Edit tour

Windows Analysis Report
https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com

Overview

General Information

Sample URL:	https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com
Analysis ID:	1468054
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body contains password input but no form action

HTML title does not match URL

Stores files to the Windows start menu directory

URL contains potential PII (phishing indication)

Classification

Process Tree

System is w10x64_ra

chrome.exe (PID: 7088 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6280 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1964,i,9789165903837440914,16333514217105274703,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

HTTP traffic detected: POST /log?format=json&hasfast=true HTTP/1.1Host: play.google.comConnection: keep-aliveContent-Length: 927sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencoded;charset=UTF-8Accept: */*Origin: chrome-untrusted://new-tab-pageX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_148.1.dr	String found in binary or memory: http://almsaeedstudio.com
Source: chromecache_147.1.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_147.1.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_162.1.dr, chromecache_168.1.dr	String found in binary or memory: http://getbootstrap.com)
Source: chromecache_148.1.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: chromecache_152.1.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_158.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_158.1.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_170.1.dr	String found in binary or memory: https://api.telegram.org/bot
Source: chromecache_158.1.dr, chromecache_152.1.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_158.1.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_158.1.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_158.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/lcreport/
Source: chromecache_158.1.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_152.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_152.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_152.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_152.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7jsDJT9g.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7ksDJT9g.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7osDJT9g.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7psDJT9g.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7qsDJT9g.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7rsDJT9g.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNK7lqDY.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNa7lqDY.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qO67lqDY.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCdg18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCdh18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCdi18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCdj18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCdo18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCds18Q.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCdv18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidg18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidh18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidi18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidj18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkido18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkidv18Smxg.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlBduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmBduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmRduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmhduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwmxduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlBduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmhduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmxduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlBduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmBduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmRduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmhduz8A.woff2)
Source: chromecache_163.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwmxduz8A.woff2)
Source: chromecache_168.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_152.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_158.1.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_158.1.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_158.1.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_158.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_158.1.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_144.1.dr	String found in binary or memory: https://www.gstatic.com/firebasejs/8.3.1/firebase-app.js
Source: chromecache_144.1.dr	String found in binary or memory: https://www.gstatic.com/firebasejs/8.3.1/firebase-database.js
Source: chromecache_152.1.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_152.1.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_152.1.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50770
Source: unknown	Network traffic detected: HTTP traffic on port 50764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 50754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50756
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50758
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 50756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 50771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50765
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50762
Source: unknown	Network traffic detected: HTTP traffic on port 50763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 50770 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:50754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:50755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:50756 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.16:50758 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@23/78@10/6

