, win 507, options [nop,nop,TS val 3987066825 ecr 1701004], length 1448
11:26:36.034777 IP 172.28.240.3.38616 > web-server.e-nk.ru.domain: 51930+ PTR? 22.41.119.168.in-addr.arpa. (44)
11:26:36.311074 IP 172.28.240.3.40838 > web-server.e-nk.ru.domain: 30081+ PTR? 52.177.247.87.in-addr.arpa. (44)
11:26:36.311108 IP sh20043.ispgateway.de.https > 172.28.240.3.37054: Flags [.], seq 1803553653:1803555101, ack 3475872826, win 252, options [nop,nop,TS val 2969685168 ecr 1701174], length 1448
11:26:37.607390 IP webcluster1.webpod12-cph3.one.com.https > 172.28.240.3.49423: Flags [.], seq 1790076664:1790078112, ack 489930093, win 34, options [nop,nop,TS val 874050123 ecr 1701240], length 1448
11:26:37.607397 IP 172.28.240.3.49423 > webcluster1.webpod12-cph3.one.com.https: Flags [.], ack 1448, win 998, options [nop,nop,TS val 1701539 ecr 874050123], length 0
11:26:37.607407 IP 172.28.240.3.36622 > web-server.e-nk.ru.domain: 2830+ PTR? 8.89.217.83.in-addr.arpa. (42)
11:26:38.946626 IP 172.28.240.3.59297 > web-server.e-nk.ru.domain: 46712+ PTR? 25.49.205.92.in-addr.arpa. (43)
11:26:38.949138 IP 20.160.138.157.https > 172.28.240.3.51187: Flags [.], seq 2943353529:2943354977, ack 3152995584, win 64, options [nop,nop,TS val 3770676911 ecr 1701828], length 1448
11:26:38.949148 IP 172.28.240.3.51187 > 20.160.138.157.https: Flags [.], ack 1448, win 817, options [nop,nop,TS val 1701874 ecr 3770676911,nop,nop,sack 1 {2896:4344}], length 0
11:26:39.234017 IP vmi373798.contaboserver.net.https > 172.28.240.3.32944: Flags [.], seq 2131706211:2131707659, ack 3878072787, win 505, options [nop,nop,TS val 557749978 ecr 1701902], length 1448
11:26:39.446234 IP 172.28.240.3.41752 > web-server.e-nk.ru.domain: 49796+ PTR? 157.138.160.20.in-addr.arpa. (45)
11:26:39.446418 IP host23.ssl-gesichert.at.http > 172.28.240.3.51066: Flags [.], seq 2866647432:2866648880, ack 3074445687, win 508, options [nop,nop,TS val 4050008817 ecr 1701947], length 1448: HTTP
11:26:39.446426 IP 172.28.240.3.51066 > host23.ssl-gesichert.at.http: Flags [.], ack 1448, win 545, options [nop,nop,TS val 1701998 ecr 4050008817], length 0
11:26:39.447939 IP 185.253.215.18.http > 172.28.240.3.50577: Flags [.], seq 1874210893:1874212353, ack 2970848883, win 237, length 1460: HTTP: HTTP/1.1 404 Not Found
11:26:39.703947 IP 172.28.240.3.56296 > web-server.e-nk.ru.domain: 5294+ PTR? 203.154.171.62.in-addr.arpa. (45)
11:26:39.704046 IP vmi373798.contaboserver.net.https > 172.28.240.3.32943: Flags [.], seq 3861167220:3861168668, ack 1475791550, win 505, options [nop,nop,TS val 557750459 ecr 1702022], length 1448
11:26:40.037534 IP 172.28.240.31.mysql > 172.28.240.3.50282: Flags [.], seq 1139290596:1139292044, ack 3236729491, win 1452, options [nop,nop,TS val 44061771 ecr 1702146], length 1448
11:26:40.037540 IP 172.28.240.31.mysql > 172.28.240.3.50282: Flags [P.], seq 1448:2591, ack 1, win 1452, options [nop,nop,TS val 44061771 ecr 1702146], length 1143
11:26:40.432525 IP cluster028.hosting.ovh.net.https > 172.28.240.3.35020: Flags [.], seq 3996706875:3996708323, ack 907928131, win 17, options [nop,nop,TS val 319737193 ecr 1702202], length 1448
11:26:40.432530 IP 172.28.240.3.35020 > cluster028.hosting.ovh.net.https: Flags [.], ack 4294965848, win 1126, options [nop,nop,TS val 1702245 ecr 319737046,nop,nop,sack 1 {0:1448}], length 0
11:26:50.433224 IP k19.unixstorm.org.https > 172.28.240.3.60234: Flags [P.], seq 786433704:786435065, ack 488418276, win 507, options [nop,nop,TS val 3162452773 ecr 1704594], length 1361
11:26:50.433235 IP 172.28.240.3.60234 > k19.unixstorm.org.https: Flags [.], ack 4294965848, win 251, options [nop,nop,TS val 1704745 ecr 3162451530,nop,nop,sack 1 {0:1361}], length 0
11:26:50.454261 IP 172.28.240.3.43349 > web-server.e-nk.ru.domain: 34059+ PTR? 31.240.28.172.in-addr.arpa. (44)
11:26:50.454670 IP 172.28.240.3.55689 > web-server.e-nk.ru.domain: 9615+ PTR? 111.10.32.213.in-addr.arpa. (44)
11:26:50.455259 IP 172.67.172.223.http > 172.28.240.3.53331: Flags [P.], seq 2368971892:2368972534, ack 35749116, win 8, options [nop,nop,TS val 2382718110 ecr 1704729], length 642: HTTP: HTTP/1.1 301 Moved Permanently
11:26:50.646480 IP 172.28.240.3.60774 > web-server.e-nk.ru.domain: 45341+ PTR? 130.123.227.91.in-addr.arpa. (45)
11:26:50.646595 IP 172.28.240.3.59869 > web-server.e-nk.ru.domain: 29939+ AAAA? sos-avocat-permis.fr. (38)
11:26:51.033152 IP ws4.msg.systems.https > 172.28.240.3.56971: Flags [.], seq 500328272:500329696, ack 3548864549, win 505, options [nop,nop,TS val 2345497779 ecr 1704856], length 1424
11:26:51.033159 IP 172.28.240.3.56971 > ws4.msg.systems.https: Flags [.], ack 4294964448, win 1146, options [nop,nop,TS val 1704895 ecr 2345497616,nop,nop,sack 1 {0:1424}], length 0
11:26:51.033173 IP 172.28.240.3.53055 > web-server.e-nk.ru.domain: 30790+ PTR? 223.172.67.172.in-addr.arpa. (45)
11:26:51.034649 IP ws4.msg.systems.https > 172.28.240.3.56971: Flags [.], seq 1424:2848, ack 1, win 505, options [nop,nop,TS val 2345497779 ecr 1704856], length 1424
11:26:51.242547 IP 172.28.240.3.56171 > web-server.e-nk.ru.domain: 47352+ PTR? 52.27.217.91.in-addr.arpa. (43)
11:26:51.242688 IP 192.0.78.25.https > 172.28.240.3.41063: Flags [P.], seq 2248842363:2248843761, ack 3291570155, win 62, length 1398
11:26:51.242692 IP 172.28.240.3.41063 > 192.0.78.25.https: Flags [.], ack 4294963102, win 457, options [nop,nop,sack 2 {0:1398}{6990:8450}], length 0
11:26:51.628587 IP 172.28.240.3.58270 > web-server.e-nk.ru.domain: 65194+ PTR? 25.78.0.192.in-addr.arpa. (42)
11:26:51.628603 IP 83.217.89.8.static.hosted.by.combell.com.https > 172.28.240.3.40767: Flags [.], seq 4284099382:4284100830, ack 1373553557, win 503, options [nop,nop,TS val 3987082796 ecr 1704996], length 1448
11:26:51.628609 IP 172.28.240.3.40767 > 83.217.89.8.static.hosted.by.combell.com.https: Flags [.], ack 4294964400, win 1030, options [nop,nop,TS val 1705044 ecr 3987082583,nop,nop,sack 1 {0:1448}], length 0
11:26:51.629273 IP 172.28.240.3.39382 > 167.48.180.107.host.secureserver.net.http: Flags [P.], seq 168829636:168829926, ack 109403039, win 229, options [nop,nop,TS val 1705044 ecr 2186275974], length 290: HTTP: GET /?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&action=upload HTTP/1.1
11:26:51.629495 IP 172.28.240.3.57939 > 176.52.244.25.https: Flags [P.], seq 140686980:140687295, ack 1855725808, win 229, options [nop,nop,TS val 1705044 ecr 965186372], length 315
11:26:51.785999 IP 172.28.240.3.36945 > web-server.e-nk.ru.domain: 38942+ PTR? 167.48.180.107.in-addr.arpa. (45)
11:26:51.786012 IP wawmedia.pl.https > 172.28.240.3.45640: Flags [.], seq 1077492097:1077493121, ack 2017534730, win 237, length 1024
11:26:51.786033 IP 172.28.240.3.45640 > wawmedia.pl.https: Flags [.], ack 1024, win 343, length 0
11:26:51.786041 IP wawmedia.pl.https > 172.28.240.3.45640: Flags [P.], seq 1024:1176, ack 1, win 237, length 152
11:26:51.786045 IP 172.28.240.3.45640 > wawmedia.pl.https: Flags [.], ack 2046, win 365, length 0
11:26:52.082268 IP 172.28.240.3.44211 > web-server.e-nk.ru.domain: 33793+ PTR? 25.244.52.176.in-addr.arpa. (44)
11:26:52.212707 IP 172.28.240.3.36742 > web-server.e-nk.ru.domain: 14980+ PTR? 74.166.152.94.in-addr.arpa. (44)
11:26:52.212818 IP ec2-3-66-23-70.eu-central-1.compute.amazonaws.com.https > 172.28.240.3.60370: Flags [.], seq 3285356859:3285358307, ack 732554368, win 485, options [nop,nop,TS val 3668822856 ecr 1705145], length 1448
11:26:52.525128 IP 172.28.240.3.34987 > web-server.e-nk.ru.domain: 22271+ PTR? 70.23.66.3.in-addr.arpa. (41)
11:26:52.526081 IP brinley.rev.domeny.host.https > 172.28.240.3.59602: Flags [.], seq 269583526:269584550, ack 315461717, win 252, options [nop,nop,TS val 3904604463 ecr 1705222], length 1024
11:26:52.526088 IP 172.28.240.3.59602 > brinley.rev.domeny.host.https: Flags [.], ack 4294966272, win 583, options [nop,nop,TS val 1705268 ecr 3904604314], length 0
11:26:52.526887 IP 172.28.240.3.59225 > vpshd2034.cyber-folks.pl.http: Flags [.], ack 4234707966, win 237, options [nop,nop,TS val 1705269 ecr 1148436005], length 0
11:26:52.527205 IP cluster003.ovh.net.http > 172.28.240.3.60908: Flags [P.], seq 3563711147:3563712259, ack 2343734277, win 17, options [nop,nop,TS val 2446620426 ecr 1705225], length 1112: HTTP
11:26:52.527212 IP 172.28.240.3.60908 > cluster003.ovh.net.http: Flags [.], ack 4294965848, win 658, options [nop,nop,TS val 1705269 ecr 2446620289,nop,nop,sack 1 {0:1112}], length 0
11:26:52.848753 IP 172.28.240.3.49935 > web-server.e-nk.ru.domain: 17599+ PTR? 209.11.152.94.in-addr.arpa. (44)
11:26:52.848859 IP cpanel9.vhosting-it.com.http > 172.28.240.3.43671: Flags [.], seq 2545067559:2545069007, ack 3191789073, win 235, options [nop,nop,TS val 355607980 ecr 1705251], length 1448: HTTP
11:26:53.185385 IP cpanel9.vhosting-it.com.http > 172.28.240.3.43671: Flags [.], seq 13032:14480, ack 1, win 235, options [nop,nop,TS val 355608303 ecr 1705277], length 1448: HTTP
11:26:53.185391 IP 172.28.240.3.43671 > cpanel9.vhosting-it.com.http: Flags [.], ack 14480, win 591, options [nop,nop,TS val 1705433 ecr 355608303], length 0
11:26:53.607121 IP 172.28.240.3.46480 > web-server.e-nk.ru.domain: 2808+ PTR? 4.33.186.213.in-addr.arpa. (43)
11:26:53.934222 IP 172.28.240.3.50225 > web-server.e-nk.ru.domain: 56538+ PTR? 2.60.116.185.in-addr.arpa. (43)
11:26:53.934412 IP h25.seohost.pl.http > 172.28.240.3.44861: Flags [.], seq 2033512284:2033513732, ack 1851435685, win 59, options [nop,nop,TS val 3837647852 ecr 1705569], length 1448: HTTP
11:26:53.934418 IP 172.28.240.3.44861 > h25.seohost.pl.http: Flags [.], ack 1448, win 296, options [nop,nop,TS val 1705620 ecr 3837647852,nop,nop,sack 1 {13032:14480}], length 0
11:26:54.388834 IP 172.28.240.3.40714 > web-server.e-nk.ru.domain: 43687+ PTR? 85.221.210.188.in-addr.arpa. (45)
11:26:54.388877 IP 172.28.240.3.50011 > web-server.e-nk.ru.domain: 27573+ A? seatkit.com. (29)
11:26:54.390029 IP ec2-3-66-23-70.eu-central-1.compute.amazonaws.com.https > 172.28.240.3.60372: Flags [.], seq 2291634485:2291635933, ack 3307715114, win 485, options [nop,nop,TS val 3668825078 ecr 1705701], length 1448
11:26:54.390037 IP 172.28.240.3.60372 > ec2-3-66-23-70.eu-central-1.compute.amazonaws.com.https: Flags [.], ack 2896, win 830, options [nop,nop,TS val 1705734 ecr 3668825078], length 0
11:26:54.390894 IP 172.28.240.3.47615 > server153.hosting.reg.ru.http: Flags [.], ack 981952873, win 237, options [nop,nop,TS val 1705735 ecr 2244476288], length 0
11:26:54.570086 IP 38.14.52.249.https > 172.28.240.3.55075: Flags [.], seq 3063019924:3063021372, ack 2447752186, win 252, options [nop,nop,TS val 956761342 ecr 1705703], length 1448
11:26:54.570093 IP 172.28.240.3.55075 > 38.14.52.249.https: Flags [.], ack 5792, win 1309, options [nop,nop,TS val 1705779 ecr 956761342], length 0
11:26:54.570107 IP 172.28.240.3.52788 > web-server.e-nk.ru.domain: 23937+ PTR? 142.196.31.31.in-addr.arpa. (44)
11:26:54.571609 IP h25.seohost.pl.http > 172.28.240.3.44862: Flags [.], seq 2930398820:2930400268, ack 377418425, win 59, options [nop,nop,TS val 3837648397 ecr 1705706], length 1448: HTTP
11:26:54.571615 IP 172.28.240.3.44862 > h25.seohost.pl.http: Flags [.], ack 1448, win 296, options [nop,nop,TS val 1705780 ecr 3837648397], length 0
11:26:54.572664 IP web28.majordomo.ru.http > 172.28.240.3.36134: Flags [F.], seq 4054474524, ack 799966672, win 508, options [nop,nop,TS val 2169287494 ecr 1686766], length 0
11:26:54.704336 IP 172.28.240.3.41063 > 192.0.78.25.https: Flags [.], ack 33270, win 1050, options [nop,nop,sack 1 {34730:37650}], length 0
11:26:54.995402 IP 192.0.78.233.https > 172.28.240.3.36679: Flags [.], seq 991647400:991648860, ack 3299656552, win 60, length 1460
11:26:54.995407 IP 172.28.240.3.36679 > 192.0.78.233.https: Flags [.], ack 1460, win 291, options [nop,nop,sack 1 {2636:3722}], length 0
11:26:54.995430 IP 172.28.240.3.34764 > web-server.e-nk.ru.domain: 34689+ PTR? 230.108.84.185.in-addr.arpa. (45)
11:26:54.996930 IP k19.unixstorm.org.https > 172.28.240.3.60234: Flags [.], seq 7204:8652, ack 466, win 505, options [nop,nop,TS val 3162457234 ecr 1705811], length 1448
11:26:54.996937 IP 172.28.240.3.60234 > k19.unixstorm.org.https: Flags [.], ack 8652, win 410, options [nop,nop,TS val 1705886 ecr 3162457234,nop,nop,sack 1 {11243:12691}], length 0
11:26:55.246470 IP 172.28.240.3.53139 > web-server.e-nk.ru.domain: 36424+ PTR? 233.78.0.192.in-addr.arpa. (43)
11:26:55.246508 IP 172.28.240.3.57279 > ae86a.netcup.net.https: Flags [P.], seq 2263761047:2263761338, ack 1903416084, win 310, options [nop,nop,TS val 1705948 ecr 1840203774], length 291
11:26:55.396312 IP 172.28.240.3.40607 > web-server.e-nk.ru.domain: 8649+ PTR? 106.232.61.202.in-addr.arpa. (45)
11:26:55.396399 IP host23.ssl-gesichert.at.http > 172.28.240.3.51065: Flags [.], seq 4186630707:4186632155, ack 1673878069, win 508, options [nop,nop,TS val 4050024793 ecr 1705942], length 1448: HTTP
11:26:55.396404 IP 172.28.240.3.51065 > host23.ssl-gesichert.at.http: Flags [.], ack 2896, win 1190, options [nop,nop,TS val 1705986 ecr 4050024793], length 0
11:26:55.397896 IP h25.seohost.pl.http > 172.28.240.3.44839: Flags [.], seq 413305979:413307427, ack 4081683374, win 59, options [nop,nop,TS val 3837649308 ecr 1705934], length 1448: HTTP
11:26:55.397902 IP 172.28.240.3.44839 > h25.seohost.pl.http: Flags [.], ack 1448, win 387, options [nop,nop,TS val 1705986 ecr 3837649308,nop,nop,sack 1 {7240:8688}], length 0
11:26:55.399417 IP host23.ssl-gesichert.at.http > 172.28.240.3.51067: Flags [.], seq 1585604982:1585606430, ack 927204911, win 508, options [nop,nop,TS val 4050024761 ecr 1705934], length 1448: HTTP
11:26:55.658745 IP static.37.136.99.88.clients.your-server.de.https > 172.28.240.3.55721: Flags [.], seq 894207262:894208710, ack 2230524766, win 502, options [nop,nop,TS val 3171201649 ecr 1706013], length 1448
11:26:55.658751 IP 172.28.240.3.55721 > static.37.136.99.88.clients.your-server.de.https: Flags [.], ack 4294964400, win 1158, options [nop,nop,TS val 1706051 ecr 3171201416,nop,nop,sack 1 {0:1448}], length 0
11:26:55.658845 IP 172.28.240.3.39617 > web-server.e-nk.ru.domain: 54801+ PTR? 37.136.99.88.in-addr.arpa. (43)
11:26:55.660233 IP web-server.e-nk.ru.domain > 172.28.240.3.51238: 9755 1/13/10 A 193.32.221.30 (499)
11:26:55.660302 IP 172.28.240.3.58620 > sv-l-095.fra.wp-projects.net.http: Flags [S], seq 4177009109, win 29200, options [mss 1460,sackOK,TS val 1706052 ecr 0,nop,wscale 7], length 0
11:26:55.660378 IP 62.91.9.33.https > 172.28.240.3.38637: Flags [.], seq 1954276511:1954277959, ack 1438166434, win 505, options [nop,nop,TS val 2033783967 ecr 1706014], length 1448
11:26:55.660384 IP 172.28.240.3.38637 > 62.91.9.33.https: Flags [.], ack 4294965848, win 1080, options [nop,nop,TS val 1706052 ecr 2033783789,nop,nop,sack 1 {0:1448}], length 0
11:26:57.250654 IP 172.28.240.3.57072 > web-server.e-nk.ru.domain: 20388+ PTR? 30.221.32.193.in-addr.arpa. (44)
11:26:57.250723 IP manu32.manufrog.com.http > 172.28.240.3.53626: Flags [.], seq 310921360:310922708, ack 3138541572, win 228, options [nop,nop,TS val 250282202 ecr 1706379], length 1348: HTTP
11:26:57.250730 IP 172.28.240.3.53626 > manu32.manufrog.com.http: Flags [.], ack 1348, win 938, options [nop,nop,TS val 1706449 ecr 250282202], length 0
11:26:57.252092 IP manu32.manufrog.com.http > 172.28.240.3.53626: Flags [.], seq 1348:2696, ack 1, win 228, options [nop,nop,TS val 250282202 ecr 1706379], length 1348: HTTP
11:26:57.574978 IP 104.21.10.89.http > 172.28.240.3.33313: Flags [.], seq 3629581531:3629582979, ack 1776925306, win 8, options [nop,nop,TS val 546363205 ecr 1706453], length 1448: HTTP
11:26:57.962147 IP 172.28.240.3.36284 > web-server.e-nk.ru.domain: 29357+ PTR? 89.10.21.104.in-addr.arpa. (43)
11:26:57.962255 IP www216.your-server.de.http > 172.28.240.3.49370: Flags [.], seq 4034203379:4034204839, ack 80603817, win 501, length 1460: HTTP
11:26:57.962261 IP 172.28.240.3.49370 > www216.your-server.de.http: Flags [.], ack 1460, win 867, length 0
11:26:57.962266 IP www216.your-server.de.http > 172.28.240.3.49370: Flags [FP.], seq 1460:1588, ack 1, win 501, length 128: HTTP
11:26:57.964097 IP web-server.e-nk.ru.domain > 172.28.240.3.42170: 6242 NXDomain 0/1/0 (81)
11:26:57.964137 IP 172.28.240.3.58277 > web-server.e-nk.ru.domain: 57393+ AAAA? ae-edu.eu.e-nk.ru. (35)
11:26:58.123355 IP 172.28.240.3.54261 > web-server.e-nk.ru.domain: 53154+ PTR? 246.9.46.78.in-addr.arpa. (42)
11:26:58.123523 IP host23.ssl-gesichert.at.http > 172.28.240.3.51068: Flags [.], seq 869428918:869430366, ack 707623071, win 508, options [nop,nop,TS val 4050027511 ecr 1706621], length 1448: HTTP
11:26:58.540616 IP ns30025.cloud-premium.com.http > 172.28.240.3.58622: Flags [.], seq 3798784504:3798785952, ack 1136579433, win 235, options [nop,nop,TS val 4182440586 ecr 1706690], length 1448: HTTP
11:26:58.540620 IP 172.28.240.3.58622 > ns30025.cloud-premium.com.http: Flags [.], ack 1448, win 364, options [nop,nop,TS val 1706772 ecr 4182440586,nop,nop,sack 1 {14480:15928}], length 0
11:26:58.541748 IP 104.21.10.89.http > 172.28.240.3.33312: Flags [P.], seq 507568079:507569527, ack 3003305681, win 8, options [nop,nop,TS val 508938430 ecr 1706697], length 1448: HTTP
11:26:58.541754 IP 172.28.240.3.33312 > 104.21.10.89.http: Flags [.], ack 2896, win 455, options [nop,nop,TS val 1706772 ecr 508938430,nop,nop,sack 1 {19176:20624}], length 0
11:26:58.542628 IP box5792.bluehost.com.https > 172.28.240.3.41226: Flags [S.], seq 1663401721, ack 936222443, win 64704, options [mss 1360,sackOK,TS val 3543641302 ecr 1706682,nop,wscale 7], length 0
11:26:58.542638 IP 172.28.240.3.41226 > box5792.bluehost.com.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 1706772 ecr 3543641302], length 0
11:26:58.542695 IP eu30.1host.gr.http > 172.28.240.3.57800: Flags [.], ack 1775988250, win 235, options [nop,nop,TS val 2349483401 ecr 1706724], length 0
11:26:58.963396 IP 172.28.240.3.51042 > web-server.e-nk.ru.domain: 15236+ PTR? 126.253.241.162.in-addr.arpa. (46)
11:26:58.963532 IP mail.dose-hosting-3.de.https > 172.28.240.3.37204: Flags [.], seq 1835419085:1835420533, ack 1471114025, win 126, options [nop,nop,TS val 3265835573 ecr 1706836], length 1448
11:26:58.963546 IP 172.28.240.3.37204 > mail.dose-hosting-3.de.https: Flags [.], ack 4294964400, win 788, options [nop,nop,TS val 1706878 ecr 3265835177,nop,nop,sack 1 {4294965848:1448}], length 0
11:26:58.965007 IP trillian.lubman.pl.http > 172.28.240.3.48695: Flags [.], seq 3413486814:3413488262, ack 2038489280, win 235, options [nop,nop,TS val 1770564873 ecr 1706827], length 1448: HTTP
11:26:59.517275 IP 172.28.240.3.51524 > web-server.e-nk.ru.domain: 16478+ PTR? 35.77.69.159.in-addr.arpa. (43)
11:26:59.517351 IP 185.224.154.252.https > 172.28.240.3.45938: Flags [.], seq 2297462926:2297464374, ack 3955580191, win 1502, options [nop,nop,TS val 835035868 ecr 1706724], length 1448
11:26:59.682311 IP global.thebrain.net.http > 172.28.240.3.59249: Flags [.], seq 1306030190:1306031638, ack 4218413334, win 235, options [nop,nop,TS val 2724678554 ecr 1706993], length 1448: HTTP
11:26:59.682320 IP 172.28.240.3.59249 > global.thebrain.net.http: Flags [.], ack 1448, win 455, options [nop,nop,TS val 1707057 ecr 2724678554,nop,nop,sack 1 {2896:4344}], length 0
11:26:59.969279 IP 172.28.240.3.56017 > web-server.e-nk.ru.domain: 26122+ PTR? 34.125.182.212.in-addr.arpa. (45)
11:26:59.969323 IP hosting.megawebservers.com.http > 172.28.240.3.45303: Flags [P.], seq 4122017067:4122018515, ack 4002007583, win 4623, options [nop,nop,TS val 835035967 ecr 1707048], length 1448: HTTP
11:27:00.183397 IP 172.28.240.3.57193 > web-server.e-nk.ru.domain: 18117+ PTR? 252.154.224.185.in-addr.arpa. (46)
11:27:00.183521 IP 172.28.240.3.53350 > web-server.e-nk.ru.domain: 10549+ AAAA? accommodation-drienica.com. (44)
11:27:00.567622 IP 172.28.240.3.57408 > web-server.e-nk.ru.domain: 43932+ PTR? 179.190.106.87.in-addr.arpa. (45)
11:27:00.873172 IP solitary-pear.aeza.network.http > 172.28.240.3.60876: Flags [.], seq 439585606:439586894, ack 296287109, win 509, options [nop,nop,TS val 2918476986 ecr 1707264], length 1288: HTTP
11:27:00.873200 IP 172.28.240.3.49675 > web-server.e-nk.ru.domain: 41755+ PTR? 98.32.251.216.in-addr.arpa. (44)
11:27:00.874531 IP solitary-pear.aeza.network.http > 172.28.240.3.60876: Flags [.], seq 1288:2576, ack 1, win 509, options [nop,nop,TS val 2918477070 ecr 1707308], length 1288: HTTP
11:27:01.228880 IP 172.28.240.3.53664 > web-server.e-nk.ru.domain: 61197+ PTR? 224.207.137.79.in-addr.arpa. (45)