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1964,i,9789165903837440914,16333514217105274703,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=1964,i,9789165903837440914,16333514217105274703,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	4%	Virustotal		Browse
https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Source	Detection	Scanner	Link
plus.l.google.com	0%	Virustotal	Browse
lotpomu.ams.dom.my.id	1%	Virustotal	Browse
apis.google.com	0%	Virustotal	Browse
play.google.com	0%	Virustotal	Browse
www.google.com	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label	Link
http://fontawesome.io	0%	URL Reputation	safe
http://www.broofa.com	0%	URL Reputation	safe
http://opensource.org/licenses/MIT	0%	URL Reputation	safe
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1	0%	URL Reputation	safe
https://plus.google.com	0%	URL Reputation	safe
http://fontawesome.io/license	0%	URL Reputation	safe
https://csp.withgoogle.com/csp/lcreport/	0%	URL Reputation	safe
https://apis.google.com	0%	URL Reputation	safe
https://domains.google.com/suggest/flow	0%	URL Reputation	safe
https://clients6.google.com	0%	URL Reputation	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/js/bootstrap.min.js	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/plugins/jQuery/jQuery-2.1.3.min.js	0%	Avira URL Cloud	safe
https://api.telegram.org/bot	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/logo.png	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/4.png	0%	Avira URL Cloud	safe
https://api.telegram.org/bot	1%	Virustotal		Browse
https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/css/bootstrap.min.css	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/1.png	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/loading.gif	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/default.png	0%	Avira URL Cloud	safe
https://www.google.com/async/newtab_promos	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/dist/css/skins/_all-skins.min.css	0%	Avira URL Cloud	safe
https://www.google.com/async/ddljson?async=ntp:2	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/dist/css/AdminLTE.min.css	0%	Avira URL Cloud	safe
https://www.google.com/async/newtab_promos	0%	Virustotal		Browse
https://lotpomu.ams.dom.my.id/mdod/tharep/2.png	0%	Avira URL Cloud	safe
https://play.google.com/log?format=json&hasfast=true	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/css/font-awesome.min.css	0%	Avira URL Cloud	safe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/assets/icon.png	0%	Avira URL Cloud	safe
https://www.google.com/async/ddljson?async=ntp:2	0%	Virustotal		Browse
http://getbootstrap.com)	0%	Avira URL Cloud	safe
https://play.google.com/log?format=json&hasfast=true	0%	Virustotal		Browse
https://github.com/twbs/bootstrap/blob/master/LICENSE)	0%	Avira URL Cloud	safe
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	0%	Virustotal		Browse
https://lotpomu.ams.dom.my.id/mdod/tharep/3.png	0%	Avira URL Cloud	safe
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/fonts/fontawesome-webfont.woff2?v=4.6.3	0%	Avira URL Cloud	safe
https://lotpomu.ams.dom.my.id/mdod/tharep/index.js	0%	Avira URL Cloud	safe
http://almsaeedstudio.com	0%	Avira URL Cloud	safe
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0	1%	Virustotal		Browse
https://github.com/twbs/bootstrap/blob/master/LICENSE)	0%	Virustotal		Browse
http://almsaeedstudio.com	0%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
plus.l.google.com	216.58.212.174	true	false	0%, Virustotal, Browse	unknown
play.google.com	142.250.186.174	true	false	0%, Virustotal, Browse	unknown
lotpomu.ams.dom.my.id	108.61.99.160	true	true	1%, Virustotal, Browse	unknown
www.google.com	142.250.186.36	true	false	0%, Virustotal, Browse	unknown
apis.google.com	unknown	unknown	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/js/bootstrap.min.js	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	true		unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/plugins/jQuery/jQuery-2.1.3.min.js	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/logo.png	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/4.png	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/css/bootstrap.min.css	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/1.png	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/loading.gif	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/default.png	true	Avira URL Cloud: safe	unknown
https://www.google.com/async/newtab_promos	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/dist/css/skins/_all-skins.min.css	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/dist/css/AdminLTE.min.css	true	Avira URL Cloud: safe	unknown
https://www.google.com/async/ddljson?async=ntp:2	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://play.google.com/log?format=json&hasfast=true	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/2.png	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/css/font-awesome.min.css	true	Avira URL Cloud: safe	unknown
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/assets/icon.png	true	Avira URL Cloud: safe	unknown
https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/3.png	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/fonts/fontawesome-webfont.woff2?v=4.6.3	true	Avira URL Cloud: safe	unknown
https://lotpomu.ams.dom.my.id/mdod/tharep/index.js	true	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://fontawesome.io	chromecache_147.1.dr	false	URL Reputation: safe	unknown
http://www.broofa.com	chromecache_152.1.dr	false	URL Reputation: safe	unknown
https://api.telegram.org/bot	chromecache_170.1.dr	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://opensource.org/licenses/MIT	chromecache_148.1.dr	false	URL Reputation: safe	unknown
https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1	chromecache_158.1.dr	false	URL Reputation: safe	unknown
https://plus.google.com	chromecache_158.1.dr	false	URL Reputation: safe	unknown
http://fontawesome.io/license	chromecache_147.1.dr	false	URL Reputation: safe	unknown
https://csp.withgoogle.com/csp/lcreport/	chromecache_158.1.dr	false	URL Reputation: safe	unknown
http://getbootstrap.com)	chromecache_162.1.dr, chromecache_168.1.dr	false	Avira URL Cloud: safe	unknown
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_168.1.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://apis.google.com	chromecache_158.1.dr, chromecache_152.1.dr	false	URL Reputation: safe	unknown
https://domains.google.com/suggest/flow	chromecache_158.1.dr	false	URL Reputation: safe	unknown
https://clients6.google.com	chromecache_158.1.dr	false	URL Reputation: safe	unknown
http://almsaeedstudio.com	chromecache_148.1.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.36	www.google.com	United States	15169	GOOGLEUS	false
142.250.186.174	play.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
108.61.99.160	lotpomu.ams.dom.my.id	United States	20473	AS-CHOOPAUS	true