11:27:01.228897 IP web-server.e-nk.ru.domain > 172.28.240.3.55484: 10423 0/1/0 (100)
11:27:01.228922 IP 172.28.240.3.60224 > web-server.e-nk.ru.domain: 51805+ AAAA? bora.poodo.site.e-nk.ru. (41)
11:27:01.229041 IP sh-69.1blu.de.https > 172.28.240.3.56823: Flags [.], seq 2596924855:2596926303, ack 713489716, win 506, options [nop,nop,TS val 369537754 ecr 1707402], length 1448
11:27:01.229303 IP 172.28.240.3.43457 > web-server.e-nk.ru.domain: 10625+ PTR? 73.10.254.178.in-addr.arpa. (44)
11:27:01.229333 IP 172.28.240.3.35532 > web-server.e-nk.ru.domain: 5131+ A? bora.poodo.site. (33)
11:27:01.229699 IP web-server.e-nk.ru.domain > 172.28.240.3.35532: 5131 1/4/6 A 79.137.207.224 (237)
11:27:01.229727 IP 172.28.240.3.33471 > solitary-pear.aeza.network.http: Flags [S], seq 1201287373, win 29200, options [mss 1460,sackOK,TS val 1707444 ecr 0,nop,wscale 7], length 0
11:27:01.230077 IP a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http > 172.28.240.3.41402: Flags [F.], seq 591638109, ack 939305420, win 261, options [nop,nop,TS val 1085759689 ecr 1699976], length 0
11:27:01.230633 IP 192.0.78.233.https > 172.28.240.3.36678: Flags [.], seq 3099419690:3099421150, ack 1380887707, win 62, length 1460
11:27:01.590205 IP 172.28.240.3.46886 > web-server.e-nk.ru.domain: 20442+ PTR? 147.152.33.3.in-addr.arpa. (43)
11:27:01.590222 IP 217-160-0-104.elastic-ssl.ui-r.com.http > 172.28.240.3.54366: Flags [.], seq 1193135623:1193137071, ack 3591088342, win 17, options [nop,nop,TS val 3598528229 ecr 1707488], length 1448: HTTP
11:27:01.590229 IP 172.28.240.3.54366 > 217-160-0-104.elastic-ssl.ui-r.com.http: Flags [.], ack 4294960056, win 455, options [nop,nop,TS val 1707534 ecr 3598527972,nop,nop,sack 2 {0:4344}{4294961504:4294962952}], length 0
11:27:01.591748 IP 156.237.240.23.http > 172.28.240.3.38712: Flags [.], seq 1296595990:1296597438, ack 2346672148, win 260, options [nop,nop,TS val 882957191 ecr 1707450], length 1448: HTTP
11:27:01.591754 IP 172.28.240.3.38712 > 156.237.240.23.http: Flags [.], ack 1448, win 568, options [nop,nop,TS val 1707535 ecr 882957191,nop,nop,sack 2 {8688:14480}{2896:5792}], length 0
11:27:01.768203 IP 172.28.240.3.35801 > web-server.e-nk.ru.domain: 47530+ PTR? 104.0.160.217.in-addr.arpa. (44)
11:27:01.768250 IP 20.160.138.157.https > 172.28.240.3.51187: Flags [.], seq 111496:112944, ack 1, win 64, options [nop,nop,TS val 3770699751 ecr 1707538], length 1448
11:27:01.768257 IP 172.28.240.3.51187 > 20.160.138.157.https: Flags [.], ack 115840, win 844, options [nop,nop,TS val 1707579 ecr 3770699751], length 0
11:27:01.948623 IP 192.0.78.233.https > 172.28.240.3.36678: Flags [P.], seq 4294957386:4294958784, ack 1, win 62, length 1398
11:27:01.948631 IP 172.28.240.3.36678 > 192.0.78.233.https: Flags [.], ack 4294960182, win 959, options [nop,nop,sack 2 {13140:14600}{4294961580:10220}], length 0
11:27:02.114044 IP 217-160-0-242.elastic-ssl.ui-r.com.http > 172.28.240.3.56542: Flags [.], ack 4243730949, win 17, options [nop,nop,TS val 2514946434 ecr 1707602], length 0
11:27:02.114208 IP 217-160-0-242.elastic-ssl.ui-r.com.http > 172.28.240.3.56542: Flags [P.], seq 0:445, ack 1, win 17, options [nop,nop,TS val 2514946441 ecr 1707602], length 445: HTTP: HTTP/1.1 302 Found
11:27:02.114212 IP 172.28.240.3.56542 > 217-160-0-242.elastic-ssl.ui-r.com.http: Flags [.], ack 445, win 237, options [nop,nop,TS val 1707665 ecr 2514946441], length 0
11:27:02.114880 IP 172.28.240.3.55109 > 104.21.7.131.https: Flags [.], ack 3447410713, win 305, options [nop,nop,TS val 1707666 ecr 3390378344], length 0
11:27:02.115067 IP vps-254945-4466.hosted.at.hostnet.nl.https > 172.28.240.3.59347: Flags [.], seq 1424326377:1424327825, ack 3940192211, win 243, options [nop,nop,TS val 633297102 ecr 1707618], length 1448
11:27:02.115073 IP 172.28.240.3.59347 > vps-254945-4466.hosted.at.hostnet.nl.https: Flags [.], ack 4294965848, win 907, options [nop,nop,TS val 1707666 ecr 633296931,nop,nop,sack 1 {0:1448}], length 0
11:27:02.116601 IP e69bbd9.online-server.cloud.https > 172.28.240.3.37433: Flags [.], seq 149754261:149755709, ack 939615395, win 243, options [nop,nop,TS val 157767821 ecr 1707619], length 1448
11:27:02.324473 IP 172.28.240.3.54388 > web-server.e-nk.ru.domain: 63748+ PTR? 131.7.21.104.in-addr.arpa. (43)
11:27:02.324866 IP web-server.e-nk.ru.domain > 172.28.240.3.42371: 56513 NXDomain 0/1/0 (106)
11:27:02.324881 IP volcanocommunications.com.http > 172.28.240.3.32835: Flags [.], seq 724709792:724711240, ack 512423690, win 235, options [nop,nop,TS val 2449647595 ecr 1707644], length 1448: HTTP
11:27:02.443913 IP 172.28.240.3.38473 > web-server.e-nk.ru.domain: 34784+ PTR? 86.17.85.185.in-addr.arpa. (43)
11:27:03.254768 IP 172.28.240.3.38532 > web-server.e-nk.ru.domain: 18319+ PTR? 149.249.165.82.in-addr.arpa. (45)
11:27:03.254844 IP 192.0.78.233.https > 172.28.240.3.36677: Flags [.], seq 2517554460:2517555920, ack 1055222022, win 62, length 1460
11:27:03.559048 IP 172.28.240.3.33205 > web-server.e-nk.ru.domain: 60523+ PTR? 18.194.3.208.in-addr.arpa. (43)
11:27:03.559161 IP r134.websiteservername.com.http > 172.28.240.3.39137: Flags [.], seq 765738030:765739478, ack 1647081608, win 235, options [nop,nop,TS val 1657378351 ecr 1707953], length 1448: HTTP
11:27:03.559169 IP 172.28.240.3.39137 > r134.websiteservername.com.http: Flags [.], ack 5792, win 523, options [nop,nop,TS val 1708027 ecr 1657378351], length 0
11:27:04.735537 IP 133.125.167.72.host.secureserver.net.http > 172.28.240.3.37866: Flags [.], seq 3249168014:3249169474, ack 3564435831, win 31, length 1460: HTTP
11:27:04.735543 IP 172.28.240.3.37866 > 133.125.167.72.host.secureserver.net.http: Flags [.], ack 11680, win 1021, length 0
11:27:04.735554 IP 172.28.240.3.58435 > web-server.e-nk.ru.domain: 33984+ PTR? 129.221.90.69.in-addr.arpa. (44)
11:27:04.737066 IP 104.21.10.89.http > 172.28.240.3.33315: Flags [.], seq 2360753577:2360755025, ack 2852188761, win 8, options [nop,nop,TS val 1401314324 ecr 1708253], length 1448: HTTP
11:27:04.737074 IP 172.28.240.3.33315 > 104.21.10.89.http: Flags [.], ack 1448, win 828, options [nop,nop,TS val 1708321 ecr 1401314324,nop,nop,sack 2 {11060:16820}{5792:9612}], length 0
11:27:05.274748 IP 172.28.240.3.56370 > web-server.e-nk.ru.domain: 3161+ PTR? 133.125.167.72.in-addr.arpa. (45)
11:27:05.274813 IP 216.129.153.160.host.secureserver.net.http > 172.28.240.3.44159: Flags [.], seq 2233463424:2233464872, ack 1255061829, win 31, options [nop,nop,TS val 41589254 ecr 1708407], length 1448: HTTP
11:27:05.494543 IP 172.28.240.3.34099 > web-server.e-nk.ru.domain: 42365+ PTR? 216.129.153.160.in-addr.arpa. (46)
11:27:05.494931 IP 216.129.153.160.host.secureserver.net.http > 172.28.240.3.44159: Flags [.], seq 73339:74787, ack 1, win 31, options [nop,nop,TS val 41589396 ecr 1708442], length 1448: HTTP
11:27:05.494938 IP 172.28.240.3.44159 > 216.129.153.160.host.secureserver.net.http: Flags [.], ack 37139, win 1145, options [nop,nop,TS val 1708511 ecr 41589396,nop,nop,sack 3 {70443:74787}{64651:66099}{48723:57411}], length 0
11:27:05.496416 IP 192.0.78.177.https > 172.28.240.3.42144: Flags [.], seq 403604346:403605806, ack 3880673149, win 62, length 1460
11:27:05.496421 IP 172.28.240.3.42144 > 192.0.78.177.https: Flags [.], ack 4294955616, win 1120, options [nop,nop,sack 1 {4294957076:1460}], length 0
11:27:05.498000 IP 20.160.138.157.https > 172.28.240.3.51001: Flags [.], seq 3886458752:3886460200, ack 2971609506, win 64, options [nop,nop,TS val 3770703474 ecr 1708469], length 1448
11:27:05.675429 IP 104.21.10.89.http > 172.28.240.3.33315: Flags [.], seq 21720:23168, ack 1, win 8, options [nop,nop,TS val 1401315197 ecr 1708471], length 1448: HTTP
11:27:05.675455 IP 172.28.240.3.33315 > 104.21.10.89.http: Flags [.], ack 23168, win 1190, options [nop,nop,TS val 1708556 ecr 1401315197,nop,nop,sack 1 {34752:44888}], length 0
11:27:05.675502 IP 172.28.240.3.37259 > web-server.e-nk.ru.domain: 507+ PTR? 177.78.0.192.in-addr.arpa. (43)
11:27:05.676567 IP wf.networksolutions.com.http > 172.28.240.3.33418: Flags [P.], seq 1925668467:1925668606, ack 2588347498, win 14273, options [nop,nop,TS val 835041774 ecr 1707435], length 139: HTTP: HTTP/1.1 404 Not found
11:27:05.787035 IP 172.28.240.3.39382 > web-server.e-nk.ru.domain: 14765+ PTR? 131.189.178.205.in-addr.arpa. (46)
11:27:05.787264 IP oasis.yourhost.space.http > 172.28.240.3.37752: Flags [.], seq 2120825747:2120827195, ack 4116269517, win 235, options [nop,nop,TS val 1708917086 ecr 1708522], length 1448: HTTP
11:27:05.787269 IP 172.28.240.3.37752 > oasis.yourhost.space.http: Flags [.], ack 1448, win 416, options [nop,nop,TS val 1708584 ecr 1708917086], length 0
11:27:05.787784 IP 172.28.240.3.38509 > mc21460.ispgateway.de.https: Flags [P.], seq 3029568923:3029569117, ack 3791211674, win 319, options [nop,nop,TS val 1708584 ecr 1524791714], length 194
11:27:05.789130 IP 172.28.240.3.41135 > sh11814.ispgateway.de.https: Flags [P.], seq 1646046113:1646046307, ack 2008330049, win 305, options [nop,nop,TS val 1708584 ecr 3644606591], length 194
11:27:05.789795 IP sn-69-12.tll07.zoneas.eu.https > 172.28.240.3.33898: Flags [P.], seq 1157505301:1157506749, ack 3115380860, win 261, options [nop,nop,TS val 530217813 ecr 1708540], length 1448
11:27:07.088496 IP 172.28.240.3.54065 > web-server.e-nk.ru.domain: 60206+ PTR? 16.233.202.116.in-addr.arpa. (45)
11:27:07.088548 IP 192.0.78.177.https > 172.28.240.3.42145: Flags [P.], seq 2614008749:2614010147, ack 3354216257, win 64, length 1398
11:27:07.319515 IP a67c48129651a0940.awsglobalaccelerator.com.https > 172.28.240.3.51253: Flags [P.], seq 1848287018:1848288218, ack 2145047253, win 261, options [nop,nop,TS val 1778541682 ecr 1708872], length 1200
11:27:07.319521 IP 172.28.240.3.51253 > a67c48129651a0940.awsglobalaccelerator.com.https: Flags [.], ack 1200, win 296, options [nop,nop,TS val 1708967 ecr 1778541682], length 0
11:27:07.319974 IP 172.28.240.3.43391 > web-server.e-nk.ru.domain: 65320+ PTR? 103.64.205.92.in-addr.arpa. (44)
11:27:07.573056 IP 172.28.240.3.48819 > web-server.e-nk.ru.domain: 46535+ PTR? 12.69.146.217.in-addr.arpa. (44)
11:27:07.824033 IP 172.28.240.3.51841 > web-server.e-nk.ru.domain: 8244+ PTR? 45.213.248.13.in-addr.arpa. (44)
11:27:07.824218 IP ec2-3-66-23-70.eu-central-1.compute.amazonaws.com.https > 172.28.240.3.60948: Flags [.], seq 2015524416:2015525864, ack 3791323234, win 485, options [nop,nop,TS val 3668838426 ecr 1709039], length 1448
11:27:07.825712 IP 104.21.42.226.http > 172.28.240.3.47209: Flags [.], seq 1839605332:1839606780, ack 3525244984, win 8, options [nop,nop,TS val 1482805566 ecr 1709053], length 1448: HTTP
11:27:08.003563 IP 172.28.240.3.48056 > web-server.e-nk.ru.domain: 17430+ PTR? 226.42.21.104.in-addr.arpa. (44)
11:27:08.003643 IP 216.129.153.160.host.secureserver.net.http > 172.28.240.3.44157: Flags [.], seq 311041575:311043023, ack 1777790621, win 31, options [nop,nop,TS val 41592024 ecr 1709099], length 1448: HTTP
11:27:08.003649 IP 172.28.240.3.44157 > 216.129.153.160.host.secureserver.net.http: Flags [.], ack 4294961504, win 658, options [nop,nop,TS val 1709138 ecr 41591866,nop,nop,sack 3 {0:1448}{13245:13246}{5792:8688}], length 0
11:27:08.005902 IP sh11814.ispgateway.de.http > 172.28.240.3.46381: Flags [.], seq 3383853841:3383855289, ack 439622269, win 235, options [nop,nop,TS val 3644608920 ecr 1709100], length 1448: HTTP
11:27:08.005908 IP 172.28.240.3.46381 > sh11814.ispgateway.de.http: Flags [.], ack 4294948472, win 455, options [nop,nop,TS val 1709138 ecr 3644608286,nop,nop,sack 2 {0:1448}{4294954264:4294962952}], length 0
11:27:08.006228 IP 128.65.210.87.https > 172.28.240.3.44247: Flags [.], ack 2114513209, win 53, options [nop,nop,TS val 318587534 ecr 1708525], length 0
11:27:08.124656 IP 172.28.240.3.34003 > web-server.e-nk.ru.domain: 27463+ PTR? 87.210.65.128.in-addr.arpa. (44)
11:27:08.124770 IP 152.44.180.107.host.secureserver.net.http > 172.28.240.3.37685: Flags [.], seq 3447301916:3447303364, ack 1537666808, win 31, options [nop,nop,TS val 407572 ecr 1709092], length 1448: HTTP
11:27:08.124777 IP 172.28.240.3.37685 > 152.44.180.107.host.secureserver.net.http: Flags [.], ack 7240, win 975, options [nop,nop,TS val 1709168 ecr 407572,nop,nop,sack 2 {47784:50680}{44888:46336}], length 0
11:27:08.125897 IP uvirt91.active24.cz.http > 172.28.240.3.41202: Flags [.], ack 4114272517, win 508, options [nop,nop,TS val 1760215300 ecr 1709132], length 0
11:27:08.126121 IP uvirt91.active24.cz.http > 172.28.240.3.41202: Flags [P.], seq 0:472, ack 1, win 508, options [nop,nop,TS val 1760215301 ecr 1709132], length 472: HTTP: HTTP/1.1 301 Moved Permanently
11:27:08.126123 IP 172.28.240.3.41202 > uvirt91.active24.cz.http: Flags [.], ack 472, win 237, options [nop,nop,TS val 1709168 ecr 1760215301], length 0
11:27:09.413151 IP 172.28.240.3.52379 > web-server.e-nk.ru.domain: 64660+ PTR? 152.44.180.107.in-addr.arpa. (45)
11:27:09.413311 IP 104.21.42.226.http > 172.28.240.3.47211: Flags [.], seq 2289854920:2289856368, ack 3020374841, win 8, options [nop,nop,TS val 1482807038 ecr 1709421], length 1448: HTTP
11:27:09.635433 IP 172.28.240.3.41484 > web-server.e-nk.ru.domain: 27690+ PTR? 73.10.15.31.in-addr.arpa. (42)
11:27:09.635492 IP trillian.lubman.pl.http > 172.28.240.3.48696: Flags [.], seq 4052530146:4052531594, ack 3351498744, win 235, options [nop,nop,TS val 1770575544 ecr 1709495], length 1448: HTTP
11:27:09.874575 IP web-server.e-nk.ru.domain > 172.28.240.3.38296: 29465 0/1/0 (91)
11:27:09.874629 IP 172.28.240.3.59345 > web-server.e-nk.ru.domain: 64785+ AAAA? aggas.eu.e-nk.ru. (34)
11:27:09.874699 IP 69.162.154.196.http > 172.28.240.3.50705: Flags [.], seq 550624094:550625542, ack 2692722372, win 85, options [nop,nop,TS val 1462956885 ecr 1709551], length 1448: HTTP
11:27:09.874708 IP 172.28.240.3.50705 > 69.162.154.196.http: Flags [.], ack 4294954264, win 274, options [nop,nop,TS val 1709605 ecr 1462956681,nop,nop,sack 1 {0:1448}], length 0
11:27:09.874805 IP 172.28.240.3.54389 > web-server.e-nk.ru.domain: 52847+ PTR? 196.154.162.69.in-addr.arpa. (45)
11:27:09.874940 IP web-server.e-nk.ru.domain > 172.28.240.3.59345: 64785 NXDomain* 0/1/0 (80)
11:27:09.874981 IP 172.28.240.3.58485 > web-server.e-nk.ru.domain: 19452+ A? aggas.eu. (26)
11:27:09.876231 IP 185.253.215.18.http > 172.28.240.3.50579: Flags [.], seq 3049396264:3049397724, ack 1683550621, win 237, length 1460: HTTP
11:27:09.876239 IP 172.28.240.3.50579 > 185.253.215.18.http: Flags [.], ack 4294962916, win 1026, length 0
11:27:10.330792 IP alfa3051.alfahosting-server.de.http > 172.28.240.3.33927: Flags [.], seq 1305725156:1305726604, ack 2578501291, win 22, options [nop,nop,TS val 3450617016 ecr 1709667], length 1448: HTTP
11:27:10.330802 IP 172.28.240.3.33927 > alfa3051.alfahosting-server.de.http: Flags [.], ack 1448, win 1097, options [nop,nop,TS val 1709719 ecr 3450617016], length 0
11:27:10.330879 IP 172.28.240.3.34271 > web-server.e-nk.ru.domain: 48422+ PTR? 18.140.237.109.in-addr.arpa. (45)
11:27:10.331867 IP cluster015.ovh.net.http > 172.28.240.3.45551: Flags [.], seq 297707508:297707572, ack 836786888, win 17, options [nop,nop,TS val 2426549311 ecr 1709689], length 64: HTTP
11:27:10.331871 IP cluster015.ovh.net.http > 172.28.240.3.45551: Flags [.], seq 64:128, ack 1, win 17, options [nop,nop,TS val 2426549311 ecr 1709689], length 64: HTTP
11:27:10.332051 IP cluster015.ovh.net.http > 172.28.240.3.45551: Flags [.], seq 128:192, ack 1, win 17, options [nop,nop,TS val 2426549311 ecr 1709689], length 64: HTTP
11:27:10.332054 IP 172.28.240.3.45551 > cluster015.ovh.net.http: Flags [.], ack 192, win 660, options [nop,nop,TS val 1709720 ecr 2426549311], length 0
11:27:10.484644 IP 172.28.240.3.56348 > web-server.e-nk.ru.domain: 5347+ PTR? 3.33.186.213.in-addr.arpa. (43)
11:27:10.484668 IP oasis.yourhost.space.http > 172.28.240.3.37752: Flags [.], seq 70952:72400, ack 1, win 235, options [nop,nop,TS val 1708921850 ecr 1709713], length 1448: HTTP
11:27:10.484674 IP 172.28.240.3.37752 > oasis.yourhost.space.http: Flags [.], ack 63712, win 89, options [nop,nop,TS val 1709758 ecr 1708921409,nop,nop,sack 1 {65160:72400}], length 0
11:27:10.620641 IP 217.21.91.118.https > 172.28.240.3.47021: Flags [.], seq 3131217746:3131219194, ack 3430446705, win 243, options [nop,nop,TS val 4273084327 ecr 1709571], length 1448
11:27:10.620648 IP 172.28.240.3.47021 > 217.21.91.118.https: Flags [.], ack 1448, win 387, options [nop,nop,TS val 1709792 ecr 4273084327], length 0
11:27:10.620734 IP 172.28.240.3.48692 > web-server.e-nk.ru.domain: 50155+ PTR? 118.91.21.217.in-addr.arpa. (44)
11:27:10.621685 IP cluster010.hosting.ovh.net.https > 172.28.240.3.59346: Flags [S.], seq 1752310951, ack 3443233639, win 65535, options [mss 1460,sackOK,TS val 1008260974 ecr 1709760,nop,wscale 12], length 0
11:27:10.621693 IP 172.28.240.3.59346 > cluster010.hosting.ovh.net.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 1709792 ecr 1008260974], length 0
11:27:10.622143 IP web-server.e-nk.ru.domain > 172.28.240.3.36221: 10919 0/1/0 (107)
11:27:10.622176 IP 172.28.240.3.39487 > web-server.e-nk.ru.domain: 4233+ AAAA? shrisainathmandir.com.e-nk.ru. (47)
11:27:11.273738 IP 172.28.240.3.49995 > web-server.e-nk.ru.domain: 52348+ PTR? 19.33.186.213.in-addr.arpa. (44)
11:27:11.274231 IP ns30025.cloud-premium.com.https > 172.28.240.3.57924: Flags [.], seq 668621072:668622520, ack 2420357882, win 252, options [nop,nop,TS val 4182453447 ecr 1709905], length 1448
11:27:11.274238 IP 172.28.240.3.57924 > ns30025.cloud-premium.com.https: Flags [.], ack 1448, win 945, options [nop,nop,TS val 1709955 ecr 4182453447], length 0
11:27:11.399672 IP ns30025.cloud-premium.com.https > 172.28.240.3.57924: Flags [.], seq 2896:4344, ack 1, win 252, options [nop,nop,TS val 4182453580 ecr 1709938], length 1448
11:27:11.399682 IP 172.28.240.3.57924 > ns30025.cloud-premium.com.https: Flags [.], ack 4344, win 930, options [nop,nop,TS val 1709987 ecr 4182453580], length 0
11:27:11.401187 IP 217.21.91.118.https > 172.28.240.3.46883: Flags [.], seq 3795467437:3795468885, ack 3671963827, win 243, options [nop,nop,TS val 4273085158 ecr 1709905], length 1448
11:27:11.401197 IP 172.28.240.3.46883 > 217.21.91.118.https: Flags [.], ack 4294960056, win 636, options [nop,nop,TS val 1709987 ecr 4273084785,nop,nop,sack 1 {4294962952:1448}], length 0
11:27:11.402167 IP static.117.99.181.135.clients.your-server.de.https > 172.28.240.3.60695: Flags [R], seq 209688176, win 0, length 0
11:27:11.402229 IP static.117.99.181.135.clients.your-server.de.https > 172.28.240.3.60694: Flags [R], seq 1497089071, win 0, length 0
11:27:11.402311 IP sv14717.xserver.jp.http > 172.28.240.3.42906: Flags [F.], seq 3186895945, ack 2699077825, win 508, options [nop,nop,TS val 883397535 ecr 1707493], length 0
11:27:11.402344 IP 172.28.240.3.52510 > web-server.e-nk.ru.domain: 40617+ PTR? 117.99.181.135.in-addr.arpa. (45)
11:27:11.402846 IP oasis.yourhost.space.http > 172.28.240.3.37755: Flags [.], seq 4191027317:4191028765, ack 2134525517, win 235, options [nop,nop,TS val 1708922756 ecr 1709939], length 1448: HTTP
11:27:11.402852 IP 172.28.240.3.37755 > oasis.yourhost.space.http: Flags [.], ack 4294954264, win 136, options [nop,nop,TS val 1709987 ecr 1708922066,nop,nop,sack 1 {4294955712:1448}], length 0
11:27:11.404379 IP server14.prohoster.gr.http > 172.28.240.3.55995: Flags [.], seq 2255015544:2255016992, ack 2046912903, win 235, options [nop,nop,TS val 4142074431 ecr 1709924], length 1448: HTTP
11:27:11.632450 IP cluster015.ovh.net.http > 172.28.240.3.45551: Flags [.], seq 4288:4352, ack 1, win 17, options [nop,nop,TS val 2426550597 ecr 1710010], length 64: HTTP
11:27:11.632473 IP cluster015.ovh.net.http > 172.28.240.3.45551: Flags [.], seq 4352:4416, ack 1, win 17, options [nop,nop,TS val 2426550597 ecr 1710010], length 64: HTTP
11:27:12.135544 IP 172.28.240.3.38372 > web-server.e-nk.ru.domain: 49244+ PTR? 145.42.138.185.in-addr.arpa. (45)
11:27:12.136921 IP web-server.e-nk.ru.domain > 172.28.240.3.42041: 62371 1/13/11 A 160.153.129.22 (504)
11:27:12.136977 IP 172.28.240.3.58460 > 22.129.153.160.host.secureserver.net.http: Flags [S], seq 518178081, win 29200, options [mss 1460,sackOK,TS val 1710171 ecr 0,nop,wscale 7], length 0
11:27:12.137014 IP lx8.hoststar.hosting.https > 172.28.240.3.58831: Flags [.], seq 1128822514:1128823974, ack 4293210662, win 133, length 1460
11:27:12.372138 IP 172.28.240.3.44358 > web-server.e-nk.ru.domain: 24704+ PTR? 22.129.153.160.in-addr.arpa. (45)