Private

IP
192.168.2.16
192.168.2.13

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1468054
Start date and time:	2024-07-05 09:29:26 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 41s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.phis.win@23/78@10/6
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 216.58.206.67, 216.58.212.174, 74.125.133.84, 34.104.35.123, 142.250.186.163, 216.58.206.42, 142.250.181.227, 142.250.185.170, 142.250.74.202, 216.58.212.138, 216.58.206.74, 142.250.185.74, 142.250.185.138, 172.217.16.202, 172.217.18.106, 142.250.186.106, 142.250.184.234, 142.250.185.106, 142.250.185.202, 142.250.186.170, 142.250.186.138, 172.217.18.10, 142.250.186.74, 93.184.221.240, 142.250.186.99, 142.250.185.110
Excluded domains from analysis (whitelisted): clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Input	Output
URL: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Model: Perplexity: mixtral-8x7b-instruct	{"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form, as there are no explicit requests for sensitive information such as passwords, email addresses, usernames, phone numbers, or credit card numbers.","The text does not create a sense of urgency, as there are no phrases such as 'click here to view document', 'to view secured document click here', or 'open the link to see your invoice.'","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]}
Title: My WorkSpace - Share Drive OCR: OneDrive + New o Upload Sort MY Files Shared Documents O Recent Photos Shared Recycle Bin Asansoru Kdegisimi M.Director request 2024-New Project Information ALKS.pdf RQF COST Analysis 2024-06-894672.xlsx International-Supplier 36373.xls form-2024-4364.docx Get I TB (1000 G3) of storage and the latest Office apps for PC or Mac learn More Go Premium g7g.1MB used of Get the OneDrive Apps
URL: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Model: Perplexity: mixtral-8x7b-instruct	{"loginform": true,"urgency": false,"captcha": false,"reasons": ["The webpage contains a login form which explicitly requests for a 'password' and 'email address' to continue download.","There is no sense of urgency in the text.","There is no CAPTCHA or anti-robot detection mechanism present on the webpage."]}
Title: My WorkSpace - Share Drive OCR: Access Authentification Sha Please sign in first to continue download. O Recent guettrich@granatapet-international.com Photos assword Shared Recycle Bin Sign In uest International-supplier 2024-Ne form-2024-4364.docx Get I TB {1000 G3) of storage and the latest Office apps for PC or Mac learn More Go Premium 979. IMB used of 5Ga Get the OneDrive Apps
URL: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Model: Perplexity: mixtral-8x7b-instruct	{"loginform": true,"urgency": false,"captcha": false,"reasons": ["The webpage contains a login form which explicitly requests for a password and email address to continue download.","No CAPTCHA or anti-robot detection mechanism was found on the webpage.","The text does not create a sense of urgency or interest as it only requests for authentication to proceed with the download."]}
Title: My WorkSpace - Share Drive OCR: Access Authentification Sha Please sign in first to continue download. O Recent guettrich@granatapet-international.com Photos Passwo rd Shared Recycle Bin Sign In est International-Supplier 2024-Ne form-2024-4364.docx Get I TB {1000 G3) of storage and the latest Office apps for PC or Mac learn More Go Premium 979. IMB used of 5Ga Get the OneDrive Apps
URL: https://lotpomu.ams.dom.my.id Model: gpt-4o	```json{ "phishing_score": 9, "brands": "OneDrive", "phishing": true, "suspicious_domain": true, "has_prominent_loginform": true, "has_captcha": false, "setechniques": true, "has_suspicious_link": true, "legitmate_domain": "onedrive.live.com", "reasons": "The URL 'https://lotpomu.ams.dom.my.id' does not match the legitimate domain for OneDrive, which is 'onedrive.live.com'. The page prominently displays a login form asking for an email and password, which is a common phishing technique. The domain name is suspicious as it does not align with the official OneDrive domain. Additionally, the use of a login form to access a document download is a social engineering technique often used in phishing attacks."}

URL: https://lotpomu.ams.dom.my.id Model: gpt-4o	```json{ "phishing_score": 9, "brands": "OneDrive", "phishing": true, "suspicious_domain": true, "has_prominent_loginform": true, "has_captcha": false, "setechniques": true, "has_suspicious_link": true, "legitmate_domain": "onedrive.live.com", "reasons": "The URL 'https://lotpomu.ams.dom.my.id' does not match the legitimate domain for OneDrive, which is 'onedrive.live.com'. The page prominently displays a login form asking for an email and password, which is a common phishing tactic. The domain name is suspicious as it does not align with Microsoft's typical domain structure. Additionally, the use of a subdomain and the request for login credentials without a secure connection (HTTPS) further indicate potential phishing. The image appears to mimic OneDrive's interface, which is another common social engineering technique used in phishing attacks."}