11:27:12.372177 IP 185.253.215.18.http > 172.28.240.3.50579: Flags [.], seq 46720:48180, ack 1, win 237, length 1460: HTTP
11:27:12.372184 IP 172.28.240.3.50579 > 185.253.215.18.http: Flags [.], ack 48180, win 753, length 0
11:27:12.373702 IP mail.syndifab.fr.http > 172.28.240.3.55104: Flags [.], seq 136593839:136595287, ack 1234850679, win 507, options [nop,nop,TS val 4100681768 ecr 1709997], length 1448: HTTP
11:27:12.373706 IP 172.28.240.3.55104 > mail.syndifab.fr.http: Flags [.], ack 1448, win 319, options [nop,nop,TS val 1710230 ecr 4100681768], length 0
11:27:12.474532 IP 172.28.240.3.40097 > web-server.e-nk.ru.domain: 40652+ PTR? 224.32.34.185.in-addr.arpa. (44)
11:27:12.474879 IP 172.28.240.3.53915 > apache2-fritz.hancock.dreamhost.com.http: Flags [S], seq 769568531, win 29200, options [mss 1460,sackOK,TS val 1710256 ecr 0,nop,wscale 7], length 0
11:27:12.474898 IP 172.28.240.3.36677 > 192.0.78.233.https: Flags [.], ack 194180, win 200, length 0
11:27:12.474915 IP 172.28.240.3.53916 > apache2-fritz.hancock.dreamhost.com.http: Flags [S], seq 1783089573, win 29200, options [mss 1460,sackOK,TS val 1710256 ecr 0,nop,wscale 7], length 0
11:27:12.474927 IP 172.28.240.3.57294 > 66-165-230-234.static.hvvc.us.http: Flags [F.], seq 2982679489, ack 3497023752, win 229, options [nop,nop,TS val 1710256 ecr 793313901], length 0
11:27:12.708075 IP 172.28.240.3.43190 > web-server.e-nk.ru.domain: 25060+ PTR? 12.172.113.208.in-addr.arpa. (45)
11:27:12.708225 IP bomj.xyz.http > 172.28.240.3.55693: Flags [.], seq 1902758956:1902760404, ack 963175868, win 235, options [nop,nop,TS val 278287594 ecr 1710248], length 1448: HTTP
11:27:12.708229 IP 172.28.240.3.55693 > bomj.xyz.http: Flags [.], ack 1448, win 689, options [nop,nop,TS val 1710314 ecr 278287594], length 0
11:27:13.204576 IP 172.28.240.3.34014 > web-server.e-nk.ru.domain: 47967+ PTR? 234.230.165.66.in-addr.arpa. (45)
11:27:13.204610 IP sn-69-12.tll07.zoneas.eu.https > 172.28.240.3.33897: Flags [.], seq 3929765838:3929767286, ack 1664528761, win 261, options [nop,nop,TS val 530225180 ecr 1710382], length 1448
11:27:13.206212 IP 192-185-97-34.unifiedlayer.com.http > 172.28.240.3.55595: Flags [.], seq 3368889837:3368891185, ack 2000789369, win 504, options [nop,nop,TS val 1839013811 ecr 1710374], length 1348: HTTP
11:27:13.441522 IP 172.28.240.3.60785 > web-server.e-nk.ru.domain: 10530+ PTR? 34.102.196.185.in-addr.arpa. (45)
11:27:13.441555 IP 91.223.204.92.host.secureserver.net.https > 172.28.240.3.48309: Flags [.], seq 1670282469:1670283929, ack 2802794570, win 35, length 1460
11:27:13.750045 IP 172.28.240.3.37118 > web-server.e-nk.ru.domain: 45981+ PTR? 34.97.185.192.in-addr.arpa. (44)
11:27:13.750125 IP w04.rzone.de.http > 172.28.240.3.45226: Flags [.], seq 2700752692:2700754140, ack 3636070552, win 14809, options [nop,nop,TS val 835051317 ecr 1710492], length 1448: HTTP
11:27:13.750129 IP 172.28.240.3.45226 > w04.rzone.de.http: Flags [.], ack 1448, win 477, options [nop,nop,TS val 1710574 ecr 835051317], length 0
11:27:13.751648 IP 91.223.204.92.host.secureserver.net.https > 172.28.240.3.48309: Flags [.], seq 4380:5840, ack 1, win 35, length 1460
11:27:14.173300 IP 172.28.240.3.49030 > web-server.e-nk.ru.domain: 41422+ PTR? 91.223.204.92.in-addr.arpa. (44)
11:27:14.174221 IP vh244.timeweb.ru.http > 172.28.240.3.43989: Flags [.], ack 2256990244, win 254, options [nop,nop,TS val 3026125366 ecr 1710668], length 0
11:27:14.279666 IP 172.28.240.3.43549 > web-server.e-nk.ru.domain: 36682+ PTR? 68.145.169.81.in-addr.arpa. (44)
11:27:14.279754 IP 172.28.240.3.47197 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [S], seq 3358290646, win 29200, options [mss 1460,sackOK,TS val 1710707 ecr 0,nop,wscale 7], length 0
11:27:15.602773 IP 172.28.240.3.47099 > web-server.e-nk.ru.domain: 6519+ PTR? 189.96.53.92.in-addr.arpa. (43)
11:27:15.602889 IP cw212-adf-hd18.romania-webhosting.com.http > 172.28.240.3.41792: Flags [.], seq 1158731018:1158732466, ack 1929998141, win 235, options [nop,nop,TS val 2229148653 ecr 1711005], length 1448: HTTP
11:27:15.602897 IP 172.28.240.3.41792 > cw212-adf-hd18.romania-webhosting.com.http: Flags [.], ack 10834, win 568, options [nop,nop,TS val 1711038 ecr 2229148653], length 0
11:27:15.603670 IP li1900-94.members.linode.com.https > 172.28.240.3.37340: Flags [.], seq 2006039532:2006040980, ack 1482333314, win 506, options [nop,nop,TS val 2674233099 ecr 1711025], length 1448
11:27:15.659925 IP 172.28.240.3.https > 172.28.240.254.48139: Flags [.], seq 4019348001:4019349449, ack 2613530170, win 269, options [nop,nop,TS val 1711052 ecr 53402418], length 1448
11:27:15.659986 IP 172.28.240.3.39216 > web-server.e-nk.ru.domain: 31224+ PTR? 173.142.197.15.in-addr.arpa. (45)
11:27:15.794938 IP 172.28.240.3.60359 > web-server.e-nk.ru.domain: 27423+ PTR? 18.84.146.212.in-addr.arpa. (44)
11:27:15.794973 IP 172.28.240.3.41793 > cw212-adf-hd18.romania-webhosting.com.http: Flags [F.], seq 178871983, ack 3953379089, win 568, options [nop,nop,TS val 1711086 ecr 2229148743], length 0
11:27:16.025986 IP 172.28.240.3.37348 > web-server.e-nk.ru.domain: 59639+ PTR? 94.246.105.172.in-addr.arpa. (45)
11:27:16.026032 IP gardenplant.ro.http > 172.28.240.3.46796: Flags [.], seq 3847348385:3847349833, ack 2898487187, win 235, options [nop,nop,TS val 4239436968 ecr 1711121], length 1448: HTTP
11:27:16.360493 IP 172.28.240.3.47844 > web-server.e-nk.ru.domain: 30348+ PTR? 254.240.28.172.in-addr.arpa. (45)
11:27:16.360928 IP 172.28.240.3.34219 > web-server.e-nk.ru.domain: 58012+ PTR? 28.153.119.93.in-addr.arpa. (44)
11:27:16.362287 IP 185.32.58.139.https > 172.28.240.3.51861: Flags [.], seq 2459778569:2459780017, ack 2423361121, win 85, options [nop,nop,TS val 2650908673 ecr 1711166], length 1448
11:27:16.362294 IP 172.28.240.3.51861 > 185.32.58.139.https: Flags [.], ack 1448, win 523, options [nop,nop,TS val 1711227 ecr 2650908673], length 0
11:27:16.362858 IP 172.28.240.3.36676 > 192.0.78.233.https: Flags [.], ack 2251139844, win 254, length 0
11:27:16.364594 IP 28.61.205.92.host.secureserver.net.http > 172.28.240.3.47041: Flags [.], seq 677289917:677291365, ack 2242374974, win 235, options [nop,nop,TS val 1865077393 ecr 1711199], length 1448: HTTP
11:27:16.674066 IP 172.28.240.3.33027 > web-server.e-nk.ru.domain: 21023+ PTR? 139.58.32.185.in-addr.arpa. (44)
11:27:16.674093 IP 172.28.240.3.36613 > web-server.e-nk.ru.domain: 27431+ A? elling-evpatoriya.com.e-nk.ru. (47)
11:27:16.674238 IP lx8.hoststar.hosting.https > 172.28.240.3.59049: Flags [P.], seq 44513028:44514488, ack 1467634615, win 133, length 1460
11:27:16.730519 IP 172.28.240.3.37084 > web-server.e-nk.ru.domain: 22829+ PTR? 28.61.205.92.in-addr.arpa. (43)
11:27:16.731671 IP lx8.hoststar.hosting.https > 172.28.240.3.59049: Flags [.], seq 27740:29200, ack 1, win 133, length 1460
11:27:16.731678 IP 172.28.240.3.59049 > lx8.hoststar.hosting.https: Flags [.], ack 29200, win 818, length 0
11:27:17.011623 IP cmempresasperu.com.https > 172.28.240.3.51589: Flags [.], seq 138400253:138401601, ack 4091701901, win 502, options [nop,nop,TS val 2821351854 ecr 1711348], length 1348
11:27:17.011634 IP 172.28.240.3.51589 > cmempresasperu.com.https: Flags [.], ack 1348, win 408, options [nop,nop,TS val 1711390 ecr 2821351854], length 0
11:27:17.011738 IP 172.28.240.3.35904 > web-server.e-nk.ru.domain: 47070+ PTR? 32.118.185.192.in-addr.arpa. (45)
11:27:17.013037 IP cmempresasperu.com.https > 172.28.240.3.51589: Flags [.], seq 1348:2696, ack 1, win 502, options [nop,nop,TS val 2821351854 ecr 1711348], length 1348
11:27:17.013043 IP 172.28.240.3.51589 > cmempresasperu.com.https: Flags [.], ack 2696, win 431, options [nop,nop,TS val 1711390 ecr 2821351854], length 0
11:27:17.014486 IP host-164-138-218-177.superhosting.bg.http > 172.28.240.3.48724: Flags [.], seq 303541302:303542750, ack 1877328351, win 235, options [nop,nop,TS val 2384716392 ecr 1711356], length 1448: HTTP
11:27:17.014493 IP 172.28.240.3.48724 > host-164-138-218-177.superhosting.bg.http: Flags [.], ack 1448, win 432, options [nop,nop,TS val 1711390 ecr 2384716392], length 0
11:27:17.459946 IP 172.28.240.3.57577 > web-server.e-nk.ru.domain: 49552+ PTR? 177.218.138.164.in-addr.arpa. (46)
11:27:17.467142 IP sv14717.xserver.jp.https > 172.28.240.3.46363: Flags [.], seq 4254680517:4254681965, ack 3359966085, win 503, options [nop,nop,TS val 883403653 ecr 1711450], length 1448
11:27:17.467148 IP 172.28.240.3.46363 > sv14717.xserver.jp.https: Flags [.], ack 1448, win 749, options [nop,nop,TS val 1711504 ecr 883403653], length 0
11:27:17.471778 IP sv14717.xserver.jp.https > 172.28.240.3.46363: Flags [.], seq 1448:2896, ack 1, win 503, options [nop,nop,TS val 883403657 ecr 1711451], length 1448
11:27:17.471782 IP 172.28.240.3.46363 > sv14717.xserver.jp.https: Flags [.], ack 2896, win 772, options [nop,nop,TS val 1711505 ecr 883403657], length 0
11:27:17.622897 IP 172.28.240.3.41426 > 104.21.17.70.http: Flags [.], ack 1509276652, win 1281, options [nop,nop,TS val 1711543 ecr 2132834631], length 0
11:27:17.622972 IP 172.28.240.3.60915 > web-server.e-nk.ru.domain: 15262+ PTR? 70.17.21.104.in-addr.arpa. (43)
11:27:17.630033 IP 104.21.17.70.http > 172.28.240.3.41426: Flags [.], seq 1:1449, ack 0, win 8, options [nop,nop,TS val 2132834774 ecr 1711455], length 1448: HTTP
11:27:17.630894 IP 172.28.240.3.34168 > 172.67.161.205.https: Flags [.], ack 3048412457, win 319, options [nop,nop,TS val 1711545 ecr 3655794747], length 0
11:27:17.630901 IP 172.28.240.3.34167 > 172.67.161.205.https: Flags [.], ack 783364413, win 319, options [nop,nop,TS val 1711545 ecr 1127107977], length 0
11:27:17.634859 IP 172.28.240.3.55791 > host181-128-14-31.serverdedicati.aruba.it.http: Flags [S], seq 89477028, win 29200, options [mss 1460,sackOK,TS val 1711546 ecr 0,nop,wscale 7], length 0
11:27:17.634866 IP 172.28.240.3.55792 > host181-128-14-31.serverdedicati.aruba.it.http: Flags [S], seq 1488120657, win 29200, options [mss 1460,sackOK,TS val 1711546 ecr 0,nop,wscale 7], length 0
11:27:17.739430 IP 172.28.240.3.41496 > web-server.e-nk.ru.domain: 51885+ PTR? 205.161.67.172.in-addr.arpa. (45)
11:27:17.739568 IP j186366.servers.jiffybox.net.https > 172.28.240.3.58795: Flags [P.], seq 756906571:756908019, ack 1616134798, win 507, options [nop,nop,TS val 3037785104 ecr 1711552], length 1448
11:27:17.739572 IP 172.28.240.3.58795 > j186366.servers.jiffybox.net.https: Flags [.], ack 1448, win 274, options [nop,nop,TS val 1711572 ecr 3037785104], length 0
11:27:17.849379 IP 172.28.240.3.51450 > web-server.e-nk.ru.domain: 7916+ PTR? 181.128.14.31.in-addr.arpa. (44)
11:27:17.850147 IP hasomed1.timmeserver.de.https > 172.28.240.3.54207: Flags [.], seq 227008770:227010218, ack 3106571611, win 130, options [nop,nop,TS val 1168838569 ecr 1711584], length 1448
11:27:18.038471 IP 172.28.240.3.52090 > web-server.e-nk.ru.domain: 36091+ PTR? 22.32.119.134.in-addr.arpa. (44)
11:27:18.039765 IP 213.32.5.6.http > 172.28.240.3.54467: Flags [.], ack 557783853, win 17, options [nop,nop,TS val 2348743432 ecr 1704072], length 0
11:27:18.039771 IP 172.28.240.3.54467 > 213.32.5.6.http: Flags [.], ack 1, win 237, options [nop,nop,TS val 1711647 ecr 2348682884], length 0
11:27:19.193505 IP 172.28.240.3.42857 > web-server.e-nk.ru.domain: 2019+ PTR? 76.177.243.136.in-addr.arpa. (45)
11:27:19.193744 IP hasomed1.timmeserver.de.https > 172.28.240.3.54208: Flags [.], seq 203266055:203267503, ack 2895499874, win 130, options [nop,nop,TS val 1168839761 ecr 1711882], length 1448
11:27:19.193750 IP 172.28.240.3.54208 > hasomed1.timmeserver.de.https: Flags [.], ack 1448, win 1009, options [nop,nop,TS val 1711935 ecr 1168839761], length 0
11:27:19.493116 IP 172.28.240.3.40357 > web-server.e-nk.ru.domain: 34952+ PTR? 6.5.32.213.in-addr.arpa. (41)
11:27:19.493155 IP 172.28.240.3.37913 > web-server.e-nk.ru.domain: 35084+ A? scholarlydigitallibrary.com. (45)
11:27:19.708987 IP web-server.e-nk.ru.domain > 172.28.240.3.51029: 11844 NXDomain 0/1/0 (110)
11:27:19.709050 IP 172.28.240.3.44752 > web-server.e-nk.ru.domain: 17247+ AAAA? vtacledlighting.com.e-nk.ru. (45)
11:27:19.709235 IP server153.hosting.reg.ru.http > 172.28.240.3.47613: Flags [R], seq 2400379617, win 0, length 0
11:27:19.709288 IP ssl.flareon.beget.com.https > 172.28.240.3.53028: Flags [R], seq 2704136174, win 0, length 0
11:27:19.709344 IP h12.netangels.ru.http > 172.28.240.3.54265: Flags [.], ack 1095404099, win 235, options [nop,nop,TS val 2109772063 ecr 1712051], length 0
11:27:19.709368 IP 172.28.240.3.36632 > web-server.e-nk.ru.domain: 26405+ PTR? 110.41.130.45.in-addr.arpa. (44)
11:27:19.709374 IP web-server.e-nk.ru.domain > 172.28.240.3.44752: 17247 NXDomain* 0/1/0 (91)
11:27:19.709405 IP 172.28.240.3.52820 > web-server.e-nk.ru.domain: 43679+ A? vtacledlighting.com. (37)
11:27:19.709799 IP web-server.e-nk.ru.domain > 172.28.240.3.52820: 43679 NXDomain 0/1/0 (110)
11:27:19.709824 IP 172.28.240.3.46759 > web-server.e-nk.ru.domain: 19755+ A? vtacledlighting.com.e-nk.ru. (45)
11:27:19.803601 IP 172.28.240.3.51160 > web-server.e-nk.ru.domain: 9682+ PTR? 137.52.201.91.in-addr.arpa. (44)
11:27:19.874242 IP web-server.e-nk.ru.domain > 172.28.240.3.44767: 3675 1/8/14 A 92.204.239.164 (506)
11:27:19.874347 IP 172.28.240.3.55962 > sh11474.ispgateway.de.http: Flags [S], seq 3681288777, win 29200, options [mss 1460,sackOK,TS val 1712105 ecr 0,nop,wscale 7], length 0
11:27:19.874414 IP 172.28.240.3.35573 > web-server.e-nk.ru.domain: 37819+ PTR? 164.239.204.92.in-addr.arpa. (45)
11:27:19.874508 IP 172.28.240.3.55963 > sh11474.ispgateway.de.http: Flags [S], seq 1248980575, win 29200, options [mss 1460,sackOK,TS val 1712105 ecr 0,nop,wscale 7], length 0
11:27:19.874560 IP 172.28.240.3.55964 > sh11474.ispgateway.de.http: Flags [S], seq 2343074117, win 29200, options [mss 1460,sackOK,TS val 1712105 ecr 0,nop,wscale 7], length 0
11:27:19.874610 IP 172.28.240.3.55965 > sh11474.ispgateway.de.http: Flags [S], seq 249723319, win 29200, options [mss 1460,sackOK,TS val 1712105 ecr 0,nop,wscale 7], length 0
11:27:19.874634 IP 172.28.240.3.46368 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [P.], seq 2668858281:2668858555, ack 2640788751, win 229, options [nop,nop,TS val 1712105 ecr 1085776601], length 274: HTTP: GET /components/com_jce/editor/tiny_mce/plugins/upload/editor_plugin.js HTTP/1.1
11:27:19.874652 IP 172.28.240.3.46369 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [P.], seq 131229373:131229552, ack 196470683, win 229, options [nop,nop,TS val 1712105 ecr 1091096651], length 179: HTTP: GET /language/en-GB/en-GB.com_jce.ini HTTP/1.1
11:27:19.966231 IP mc21460.ispgateway.de.https > 172.28.240.3.38507: Flags [.], seq 3829470052:3829471500, ack 3870378917, win 260, options [nop,nop,TS val 1524806038 ecr 1712108], length 1448
11:27:19.966240 IP 172.28.240.3.38507 > mc21460.ispgateway.de.https: Flags [.], ack 1448, win 1120, options [nop,nop,TS val 1712128 ecr 1524806038], length 0
11:27:19.966878 IP 172.28.240.3.40460 > mail.icetechost.ro.http: Flags [.], ack 845671404, win 237, options [nop,nop,TS val 1712129 ecr 2736308598], length 0
11:27:19.966881 IP 172.28.240.3.40459 > mail.icetechost.ro.http: Flags [.], ack 3511584124, win 237, options [nop,nop,TS val 1712129 ecr 2736308594], length 0
11:27:19.966898 IP 172.28.240.3.40462 > mail.icetechost.ro.http: Flags [.], ack 3926350121, win 237, options [nop,nop,TS val 1712129 ecr 2736308598], length 0
11:27:19.966985 IP 172.28.240.3.41029 > web-server.e-nk.ru.domain: 49830+ PTR? 232.232.55.162.in-addr.arpa. (45)
11:27:19.967303 IP 28.61.205.92.host.secureserver.net.http > 172.28.240.3.47042: Flags [.], seq 1661997996:1661999444, ack 2898194230, win 227, options [nop,nop,TS val 1865080881 ecr 1712070], length 1448: HTTP
11:27:19.968332 IP static.37.136.99.88.clients.your-server.de.https > 172.28.240.3.55721: Flags [.], ack 32, win 502, options [nop,nop,TS val 3171226022 ecr 1712106], length 0
11:27:19.968339 IP 172.28.240.3.55721 > static.37.136.99.88.clients.your-server.de.https: Flags [R], seq 2230524797, win 0, length 0
11:27:20.004937 IP 28.61.205.92.host.secureserver.net.http > 172.28.240.3.47042: Flags [.], seq 4344:5792, ack 1, win 227, options [nop,nop,TS val 1865081063 ecr 1712116], length 1448: HTTP
11:27:20.004943 IP 172.28.240.3.47042 > 28.61.205.92.host.secureserver.net.http: Flags [.], ack 1448, win 741, options [nop,nop,TS val 1712138 ecr 1865080881,nop,nop,sack 1 {4344:5792}], length 0
11:27:20.006145 IP a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http > 172.28.240.3.46783: Flags [S.], seq 481736620, ack 2150533703, win 65535, options [mss 1460,sackOK,TS val 1085778517 ecr 1712120,nop,wscale 8], length 0
11:27:20.006169 IP 172.28.240.3.46783 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1712138 ecr 1085778517], length 0
11:27:20.006652 IP sh11814.ispgateway.de.https > 172.28.240.3.41135: Flags [.], seq 31908:33356, ack 553, win 252, options [nop,nop,TS val 3644620959 ecr 1712110], length 1448
11:27:20.006662 IP 172.28.240.3.41135 > sh11814.ispgateway.de.https: Flags [.], ack 29012, win 916, options [nop,nop,TS val 1712138 ecr 3644620590,nop,nop,sack 2 {30460:33356}{34804:42044}], length 0
11:27:20.008193 IP 65-254-248-182.yourhostingaccount.com.https > 172.28.240.3.48877: Flags [P.], seq 415257105:415258565, ack 842846067, win 135, length 1460
11:27:20.008203 IP 172.28.240.3.48877 > 65-254-248-182.yourhostingaccount.com.https: Flags [.], ack 4294965836, win 388, options [nop,nop,sack 1 {0:1460}], length 0
11:27:20.008308 IP 172.28.240.3.46212 > web-server.e-nk.ru.domain: 53365+ PTR? 182.248.254.65.in-addr.arpa. (45)
11:27:20.009202 IP a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http > 172.28.240.3.47614: Flags [.], ack 3361362857, win 110, options [nop,nop,TS val 2493519478 ecr 1712112], length 0
11:27:20.009388 IP a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http > 172.28.240.3.47614: Flags [P.], seq 0:376, ack 1, win 110, options [nop,nop,TS val 2493519481 ecr 1712112], length 376: HTTP: HTTP/1.1 404 Not Found
11:27:20.009392 IP 172.28.240.3.47614 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [.], ack 376, win 237, options [nop,nop,TS val 1712139 ecr 2493519481], length 0
11:27:20.009711 IP w86.rzone.de.http > 172.28.240.3.52114: Flags [.], ack 3149456916, win 14885, options [nop,nop,TS val 835056684 ecr 1712117], length 0
11:27:20.330136 IP web-server.e-nk.ru.domain > 172.28.240.3.50361: 32353 NXDomain* 0/1/0 (89)
11:27:20.330165 IP 172.28.240.3.53594 > web-server.e-nk.ru.domain: 32469+ PTR? 86.145.169.81.in-addr.arpa. (44)
11:27:20.330249 IP 172.28.240.3.57560 > web-server.e-nk.ru.domain: 41206+ AAAA? odnowa-wschowa.pl. (35)
11:27:20.330592 IP j186366.servers.jiffybox.net.https > 172.28.240.3.58794: Flags [.], seq 1983847876:1983849324, ack 4109379314, win 505, options [nop,nop,TS val 3037787525 ecr 1712158], length 1448
11:27:20.330596 IP 172.28.240.3.58794 > j186366.servers.jiffybox.net.https: Flags [.], ack 4294960056, win 907, options [nop,nop,TS val 1712219 ecr 3037787500,nop,nop,sack 2 {4294961504:1448}{2896:11584}], length 0
11:27:20.330860 IP 172.28.240.3.51934 > w0e.rzone.de.http: Flags [P.], seq 3058415281:3058415525, ack 2712708348, win 241, options [nop,nop,TS val 1712220 ecr 835055925], length 244: HTTP: GET /administrator/language/en-GB/en-GB.com_jce.ini HTTP/1.1
11:27:20.331014 IP 172.28.240.3.46233 > web-server.e-nk.ru.domain: 21582+ PTR? 78.145.169.81.in-addr.arpa. (44)
11:27:20.331097 IP web-server.e-nk.ru.domain > 172.28.240.3.41694: 44434 1/8/13 A 81.16.38.46 (489)
11:27:20.331153 IP 172.28.240.3.56923 > webcluster.easyserver.at.http: Flags [S], seq 3632596596, win 29200, options [mss 1460,sackOK,TS val 1712220 ecr 0,nop,wscale 7], length 0
11:27:20.331332 IP 172.28.240.3.56924 > webcluster.easyserver.at.http: Flags [S], seq 3510153307, win 29200, options [mss 1460,sackOK,TS val 1712220 ecr 0,nop,wscale 7], length 0
11:27:20.331439 IP 172.28.240.3.56925 > webcluster.easyserver.at.http: Flags [S], seq 1917361520, win 29200, options [mss 1460,sackOK,TS val 1712220 ecr 0,nop,wscale 7], length 0
11:27:20.331546 IP 172.28.240.3.56926 > webcluster.easyserver.at.http: Flags [S], seq 2222462533, win 29200, options [mss 1460,sackOK,TS val 1712220 ecr 0,nop,wscale 7], length 0
11:27:20.402420 IP 172.28.240.3.60742 > web-server.e-nk.ru.domain: 2834+ PTR? 46.38.16.81.in-addr.arpa. (42)
11:27:20.402730 IP a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http > 172.28.240.3.47672: Flags [.], ack 2710310359, win 110, options [nop,nop,TS val 2168790386 ecr 1712204,nop,nop,sack 1 {4294967058:1}], length 0
11:27:20.402908 IP ovh02.advbe.com.https > 172.28.240.3.53122: Flags [F.], seq 2619215431, ack 51111335, win 507, options [nop,nop,TS val 3076390340 ecr 1698381], length 0
11:27:20.888739 IP 199.16.173.140.https > 172.28.240.3.51963: Flags [P.], seq 3232647494:3232648892, ack 2559834444, win 83, length 1398
11:27:20.888746 IP 172.28.240.3.51963 > 199.16.173.140.https: Flags [.], ack 1398, win 343, length 0
11:27:20.888769 IP 172.28.240.3.41821 > web-server.e-nk.ru.domain: 40666+ PTR? 12.105.83.51.in-addr.arpa. (43)
11:27:20.888830 IP web-server.e-nk.ru.domain > 172.28.240.3.43789: 53048 NXDomain* 0/1/0 (87)
11:27:20.888944 IP 172.28.240.3.51343 > web-server.e-nk.ru.domain: 35466+ AAAA? hilltownlive.com. (34)
11:27:20.889269 IP 172.28.240.254.48075 > 172.28.240.3.https: Flags [.], ack 3556715283, win 2406, options [nop,nop,TS val 53404738 ecr 1712358], length 0
11:27:21.060668 IP 172.28.240.3.36180 > web-server.e-nk.ru.domain: 63300+ PTR? 140.173.16.199.in-addr.arpa. (45)
11:27:21.462667 IP 154.41.248.54.https > 172.28.240.3.45473: Flags [S.], seq 1764307267, ack 4250939860, win 65160, options [mss 1460,sackOK,TS val 1883638146 ecr 1712477,nop,wscale 7], length 0
11:27:21.462675 IP 172.28.240.3.45473 > 154.41.248.54.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 1712502 ecr 1883638146], length 0
11:27:21.462779 IP 172.28.240.3.42961 > web-server.e-nk.ru.domain: 11609+ PTR? 54.248.41.154.in-addr.arpa. (44)
11:27:21.462858 IP 172.28.240.3.40228 > mxd1.aruba.it.http: Flags [S], seq 2195928175, win 29200, options [mss 1460,sackOK,TS val 1712503 ecr 0,nop,wscale 7], length 0
11:27:21.462865 IP 172.28.240.3.40229 > mxd1.aruba.it.http: Flags [S], seq 2838274496, win 29200, options [mss 1460,sackOK,TS val 1712503 ecr 0,nop,wscale 7], length 0
11:27:21.462868 IP 172.28.240.3.40230 > mxd1.aruba.it.http: Flags [S], seq 1467456292, win 29200, options [mss 1460,sackOK,TS val 1712503 ecr 0,nop,wscale 7], length 0
11:27:21.462871 IP 172.28.240.3.40231 > mxd1.aruba.it.http: Flags [S], seq 322041026, win 29200, options [mss 1460,sackOK,TS val 1712503 ecr 0,nop,wscale 7], length 0
11:27:21.678367 IP j186366.servers.jiffybox.net.https > 172.28.240.3.58793: Flags [.], seq 144923354:144924802, ack 429845895, win 505, options [nop,nop,TS val 3037788975 ecr 1712521], length 1448
11:27:21.678371 IP 172.28.240.3.58793 > j186366.servers.jiffybox.net.https: Flags [.], ack 1448, win 1163, options [nop,nop,TS val 1712556 ecr 3037788975], length 0
11:27:21.678431 IP 172.28.240.3.41692 > web-server.e-nk.ru.domain: 31507+ PTR? 160.128.149.62.in-addr.arpa. (45)
11:27:21.937114 IP 172.28.240.3.41360 > web-server.e-nk.ru.domain: 13008+ A? idftyracing.com. (33)
11:27:21.937982 IP 176.52.244.25.https > 172.28.240.3.57940: Flags [F.], seq 2716713335, ack 2146006116, win 507, options [nop,nop,TS val 965218647 ecr 1712590], length 0
11:27:21.937993 IP 172.28.240.3.57940 > 176.52.244.25.https: Flags [R], seq 2146006116, win 0, length 0
11:27:21.938479 IP web-server.e-nk.ru.domain > 172.28.240.3.34134: 54576 1/6/12 A 217.160.0.62 (434)
11:27:21.938606 IP 172.28.240.3.43674 > 217-160-0-62.elastic-ssl.ui-r.com.http: Flags [S], seq 1813022973, win 29200, options [mss 1460,sackOK,TS val 1712621 ecr 0,nop,wscale 7], length 0
11:27:21.938652 IP eu30.1host.gr.http > 172.28.240.3.58074: Flags [.], seq 2769373273:2769374721, ack 760554126, win 235, options [nop,nop,TS val 2349506923 ecr 1712604], length 1448: HTTP
11:27:21.938657 IP 172.28.240.3.58074 > eu30.1host.gr.http: Flags [.], ack 4294964400, win 1034, options [nop,nop,TS val 1712621 ecr 2349506693,nop,nop,sack 1 {0:1448}], length 0
11:27:21.938673 IP 172.28.240.3.50246 > web-server.e-nk.ru.domain: 9679+ PTR? 62.0.160.217.in-addr.arpa. (43)
11:27:21.938729 IP 172.28.240.3.44221 > 45.67.69.51.1nic.de.http: Flags [F.], seq 100751428, ack 2481531959, win 237, options [nop,nop,TS val 1712621 ecr 1820974022], length 0
11:27:21.938747 IP 172.28.240.3.44222 > 45.67.69.51.1nic.de.http: Flags [F.], seq 3090955855, ack 2271836478, win 237, options [nop,nop,TS val 1712621 ecr 1820974022], length 0
11:27:21.938757 IP 172.28.240.3.44223 > 45.67.69.51.1nic.de.http: Flags [F.], seq 778938541, ack 1702828127, win 237, options [nop,nop,TS val 1712621 ecr 1820974022], length 0
11:27:22.155583 IP 172.28.240.3.51193 > web-server.e-nk.ru.domain: 49261+ PTR? 51.69.67.45.in-addr.arpa. (42)
11:27:22.155642 IP a4ab2eddd6dfad5cd.awsglobalaccelerator.com.https > 172.28.240.3.42286: Flags [P.], seq 1370921042:1370922490, ack 4088668544, win 269, options [nop,nop,TS val 1778556587 ecr 1712632], length 1448
11:27:22.155652 IP 172.28.240.3.42286 > a4ab2eddd6dfad5cd.awsglobalaccelerator.com.https: Flags [.], ack 1448, win 975, options [nop,nop,TS val 1712676 ecr 1778556587,nop,nop,sack 1 {15305:25441}], length 0
11:27:22.156682 IP b3t3us.myraidbox.de.http > 172.28.240.3.45228: Flags [.], ack 598663313, win 43, options [nop,nop,TS val 224218960 ecr 1712646], length 0
11:27:22.411887 IP 172.28.240.3.56109 > web-server.e-nk.ru.domain: 3480+ PTR? 229.149.248.13.in-addr.arpa. (45)
11:27:22.411978 IP sh11814.ispgateway.de.https > 172.28.240.3.41135: Flags [.], seq 95620:97068, ack 553, win 252, options [nop,nop,TS val 3644623306 ecr 1712696], length 1448
11:27:22.411985 IP 172.28.240.3.41135 > sh11814.ispgateway.de.https: Flags [.], ack 92724, win 962, options [nop,nop,TS val 1712740 ecr 3644623162,nop,nop,sack 1 {94172:97068}], length 0
11:27:22.413493 IP mc21460.ispgateway.de.https > 172.28.240.3.38508: Flags [.], seq 3339386127:3339387575, ack 1483702093, win 243, options [nop,nop,TS val 1524808431 ecr 1712706], length 1448
11:27:22.614649 IP 172.28.240.3.52246 > web-server.e-nk.ru.domain: 45576+ PTR? 16.205.34.188.in-addr.arpa. (44)
11:27:22.614802 IP mc21460.ispgateway.de.https > 172.28.240.3.38509: Flags [.], seq 38271:39719, ack 715, win 260, options [nop,nop,TS val 1524808626 ecr 1712755], length 1448
11:27:22.875824 IP 32.149.96.66.static.eigbox.net.http > 172.28.240.3.52015: Flags [P.], seq 1602622546:1602624006, ack 2730611384, win 131, length 1460: HTTP
11:27:22.875832 IP 172.28.240.3.52015 > 32.149.96.66.static.eigbox.net.http: Flags [.], ack 1460, win 274, length 0
11:27:22.875935 IP 172.28.240.3.53393 > web-server.e-nk.ru.domain: 30412+ PTR? 32.149.96.66.in-addr.arpa. (43)
11:27:22.876860 IP premium153-3.web-hosting.com.http > 172.28.240.3.56326: Flags [S.], seq 217988752, ack 212393788, win 14480, options [mss 1420,sackOK,TS val 3581351728 ecr 1712786,nop,wscale 9], length 0
11:27:22.876865 IP 172.28.240.3.56326 > premium153-3.web-hosting.com.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1712856 ecr 3581351728], length 0
11:27:22.876935 IP 217-160-0-20.elastic-ssl.ui-r.com.https > 172.28.240.3.47354: Flags [.], ack 793141916, win 17, options [nop,nop,TS val 2788468683 ecr 1712824], length 0
11:27:22.877007 IP erbserverneu.erbmedien.de.https > 172.28.240.3.56329: Flags [.], ack 2828159302, win 54, options [nop,nop,TS val 2255347038 ecr 1712824], length 0
11:27:23.202514 IP 198.49.23.145.https > 172.28.240.3.38138: Flags [.], seq 2303272293:2303273557, ack 2375799575, win 32140, options [nop,nop,TS val 120686560 ecr 1712900], length 1264
11:27:23.202520 IP 172.28.240.3.38138 > 198.49.23.145.https: Flags [.], ack 4294962240, win 1137, options [nop,nop,TS val 1712937 ecr 120686142], length 0
11:27:23.202566 IP 172.28.240.3.44568 > web-server.e-nk.ru.domain: 20113+ PTR? 181.235.0.162.in-addr.arpa. (44)
11:27:23.459126 IP 172.28.240.3.42349 > web-server.e-nk.ru.domain: 21515+ PTR? 20.0.160.217.in-addr.arpa. (43)
11:27:23.459156 IP mc21460.ispgateway.de.https > 172.28.240.3.38508: Flags [.], seq 10136:11584, ack 1, win 243, options [nop,nop,TS val 1524809507 ecr 1712975], length 1448
11:27:23.627782 IP 172.28.240.3.40998 > web-server.e-nk.ru.domain: 58282+ PTR? 45.238.198.91.in-addr.arpa. (44)
11:27:24.270773 IP 172.28.240.3.42187 > web-server.e-nk.ru.domain: 30444+ PTR? 145.23.49.198.in-addr.arpa. (44)
11:27:24.455163 IP 172.28.240.3.42031 > web-server.e-nk.ru.domain: 40678+ AAAA? vehtechnology.com. (35)
11:27:24.455592 IP hutshopping.de.https > 172.28.240.3.41239: Flags [.], seq 2947104998:2947106458, ack 3971989969, win 245, length 1460
11:27:24.455601 IP 172.28.240.3.41239 > hutshopping.de.https: Flags [.], ack 4294965836, win 502, options [nop,nop,sack 2 {0:1460}{5840:6193}], length 0
11:27:24.455693 IP 172.28.240.3.56640 > web-server.e-nk.ru.domain: 29068+ PTR? 224.156.165.82.in-addr.arpa. (45)
11:27:24.455712 IP hutshopping.de.https > 172.28.240.3.41239: Flags [.], seq 1460:2920, ack 1, win 245, length 1460
11:27:24.455717 IP 172.28.240.3.41239 > hutshopping.de.https: Flags [.], ack 4294965836, win 525, options [nop,nop,sack 2 {0:2920}{5840:6193}], length 0
11:27:24.458482 IP ip87-106-234-243.pbiaas.com.https > 172.28.240.3.41690: Flags [.], seq 932731068:932732516, ack 1803372441, win 506, options [nop,nop,TS val 3070929591 ecr 1713218], length 1448
11:27:24.458489 IP 172.28.240.3.41690 > ip87-106-234-243.pbiaas.com.https: Flags [.], ack 1448, win 545, options [nop,nop,TS val 1713251 ecr 3070929591], length 0
11:27:24.673614 IP 172.28.240.3.54946 > web-server.e-nk.ru.domain: 32587+ PTR? 243.234.106.87.in-addr.arpa. (45)
11:27:24.673655 IP 172.28.240.3.41197 > web-server.e-nk.ru.domain: 52661+ AAAA? abendschule-bonn.de. (37)
11:27:24.673809 IP sh20169.ispgateway.de.http > 172.28.240.3.44902: Flags [.], seq 2925662727:2925664175, ack 3459920192, win 235, options [nop,nop,TS val 2485076476 ecr 1713240], length 1448: HTTP
11:27:24.673817 IP 172.28.240.3.44902 > sh20169.ispgateway.de.http: Flags [.], ack 4294964400, win 328, options [nop,nop,TS val 1713305 ecr 2485076319,nop,nop,sack 2 {4294965848:1448}{5792:6386}], length 0
11:27:24.674865 IP 172.28.240.3.44712 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [.], ack 1188178016, win 237, options [nop,nop,TS val 1713306 ecr 1085783067], length 0
11:27:24.887710 IP 172.28.240.3.60192 > web-server.e-nk.ru.domain: 1624+ PTR? 216.48.205.92.in-addr.arpa. (44)
11:27:24.887751 IP ip87-106-234-243.pbiaas.com.https > 172.28.240.3.41691: Flags [.], seq 1679471388:1679472836, ack 2011815404, win 506, options [nop,nop,TS val 3070930007 ecr 1713322], length 1448
11:27:24.887775 IP 172.28.240.3.41691 > ip87-106-234-243.pbiaas.com.https: Flags [.], ack 4294964400, win 500, options [nop,nop,TS val 1713359 ecr 3070929861,nop,nop,sack 1 {4294965848:1448}], length 0
11:27:24.889267 IP srvc36.turhost.com.http > 172.28.240.3.50042: Flags [.], seq 1376573314:1376574774, ack 953148046, win 60, length 1460: HTTP
11:27:25.178727 IP 172.28.240.3.48547 > web-server.e-nk.ru.domain: 32289+ PTR? 38.206.199.94.in-addr.arpa. (44)
11:27:25.178789 IP 172.28.240.3.56993 > cpanel.man.szczecin.pl.http: Flags [S], seq 1604965051, win 29200, options [mss 1460,sackOK,TS val 1713431 ecr 0,nop,wscale 7], length 0
11:27:25.178910 IP ws0.rzone.de.http > 172.28.240.3.53754: Flags [P.], seq 2697270128:2697270713, ack 2913959964, win 14884, options [nop,nop,TS val 835062920 ecr 1713296], length 585: HTTP: HTTP/1.1 301 Moved Permanently
11:27:25.178913 IP 172.28.240.3.53754 > ws0.rzone.de.http: Flags [.], ack 585, win 238, options [nop,nop,TS val 1713432 ecr 835062920], length 0
11:27:25.178938 IP 172.28.240.3.56994 > cpanel.man.szczecin.pl.http: Flags [S], seq 2975896330, win 29200, options [mss 1460,sackOK,TS val 1713432 ecr 0,nop,wscale 7], length 0
11:27:25.179009 IP 172.28.240.3.56995 > cpanel.man.szczecin.pl.http: Flags [S], seq 730377093, win 29200, options [mss 1460,sackOK,TS val 1713432 ecr 0,nop,wscale 7], length 0
11:27:25.502507 IP 172.28.240.3.39056 > web-server.e-nk.ru.domain: 39089+ PTR? 20.160.155.213.in-addr.arpa. (45)
11:27:25.502870 IP 172.28.240.3.https > 172.28.240.254.48138: Flags [.], seq 2735749054:2735750502, ack 4122168149, win 300, options [nop,nop,TS val 1713513 ecr 53405888], length 1448
11:27:25.875238 IP 172.28.240.3.36671 > web-server.e-nk.ru.domain: 23966+ PTR? 143.145.169.81.in-addr.arpa. (45)
11:27:27.177302 IP 217-160-0-236.elastic-ssl.ui-r.com.https > 172.28.240.3.56046: Flags [.], seq 3971407158:3971408606, ack 3882833448, win 17, options [nop,nop,TS val 2082342597 ecr 1713889], length 1448
11:27:27.177315 IP 172.28.240.3.56046 > 217-160-0-236.elastic-ssl.ui-r.com.https: Flags [.], ack 5792, win 500, options [nop,nop,TS val 1713931 ecr 2082342597,nop,nop,sack 1 {7240:11584}], length 0
11:27:27.177464 IP 172.28.240.3.39887 > web-server.e-nk.ru.domain: 27631+ PTR? 236.0.160.217.in-addr.arpa. (44)
11:27:27.178708 IP web-server.e-nk.ru.domain > 172.28.240.3.58043: 43043 0/1/0 (109)
11:27:27.178750 IP 172.28.240.3.44157 > web-server.e-nk.ru.domain: 52917+ AAAA? advancedoncology.org.e-nk.ru. (46)
11:27:27.178997 IP web-server.e-nk.ru.domain > 172.28.240.3.34271: 60030 1/4/8 AAAA 2001:41d0:304:200::b4d5 (301)
11:27:27.179040 IP 172.28.240.3.38584 > web-server.e-nk.ru.domain: 49352+ A? cl2r.fr. (25)
11:27:27.442059 IP cluster015.ovh.net.http > 172.28.240.3.49197: Flags [.], seq 2292778868:2292780316, ack 1410722635, win 17, options [nop,nop,TS val 1373952000 ecr 1713962], length 1448: HTTP
11:27:27.442070 IP 172.28.240.3.49197 > cluster015.ovh.net.http: Flags [.], ack 1448, win 568, options [nop,nop,TS val 1713997 ecr 1373952000], length 0
11:27:27.442299 IP 172.28.240.254.48080 > 172.28.240.3.https: Flags [.], ack 2101229975, win 2453, options [nop,nop,TS val 53406376 ecr 1713996], length 0
11:27:27.442306 IP 172.28.240.3.https > 172.28.240.254.48080: Flags [.], seq 11585:14481, ack 0, win 511, options [nop,nop,TS val 1713997 ecr 53406376], length 2896
11:27:27.442310 IP 172.28.240.3.https > 172.28.240.254.48080: Flags [P.], seq 14481:15083, ack 0, win 511, options [nop,nop,TS val 1713997 ecr 53406376], length 602
11:27:27.443895 IP 199.16.173.140.https > 172.28.240.3.51962: Flags [.], seq 1809338400:1809339860, ack 3118833924, win 83, length 1460
11:27:27.443913 IP 172.28.240.3.51962 > 199.16.173.140.https: Flags [.], ack 4294964376, win 1345, options [nop,nop,sack 1 {0:1460}], length 0
11:27:27.444153 IP 172.28.240.254.48080 > 172.28.240.3.https: Flags [.], ack 11585, win 2460, options [nop,nop,TS val 53406377 ecr 1713997], length 0
11:27:27.444644 IP ec2-34-247-98-43.eu-west-1.compute.amazonaws.com.https > 172.28.240.3.36218: Flags [.], seq 2356340206:2356341654, ack 2624327706, win 114, options [nop,nop,TS val 1071490563 ecr 1713957], length 1448
11:27:27.444653 IP 172.28.240.3.36218 > ec2-34-247-98-43.eu-west-1.compute.amazonaws.com.https: Flags [.], ack 4294965848, win 432, options [nop,nop,TS val 1713998 ecr 1071490369,nop,nop,sack 2 {0:1448}{7240:8688}], length 0
11:27:27.444757 IP 172.28.240.3.37811 > web-server.e-nk.ru.domain: 20833+ PTR? 43.98.247.34.in-addr.arpa. (43)
11:27:27.446044 IP 172.28.240.254.48080 > 172.28.240.3.https: Flags [.], ack 15083, win 2496, options [nop,nop,TS val 53406377 ecr 1713997], length 0
11:27:27.446343 IP mail.apo2u.com.http > 172.28.240.3.38989: Flags [P.], seq 1228325488:1228326344, ack 3996266411, win 507, options [nop,nop,TS val 1913306416 ecr 1713341], length 856: HTTP: HTTP/1.1 301 Moved Permanently
11:27:27.446352 IP 172.28.240.3.38989 > mail.apo2u.com.http: Flags [.], ack 856, win 242, options [nop,nop,TS val 1713998 ecr 1913306416], length 0
11:27:27.446604 IP mail.apo2u.com.http > 172.28.240.3.38988: Flags [P.], seq 885872644:885873380, ack 1191714371, win 507, options [nop,nop,TS val 1913306416 ecr 1713341], length 736: HTTP: HTTP/1.1 301 Moved Permanently
11:27:27.735219 IP cluster020.hosting.ovh.net.https > 172.28.240.3.57149: Flags [.], seq 1511407241:1511408689, ack 792567980, win 17, options [nop,nop,TS val 1995177846 ecr 1714048], length 1448
11:27:27.735227 IP 172.28.240.3.57149 > cluster020.hosting.ovh.net.https: Flags [.], ack 4294965848, win 491, options [nop,nop,TS val 1714071 ecr 1995177616,nop,nop,sack 1 {0:1448}], length 0
11:27:27.735243 IP 172.28.240.3.45295 > web-server.e-nk.ru.domain: 17723+ PTR? 105.58.64.188.in-addr.arpa. (44)
11:27:27.736635 IP wp560.webpack.hosteurope.de.https > 172.28.240.3.53886: Flags [P.], seq 4130576758:4130577917, ack 3416594073, win 1348, options [nop,nop,TS val 3068559280 ecr 1713944], length 1159
11:27:29.064143 IP 172.28.240.3.57950 > web-server.e-nk.ru.domain: 40265+ PTR? 169.57.105.46.in-addr.arpa. (44)
11:27:29.064433 IP 199.16.173.140.https > 172.28.240.3.51961: Flags [.], seq 2720776185:2720777645, ack 1987765278, win 83, length 1460
11:27:29.064437 IP 172.28.240.254.48138 > 172.28.240.3.https: Flags [.], ack 257777, win 2446, options [nop,nop,TS val 53406782 ecr 1714400], length 0
11:27:29.417541 IP 172.28.240.3.39362 > web-server.e-nk.ru.domain: 55415+ PTR? 82.14.175.5.in-addr.arpa. (42)
11:27:29.417571 IP 217-160-0-209.elastic-ssl.ui-r.com.https > 172.28.240.3.36303: Flags [.], seq 3215172990:3215174438, ack 2933151423, win 17, options [nop,nop,TS val 3344855407 ecr 1714446], length 1448
11:27:29.417576 IP 172.28.240.3.36303 > 217-160-0-209.elastic-ssl.ui-r.com.https: Flags [.], ack 1448, win 455, options [nop,nop,TS val 1714491 ecr 3344855407,nop,nop,sack 1 {2896:5375}], length 0
11:27:29.710926 IP 172.28.240.3.58021 > web-server.e-nk.ru.domain: 5681+ PTR? 209.0.160.217.in-addr.arpa. (44)
11:27:29.710950 IP 172.28.240.3.33757 > host6.1-2-1marketing.com.http: Flags [S], seq 1003523503, win 29200, options [mss 1460,sackOK,TS val 1714565 ecr 0,nop,wscale 7], length 0
11:27:29.710974 IP 172.28.240.3.34979 > web-server.e-nk.ru.domain: 43863+ AAAA? svb1906.de.e-nk.ru. (36)
11:27:29.711025 IP 172.28.240.3.33758 > host6.1-2-1marketing.com.http: Flags [S], seq 2858398082, win 29200, options [mss 1460,sackOK,TS val 1714565 ecr 0,nop,wscale 7], length 0
11:27:29.711069 IP 172.28.240.3.33759 > host6.1-2-1marketing.com.http: Flags [S], seq 2959250587, win 29200, options [mss 1460,sackOK,TS val 1714565 ecr 0,nop,wscale 7], length 0
11:27:29.931367 IP 172.28.240.3.44678 > web-server.e-nk.ru.domain: 63684+ PTR? 119.161.167.69.in-addr.arpa. (45)
11:27:29.931660 IP mail.syndifab.fr.https > 172.28.240.3.37312: Flags [.], seq 2335738750:2335740198, ack 4240965173, win 505, options [nop,nop,TS val 4100699414 ecr 1714576], length 1448
11:27:29.931668 IP 172.28.240.3.37312 > mail.syndifab.fr.https: Flags [.], ack 1448, win 870, options [nop,nop,TS val 1714620 ecr 4100699414], length 0
11:27:30.338229 IP m2.titan.beget.com.http > 172.28.240.3.57116: Flags [.], seq 1658169506:1658170954, ack 4045248520, win 261, options [nop,nop,TS val 3704455272 ecr 1714503], length 1448: HTTP
11:27:30.338238 IP 172.28.240.3.57116 > m2.titan.beget.com.http: Flags [.], ack 4294954190, win 251, options [nop,nop,TS val 1714721 ecr 3704454522,nop,nop,sack 1 {0:1448}], length 0
11:27:30.338301 IP 172.28.240.254.48089 > 172.28.240.3.https: Flags [.], ack 886906464, win 2395, options [nop,nop,TS val 53407100 ecr 1714720], length 0
11:27:30.338343 IP 172.28.240.3.40254 > web-server.e-nk.ru.domain: 6830+ PTR? 22.207.106.91.in-addr.arpa. (44)
11:27:30.339750 IP w86.rzone.de.https > 172.28.240.3.49115: Flags [.], seq 272327536:272328984, ack 1038767197, win 122, options [nop,nop,TS val 1610079925 ecr 1714418], length 1448
11:27:30.339758 IP 172.28.240.3.49115 > w86.rzone.de.https: Flags [.], ack 1448, win 319, options [nop,nop,TS val 1714722 ecr 1610079925], length 0
11:27:30.342185 IP shared-ame228.rev.nazwa.pl.http > 172.28.240.3.43430: Flags [P.], seq 3989859678:3989861126, ack 1223555686, win 66, options [nop,nop,TS val 3526171492 ecr 1714660], length 1448: HTTP
11:27:30.675496 IP 172.28.240.254.48080 > 172.28.240.3.https: Flags [.], ack 61419, win 2285, options [nop,nop,TS val 53407185 ecr 1714805], length 0
11:27:30.675496 IP 141.193.213.21.https > 172.28.240.3.49953: Flags [.], seq 1992137550:1992138998, ack 1688407378, win 8, options [nop,nop,TS val 3404652758 ecr 1714754], length 1448
11:27:30.675503 IP 172.28.240.3.https > 172.28.240.254.48080: Flags [.], seq 73003:75899, ack 919, win 526, options [nop,nop,TS val 1714806 ecr 53407185], length 2896
11:27:30.675595 IP 172.28.240.3.51286 > web-server.e-nk.ru.domain: 10158+ PTR? 228.188.128.85.in-addr.arpa. (45)
11:27:30.676161 IP a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http > 172.28.240.3.48151: Flags [S.], seq 2741231721, ack 3454627413, win 65535, options [mss 1460,sackOK,TS val 1091109180 ecr 1714773,nop,wscale 8], length 0
11:27:30.676168 IP 172.28.240.3.48151 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1714806 ecr 1091109180], length 0
11:27:30.975137 IP 172.28.240.3.33956 > web-server.e-nk.ru.domain: 42457+ PTR? 21.213.193.141.in-addr.arpa. (45)
11:27:30.975250 IP w8e.rzone.de.http > 172.28.240.3.50551: Flags [.], seq 2753473444:2753474892, ack 2105064337, win 14889, options [nop,nop,TS val 835067583 ecr 1714712], length 1448: HTTP: HTTP/1.1 403 Forbidden
11:27:32.250518 IP 172.28.240.3.47532 > web-server.e-nk.ru.domain: 18950+ PTR? 94.145.169.81.in-addr.arpa. (44)
11:27:32.250865 IP 172.28.240.3.51000 > 172.67.151.158.http: Flags [F.], seq 2102219574, ack 1022516755, win 229, options [nop,nop,TS val 1715200 ecr 1585857137], length 0
11:27:32.250872 IP 172.28.240.3.53894 > 172.67.196.142.http: Flags [F.], seq 534811258, ack 2080853360, win 229, options [nop,nop,TS val 1715200 ecr 4209614763], length 0
11:27:32.250875 IP 172.28.240.3.53895 > 172.67.196.142.http: Flags [F.], seq 3676765896, ack 3276232943, win 229, options [nop,nop,TS val 1715200 ecr 1827021621], length 0
11:27:32.250931 IP web-server.e-nk.ru.domain > 172.28.240.3.36872: 25953 1/13/10 AAAA 2620:127:f00f:d:: (503)
11:27:32.250978 IP 172.28.240.3.57337 > web-server.e-nk.ru.domain: 61290+ A? gridparts.com. (31)
11:27:32.549458 IP 172.28.240.3.52209 > web-server.e-nk.ru.domain: 55400+ PTR? 158.151.67.172.in-addr.arpa. (45)
11:27:32.549561 IP web-server.e-nk.ru.domain > 172.28.240.3.42967: 61541 1/6/12 A 188.40.30.46 (414)
11:27:32.673858 IP 172.28.240.3.42600 > web-server.e-nk.ru.domain: 25345+ PTR? 142.196.67.172.in-addr.arpa. (45)
11:27:32.791612 IP sv41.byethost41.org.https > 172.28.240.3.44302: Flags [.], seq 3055959296:3055960744, ack 3817770832, win 59, options [nop,nop,TS val 1970710572 ecr 1715165], length 1448
11:27:32.791620 IP 172.28.240.3.44302 > sv41.byethost41.org.https: Flags [.], ack 1448, win 260, options [nop,nop,TS val 1715335 ecr 1970710572,nop,nop,sack 1 {4096:4533}], length 0
11:27:32.791692 IP 172.28.240.3.34224 > web-server.e-nk.ru.domain: 24256+ PTR? 18.4.22.31.in-addr.arpa. (41)
11:27:32.792672 IP 217-160-0-217.elastic-ssl.ui-r.com.http > 172.28.240.3.52820: Flags [F.], seq 2123173975, ack 4278508536, win 17, options [nop,nop,TS val 2211882634 ecr 1711570], length 0
11:27:32.792720 IP 151.101.194.159.http > 172.28.240.3.42361: Flags [F.], seq 1111842950, ack 1210611696, win 285, options [nop,nop,TS val 3621172312 ecr 1715147], length 0
11:27:32.792726 IP 172.28.240.3.42361 > 151.101.194.159.http: Flags [.], ack 1, win 241, options [nop,nop,TS val 1715335 ecr 3621172312], length 0
11:27:32.793288 IP 217-160-0-249.elastic-ssl.ui-r.com.https > 172.28.240.3.60721: Flags [.], seq 179601272:179602720, ack 3814060023, win 17, options [nop,nop,TS val 263044261 ecr 1715221], length 1448
11:27:33.193367 IP 172.28.240.3.36056 > web-server.e-nk.ru.domain: 37206+ PTR? 217.0.160.217.in-addr.arpa. (44)
11:27:33.193426 IP w96.rzone.de.https > 172.28.240.3.53823: Flags [.], seq 4081917218:4081918666, ack 1892484823, win 243, options [nop,nop,TS val 703830765 ecr 1715383], length 1448
11:27:33.193430 IP 172.28.240.3.53823 > w96.rzone.de.https: Flags [.], ack 4294962952, win 894, options [nop,nop,TS val 1715435 ecr 703830722,nop,nop,sack 1 {4294964400:1448}], length 0
11:27:33.403585 IP 172.28.240.3.49006 > web-server.e-nk.ru.domain: 42626+ PTR? 159.194.101.151.in-addr.arpa. (46)
11:27:34.233417 IP 172.28.240.3.51296 > web-server.e-nk.ru.domain: 28872+ PTR? 249.0.160.217.in-addr.arpa. (44)
11:27:34.234502 IP web-server.e-nk.ru.domain > 172.28.240.3.33245: 10180 1/13/10 A 184.154.208.21 (501)
11:27:34.556974 IP 172.28.240.3.54379 > web-server.e-nk.ru.domain: 3026+ PTR? 150.145.169.81.in-addr.arpa. (45)
11:27:34.557055 IP linux1017.grserver.gr.http > 172.28.240.3.43438: Flags [.], seq 2444132282:2444133730, ack 517622535, win 235, options [nop,nop,TS val 1816113389 ecr 1715697], length 1448: HTTP
11:27:34.557361 IP 172.28.240.3.34779 > web-server.e-nk.ru.domain: 45319+ PTR? 20.42.138.185.in-addr.arpa. (44)
11:27:34.558365 IP cloudproxy10067.sucuri.net.http > 172.28.240.3.51485: Flags [S.], seq 104524222, ack 4171325626, win 43440, options [mss 1460,sackOK,TS val 1867917402 ecr 1715518,nop,wscale 9], length 0
11:27:34.558369 IP 172.28.240.3.51485 > cloudproxy10067.sucuri.net.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1715776 ecr 1867916398], length 0
11:27:34.558475 IP a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http > 172.28.240.3.48325: Flags [P.], seq 1922972721:1922973098, ack 3219661436, win 261, options [nop,nop,TS val 1088389068 ecr 1715599], length 377: HTTP: HTTP/1.1 404 Not Found
11:27:34.558480 IP 172.28.240.3.48325 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [.], ack 377, win 237, options [nop,nop,TS val 1715776 ecr 1088389068], length 0
11:27:34.558902 IP cloud5.rescol.de.http > 172.28.240.3.56389: Flags [P.], seq 2292242601:2292243178, ack 1838597123, win 235, options [nop,nop,TS val 4092119632 ecr 1714633], length 577: HTTP: HTTP/1.1 301 Moved Permanently
11:27:34.700946 IP 172.28.240.3.39222 > web-server.e-nk.ru.domain: 10061+ PTR? 67.249.124.192.in-addr.arpa. (45)
11:27:34.701113 IP 185.58.213.233.https > 172.28.240.3.46957: Flags [.], seq 719397427:719398875, ack 294297278, win 168, options [nop,nop,TS val 280470164 ecr 1715778], length 1448
11:27:35.029723 IP 172.28.240.3.43377 > web-server.e-nk.ru.domain: 6870+ PTR? 164.9.63.178.in-addr.arpa. (43)
11:27:35.034870 IP 172.28.240.3.46858 > alfa3211.alfahosting-server.de.http: Flags [F.], seq 1769972768, ack 2145379957, win 681, options [nop,nop,TS val 1715896 ecr 487160226], length 0
11:27:35.037312 IP web-server.e-nk.ru.domain > 172.28.240.3.41279: 2162 ServFail 0/0/0 (30)
11:27:35.037355 IP 172.28.240.3.34884 > web-server.e-nk.ru.domain: 2162+ A? acritint.com. (30)
11:27:35.321701 IP 172.28.240.3.51147 > web-server.e-nk.ru.domain: 6708+ PTR? 233.213.58.185.in-addr.arpa. (45)
11:27:35.321881 IP 31-193-131-84.static.as29550.net.https > 172.28.240.3.48384: Flags [.], seq 2584690484:2584691932, ack 2050479954, win 505, options [nop,nop,TS val 127215160 ecr 1715928], length 1448
11:27:36.193232 IP 172.28.240.3.51471 > web-server.e-nk.ru.domain: 49242+ PTR? 13.140.237.109.in-addr.arpa. (45)
11:27:36.193740 IP vmcp12.digitalpacific.com.au.http > 172.28.240.3.49079: Flags [.], seq 995727650:995729098, ack 3818841567, win 122, options [nop,nop,TS val 1943651256 ecr 1716008], length 1448: HTTP: HTTP/1.1 404 Not Found
11:27:36.499031 IP 172.28.240.3.41298 > srv.k-geiss.de.https: Flags [S], seq 2188110949, win 29200, options [mss 1460,sackOK,TS val 1716262 ecr 0,nop,wscale 7], length 0
11:27:36.499090 IP 172.28.240.3.53142 > web-server.e-nk.ru.domain: 22107+ PTR? 84.131.193.31.in-addr.arpa. (44)
11:27:36.499205 IP 172.28.240.3.57931 > web-server.e-nk.ru.domain: 48231+ AAAA? grubmavilim.de. (32)
11:27:36.499465 IP 172.28.240.254.48059 > 172.28.240.3.https: Flags [.], ack 252867636, win 2558, options [nop,nop,TS val 53408641 ecr 1716260], length 0
11:27:36.806434 IP 172.28.240.3.36175 > web-server.e-nk.ru.domain: 12207+ PTR? 248.113.0.101.in-addr.arpa. (44)
11:27:36.806486 IP 199.16.173.140.https > 172.28.240.3.51964: Flags [.], seq 3589147962:3589149422, ack 2160374318, win 83, length 1460
11:27:37.392969 IP 172.28.240.3.34581 > web-server.e-nk.ru.domain: 28145+ PTR? 209.119.201.138.in-addr.arpa. (46)
11:27:37.629118 IP mail.psa2.webhoster.ag.http > 172.28.240.3.38919: Flags [.], ack 271456413, win 235, options [nop,nop,TS val 586472060 ecr 1716528], length 0
11:27:37.629228 IP 172.28.240.3.50143 > web-server.e-nk.ru.domain: 5921+ PTR? 21.221.172.212.in-addr.arpa. (45)
11:27:37.629677 IP mail.psa2.webhoster.ag.http > 172.28.240.3.38919: Flags [.], seq 0:1448, ack 1, win 235, options [nop,nop,TS val 586472061 ecr 1716528], length 1448: HTTP: HTTP/1.1 200 OK
11:27:37.629683 IP 172.28.240.3.38919 > mail.psa2.webhoster.ag.http: Flags [.], ack 1448, win 251, options [nop,nop,TS val 1716544 ecr 586472061], length 0
11:27:37.631297 IP cluster014.ovh.net.https > 172.28.240.3.45271: Flags [.], seq 820359856:820361304, ack 1309362256, win 17, options [nop,nop,TS val 4247867217 ecr 1716511], length 1448
11:27:37.631302 IP 172.28.240.3.45271 > cluster014.ovh.net.https: Flags [.], ack 1448, win 817, options [nop,nop,TS val 1716545 ecr 4247867217], length 0
11:27:37.632813 IP dedyk154.cyber-folks.pl.http > 172.28.240.3.40134: Flags [.], seq 1325065514:1325066962, ack 1677783316, win 235, options [nop,nop,TS val 2466755403 ecr 1716413], length 1448: HTTP
11:27:38.935096 IP 172.28.240.3.45060 > web-server.e-nk.ru.domain: 37974+ PTR? 87.33.186.213.in-addr.arpa. (44)
11:27:38.935244 IP 202.92.7.54.https > 172.28.240.3.60318: Flags [.], seq 818480371:818481819, ack 861666380, win 243, options [nop,nop,TS val 1296942793 ecr 1716789], length 1448
11:27:38.935250 IP 172.28.240.3.60318 > 202.92.7.54.https: Flags [.], ack 4294962952, win 1043, options [nop,nop,TS val 1716871 ecr 1296942197,nop,nop,sack 1 {4294964400:1448}], length 0
11:27:38.935937 IP web-server.e-nk.ru.domain > 172.28.240.3.50537: 45858 ServFail 0/0/0 (29)
11:27:39.108673 IP 172.28.240.3.45938 > web-server.e-nk.ru.domain: 12388+ PTR? 159.206.152.94.in-addr.arpa. (45)
11:27:39.108713 IP dania.colombiahosting.com.co.http > 172.28.240.3.50252: Flags [.], seq 4281267860:4281269308, ack 47899576, win 235, options [nop,nop,TS val 2572147181 ecr 1716846], length 1448: HTTP
11:27:39.436852 IP 156.67.233.101.https > 172.28.240.3.43692: Flags [.], seq 2057193000:2057194448, ack 2302256012, win 505, options [nop,nop,TS val 343526459 ecr 1716950], length 1448
11:27:39.436858 IP 172.28.240.3.43692 > 156.67.233.101.https: Flags [.], ack 2896, win 1223, options [nop,nop,TS val 1716996 ecr 343526459], length 0
11:27:39.959291 IP solitary-pear.aeza.network.http > 172.28.240.3.36282: Flags [.], seq 1041499494:1041500782, ack 1133032328, win 509, options [nop,nop,TS val 2918516108 ecr 1717034], length 1288: HTTP
11:27:39.959308 IP 172.28.240.3.36282 > solitary-pear.aeza.network.http: Flags [.], ack 2576, win 1315, options [nop,nop,TS val 1717127 ecr 2918516108], length 0
11:27:39.959396 IP 172.28.240.3.60200 > web-server.e-nk.ru.domain: 50960+ PTR? 160.176.8.190.in-addr.arpa. (44)
11:27:39.960704 IP wp560.webpack.hosteurope.de.https > 172.28.240.3.53886: Flags [.], seq 41754:43202, ack 450, win 1335, options [nop,nop,TS val 3068571511 ecr 1717092], length 1448
11:27:40.377098 IP web-server.e-nk.ru.domain > 172.28.240.3.57091: 56855 NXDomain* 0/1/0 (102)
11:27:40.746097 IP v2202003115902110938.nicesrv.de.https > 172.28.240.3.37965: Flags [.], seq 2407476882:2407478330, ack 1905115646, win 252, options [nop,nop,TS val 326556882 ecr 1717186], length 1448
11:27:40.746104 IP 172.28.240.3.37965 > v2202003115902110938.nicesrv.de.https: Flags [.], ack 2896, win 387, options [nop,nop,TS val 1717323 ecr 326556882], length 0
11:27:40.746188 IP 172.28.240.3.58711 > web-server.e-nk.ru.domain: 42747+ PTR? 143.117.163.185.in-addr.arpa. (46)
11:27:40.747621 IP 217-160-0-249.elastic-ssl.ui-r.com.https > 172.28.240.3.60721: Flags [.], seq 62264:63712, ack 1, win 17, options [nop,nop,TS val 263052134 ecr 1717185], length 1448
11:27:40.747627 IP 172.28.240.3.60721 > 217-160-0-249.elastic-ssl.ui-r.com.https: Flags [.], ack 72400, win 1142, options [nop,nop,TS val 1717324 ecr 263052134], length 0
11:27:40.749147 IP wp452.webpack.hosteurope.de.http > 172.28.240.3.57788: Flags [.], seq 4289270559:4289272007, ack 2755606804, win 1349, options [nop,nop,TS val 3006553483 ecr 1717256], length 1448: HTTP
11:27:40.749156 IP 172.28.240.3.57788 > wp452.webpack.hosteurope.de.http: Flags [.], ack 1448, win 749, options [nop,nop,TS val 1717324 ecr 3006553483], length 0
11:27:42.227607 IP 172.28.240.3.41898 > web-server.e-nk.ru.domain: 56053+ PTR? 221.226.35.5.in-addr.arpa. (43)
11:27:42.227747 IP 104-182-112-122.lightspeed.mssnks.sbcglobal.net.https > 172.28.240.3.46411: Flags [P.], seq 785847149:785848609, ack 1809693566, win 1025, length 1460
11:27:42.227752 IP 172.28.240.3.46411 > 104-182-112-122.lightspeed.mssnks.sbcglobal.net.https: Flags [.], ack 4294967160, win 274, options [nop,nop,sack 1 {0:1460}], length 0
11:27:42.229937 IP linweb339.webhosting.be.https > 172.28.240.3.39377: Flags [.], seq 2965769282:2965770742, ack 3559321174, win 501, length 1460
11:27:42.229945 IP 172.28.240.3.39377 > linweb339.webhosting.be.https: Flags [.], ack 4294965836, win 890, options [nop,nop,sack 1 {0:1460}], length 0
11:27:42.525866 IP 172.28.240.3.41749 > web-server.e-nk.ru.domain: 35151+ PTR? 122.112.182.104.in-addr.arpa. (46)
11:27:42.525915 IP cluster005.ovh.net.https > 172.28.240.3.41771: Flags [.], seq 3966929676:3966931124, ack 4029500088, win 17, options [nop,nop,TS val 4251827236 ecr 1717699], length 1448
11:27:42.525921 IP 172.28.240.3.41771 > cluster005.ovh.net.https: Flags [.], ack 1448, win 296, options [nop,nop,TS val 1717768 ecr 4251827236], length 0
11:27:43.005482 IP vmi1119369.contaboserver.net.https > 172.28.240.3.49047: Flags [P.], seq 86363149:86363268, ack 1183644411, win 235, options [nop,nop,TS val 2039383425 ecr 1717775], length 119
11:27:43.005601 IP 172.28.240.3.48827 > web-server.e-nk.ru.domain: 47099+ PTR? 229.81.241.77.in-addr.arpa. (44)
11:27:43.325674 IP wp560.webpack.hosteurope.de.https > 172.28.240.3.53887: Flags [.], seq 1114485506:1114486954, ack 1215893070, win 1334, options [nop,nop,TS val 3068574820 ecr 1717823], length 1448
11:27:43.325690 IP 172.28.240.3.53887 > wp560.webpack.hosteurope.de.https: Flags [.], ack 2896, win 907, options [nop,nop,TS val 1717968 ecr 3068574820], length 0
11:27:43.325742 IP 172.28.240.3.33499 > web-server.e-nk.ru.domain: 49392+ PTR? 16.33.186.213.in-addr.arpa. (44)
11:27:43.695458 IP 172.28.240.3.38202 > web-server.e-nk.ru.domain: 24824+ PTR? 42.63.117.89.in-addr.arpa. (43)
11:27:43.696237 IP cluster005.ovh.net.http > 172.28.240.3.36750: Flags [.], seq 2711918458:2711919906, ack 3026669771, win 17, options [nop,nop,TS val 1625013645 ecr 1718021], length 1448: HTTP
11:27:44.009827 IP 23.227.38.73.https > 172.28.240.3.35538: Flags [.], seq 2140871940:2140873388, ack 3590743036, win 8, options [nop,nop,TS val 4216837739 ecr 1718098], length 1448
11:27:44.009837 IP 172.28.240.3.35538 > 23.227.38.73.https: Flags [.], ack 4294961504, win 598, options [nop,nop,TS val 1718139 ecr 4216837506,nop,nop,sack 2 {0:1448}{17365:17399}], length 0
11:27:44.010115 IP 172.28.240.3.50239 > web-server.e-nk.ru.domain: 45939+ PTR? 73.38.227.23.in-addr.arpa. (43)
11:27:44.010579 IP vmi270949.contaboserver.net.http > 172.28.240.3.56988: Flags [F.], seq 1334061934, ack 3641154141, win 235, options [nop,nop,TS val 3090935938 ecr 1713991], length 0
11:27:44.010584 IP 172.28.240.3.56988 > vmi270949.contaboserver.net.http: Flags [.], ack 4294966836, win 229, options [nop,nop,TS val 1718139 ecr 3090919538,nop,nop,sack 1 {0:1}], length 0
11:27:44.011079 IP 217-160-0-62.elastic-ssl.ui-r.com.https > 172.28.240.3.54506: Flags [.], seq 2111701114:2111702562, ack 3261421809, win 17, options [nop,nop,TS val 3917416495 ecr 1717960], length 1448
11:27:44.011088 IP 172.28.240.3.54506 > 217-160-0-62.elastic-ssl.ui-r.com.https: Flags [.], ack 4294957160, win 576, options [nop,nop,TS val 1718140 ecr 3917415741,nop,nop,sack 2 {0:1448}{4294961504:4294965848}], length 0
11:27:44.243876 IP 172.28.240.3.39636 > web-server.e-nk.ru.domain: 42734+ PTR? 152.128.189.5.in-addr.arpa. (44)
11:27:44.243984 IP grid07.agnat.pl.http > 172.28.240.3.38014: Flags [.], seq 776565902:776567350, ack 2177378517, win 507, options [nop,nop,TS val 2115468884 ecr 1718152], length 1448: HTTP
11:27:44.243990 IP 172.28.240.3.38014 > grid07.agnat.pl.http: Flags [.], ack 1448, win 410, options [nop,nop,TS val 1718198 ecr 2115468884,nop,nop,sack 2 {2896:4344}{8688:10136}], length 0
11:27:44.622839 IP 172.28.240.3.55806 > web-server.e-nk.ru.domain: 64589+ PTR? 110.44.239.193.in-addr.arpa. (45)
11:27:44.622941 IP m2.titan.beget.com.http > 172.28.240.3.57116: Flags [.], seq 107152:108600, ack 1, win 261, options [nop,nop,TS val 3704469559 ecr 1718262], length 1448: HTTP
11:27:44.622948 IP 172.28.240.3.57116 > m2.titan.beget.com.http: Flags [.], ack 110048, win 1166, options [nop,nop,TS val 1718293 ecr 3704469559], length 0
11:27:44.623983 IP cluster015.ovh.net.http > 172.28.240.3.48540: Flags [F.], seq 591330776, ack 3518078362, win 17, options [nop,nop,TS val 2782925609 ecr 1712185], length 0
11:27:44.623991 IP 172.28.240.3.48540 > cluster015.ovh.net.http: Flags [R], seq 3518078362, win 0, length 0
11:27:44.940952 IP 172.28.240.3.56396 > relay.mail-forwarder.io.http: Flags [S], seq 534652116, win 29200, options [mss 1460,sackOK,TS val 1718372 ecr 0,nop,wscale 7], length 0
11:27:44.941022 IP 172.28.240.3.51447 > web-server.e-nk.ru.domain: 4103+ PTR? 16.145.22.5.in-addr.arpa. (42)
11:27:44.941165 IP 172.28.240.3.56397 > relay.mail-forwarder.io.http: Flags [S], seq 978936811, win 29200, options [mss 1460,sackOK,TS val 1718372 ecr 0,nop,wscale 7], length 0
11:27:44.941235 IP 172.28.240.3.56398 > relay.mail-forwarder.io.http: Flags [S], seq 4288460184, win 29200, options [mss 1460,sackOK,TS val 1718372 ecr 0,nop,wscale 7], length 0
11:27:44.941301 IP 172.28.240.3.56399 > relay.mail-forwarder.io.http: Flags [S], seq 851020937, win 29200, options [mss 1460,sackOK,TS val 1718372 ecr 0,nop,wscale 7], length 0
11:27:44.941405 IP 172.28.240.3.51092 > web-server.e-nk.ru.domain: 63445+ AAAA? e-psychology.org. (34)
11:27:44.941851 IP 192-185-129-69.unifiedlayer.com.http > 172.28.240.3.60729: Flags [.], seq 1974663902:1974665350, ack 654306830, win 508, options [nop,nop,TS val 1748206675 ecr 1718012], length 1448: HTTP
11:27:45.241851 IP 172.28.240.3.33436 > web-server.e-nk.ru.domain: 31213+ PTR? 69.129.185.192.in-addr.arpa. (45)
11:27:45.242159 IP cluster003.ovh.net.http > 172.28.240.3.36903: Flags [.], seq 972505885:972507333, ack 3976351004, win 17, options [nop,nop,TS val 2446673019 ecr 1718373], length 1448: HTTP
11:27:45.242168 IP 172.28.240.3.36903 > cluster003.ovh.net.http: Flags [.], ack 1448, win 1199, options [nop,nop,TS val 1718447 ecr 2446673019], length 0
11:27:45.242864 IP 172.28.240.3.33457 > li1795-163.members.linode.com.http: Flags [F.], seq 1374799361, ack 1730807994, win 229, options [nop,nop,TS val 1718448 ecr 616555716], length 0
11:27:45.242870 IP 172.28.240.3.33458 > li1795-163.members.linode.com.http: Flags [F.], seq 525368818, ack 986783525, win 229, options [nop,nop,TS val 1718448 ecr 616555718], length 0
11:27:45.243683 IP v2202003115902110938.nicesrv.de.https > 172.28.240.3.37963: Flags [.], seq 209257126:209258574, ack 3497240164, win 252, options [nop,nop,TS val 326561370 ecr 1718404], length 1448
11:27:45.698358 IP 172.28.240.3.57769 > web-server.e-nk.ru.domain: 12545+ PTR? 163.195.104.172.in-addr.arpa. (46)
11:27:45.698476 IP 172.28.240.254.48089 > 172.28.240.3.https: Flags [.], ack 656965, win 2431, options [nop,nop,TS val 53410940 ecr 1718561], length 0
11:27:45.698477 IP srv1.pwe.nl.https > 172.28.240.3.60521: Flags [.], seq 258981166:258982614, ack 269182936, win 252, options [nop,nop,TS val 2061666936 ecr 1718523], length 1448
11:27:45.698481 IP 172.28.240.3.https > 172.28.240.254.48089: Flags [.], seq 669997:672893, ack 7278, win 639, options [nop,nop,TS val 1718561 ecr 53410940], length 2896
11:27:47.288873 IP 81.177.49.5.http > 172.28.240.3.39961: Flags [S.], seq 2436530008, ack 3155325667, win 28960, options [mss 1460,sackOK,TS val 818670276 ecr 1718931,nop,wscale 7], length 0
11:27:47.288882 IP 172.28.240.3.39961 > 81.177.49.5.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1718959 ecr 818670276], length 0
11:27:47.288937 IP 172.28.240.3.34304 > web-server.e-nk.ru.domain: 25659+ PTR? 102.98.242.195.in-addr.arpa. (45)
11:27:47.289438 IP srv145-h-st.jino.ru.https > 172.28.240.3.54938: Flags [.], seq 2464468296:2464469744, ack 2235991625, win 243, options [nop,nop,TS val 3435404215 ecr 1718930], length 1448
11:27:47.289442 IP 172.28.240.3.54938 > srv145-h-st.jino.ru.https: Flags [.], ack 4294961504, win 576, options [nop,nop,TS val 1718959 ecr 3435404104,nop,nop,sack 1 {4294965848:1448}], length 0
11:27:47.759250 IP 172.28.240.3.54351 > web-server.e-nk.ru.domain: 14371+ PTR? 5.49.177.81.in-addr.arpa. (42)
11:27:47.759308 IP 88.79.201.26.http > 172.28.240.3.48958: Flags [.], seq 3032327736:3032329196, ack 3177570334, win 8030, length 1460: HTTP
11:27:48.002402 IP 172.28.240.3.51479 > web-server.e-nk.ru.domain: 63464+ PTR? 131.135.177.81.in-addr.arpa. (45)
11:27:48.002930 IP 139.1.144.134.http > 172.28.240.3.44525: Flags [F.], seq 1072519176, ack 723930215, win 501, length 0
11:27:48.002975 IP 139.1.144.134.http > 172.28.240.3.44528: Flags [F.], seq 3568721083, ack 3318309754, win 501, length 0
11:27:48.320882 IP 172.28.240.3.33018 > web-server.e-nk.ru.domain: 6858+ PTR? 26.201.79.88.in-addr.arpa. (43)
11:27:48.322571 IP w91.rzone.de.http > 172.28.240.3.45115: Flags [P.], seq 2808841286:2808841795, ack 1555678651, win 14823, options [nop,nop,TS val 835084902 ecr 1719168], length 509: HTTP: HTTP/1.1 301 Moved Permanently
11:27:48.322574 IP 172.28.240.254.48089 > 172.28.240.3.https: Flags [.], ack 853862, win 2431, options [nop,nop,TS val 53411596 ecr 1719217], length 0
11:27:48.541998 IP 172.28.240.3.55470 > web-server.e-nk.ru.domain: 56197+ PTR? 134.144.1.139.in-addr.arpa. (44)
11:27:48.542167 IP hutshopping.de.https > 172.28.240.3.41237: Flags [.], seq 1459678796:1459680256, ack 2894436117, win 245, length 1460
11:27:48.770064 IP 172.28.240.3.50098 > web-server.e-nk.ru.domain: 8967+ PTR? 145.145.169.81.in-addr.arpa. (45)
11:27:48.770312 IP h2web79.infomaniak.ch.https > 172.28.240.3.51333: Flags [.], seq 2489238666:2489240126, ack 6771831, win 254, length 1460
11:27:48.770319 IP 172.28.240.3.51333 > h2web79.infomaniak.ch.https: Flags [.], ack 1460, win 343, length 0
11:27:50.172133 IP 172.28.240.3.36945 > web-server.e-nk.ru.domain: 33319+ PTR? 25.138.166.83.in-addr.arpa. (44)
11:27:50.172306 IP 217-160-0-62.elastic-ssl.ui-r.com.https > 172.28.240.3.54506: Flags [.], seq 53576:55024, ack 1, win 17, options [nop,nop,TS val 3917422697 ecr 1719569], length 1448
11:27:50.172313 IP 172.28.240.3.54506 > 217-160-0-62.elastic-ssl.ui-r.com.https: Flags [.], ack 52128, win 1300, options [nop,nop,TS val 1719680 ecr 3917422544,nop,nop,sack 1 {53576:55024}], length 0
11:27:50.173436 IP 195.117.60.252.http > 172.28.240.3.37937: Flags [.], ack 1824182651, win 508, options [nop,nop,TS val 3843670046 ecr 1719640], length 0
11:27:50.173981 IP w8e.rzone.de.http > 172.28.240.3.50335: Flags [P.], seq 2791658421:2791659869, ack 1895475232, win 14857, options [nop,nop,TS val 835086798 ecr 1719647], length 1448: HTTP
11:27:51.473305 IP 172.28.240.3.https > 172.28.240.254.48080: Flags [.], seq 1776876:1781220, ack 12091, win 706, options [nop,nop,TS val 1720005 ecr 53412170], length 4344
11:27:51.473306 IP 172.28.240.3.47905 > web-server.e-nk.ru.domain: 27756+ PTR? 252.60.117.195.in-addr.arpa. (45)
11:27:51.473316 IP 172.28.240.3.https > 172.28.240.254.48080: Flags [.], seq 1781220:1785564, ack 12091, win 706, options [nop,nop,TS val 1720005 ecr 53412170], length 4344
11:27:51.473320 IP 172.28.240.3.https > 172.28.240.254.48080: Flags [.], seq 1785564:1789908, ack 12091, win 706, options [nop,nop,TS val 1720005 ecr 53412170], length 4344
11:27:51.473349 IP 172.28.240.3.https > 172.28.240.254.48080: Flags [.], seq 1789908:1791356, ack 12091, win 706, options [nop,nop,TS val 1720005 ecr 53412170], length 1448
11:27:51.813839 IP server1.resanehpooneh.com.http > 172.28.240.3.42126: Flags [.], seq 3982112602:3982114050, ack 590295377, win 235, options [nop,nop,TS val 3565242451 ecr 1720048], length 1448: HTTP
11:27:51.813848 IP 172.28.240.3.42126 > server1.resanehpooneh.com.http: Flags [.], ack 4294962952, win 1238, options [nop,nop,TS val 1720090 ecr 3565242138,nop,nop,sack 1 {4294965848:1448}], length 0
11:27:51.813958 IP 172.28.240.3.57250 > web-server.e-nk.ru.domain: 17397+ PTR? 47.94.4.46.in-addr.arpa. (41)
11:27:51.815294 IP 5E98351F.static.tld.pl.http > 172.28.240.3.56218: Flags [.], seq 3363072204:3363073228, ack 378683304, win 235, options [nop,nop,TS val 4292010810 ecr 1720047], length 1024: HTTP
11:27:51.815301 IP 172.28.240.3.56218 > 5E98351F.static.tld.pl.http: Flags [.], ack 4096, win 1046, options [nop,nop,TS val 1720091 ecr 4292010810], length 0
11:27:51.816383 IP lb-lin01.hosting.telia.com.http > 172.28.240.3.39198: Flags [P.], seq 4206439596:4206440529, ack 2012240313, win 14856, options [nop,nop,TS val 835087936 ecr 1719954], length 933: HTTP: HTTP/1.1 301 Moved Permanently
11:27:51.816389 IP 172.28.240.3.39198 > lb-lin01.hosting.telia.com.http: Flags [.], ack 933, win 243, options [nop,nop,TS val 1720091 ecr 835087936], length 0
11:27:52.098573 IP 172.28.240.3.37076 > web-server.e-nk.ru.domain: 65332+ PTR? 31.53.152.94.in-addr.arpa. (43)
11:27:52.098607 IP 217-160-0-164.elastic-ssl.ui-r.com.https > 172.28.240.3.59693: Flags [.], seq 3569157309:3569158757, ack 3232812675, win 17, options [nop,nop,TS val 1147875454 ecr 1720123], length 1448
11:27:52.098630 IP 172.28.240.3.59693 > 217-160-0-164.elastic-ssl.ui-r.com.https: Flags [.], ack 1708, win 282, options [nop,nop,TS val 1720161 ecr 1147875454], length 0
11:27:52.423509 IP lemur.loco.pl.http > 172.28.240.3.40638: Flags [.], seq 916707728:916709176, ack 3319598773, win 507, options [nop,nop,TS val 1485623687 ecr 1720194], length 1448: HTTP
11:27:52.423515 IP 172.28.240.3.40638 > lemur.loco.pl.http: Flags [.], ack 4294965848, win 772, options [nop,nop,TS val 1720243 ecr 1485623517,nop,nop,sack 1 {0:1448}], length 0
11:27:54.194886 IP 172.28.240.3.33171 > web-server.e-nk.ru.domain: 57741+ PTR? 164.0.160.217.in-addr.arpa. (44)
11:27:54.194926 IP 217-160-0-167.elastic-ssl.ui-r.com.https > 172.28.240.3.40756: Flags [.], seq 352568449:352569897, ack 1892020933, win 17, options [nop,nop,TS val 2067017276 ecr 1720579], length 1448
11:27:54.194933 IP 172.28.240.3.40756 > 217-160-0-167.elastic-ssl.ui-r.com.https: Flags [.], ack 1448, win 545, options [nop,nop,TS val 1720686 ecr 2067017276,nop,nop,sack 1 {4344:5792}], length 0
11:27:54.195380 IP 172.28.240.3.60487 > web-server.e-nk.ru.domain: 17456+ PTR? 54.151.191.89.in-addr.arpa. (44)
11:27:54.195404 IP 172.28.240.3.47989 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [F.], seq 2600061327, ack 3934041436, win 237, options [nop,nop,TS val 1720686 ecr 2493552212], length 0
11:27:54.574916 IP 172.28.240.3.59877 > web-server.e-nk.ru.domain: 12184+ PTR? 167.0.160.217.in-addr.arpa. (44)
11:27:54.574942 IP d274.x-mailer.de.http > 172.28.240.3.34540: Flags [.], seq 4093139845:4093141293, ack 476854759, win 235, options [nop,nop,TS val 2753481662 ecr 1720742], length 1448: HTTP
11:27:54.574948 IP 172.28.240.3.34540 > d274.x-mailer.de.http: Flags [.], ack 1448, win 342, options [nop,nop,TS val 1720781 ecr 2753481662,nop,nop,sack 1 {11584:14480}], length 0
11:27:54.875418 IP 172.28.240.3.53949 > web-server.e-nk.ru.domain: 32607+ PTR? 238.13.162.212.in-addr.arpa. (45)
11:27:54.875858 IP 81.177.49.68.https > 172.28.240.3.58961: Flags [.], seq 2335314015:2335315463, ack 2768624569, win 243, options [nop,nop,TS val 1340009448 ecr 1720500], length 1448
11:27:54.875862 IP 172.28.240.3.58961 > 81.177.49.68.https: Flags [.], ack 1448, win 455, options [nop,nop,TS val 1720856 ecr 1340009448], length 0
11:27:54.877384 IP sh11516.ispgateway.de.http > 172.28.240.3.51717: Flags [.], seq 3569126469:3569127917, ack 3079412202, win 235, options [nop,nop,TS val 3644005630 ecr 1720821], length 1448: HTTP
11:27:54.877391 IP 172.28.240.3.51717 > sh11516.ispgateway.de.http: Flags [.], ack 4294944128, win 885, options [nop,nop,TS val 1720856 ecr 3644005191,nop,nop,sack 3 {4294965848:1448}{4294948472:4294952816}{4294945576:4294947024}], length 0
11:27:55.109184 IP cp1.webleaders.eu.https > 172.28.240.3.47400: Flags [.], seq 3102145763:3102147211, ack 3830792128, win 243, options [nop,nop,TS val 3720508232 ecr 1720872], length 1448
11:27:55.109192 IP 172.28.240.3.47400 > cp1.webleaders.eu.https: Flags [.], ack 4294964400, win 916, options [nop,nop,TS val 1720914 ecr 3720507925,nop,nop,sack 1 {4294965848:1448}], length 0
11:27:55.109226 IP 172.28.240.3.56871 > web-server.e-nk.ru.domain: 45736+ PTR? 68.49.177.81.in-addr.arpa. (43)
11:27:55.239370 IP 172.28.240.3.35867 > web-server.e-nk.ru.domain: 38996+ PTR? 206.239.204.92.in-addr.arpa. (45)
11:27:55.239414 IP srv.k-geiss.de.https > 172.28.240.3.41298: Flags [.], seq 2792063223:2792064671, ack 2188111603, win 243, options [nop,nop,TS val 245124739 ecr 1720880], length 1448
11:27:55.407711 IP 172.28.240.3.33205 > web-server.e-nk.ru.domain: 17162+ PTR? 36.95.46.78.in-addr.arpa. (42)
11:27:55.407747 IP 172.28.240.3.40119 > web-server.e-nk.ru.domain: 28254+ AAAA? open-sports-triathlon.de.e-nk.ru. (50)
11:27:55.729212 IP web2.mak2com.fr.https > 172.28.240.3.55494: Flags [.], seq 1746937923:1746939371, ack 2611961610, win 505, options [nop,nop,TS val 1603918227 ecr 1720928], length 1448
11:27:55.729222 IP 172.28.240.3.55494 > web2.mak2com.fr.https: Flags [.], ack 4294964400, win 1089, options [nop,nop,TS val 1721069 ecr 1603917678,nop,nop,sack 1 {0:1448}], length 0
11:27:55.729290 IP web-server.e-nk.ru.domain > 172.28.240.3.33461: 63683 NXDomain 0/1/0 (89)
11:27:55.729316 IP 172.28.240.3.35565 > web-server.e-nk.ru.domain: 30183+ AAAA? tylenol.su.e-nk.ru. (36)
11:27:55.729321 IP 172.28.240.3.58017 > web-server.e-nk.ru.domain: 64539+ PTR? 73.182.135.147.in-addr.arpa. (45)
11:27:55.729444 IP 192-185-129-69.unifiedlayer.com.http > 172.28.240.3.60729: Flags [.], seq 40544:41992, ack 1, win 508, options [nop,nop,TS val 1748217460 ecr 1720983], length 1448: HTTP
11:27:55.729451 IP 172.28.240.3.60729 > 192-185-129-69.unifiedlayer.com.http: Flags [.], ack 41992, win 1088, options [nop,nop,TS val 1721069 ecr 1748217460], length 0
11:27:56.112463 IP sh11516.ispgateway.de.http > 172.28.240.3.51717: Flags [.], seq 4294952816:4294954264, ack 1, win 235, options [nop,nop,TS val 3644006854 ecr 1721127], length 1448: HTTP
11:27:56.112478 IP 172.28.240.3.51717 > sh11516.ispgateway.de.http: Flags [.], ack 4294954264, win 998, options [nop,nop,TS val 1721165 ecr 3644006854,nop,nop,sack 1 {4294965848:4344}], length 0
11:27:56.113653 IP alfa3207.alfahosting-server.de.https > 172.28.240.3.57339: Flags [FP.], seq 3543431142:3543431754, ack 3866754015, win 22, options [nop,nop,TS val 1670815327 ecr 1721129], length 612
11:27:56.113725 IP 172.28.240.3.48454 > web-server.e-nk.ru.domain: 52446+ PTR? 52.140.237.109.in-addr.arpa. (45)
11:27:56.114623 IP ns13.inleed.net.http > 172.28.240.3.48443: Flags [.], seq 3330765613:3330767061, ack 2530333121, win 235, options [nop,nop,TS val 4052782979 ecr 1721130], length 1448: HTTP
11:27:56.114633 IP 172.28.240.3.48443 > ns13.inleed.net.http: Flags [.], ack 1448, win 296, options [nop,nop,TS val 1721165 ecr 4052782979,nop,nop,sack 1 {13032:14480}], length 0
11:27:56.114860 IP 172.28.240.3.43438 > 180.235.158.116.http: Flags [P.], seq 1417606751:1417606966, ack 1397271067, win 229, options [nop,nop,TS val 1721166 ecr 739727850,nop,nop,sack 1 {234:235}], length 215: HTTP: GET /language/en-GB/en-GB.com_jce.ini HTTP/1.1
11:27:56.114876 IP 172.28.240.3.43439 > 180.235.158.116.http: Flags [P.], seq 1100009698:1100009967, ack 314907292, win 229, options [nop,nop,TS val 1721166 ecr 739727850,nop,nop,sack 1 {234:235}], length 269: HTTP: GET /administrator/language/en-GB/en-GB.com_jce.ini HTTP/1.1
11:27:56.114881 IP 172.28.240.3.43441 > 180.235.158.116.http: Flags [P.], seq 3697107760:3697108033, ack 3967195966, win 229, options [nop,nop,TS val 1721166 ecr 739727849,nop,nop,sack 1 {234:235}], length 273: HTTP: GET /index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&action=upload HTTP/1.1
11:27:56.317907 IP 172.28.240.3.36658 > web-server.e-nk.ru.domain: 20658+ PTR? 100.25.106.86.in-addr.arpa. (44)
11:27:56.317925 IP ds1045.tmddedicated.com.https > 172.28.240.3.38719: Flags [.], seq 4289255011:4289256459, ack 3052479768, win 252, options [nop,nop,TS val 528020758 ecr 1721152], length 1448
11:27:56.596499 IP 172.28.240.3.37315 > web-server.e-nk.ru.domain: 25392+ PTR? 116.158.235.180.in-addr.arpa. (46)
11:27:56.596606 IP 185.181.132.95.https > 172.28.240.3.45213: Flags [.], seq 1959451118:1959452548, ack 1748779350, win 1235, options [nop,nop,TS val 835092706 ecr 1721243], length 1430
11:27:57.186639 IP 172.28.240.3.32894 > web-server.e-nk.ru.domain: 7725+ PTR? 21.208.154.184.in-addr.arpa. (45)
11:27:57.186685 IP web-server.e-nk.ru.domain > 172.28.240.3.37323: 35697 NXDomain 0/1/0 (108)
11:27:57.186713 IP 172.28.240.3.59959 > web-server.e-nk.ru.domain: 43077+ A? wac-guestbook.com.e-nk.ru. (43)
11:27:57.186801 IP cluster003.ovh.net.http > 172.28.240.3.37794: Flags [.], seq 1978899231:1978900679, ack 1213101259, win 17, options [nop,nop,TS val 2259630691 ecr 1721327], length 1448: HTTP
11:27:57.670675 IP 172.28.240.3.51143 > web-server.e-nk.ru.domain: 16375+ PTR? 95.132.181.185.in-addr.arpa. (45)
11:27:57.672629 IP cluster014.ovh.net.http > 172.28.240.3.33706: Flags [.], seq 1981940589:1981942037, ack 2158191341, win 17, options [nop,nop,TS val 2215640409 ecr 1721510], length 1448: HTTP
11:27:58.009083 IP srv1.pwe.nl.https > 172.28.240.3.60521: Flags [.], seq 92672:94120, ack 1, win 252, options [nop,nop,TS val 2061679225 ecr 1721553], length 1448
11:27:58.009103 IP 172.28.240.3.60521 > srv1.pwe.nl.https: Flags [.], ack 89776, win 482, options [nop,nop,TS val 1721639 ecr 2061678805,nop,nop,sack 1 {91224:94120}], length 0
11:27:58.010593 IP m2.titan.beget.com.http > 172.28.240.3.57117: Flags [.], seq 1187254033:1187255481, ack 1728861973, win 261, options [nop,nop,TS val 3704482809 ecr 1721575], length 1448: HTTP
11:27:58.010601 IP 172.28.240.3.57117 > m2.titan.beget.com.http: Flags [.], ack 4294961504, win 1167, options [nop,nop,TS val 1721639 ecr 3704482659,nop,nop,sack 1 {4294965848:1448}], length 0
11:27:58.010875 IP 172.28.240.3.46507 > 172.67.170.5.http: Flags [.], ack 1879126391, win 500, options [nop,nop,TS val 1721640 ecr 1202806701], length 0
11:27:58.010987 IP 172.28.240.3.49769 > web-server.e-nk.ru.domain: 15962+ PTR? 5.170.67.172.in-addr.arpa. (43)
11:27:58.012112 IP dania.colombiahosting.com.co.http > 172.28.240.3.50251: Flags [.], seq 3921595786:3921597234, ack 2022176574, win 235, options [nop,nop,TS val 2572166079 ecr 1721571], length 1448: HTTP
11:27:58.012132 IP 172.28.240.3.50251 > dania.colombiahosting.com.co.http: Flags [.], ack 4294961504, win 1392, options [nop,nop,TS val 1721640 ecr 2572165398,nop,nop,sack 1 {4294962952:1448}], length 0
11:27:58.013625 IP s20.spaziorc.net.http > 172.28.240.3.49242: Flags [.], seq 4205868755:4205870203, ack 2331404539, win 235, options [nop,nop,TS val 3811273853 ecr 1721566], length 1448: HTTP
11:27:58.013637 IP 172.28.240.3.49242 > s20.spaziorc.net.http: Flags [.], ack 1448, win 296, options [nop,nop,TS val 1721640 ecr 3811273853,nop,nop,sack 1 {13032:14480}], length 0
11:27:58.014859 IP 172.28.240.3.46505 > 172.67.170.5.http: Flags [.], ack 535421950, win 500, options [nop,nop,TS val 1721641 ecr 1427979155], length 0
11:27:58.153679 IP 172.28.240.3.36859 > web-server.e-nk.ru.domain: 23362+ PTR? 203.128.178.51.in-addr.arpa. (45)
11:27:58.153755 IP 217-160-0-167.elastic-ssl.ui-r.com.https > 172.28.240.3.40758: Flags [.], seq 1492585554:1492587002, ack 927505615, win 17, options [nop,nop,TS val 2726193400 ecr 1721576], length 1448
11:27:58.153759 IP 172.28.240.3.40758 > 217-160-0-167.elastic-ssl.ui-r.com.https: Flags [.], ack 4294960056, win 1133, options [nop,nop,TS val 1721675 ecr 2726192931,nop,nop,sack 2 {4294965848:1448}{4294962952:4294964400}], length 0
11:27:58.155303 IP hutshopping.de.https > 172.28.240.3.41238: Flags [.], seq 1709197754:1709199214, ack 467918707, win 245, length 1460
11:27:58.533235 IP cluster014.ovh.net.http > 172.28.240.3.33706: Flags [.], seq 5792:7240, ack 1, win 17, options [nop,nop,TS val 2215641280 ecr 1721727], length 1448: HTTP
11:27:58.533246 IP 172.28.240.3.33706 > cluster014.ovh.net.http: Flags [.], ack 7240, win 794, options [nop,nop,TS val 1721770 ecr 2215641280], length 0
11:27:58.534707 IP solitary-pear.aeza.network.http > 172.28.240.3.38655: Flags [.], seq 1093965426:1093966714, ack 3042471864, win 509, options [nop,nop,TS val 2918534658 ecr 1721588], length 1288: HTTP
11:27:58.534717 IP 172.28.240.3.38655 > solitary-pear.aeza.network.http: Flags [.], ack 5922, win 467, options [nop,nop,TS val 1721770 ecr 2918534658], length 0
11:27:58.534802 IP 172.28.240.3.38655 > solitary-pear.aeza.network.http: Flags [F.], seq 1, ack 5922, win 467, options [nop,nop,TS val 1721770 ecr 2918534658], length 0
11:27:58.535044 IP 172.28.240.3.38882 > solitary-pear.aeza.network.http: Flags [S], seq 634409518, win 29200, options [mss 1460,sackOK,TS val 1721771 ecr 0,nop,wscale 7], length 0
11:27:58.536118 IP m2.titan.beget.com.http > 172.28.240.3.57118: Flags [.], seq 3899766460:3899767908, ack 159661870, win 261, options [nop,nop,TS val 3704483348 ecr 1721710], length 1448: HTTP
11:27:58.536149 IP 172.28.240.3.57118 > m2.titan.beget.com.http: Flags [.], ack 1448, win 1121, options [nop,nop,TS val 1721771 ecr 3704483348], length 0
11:27:58.538738 IP srv145-h-st.jino.ru.https > 172.28.240.3.54936: Flags [.], seq 1927621828:1927623276, ack 2308954099, win 252, options [nop,nop,TS val 3435415360 ecr 1721716], length 1448
11:27:58.538758 IP 172.28.240.3.54936 > srv145-h-st.jino.ru.https: Flags [.], ack 1448, win 1119, options [nop,nop,TS val 1721771 ecr 3435415360], length 0
11:27:58.539303 IP financeglobe.com.https > 172.28.240.3.40615: Flags [.], seq 3379936204:3379937652, ack 1939857875, win 260, options [nop,nop,TS val 1822851751 ecr 1721701], length 1448
11:27:58.539318 IP 172.28.240.3.40615 > financeglobe.com.https: Flags [.], ack 4294964400, win 1179, options [nop,nop,TS val 1721772 ecr 1822851168,nop,nop,sack 1 {4294965848:1448}], length 0
11:27:58.539512 IP 172.28.240.3.42820 > web-server.e-nk.ru.domain: 18825+ PTR? 117.112.47.169.in-addr.arpa. (45)
11:27:58.540755 IP 154.62.104.150.https > 172.28.240.3.59262: Flags [.], seq 90874522:90875970, ack 4083206120, win 504, options [nop,nop,TS val 1439089437 ecr 1721730], length 1448
11:27:58.540760 IP 172.28.240.3.59262 > 154.62.104.150.https: Flags [.], ack 1448, win 443, options [nop,nop,TS val 1721772 ecr 1439089437,nop,nop,sack 1 {4244:5692}], length 0
11:27:58.542932 IP 185.215.4.10.http > 172.28.240.3.43763: Flags [.], seq 3261267665:3261269053, ack 1531991100, win 249, options [nop,nop,TS val 38568029 ecr 1721738], length 1388: HTTP
11:27:58.542941 IP 172.28.240.3.43763 > 185.215.4.10.http: Flags [.], ack 1388, win 409, options [nop,nop,TS val 1721773 ecr 38568029,nop,nop,sack 2 {2776:4164}{8328:9716}], length 0
11:27:58.741492 IP 172.28.240.3.36218 > web-server.e-nk.ru.domain: 34521+ PTR? 150.104.62.154.in-addr.arpa. (45)
11:27:58.741838 IP w8c.rzone.de.http > 172.28.240.3.39519: Flags [P.], seq 2687250321:2687251769, ack 2974422846, win 14849, options [nop,nop,TS val 835095364 ecr 1721787], length 1448: HTTP
11:27:58.741842 IP 172.28.240.3.39519 > w8c.rzone.de.http: Flags [.], ack 4294961504, win 1129, options [nop,nop,TS val 1721822 ecr 835094950,nop,nop,sack 2 {0:1448}{4294962952:4294965848}], length 0
11:27:58.962358 IP alfa3211.alfahosting-server.de.https > 172.28.240.3.36913: Flags [.], seq 575591900:575593348, ack 1391193080, win 22, options [nop,nop,TS val 487215016 ecr 1721828], length 1448
11:27:58.962364 IP 172.28.240.3.36913 > alfa3211.alfahosting-server.de.https: Flags [.], ack 1448, win 991, options [nop,nop,TS val 1721877 ecr 487215016], length 0
11:27:59.837987 IP 172.28.240.3.45565 > web-server.e-nk.ru.domain: 8177+ PTR? 92.145.169.81.in-addr.arpa. (44)
11:27:59.838420 IP cluster015.ovh.net.http > 172.28.240.3.52060: Flags [.], seq 1640151126:1640152574, ack 3341660232, win 17, options [nop,nop,TS val 1467839380 ecr 1722042], length 1448: HTTP
11:27:59.838427 IP 172.28.240.3.52060 > cluster015.ovh.net.http: Flags [.], ack 4294965848, win 907, options [nop,nop,TS val 1722096 ecr 1467839215,nop,nop,sack 1 {0:1448}], length 0
11:28:00.004729 IP 172.28.240.3.47113 > web-server.e-nk.ru.domain: 46109+ AAAA? queensbridgestreettower.com.e-nk.ru. (53)
11:28:00.004837 IP 217-160-0-167.elastic-ssl.ui-r.com.https > 172.28.240.3.40757: Flags [.], seq 4004834502:4004835950, ack 806481764, win 17, options [nop,nop,TS val 2726195296 ecr 1722008], length 1448
11:28:00.004843 IP 172.28.240.3.40757 > 217-160-0-167.elastic-ssl.ui-r.com.https: Flags [.], ack 4294965848, win 1056, options [nop,nop,TS val 1722138 ecr 2726195034,nop,nop,sack 1 {0:1448}], length 0
11:28:00.005011 IP web-server.e-nk.ru.domain > 172.28.240.3.47113: 46109 NXDomain* 0/1/0 (99)
11:28:00.005049 IP 172.28.240.3.44470 > web-server.e-nk.ru.domain: 11058+ A? queensbridgestreettower.com. (45)
11:28:00.006358 IP ingress-helicon.ewp.live.http > 172.28.240.3.58699: Flags [.], seq 3957709771:3957711219, ack 762728051, win 70, options [nop,nop,TS val 2499616883 ecr 1722057], length 1448: HTTP
11:28:00.006363 IP 172.28.240.3.58699 > ingress-helicon.ewp.live.http: Flags [.], ack 4294965848, win 545, options [nop,nop,TS val 1722138 ecr 2499616781,nop,nop,sack 1 {0:1448}], length 0
11:28:00.006442 IP 172.28.240.3.49710 > web-server.e-nk.ru.domain: 13995+ PTR? 147.43.250.63.in-addr.arpa. (44)
11:28:00.007875 IP 176.113.82.34.bc.googleusercontent.com.https > 172.28.240.3.50201: Flags [.], seq 2423875884:2423877292, ack 1101705194, win 163, options [nop,nop,TS val 4285597302 ecr 1721941], length 1408
11:28:00.007883 IP 172.28.240.3.50201 > 176.113.82.34.bc.googleusercontent.com.https: Flags [.], ack 4294963072, win 1146, options [nop,nop,TS val 1722139 ecr 4285596504,nop,nop,sack 1 {0:1408}], length 0
11:28:00.010124 IP ptr-31-177-63-245.inwebpro.gr.https > 172.28.240.3.35491: Flags [.], seq 1448350813:1448352261, ack 4064504067, win 252, options [nop,nop,TS val 425184546 ecr 1722062], length 1448
11:28:00.010131 IP 172.28.240.3.35491 > ptr-31-177-63-245.inwebpro.gr.https: Flags [.], ack 4294962952, win 401, options [nop,nop,TS val 1722139 ecr 425184356,nop,nop,sack 1 {4294965848:1448}], length 0
11:28:00.258547 IP hutshopping.de.https > 172.28.240.3.41236: Flags [.], seq 772104185:772105645, ack 3397098662, win 245, length 1460
11:28:00.258553 IP 172.28.240.3.41236 > hutshopping.de.https: Flags [.], ack 1460, win 1050, length 0
11:28:00.258605 IP 172.28.240.3.48270 > web-server.e-nk.ru.domain: 47728+ PTR? 176.113.82.34.in-addr.arpa. (44)
11:28:00.491467 IP 172.28.240.3.42075 > web-server.e-nk.ru.domain: 53021+ PTR? 245.63.177.31.in-addr.arpa. (44)
11:28:00.491479 IP hutshopping.de.https > 172.28.240.3.41238: Flags [.], seq 18980:20440, ack 1, win 245, length 1460
11:28:01.060580 IP cluster015.ovh.net.http > 172.28.240.3.52060: Flags [.], seq 17376:18824, ack 1, win 17, options [nop,nop,TS val 1467840653 ecr 1722361], length 1448: HTTP
11:28:01.060587 IP 172.28.240.3.52060 > cluster015.ovh.net.http: Flags [.], ack 14480, win 1156, options [nop,nop,TS val 1722402 ecr 1467840444,nop,nop,sack 1 {17376:18824}], length 0
11:28:01.061733 IP cluster028.hosting.ovh.net.https > 172.28.240.3.35124: Flags [P.], seq 538357901:538358283, ack 908360148, win 17, options [nop,nop,TS val 886366558 ecr 1722335], length 382
11:28:01.061747 IP 172.28.240.3.35124 > cluster028.hosting.ovh.net.https: Flags [.], ack 4294964648, win 274, options [nop,nop,TS val 1722402 ecr 886366557,nop,nop,sack 1 {0:382}], length 0
11:28:01.061933 IP 172.28.240.3.39479 > web-server.e-nk.ru.domain: 34288+ PTR? 202.117.255.51.in-addr.arpa. (45)
11:28:01.062531 IP sv-81088.bkns.vn.http > 172.28.240.3.52799: Flags [.], seq 4279873428:4279874876, ack 2980571929, win 235, options [nop,nop,TS val 2420265359 ecr 1722322], length 1448: HTTP
11:28:01.062535 IP 172.28.240.3.52799 > sv-81088.bkns.vn.http: Flags [.], ack 1448, win 591, options [nop,nop,TS val 1722402 ecr 2420265359], length 0
11:28:01.062873 IP 172.28.240.3.49458 > prime2.inleed.net.http: Flags [.], ack 663542178, win 568, options [nop,nop,TS val 1722403 ecr 573049563], length 0
11:28:01.064054 IP hutshopping.de.https > 172.28.240.3.41239: Flags [.], seq 274833:276293, ack 1, win 245, length 1460
11:28:01.340024 IP 172.28.240.3.55418 > web-server.e-nk.ru.domain: 29408+ PTR? 88.81.48.103.in-addr.arpa. (43)
11:28:01.340161 IP sv-81088.bkns.vn.http > 172.28.240.3.52798: Flags [.], seq 1662604784:1662606232, ack 1144702261, win 235, options [nop,nop,TS val 2420265588 ecr 1722379], length 1448: HTTP
11:28:01.340171 IP 172.28.240.3.52798 > sv-81088.bkns.vn.http: Flags [.], ack 1448, win 1349, options [nop,nop,TS val 1722472 ecr 2420265588], length 0
11:28:02.657855 IP 172.28.240.3.44439 > web-server.e-nk.ru.domain: 14109+ PTR? 40.51.189.185.in-addr.arpa. (44)
11:28:02.657957 IP famillepercheron.fr.https > 172.28.240.3.49650: Flags [P.], seq 359418791:359418990, ack 18311479, win 507, options [nop,nop,TS val 1632908873 ecr 1722633], length 199
11:28:03.002521 IP 172.28.240.3.47686 > web-server.e-nk.ru.domain: 62751+ PTR? 196.162.65.82.in-addr.arpa. (44)
11:28:03.002550 IP s18125927.onlinehome-server.info.http > 172.28.240.3.59279: Flags [P.], seq 3031710395:3031711843, ack 2161885303, win 122, options [nop,nop,TS val 3593957077 ecr 1722841], length 1448: HTTP
11:28:03.002555 IP 172.28.240.3.59279 > s18125927.onlinehome-server.info.http: Flags [.], ack 1448, win 1020, options [nop,nop,TS val 1722887 ecr 3593957077], length 0
11:28:03.002899 IP 172.28.240.3.41792 > dd20520.kasserver.com.http: Flags [S], seq 1602931760, win 29200, options [mss 1460,sackOK,TS val 1722888 ecr 0,nop,wscale 7], length 0
11:28:03.002907 IP 172.28.240.3.41793 > dd20520.kasserver.com.http: Flags [S], seq 3789379427, win 29200, options [mss 1460,sackOK,TS val 1722888 ecr 0,nop,wscale 7], length 0
11:28:03.002910 IP 172.28.240.3.41794 > dd20520.kasserver.com.http: Flags [S], seq 3100560932, win 29200, options [mss 1460,sackOK,TS val 1722888 ecr 0,nop,wscale 7], length 0
11:28:03.196748 IP ns3023755.ip-149-202-72.eu.https > 172.28.240.3.49004: Flags [S.], seq 463808285, ack 2482599163, win 28960, options [mss 1460,sackOK,TS val 213667307 ecr 1722653,nop,wscale 7], length 0
11:28:03.196757 IP 172.28.240.3.49004 > ns3023755.ip-149-202-72.eu.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 1722936 ecr 213667307], length 0
11:28:03.421552 IP 172.28.240.3.48314 > web-server.e-nk.ru.domain: 12011+ PTR? 161.140.13.85.in-addr.arpa. (44)
11:28:03.421653 IP 172.28.240.3.47106 > 107.187.205.231.http: Flags [S], seq 4262235738, win 29200, options [mss 1460,sackOK,TS val 1722992 ecr 0,nop,wscale 7], length 0
11:28:03.716007 IP 172.28.240.3.60193 > web-server.e-nk.ru.domain: 28935+ PTR? 44.72.202.149.in-addr.arpa. (44)
11:28:03.716737 IP cluster014.ovh.net.https > 172.28.240.3.49660: Flags [.], seq 3715650079:3715651527, ack 947703650, win 17, options [nop,nop,TS val 1525527855 ecr 1723027], length 1448
11:28:03.716744 IP 172.28.240.3.49660 > cluster014.ovh.net.https: Flags [.], ack 1448, win 296, options [nop,nop,TS val 1723066 ecr 1525527855,nop,nop,sack 1 {2648:3057}], length 0
11:28:04.000815 IP 172.28.240.3.44027 > web-server.e-nk.ru.domain: 64231+ PTR? 231.205.187.107.in-addr.arpa. (46)
11:28:04.001156 IP cluster023.hosting.ovh.net.https > 172.28.240.3.41414: Flags [.], seq 2326462986:2326464434, ack 1632574908, win 17, options [nop,nop,TS val 594449001 ecr 1723056], length 1448
11:28:04.001170 IP 172.28.240.3.41414 > cluster023.hosting.ovh.net.https: Flags [.], ack 1448, win 1124, options [nop,nop,TS val 1723137 ecr 594449001], length 0
11:28:04.381171 IP 172.28.240.3.41593 > web-server.e-nk.ru.domain: 59640+ PTR? 17.235.132.164.in-addr.arpa. (45)
11:28:04.381202 IP 109-234-162-87.reverse.odns.fr.http > 172.28.240.3.42879: Flags [.], seq 4150788881:4150790329, ack 2553757407, win 235, options [nop,nop,TS val 592393623 ecr 1723184], length 1448: HTTP
11:28:04.381210 IP 172.28.240.3.42879 > 109-234-162-87.reverse.odns.fr.http: Flags [.], ack 4344, win 477, options [nop,nop,TS val 1723232 ecr 592393623,nop,nop,sack 1 {5792:7240}], length 0
11:28:04.382253 IP static.249.48.21.65.clients.your-server.de.http > 172.28.240.3.33944: Flags [S.], seq 4290987427, ack 1292677073, win 65160, options [mss 1460,sackOK,TS val 2855264025 ecr 1723198,nop,wscale 7], length 0
11:28:04.382270 IP 172.28.240.3.33944 > static.249.48.21.65.clients.your-server.de.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1723232 ecr 2855264025], length 0
11:28:04.570492 IP 176.113.82.34.bc.googleusercontent.com.https > 172.28.240.3.50201: Flags [.], seq 47872:49280, ack 1, win 163, options [nop,nop,TS val 4285601871 ecr 1723209], length 1408
11:28:04.570595 IP 172.28.240.3.33975 > web-server.e-nk.ru.domain: 61013+ PTR? 87.162.234.109.in-addr.arpa. (45)
11:28:04.571505 IP web-1070.webnode.com.http > 172.28.240.3.55092: Flags [F.], seq 3913857319, ack 1790369738, win 679, options [nop,nop,TS val 2851028513 ecr 1720735], length 0
11:28:04.880674 IP 172.28.240.3.37242 > web-server.e-nk.ru.domain: 39385+ PTR? 249.48.21.65.in-addr.arpa. (43)
11:28:04.880710 IP 217-160-0-167.elastic-ssl.ui-r.com.https > 172.28.240.3.41801: Flags [.], seq 2759305118:2759306566, ack 172097185, win 17, options [nop,nop,TS val 2726200174 ecr 1723223], length 1448
11:28:05.152020 IP web-server.e-nk.ru.domain > 172.28.240.3.45212: 37376 NXDomain* 0/1/0 (100)
11:28:05.152069 IP 172.28.240.3.58715 > web-server.e-nk.ru.domain: 47082+ PTR? 87.152.132.85.in-addr.arpa. (44)
11:28:05.152227 IP 172.28.240.3.32781 > web-server.e-nk.ru.domain: 22571+ AAAA? quetzalcoatlsuitesdeluxe.com. (46)
11:28:05.152297 IP sv-81088.bkns.vn.http > 172.28.240.3.52801: Flags [.], seq 480606424:480607872, ack 4086134868, win 235, options [nop,nop,TS val 2420269384 ecr 1723325], length 1448: HTTP
11:28:05.455908 IP solitary-pear.aeza.network.http > 172.28.240.3.39221: Flags [.], seq 3155588414:3155589702, ack 1947210934, win 509, options [nop,nop,TS val 2918541463 ecr 1723427], length 1288: HTTP
11:28:05.455928 IP 172.28.240.3.39221 > solitary-pear.aeza.network.http: Flags [.], ack 3864, win 410, options [nop,nop,TS val 1723501 ecr 2918541463,nop,nop,sack 1 {5152:7728}], length 0
11:28:05.457313 IP famillepercheron.fr.https > 172.28.240.3.49655: Flags [.], seq 3940176452:3940177900, ack 1955236182, win 504, options [nop,nop,TS val 1632911518 ecr 1723428], length 1448
11:28:05.457325 IP 172.28.240.3.49655 > famillepercheron.fr.https: Flags [.], ack 1448, win 591, options [nop,nop,TS val 1723501 ecr 1632911518], length 0
11:28:05.458831 IP 185.54.5.42.https > 172.28.240.3.33843: Flags [.], seq 639422739:639424187, ack 2166825406, win 235, options [nop,nop,TS val 2479927648 ecr 1719408], length 1448
11:28:05.458840 IP 172.28.240.3.33843 > 185.54.5.42.https: Flags [.], ack 1448, win 274, options [nop,nop,TS val 1723501 ecr 2479927648], length 0
11:28:05.458957 IP 172.28.240.3.41844 > web-server.e-nk.ru.domain: 44672+ PTR? 42.5.54.185.in-addr.arpa. (42)
11:28:05.460352 IP ingress-helicon.ewp.live.http > 172.28.240.3.58699: Flags [.], seq 44888:46336, ack 1, win 70, options [nop,nop,TS val 2499622360 ecr 1723426], length 1448: HTTP
11:28:05.460359 IP 172.28.240.3.58699 > ingress-helicon.ewp.live.http: Flags [.], ack 46336, win 1100, options [nop,nop,TS val 1723502 ecr 2499622360], length 0
11:28:05.461881 IP alfa3091.alfahosting-server.de.http > 172.28.240.3.34303: Flags [.], seq 803209187:803210635, ack 2161218371, win 22, options [nop,nop,TS val 3972575733 ecr 1723439], length 1448: HTTP
11:28:05.461887 IP 172.28.240.3.34303 > alfa3091.alfahosting-server.de.http: Flags [.], ack 1448, win 1088, options [nop,nop,TS val 1723502 ecr 3972575733], length 0
11:28:07.047267 IP 172.28.240.3.53156 > web-server.e-nk.ru.domain: 58510+ PTR? 48.134.237.109.in-addr.arpa. (45)
11:28:07.047341 IP famillepercheron.fr.https > 172.28.240.3.49652: Flags [.], seq 612244653:612246101, ack 386569469, win 502, options [nop,nop,TS val 1632913206 ecr 1723850], length 1448
11:28:07.047350 IP 172.28.240.3.49652 > famillepercheron.fr.https: Flags [.], ack 7240, win 975, options [nop,nop,TS val 1723899 ecr 1632913206], length 0
11:28:07.048852 IP 176.113.82.34.bc.googleusercontent.com.https > 172.28.240.3.50211: Flags [.], seq 970868021:970869429, ack 4146737486, win 163, options [nop,nop,TS val 4285604338 ecr 1723826], length 1408
11:28:07.048858 IP 172.28.240.3.50211 > 176.113.82.34.bc.googleusercontent.com.https: Flags [.], ack 4294965888, win 962, options [nop,nop,TS val 1723899 ecr 4285604049,nop,nop,sack 1 {0:1408}], length 0
11:28:07.335544 IP 172.28.240.3.51862 > 185.32.58.139.https: Flags [P.], seq 229916462:229916493, ack 2303351535, win 568, options [nop,nop,TS val 1723971 ecr 2650959450], length 31
11:28:07.335643 IP 172.28.240.3.51862 > 185.32.58.139.https: Flags [R.], seq 31, ack 1, win 568, options [nop,nop,TS val 1723971 ecr 2650959450], length 0
11:28:07.335687 IP 172.28.240.3.51863 > 185.32.58.139.https: Flags [P.], seq 1515385061:1515385092, ack 1041252776, win 568, options [nop,nop,TS val 1723971 ecr 2650959350], length 31
11:28:07.335777 IP 172.28.240.3.51863 > 185.32.58.139.https: Flags [R.], seq 31, ack 1, win 568, options [nop,nop,TS val 1723971 ecr 2650959350], length 0
11:28:07.335909 IP 172.28.240.3.36072 > 192-185-194-169.unifiedlayer.com.http: Flags [S], seq 1754553562, win 29200, options [mss 1460,sackOK,TS val 1723971 ecr 0,nop,wscale 7], length 0
11:28:07.335999 IP 172.28.240.3.48183 > web-server.e-nk.ru.domain: 19527+ PTR? 169.194.185.192.in-addr.arpa. (46)
11:28:07.336054 IP solitary-pear.aeza.network.http > 172.28.240.3.37854: Flags [.], seq 3313381002:3313382290, ack 141686067, win 509, options [nop,nop,TS val 2918543483 ecr 1723896], length 1288: HTTP
11:28:07.336058 IP 172.28.240.3.37854 > solitary-pear.aeza.network.http: Flags [.], ack 1288, win 1444, options [nop,nop,TS val 1723971 ecr 2918543483], length 0
11:28:07.336134 IP 172.28.240.3.36073 > 192-185-194-169.unifiedlayer.com.http: Flags [S], seq 2185433520, win 29200, options [mss 1460,sackOK,TS val 1723971 ecr 0,nop,wscale 7], length 0
11:28:07.336230 IP 172.28.240.3.36074 > 192-185-194-169.unifiedlayer.com.http: Flags [S], seq 337275563, win 29200, options [mss 1460,sackOK,TS val 1723971 ecr 0,nop,wscale 7], length 0
11:28:07.336366 IP 172.28.240.3.56256 > web-server.e-nk.ru.domain: 22859+ AAAA? ilnschool.com. (31)
11:28:07.921647 IP w02.rzone.de.http > 172.28.240.3.48625: Flags [.], seq 2704164520:2704165968, ack 254865145, win 14693, options [nop,nop,TS val 835104493 ecr 1724068], length 1448: HTTP
11:28:07.921673 IP 172.28.240.3.48625 > w02.rzone.de.http: Flags [.], ack 1448, win 387, options [nop,nop,TS val 1724117 ecr 835104493,nop,nop,sack 1 {7240:8699}], length 0
11:28:07.921726 IP 172.28.240.3.45243 > web-server.e-nk.ru.domain: 19522+ PTR? 66.145.169.81.in-addr.arpa. (44)
11:28:07.922875 IP 172.28.240.3.57114 > 209.59.172.63.http: Flags [S], seq 4200972116, win 29200, options [mss 1460,sackOK,TS val 1724118 ecr 0,nop,wscale 7], length 0
11:28:07.922880 IP 172.28.240.3.57115 > 209.59.172.63.http: Flags [S], seq 1097838878, win 29200, options [mss 1460,sackOK,TS val 1724118 ecr 0,nop,wscale 7], length 0
11:28:07.922883 IP 172.28.240.3.57118 > 209.59.172.63.http: Flags [S], seq 2851470388, win 29200, options [mss 1460,sackOK,TS val 1724118 ecr 0,nop,wscale 7], length 0
11:28:07.922886 IP 172.28.240.3.57119 > 209.59.172.63.http: Flags [S], seq 3956492938, win 29200, options [mss 1460,sackOK,TS val 1724118 ecr 0,nop,wscale 7], length 0
11:28:08.068657 IP hutshopping.de.https > 172.28.240.3.41239: Flags [.], seq 339073:340533, ack 1, win 245, length 1460
11:28:08.068666 IP 172.28.240.3.41239 > hutshopping.de.https: Flags [.], ack 337613, win 561, options [nop,nop,sack 1 {339073:344913}], length 0
11:28:08.068698 IP 172.28.240.3.35254 > web-server.e-nk.ru.domain: 43685+ PTR? 63.172.59.209.in-addr.arpa. (44)
11:28:08.343515 IP hutshopping.de.https > 172.28.240.3.41236: Flags [.], seq 68620:70080, ack 1, win 245, length 1460
11:28:08.343523 IP 172.28.240.3.41236 > hutshopping.de.https: Flags [.], ack 70080, win 690, length 0
11:28:08.345038 IP linux1077.grserver.gr.http > 172.28.240.3.38844: Flags [.], seq 421586856:421588304, ack 1619396781, win 235, options [nop,nop,TS val 2217003202 ecr 1724041], length 1448: HTTP
11:28:08.345046 IP 172.28.240.3.38844 > linux1077.grserver.gr.http: Flags [.], ack 1448, win 342, options [nop,nop,TS val 1724223 ecr 2217003202,nop,nop,sack 2 {2896:4344}{11584:13032}], length 0
11:28:08.345126 IP 172.28.240.3.53827 > web-server.e-nk.ru.domain: 26638+ PTR? 36.42.138.185.in-addr.arpa. (44)
11:28:08.346596 IP 217-160-0-167.elastic-ssl.ui-r.com.https > 172.28.240.3.40758: Flags [.], seq 105704:107152, ack 1, win 17, options [nop,nop,TS val 2726203643 ecr 1724102], length 1448
11:28:08.346864 IP 172.28.240.3.53279 > dd41220.kasserver.com.http: Flags [S], seq 2741688314, win 29200, options [mss 1460,sackOK,TS val 1724224 ecr 0,nop,wscale 7], length 0
11:28:08.348108 IP 217-160-0-167.elastic-ssl.ui-r.com.https > 172.28.240.3.41801: Flags [.], seq 34752:36200, ack 1, win 17, options [nop,nop,TS val 2726203644 ecr 1724089], length 1448
11:28:08.348115 IP 172.28.240.3.41801 > 217-160-0-167.elastic-ssl.ui-r.com.https: Flags [.], ack 36200, win 834, options [nop,nop,TS val 1724224 ecr 2726203644], length 0
11:28:08.499194 IP 172.28.240.3.59691 > web-server.e-nk.ru.domain: 38652+ PTR? 23.157.13.85.in-addr.arpa. (43)
11:28:08.499382 IP 153.92.204.23.http > 172.28.240.3.36494: Flags [.], seq 88398153:88399601, ack 4272838105, win 507, options [nop,nop,TS val 1601811473 ecr 1724190], length 1448: HTTP
11:28:08.499391 IP 172.28.240.3.36494 > 153.92.204.23.http: Flags [.], ack 1448, win 998, options [nop,nop,TS val 1724262 ecr 1601811473], length 0
11:28:08.500907 IP web-server.e-nk.ru.domain > 172.28.240.3.60628: 50863 1/2/3 A 83.218.160.59 (156)
11:28:08.788069 IP 172.28.240.3.55597 > web-server.e-nk.ru.domain: 26314+ PTR? 23.204.92.153.in-addr.arpa. (44)
11:28:08.788105 IP 172.28.240.3.55418 > 157.27.214.35.bc.googleusercontent.com.http: Flags [S], seq 917580395, win 29200, options [mss 1460,sackOK,TS val 1724334 ecr 0,nop,wscale 7], length 0
11:28:08.788219 IP 172.28.240.3.55419 > 157.27.214.35.bc.googleusercontent.com.http: Flags [S], seq 3121443063, win 29200, options [mss 1460,sackOK,TS val 1724334 ecr 0,nop,wscale 7], length 0
11:28:08.788285 IP 172.28.240.3.55420 > 157.27.214.35.bc.googleusercontent.com.http: Flags [S], seq 118745626, win 29200, options [mss 1460,sackOK,TS val 1724334 ecr 0,nop,wscale 7], length 0
11:28:09.137961 IP 172.28.240.3.50109 > web-server.e-nk.ru.domain: 6694+ PTR? 157.27.214.35.in-addr.arpa. (44)
11:28:09.138090 IP linux7.jump-server.com.http > 172.28.240.3.34139: Flags [.], seq 2201262623:2201264071, ack 1428248467, win 235, options [nop,nop,TS val 2391523150 ecr 1724385], length 1448: HTTP
11:28:09.138099 IP 172.28.240.3.34139 > linux7.jump-server.com.http: Flags [.], ack 4294962952, win 613, options [nop,nop,TS val 1724421 ecr 2391523056,nop,nop,sack 2 {4294964400:7240}{8688:11584}], length 0
11:28:09.138197 IP 172.28.240.3.59423 > 172.28.240.31.mysql: Flags [P.], seq 801667904:801668064, ack 2217682385, win 429, options [nop,nop,TS val 1724421 ecr 44084046], length 160
11:28:09.307654 IP 172.28.240.3.52981 > web-server.e-nk.ru.domain: 44952+ PTR? 241.46.46.78.in-addr.arpa. (43)
11:28:09.307813 IP 217-160-0-167.elastic-ssl.ui-r.com.https > 172.28.240.3.40757: Flags [.], seq 98464:99912, ack 1, win 17, options [nop,nop,TS val 2726204624 ecr 1724336], length 1448
11:28:09.309303 IP ip-173-201-176-176.ip.secureserver.net.https > 172.28.240.3.43189: Flags [.], seq 3671681640:3671683100, ack 430858559, win 31, length 1460
11:28:09.309312 IP 172.28.240.3.43189 > ip-173-201-176-176.ip.secureserver.net.https: Flags [.], ack 1460, win 274, length 0
11:28:09.476881 IP 217-160-0-103.elastic-ssl.ui-r.com.http > 172.28.240.3.41349: Flags [.], seq 3065931695:3065933143, ack 2046544009, win 17, options [nop,nop,TS val 3626332889 ecr 1724485], length 1448: HTTP: HTTP/1.1 200 OK
11:28:09.476882 IP 172.28.240.3.39215 > web-server.e-nk.ru.domain: 14602+ PTR? 176.176.201.173.in-addr.arpa. (46)
11:28:09.476888 IP 172.28.240.3.41349 > 217-160-0-103.elastic-ssl.ui-r.com.http: Flags [.], ack 1448, win 274, options [nop,nop,TS val 1724506 ecr 3626332889,nop,nop,sack 1 {14480:15928}], length 0
11:28:09.478477 IP linux7.jump-server.com.http > 172.28.240.3.34140: Flags [P.], seq 415269179:415270627, ack 3299974383, win 235, options [nop,nop,TS val 2391523388 ecr 1724445], length 1448: HTTP
11:28:09.478484 IP 172.28.240.3.34140 > linux7.jump-server.com.http: Flags [.], ack 4294958608, win 636, options [nop,nop,TS val 1724506 ecr 2391522967,nop,nop,sack 2 {4294961504:1448}{7240:8688}], length 0
11:28:09.679037 IP 172.28.240.3.39685 > web-server.e-nk.ru.domain: 4980+ PTR? 103.0.160.217.in-addr.arpa. (44)
11:28:09.679122 IP 154.62.104.150.https > 172.28.240.3.59247: Flags [.], seq 980471272:980472720, ack 2688723799, win 505, options [nop,nop,TS val 1439100569 ecr 1724513], length 1448
11:28:09.899933 IP solitary-pear.aeza.network.http > 172.28.240.3.39057: Flags [.], seq 4045054943:4045056231, ack 4257412151, win 509, options [nop,nop,TS val 2918546063 ecr 1724566], length 1288: HTTP
11:28:09.899941 IP 172.28.240.3.39057 > solitary-pear.aeza.network.http: Flags [.], ack 1288, win 1444, options [nop,nop,TS val 1724612 ecr 2918546063], length 0
11:28:09.901301 IP solitary-pear.aeza.network.http > 172.28.240.3.39057: Flags [.], seq 1288:2576, ack 1, win 509, options [nop,nop,TS val 2918546133 ecr 1724589], length 1288: HTTP
11:28:09.901308 IP 172.28.240.3.39057 > solitary-pear.aeza.network.http: Flags [.], ack 2576, win 1444, options [nop,nop,TS val 1724612 ecr 2918546133], length 0
11:28:09.902704 IP hutshopping.de.https > 172.28.240.3.41236: Flags [.], seq 90520:91980, ack 1, win 245, length 1460
11:28:09.902868 IP 172.28.240.3.40756 > 217-160-0-167.elastic-ssl.ui-r.com.https: Flags [.], ack 146248, win 613, options [nop,nop,TS val 1724613 ecr 2067032851], length 0
11:28:09.904293 IP cluster005.ovh.net.http > 172.28.240.3.38529: Flags [.], seq 1742448564:1742450012, ack 2750271417, win 17, options [nop,nop,TS val 1625039851 ecr 1724574], length 1448: HTTP
11:28:09.904299 IP 172.28.240.3.38529 > cluster005.ovh.net.http: Flags [.], ack 4294964400, win 1150, options [nop,nop,TS val 1724613 ecr 1625039672,nop,nop,sack 1 {0:1448}], length 0
11:28:09.905821 IP server02.zacaw.com.https > 172.28.240.3.58357: Flags [.], seq 1427621226:1427622674, ack 3524268825, win 505, options [nop,nop,TS val 1137381507 ecr 1724554], length 1448
11:28:09.905831 IP 172.28.240.3.58357 > server02.zacaw.com.https: Flags [.], ack 1448, win 523, options [nop,nop,TS val 1724613 ecr 1137381507], length 0
11:28:09.905932 IP 172.28.240.3.40993 > web-server.e-nk.ru.domain: 45487+ PTR? 228.169.203.159.in-addr.arpa. (46)
11:28:09.906926 IP 104.21.83.216.http > 172.28.240.3.42903: Flags [.], seq 1294382725:1294382925, ack 218138688, win 8, options [nop,nop,TS val 2345663021 ecr 1724479], length 200: HTTP
11:28:09.906933 IP 172.28.240.3.42903 > 104.21.83.216.http: Flags [.], ack 4294965896, win 502, options [nop,nop,TS val 1724614 ecr 2345662617,nop,nop,sack 3 {0:200}{4294966496:4294966896}{4294966096:4294966296}], length 0
11:28:09.907625 IP ingress-helicon.ewp.live.http > 172.28.240.3.58699: Flags [.], seq 92672:94120, ack 1, win 70, options [nop,nop,TS val 2499626835 ecr 1724545], length 1448: HTTP
11:28:09.907634 IP 172.28.240.3.58699 > ingress-helicon.ewp.live.http: Flags [.], ack 94120, win 849, options [nop,nop,TS val 1724614 ecr 2499626835], length 0
11:28:10.311597 IP 172.28.240.3.34688 > web-server.e-nk.ru.domain: 1356+ PTR? 216.83.21.104.in-addr.arpa. (44)
11:28:10.311772 IP 21.160.205.92.host.secureserver.net.https > 172.28.240.3.39990: Flags [P.], seq 1728887383:1728887434, ack 1161267997, win 507, options [nop,nop,TS val 2973939213 ecr 1724685], length 51
11:28:10.311782 IP 172.28.240.3.39990 > 21.160.205.92.host.secureserver.net.https: Flags [.], ack 51, win 282, options [nop,nop,TS val 1724715 ecr 2973939213], length 0
11:28:10.493836 IP 172.28.240.3.38801 > web-server.e-nk.ru.domain: 19999+ PTR? 21.160.205.92.in-addr.arpa. (44)
11:28:10.493949 IP www8sni.world4you.com.http > 172.28.240.3.42280: Flags [.], seq 2942017166:2942018614, ack 1861960331, win 235, options [nop,nop,TS val 1366598346 ecr 1724684], length 1448: HTTP
11:28:10.493953 IP 172.28.240.3.42280 > www8sni.world4you.com.http: Flags [.], ack 1448, win 568, options [nop,nop,TS val 1724760 ecr 1366598346], length 0
11:28:10.494859 IP 172.28.240.3.57982 > cp40.ezit.hu.http: Flags [S], seq 2454531873, win 29200, options [mss 1460,sackOK,TS val 1724761 ecr 0,nop,wscale 7], length 0
11:28:10.494865 IP 172.28.240.3.57983 > cp40.ezit.hu.http: Flags [S], seq 1304132338, win 29200, options [mss 1460,sackOK,TS val 1724761 ecr 0,nop,wscale 7], length 0
11:28:10.928975 IP 172.28.240.3.52964 > web-server.e-nk.ru.domain: 40297+ PTR? 8.159.19.81.in-addr.arpa. (42)
11:28:10.930274 IP web-server.e-nk.ru.domain > 172.28.240.3.40774: 13740 1/6/9 A 94.23.67.54 (354)
11:28:10.930330 IP 172.28.240.3.47556 > web226.shellrent.com.http: Flags [S], seq 1510453501, win 29200, options [mss 1460,sackOK,TS val 1724869 ecr 0,nop,wscale 7], length 0
11:28:11.083654 IP 172.28.240.3.52196 > web-server.e-nk.ru.domain: 31535+ PTR? 170.89.111.185.in-addr.arpa. (45)
11:28:11.083665 IP 108.60.209.99.https > 172.28.240.3.43699: Flags [.], seq 232098624:232100072, ack 3913016078, win 252, options [nop,nop,TS val 1814811659 ecr 1724826], length 1448
11:28:12.535409 IP 172.28.240.3.33383 > web-server.e-nk.ru.domain: 54673+ PTR? 54.67.23.94.in-addr.arpa. (42)
11:28:12.535534 IP 185.53.177.54.http > 172.28.240.3.34800: Flags [.], ack 1221471682, win 1460, length 0
11:28:12.535538 IP 172.28.240.3.34800 > 185.53.177.54.http: Flags [P.], seq 1:231, ack 0, win 29200, length 230: HTTP: GET /administrator/language/en-GB/en-GB.com_jce.ini HTTP/1.1
11:28:12.535613 IP a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http > 172.28.240.3.51705: Flags [S.], seq 2898727905, ack 2905845005, win 65535, options [mss 1460,sackOK,TS val 1091151059 ecr 1725242,nop,wscale 8], length 0
11:28:12.882231 IP 154.62.104.150.https > 172.28.240.3.59247: Flags [P.], seq 41992:43216, ack 1, win 505, options [nop,nop,TS val 1439103829 ecr 1725142], length 1224
11:28:12.882235 IP 172.28.240.3.59247 > 154.62.104.150.https: Flags [.], ack 43216, win 596, options [nop,nop,TS val 1725357 ecr 1439103829], length 0
11:28:13.257666 IP 172.28.240.3.34696 > web-server.e-nk.ru.domain: 7431+ PTR? 54.177.53.185.in-addr.arpa. (44)
11:28:13.257842 IP wh10.nevisinternet.net.http > 172.28.240.3.54236: Flags [.], seq 628882840:628884288, ack 2480994501, win 235, options [nop,nop,TS val 423422491 ecr 1725411], length 1448: HTTP
11:28:13.910858 IP 172.28.240.3.44722 > server.linux85.papaki.gr.http: Flags [.], ack 3844055276, win 568, options [nop,nop,TS val 1725615 ecr 2370877335], length 0
11:28:13.910925 IP 172.28.240.3.45499 > web-server.e-nk.ru.domain: 54644+ PTR? 225.195.89.51.in-addr.arpa. (44)
11:28:13.910986 IP 123-230.iphost.gr.http > 172.28.240.3.36724: Flags [.], seq 2453988235:2453989683, ack 3961428024, win 235, options [nop,nop,TS val 1162789269 ecr 1725539], length 1448: HTTP
11:28:13.910994 IP 172.28.240.3.36724 > 123-230.iphost.gr.http: Flags [.], ack 1448, win 387, options [nop,nop,TS val 1725615 ecr 1162789269,nop,nop,sack 1 {10136:14480}], length 0
11:28:13.913342 IP lh-in-f103.1e100.net.https > 172.28.240.3.60107: Flags [.], seq 139054812:139056212, ack 1720290313, win 261, options [nop,nop,TS val 1901994308 ecr 1725540], length 1400
11:28:13.913349 IP 172.28.240.3.60107 > lh-in-f103.1e100.net.https: Flags [.], ack 4294964496, win 726, options [nop,nop,TS val 1725615 ecr 1901994286,nop,nop,sack 3 {0:1400}{23800:25200}{11200:12600}], length 0
11:28:14.199113 IP 172.28.240.3.52166 > web-server.e-nk.ru.domain: 34084+ PTR? 234.12.216.95.in-addr.arpa. (44)
11:28:14.430311 IP 172.28.240.3.48117 > web-server.e-nk.ru.domain: 31495+ PTR? 230.123.174.93.in-addr.arpa. (45)
11:28:14.430345 IP 172.28.240.3.38333 > web-server.e-nk.ru.domain: 6703+ A? flyingducks.ie. (32)
11:28:14.568726 IP 172.28.240.3.33583 > web-server.e-nk.ru.domain: 6677+ PTR? 103.161.233.64.in-addr.arpa. (45)
11:28:14.568742 IP 217-160-0-103.elastic-ssl.ui-r.com.http > 172.28.240.3.41350: Flags [.], seq 4022682913:4022684361, ack 393230544, win 17, options [nop,nop,TS val 3626337971 ecr 1725712], length 1448: HTTP
11:28:14.618293 IP web-server.e-nk.ru.domain > 172.28.240.3.52012: 37973 1/13/11 A 154.86.130.80 (511)
11:28:14.618360 IP 172.28.240.3.55715 > 154.86.130.80.http: Flags [S], seq 2569561111, win 29200, options [mss 1460,sackOK,TS val 1725791 ecr 0,nop,wscale 7], length 0
11:28:14.618429 IP 172.28.240.3.57581 > web-server.e-nk.ru.domain: 1802+ PTR? 80.130.86.154.in-addr.arpa. (44)
11:28:14.618547 IP 172.28.240.3.55716 > 154.86.130.80.http: Flags [S], seq 3009086207, win 29200, options [mss 1460,sackOK,TS val 1725791 ecr 0,nop,wscale 7], length 0
11:28:14.618748 IP a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http > 172.28.240.3.51898: Flags [S.], seq 2775274944, ack 1906573955, win 65535, options [mss 1460,sackOK,TS val 1083061125 ecr 1725770,nop,wscale 8], length 0
11:28:14.618755 IP 172.28.240.3.51898 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1725791 ecr 1083061125], length 0
11:28:14.618861 IP 172.28.240.3.57404 > 104.21.56.125.http: Flags [P.], seq 1529836153:1529836400, ack 3275451887, win 229, options [nop,nop,TS val 1725792 ecr 2069553352], length 247: HTTP: GET /administrator/language/en-GB/en-GB.com_jce.ini HTTP/1.1
11:28:14.618868 IP 172.28.240.3.57405 > 104.21.56.125.http: Flags [P.], seq 1037588947:1037589218, ack 265779802, win 229, options [nop,nop,TS val 1725792 ecr 3955689869], length 271: HTTP: GET /index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&action=upload HTTP/1.1
11:28:15.074041 IP 172.28.240.3.49710 > web-server.e-nk.ru.domain: 55637+ PTR? 125.56.21.104.in-addr.arpa. (44)
11:28:15.074176 IP 172.28.240.3.48452 > web-server.e-nk.ru.domain: 63285+ AAAA? quickfeettrainer.com. (38)
11:28:15.074568 IP web-server.e-nk.ru.domain > 172.28.240.3.48452: 63285 NXDomain 0/1/0 (111)
11:28:15.074576 IP server02.zacaw.com.https > 172.28.240.3.58358: Flags [.], seq 852537617:852539065, ack 610162278, win 503, options [nop,nop,TS val 1137386713 ecr 1725855], length 1448
11:28:15.074583 IP 172.28.240.3.58358 > server02.zacaw.com.https: Flags [.], ack 1448, win 1201, options [nop,nop,TS val 1725905 ecr 1137386713], length 0
11:28:15.183109 IP web-server.e-nk.ru.domain > 172.28.240.3.50350: 58321 NXDomain* 0/1/0 (91)
11:28:15.183153 IP 172.28.240.3.45262 > web-server.e-nk.ru.domain: 37313+ A? mobilization.gov.vc. (37)
11:28:15.183422 IP linux7.jump-server.com.http > 172.28.240.3.34141: Flags [.], seq 3438606796:3438608244, ack 3360974377, win 235, options [nop,nop,TS val 2391529218 ecr 1725902], length 1448: HTTP
11:28:15.183432 IP 172.28.240.3.34141 > linux7.jump-server.com.http: Flags [.], ack 1448, win 1239, options [nop,nop,TS val 1725933 ecr 2391529218,nop,nop,sack 1 {2896:5792}], length 0
11:28:15.184461 IP cluster003.ovh.net.http > 172.28.240.3.38654: Flags [F.], seq 2177159936, ack 1415449128, win 17, options [nop,nop,TS val 2446703133 ecr 1722196], length 0
11:28:15.184538 IP 141.193.213.11.http > 172.28.240.3.50764: Flags [.], ack 2301514190, win 7, options [nop,nop,TS val 1309138942 ecr 1725911], length 0
11:28:15.184599 IP 141.193.213.11.http > 172.28.240.3.50765: Flags [.], ack 3150767909, win 7, options [nop,nop,TS val 4214578495 ecr 1725911], length 0
11:28:15.184638 IP 172.28.240.3.57239 > web-server.e-nk.ru.domain: 35151+ PTR? 11.213.193.141.in-addr.arpa. (45)
11:28:15.185157 IP 176.113.82.34.bc.googleusercontent.com.https > 172.28.240.3.50211: Flags [.], seq 78848:80256, ack 1, win 163, options [nop,nop,TS val 4285612311 ecr 1725820], length 1408
11:28:15.186235 IP 104.21.83.216.http > 172.28.240.3.42903: Flags [.], seq 24208:24408, ack 1, win 8, options [nop,nop,TS val 2345668311 ecr 1725863], length 200: HTTP
11:28:15.186241 IP 172.28.240.3.42903 > 104.21.83.216.http: Flags [.], ack 24008, win 650, options [nop,nop,TS val 1725933 ecr 2345668259,nop,nop,sack 1 {24208:24408}], length 0
11:28:15.186499 IP 104.21.83.216.http > 172.28.240.3.42903: Flags [.], seq 24808:25008, ack 1, win 8, options [nop,nop,TS val 2345668345 ecr 1725863], length 200: HTTP
11:28:15.508735 IP vm1.studioreclame.it.https > 172.28.240.3.49248: Flags [.], seq 576873904:576875352, ack 440521967, win 505, options [nop,nop,TS val 3628387227 ecr 1725975], length 1448
11:28:15.508742 IP 172.28.240.3.49248 > vm1.studioreclame.it.https: Flags [.], ack 1448, win 410, options [nop,nop,TS val 1726014 ecr 3628387227], length 0
11:28:15.508885 IP 172.28.240.3.55860 > web-server.e-nk.ru.domain: 15388+ PTR? 249.211.39.77.in-addr.arpa. (44)
11:28:15.510309 IP alfa3031.alfahosting-server.de.http > 172.28.240.3.43083: Flags [.], seq 2003218245:2003219693, ack 966535908, win 22, options [nop,nop,TS val 1654999668 ecr 1725983], length 1448: HTTP
11:28:15.510316 IP 172.28.240.3.43083 > alfa3031.alfahosting-server.de.http: Flags [.], ack 4294964400, win 591, options [nop,nop,TS val 1726014 ecr 1654999535,nop,nop,sack 1 {0:1448}], length 0
11:28:15.510860 IP 172.28.240.3.41264 > dd36206.kasserver.com.http: Flags [S], seq 3285644532, win 29200, options [mss 1460,sackOK,TS val 1726015 ecr 0,nop,wscale 7], length 0
11:28:15.510867 IP 172.28.240.3.41265 > dd36206.kasserver.com.http: Flags [S], seq 3023219391, win 29200, options [mss 1460,sackOK,TS val 1726015 ecr 0,nop,wscale 7], length 0
11:28:15.798726 IP server.hdgwebhost.com.http > 172.28.240.3.54424: Flags [S.], seq 1945973911, ack 4249788932, win 28960, options [mss 1460,nop,nop,TS val 2222896165 ecr 1726022,nop,wscale 7], length 0
11:28:15.798731 IP 172.28.240.3.54424 > server.hdgwebhost.com.http: Flags [.], ack 1, win 229, options [nop,nop,TS val 1726086 ecr 2222896165], length 0
11:28:15.798788 IP 172.28.240.3.54368 > web-server.e-nk.ru.domain: 9934+ PTR? 42.138.237.109.in-addr.arpa. (45)
11:28:16.084253 IP 172.28.240.3.49741 > web-server.e-nk.ru.domain: 64849+ PTR? 11.153.13.85.in-addr.arpa. (43)
11:28:16.084892 IP server.linux64.papaki.gr.http > 172.28.240.3.56404: Flags [.], seq 2138122652:2138124100, ack 2463279792, win 235, options [nop,nop,TS val 690064284 ecr 1726116], length 1448: HTTP
11:28:16.373477 IP 172.28.240.3.40922 > web-server.e-nk.ru.domain: 12031+ PTR? 194.50.37.64.in-addr.arpa. (43)
11:28:16.373556 IP server.linux64.papaki.gr.http > 172.28.240.3.56404: Flags [.], seq 11584:13032, ack 1, win 235, options [nop,nop,TS val 690064453 ecr 1726158], length 1448: HTTP
11:28:16.846794 IP 172.28.240.3.48433 > web-server.e-nk.ru.domain: 22528+ PTR? 12.26.99.88.in-addr.arpa. (42)
11:28:16.846967 IP 104.21.82.125.http > 172.28.240.3.37178: Flags [.], seq 173980199:173981647, ack 1367859421, win 8, options [nop,nop,TS val 993982395 ecr 1726263], length 1448: HTTP
11:28:16.846975 IP 172.28.240.3.37178 > 104.21.82.125.http: Flags [.], ack 4294936808, win 1283, options [nop,nop,TS val 1726349 ecr 993981210,nop,nop,sack 3 {0:1448}{4294939752:4294957160}{4294964400:4294965848}], length 0
11:28:16.848612 IP web-server.e-nk.ru.domain > 172.28.240.3.39317: 51446 NXDomain 0/1/0 (113)
11:28:17.118367 IP 172.28.240.3.46769 > web-server.e-nk.ru.domain: 11020+ PTR? 125.82.21.104.in-addr.arpa. (44)
11:28:17.119142 IP web-server.e-nk.ru.domain > 172.28.240.3.44421: 32808 1/2/2 A 93.88.196.60 (124)
11:28:17.119231 IP 172.28.240.3.47381 > mail.ispro.hu.http: Flags [S], seq 395420750, win 29200, options [mss 1460,sackOK,TS val 1726417 ecr 0,nop,wscale 7], length 0
11:28:17.119277 IP 172.28.240.3.47382 > mail.ispro.hu.http: Flags [S], seq 2427521269, win 29200, options [mss 1460,sackOK,TS val 1726417 ecr 0,nop,wscale 7], length 0
11:28:17.249865 IP 172.28.240.3.57148 > web-server.e-nk.ru.domain: 7083+ PTR? 60.196.88.93.in-addr.arpa. (43)
11:28:17.249896 IP sv-81088.bkns.vn.https > 172.28.240.3.48304: Flags [P.], seq 2051544909:2051544940, ack 2866868945, win 235, options [nop,nop,TS val 2420281587 ecr 1726379], length 31
11:28:17.249908 IP 172.28.240.3.48304 > sv-81088.bkns.vn.https: Flags [R], seq 2866868945, win 0, length 0
11:28:17.250149 IP ta11.tarhely.eu.http > 172.28.240.3.50174: Flags [.], ack 1338345878, win 235, options [nop,nop,TS val 3940494052 ecr 1726417], length 0
11:28:17.250220 IP ta11.tarhely.eu.http > 172.28.240.3.50172: Flags [.], ack 2123196121, win 235, options [nop,nop,TS val 3940494053 ecr 1726417], length 0
11:28:18.531141 IP 172.28.240.3.36951 > web-server.e-nk.ru.domain: 18477+ PTR? 11.252.172.79.in-addr.arpa. (44)
11:28:18.531199 IP w00.rzone.de.http > 172.28.240.3.44961: Flags [.], seq 2814180492:2814181940, ack 3970370696, win 14855, options [nop,nop,TS val 835115138 ecr 1726731], length 1448: HTTP
11:28:18.531205 IP 172.28.240.3.44961 > w00.rzone.de.http: Flags [.], ack 1448, win 1193, options [nop,nop,TS val 1726770 ecr 835115138], length 0
11:28:18.532271 IP sv41.byethost41.org.https > 172.28.240.3.44301: Flags [.], seq 894174743:894174871, ack 1307873191, win 61, options [nop,nop,TS val 1970756323 ecr 1726733], length 128
11:28:18.532280 IP sv41.byethost41.org.https > 172.28.240.3.44301: Flags [.], seq 128:256, ack 1, win 61, options [nop,nop,TS val 1970756323 ecr 1726733], length 128
11:28:20.048621 IP 172.28.240.3.57110 > web-server.e-nk.ru.domain: 38074+ PTR? 64.145.169.81.in-addr.arpa. (44)
11:28:20.048827 IP web-server.e-nk.ru.domain > 172.28.240.3.51312: 56378 NXDomain* 0/1/0 (85)
11:28:20.048857 IP 172.28.240.3.38693 > web-server.e-nk.ru.domain: 59265+ A? adixmusic.com. (31)
11:28:20.164401 IP 172.28.240.3.40522 > solitary-pear.aeza.network.http: Flags [.], ack 2518225422, win 432, options [nop,nop,TS val 1727178 ecr 2918556226,nop,nop,sack 1 {1289:2437}], length 0
11:28:20.165352 IP sh20001.ispgateway.de.https > 172.28.240.3.59499: Flags [S.], seq 4015458489, ack 3160400652, win 28960, options [mss 1460,sackOK,TS val 2782383195 ecr 1727152,nop,wscale 7], length 0
11:28:20.165364 IP 172.28.240.3.59499 > sh20001.ispgateway.de.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 1727178 ecr 2782383195], length 0
11:28:20.165415 IP sh20001.ispgateway.de.https > 172.28.240.3.59209: Flags [F.], seq 3836364839, ack 3796451040, win 243, options [nop,nop,TS val 2782383195 ecr 1727152], length 0
11:28:20.165422 IP 172.28.240.3.59209 > sh20001.ispgateway.de.https: Flags [.], ack 1, win 274, options [nop,nop,TS val 1727178 ecr 2782383195], length 0
11:28:20.165515 IP 172.28.240.3.58089 > web-server.e-nk.ru.domain: 42231+ PTR? 189.51.205.92.in-addr.arpa. (44)
11:28:20.165588 IP sh20001.ispgateway.de.https > 172.28.240.3.59500: Flags [S.], seq 4007940095, ack 931884088, win 28960, options [mss 1460,sackOK,TS val 2782383196 ecr 1727152,nop,wscale 7], length 0
11:28:20.165591 IP sh20001.ispgateway.de.https > 172.28.240.3.59501: Flags [S.], seq 1433916208, ack 3501056947, win 28960, options [mss 1460,sackOK,TS val 2782383195 ecr 1727152,nop,wscale 7], length 0
11:28:20.404217 IP 172.28.240.3.42459 > 88.146.178.68.host.secureserver.net.http: Flags [.], ack 1417788432, win 1149, options [nop,nop,sack 4 {79226:82146}{73386:77766}{48566:64626}{44186:45646}], length 0
11:28:20.404312 IP 172.28.240.3.36608 > web-server.e-nk.ru.domain: 62991+ PTR? 88.146.178.68.in-addr.arpa. (44)
11:28:20.404350 IP 172.28.240.3.46991 > web-server.e-nk.ru.domain: 46026+ AAAA? m0reg.co.uk.e-nk.ru. (37)
11:28:20.404518 IP 172.28.240.3.53404 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [S], seq 2860929584, win 29200, options [mss 1460,sackOK,TS val 1727238 ecr 0,nop,wscale 7], length 0
11:28:20.404686 IP web-server.e-nk.ru.domain > 172.28.240.3.46991: 46026 NXDomain* 0/1/0 (83)
11:28:20.404718 IP 172.28.240.3.44117 > web-server.e-nk.ru.domain: 12520+ A? m0reg.co.uk. (29)
11:28:20.404761 IP 172.28.240.3.53405 > a4ec4c6ea1c92e2e6.awsglobalaccelerator.com.http: Flags [S], seq 1477029582, win 29200, options [mss 1460,sackOK,TS val 1727238 ecr 0,nop,wscale 7], length 0
11:28:20.605921 IP 172.28.240.3.53068 > web-server.e-nk.ru.domain: 59164+ A? remont40.su. (29)
11:28:20.606078 IP whizzbangsblog.com.https > 172.28.240.3.47866: Flags [.], seq 4091309527:4091310975, ack 3931825055, win 507, options [nop,nop,TS val 756278295 ecr 1727236], length 1448
11:28:20.606089 IP 172.28.240.3.47866 > whizzbangsblog.com.https: Flags [.], ack 4294960056, win 1135, options [nop,nop,TS val 1727288 ecr 756277959,nop,nop,sack 2 {4294965848:1448}{4294962952:4294964400}], length 0
11:28:20.606147 IP 172.28.240.3.53430 > web-server.e-nk.ru.domain: 13435+ PTR? 46.16.33.45.in-addr.arpa. (42)
11:28:20.606197 IP web-server.e-nk.ru.domain > 172.28.240.3.53068: 59164 NXDomain 0/1/0 (90)
11:28:20.606222 IP 172.28.240.3.41389 > web-server.e-nk.ru.domain: 22385+ A? remont40.su.e-nk.ru. (37)
11:28:20.606505 IP web-server.e-nk.ru.domain > 172.28.240.3.41389: 22385 NXDomain* 0/1/0 (83)
11:28:20.606620 IP 172.28.240.3.36189 > web-server.e-nk.ru.domain: 52281+ AAAA? remont40.su. (29)
11:28:20.766860 IP 172.28.240.3.54964 > 23.170.80.10.https: Flags [P.], seq 3870228651:3870228965, ack 4041803398, win 229, length 314
11:28:20.766937 IP 172.28.240.3.58113 > web-server.e-nk.ru.domain: 2422+ PTR? 10.80.170.23.in-addr.arpa. (43)
11:28:20.767028 IP server.hdgwebhost.com.http > 172.28.240.3.54422: Flags [.], seq 1141733856:1141735304, ack 1449579712, win 235, options [nop,nop,TS val 2222901123 ecr 1727261], length 1448: HTTP
11:28:20.767035 IP 172.28.240.3.54422 > server.hdgwebhost.com.http: Flags [.], ack 4294961504, win 500, options [nop,nop,TS val 1727329 ecr 2222900878], length 0
11:28:20.768094 IP vh274.sweb.ru.http > 172.28.240.3.55977: Flags [.], seq 2657155574:2657155622, ack 2279394036, win 243, options [nop,nop,TS val 838857835 ecr 1727306], length 48: HTTP