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Jul 5 06:29:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.9884317927809945
Encrypted:	false
SSDEEP:	48:8xdOTquNHLidAKZdA1FehwiZUklqehiy+3:86Xrpy
MD5:	E820719D981B059001550A6905E4EF6C
SHA1:	2E83EB6C27334B4849F38D023A053E9F274F5330
SHA-256:	5AF4BA9CF29B939F54722324FCFABAA8676D172C8B083A29BD107B70988C51ED
SHA-512:	59C30B840708949AFDFE52344B358C1E421EFAD93EA98998E356C72F2C8B34EC8FCE2FDF428CF944D62A14AAD6D323807CBC6F3CAD5AC84CB1C71667DF68E2FB
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....=.."....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.I.X.;....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.;....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.;....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.;..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.;...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........[k.W.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Source: https://lotpomu.ams.dom.my.id	LLM: Score: 9 brands: OneDrive Reasons: The URL 'https://lotpomu.ams.dom.my.id' does not match the legitimate domain for OneDrive, which is 'onedrive.live.com'. The page prominently displays a login form asking for an email and password, which is a common phishing technique. The domain name is suspicious as it does not align with the official OneDrive domain. Additionally, the use of a login form to access a document download is a social engineering technique often used in phishing attacks. DOM: 0.2.pages.csv
Source: https://lotpomu.ams.dom.my.id	LLM: Score: 9 brands: OneDrive Reasons: The URL 'https://lotpomu.ams.dom.my.id' does not match the legitimate domain for OneDrive, which is 'onedrive.live.com'. The page prominently displays a login form asking for an email and password, which is a common phishing tactic. The domain name is suspicious as it does not align with Microsoft's typical domain structure. Additionally, the use of a subdomain and the request for login credentials without a secure connection (HTTPS) further indicate potential phishing. The image appears to mimic OneDrive's interface, which is another common social engineering technique used in phishing attacks. DOM: 0.3.pages.csv

Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No favicon
Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No favicon
Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No favicon
Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No favicon

Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No <meta name="author".. found
Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No <meta name="author".. found
Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No <meta name="author".. found
Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No <meta name="author".. found

Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No <meta name="copyright".. found
Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No <meta name="copyright".. found
Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No <meta name="copyright".. found
Source: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com	HTTP Parser: No <meta name="copyright".. found

Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10

Source: global traffic	HTTP traffic detected: GET /mdod/tharep/dl.html?x=guettrich@granatapet-international.com HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/bootstrap/css/bootstrap.min.css HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/bootstrap/css/font-awesome.min.css HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/dist/css/AdminLTE.min.css HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/dist/css/skins/_all-skins.min.css HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/plugins/jQuery/jQuery-2.1.3.min.js HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/assets/icon.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/default.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/1.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/2.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/3.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/bootstrap/js/bootstrap.min.js HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/bootstrap/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://lotpomu.ams.dom.my.idsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/assets/icon.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/default.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/index.js HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/1.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/4.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/loading.gif HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/2.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/logo.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.comAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/3.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/loading.gif HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/logo.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mdod/tharep/4.png HTTP/1.1Host: lotpomu.ams.dom.my.idConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=lcaSBH2vpHkbWK5&MD=RFCWrWUA HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=lcaSBH2vpHkbWK5&MD=RFCWrWUA HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIkqHLAQj2mM0BCIWgzQEI3L3NAQiSys0BCLnKzQEIx9HNAQiJ080BCNzTzQEIy9bNAQj01s0BCIrXzQEIp9jNAQj5wNQVGLrSzQEYy9jNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: lotpomu.ams.dom.my.id
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 5, 2024 09:29:54.276184082 CEST	53	63125	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:54.288175106 CEST	52288	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:29:54.288374901 CEST	51295	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:29:54.320955992 CEST	53	59952	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:54.719214916 CEST	53	51295	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:54.931862116 CEST	53	52288	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:55.345098972 CEST	53	60510	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:56.306617975 CEST	53	54850	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:56.930105925 CEST	53	62144	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:57.332276106 CEST	50062	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:29:57.332437992 CEST	57554	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:29:57.442420959 CEST	53	50062	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:57.923677921 CEST	53	51356	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:57.965264082 CEST	53	57554	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:58.570827007 CEST	53	60083	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:59.107816935 CEST	61468	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:29:59.107985020 CEST	56119	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:29:59.500472069 CEST	53	61468	1.1.1.1	192.168.2.16
Jul 5, 2024 09:29:59.500499010 CEST	53	56119	1.1.1.1	192.168.2.16
Jul 5, 2024 09:30:00.414835930 CEST	53	56084	1.1.1.1	192.168.2.16
Jul 5, 2024 09:30:54.264322042 CEST	53	60329	1.1.1.1	192.168.2.16
Jul 5, 2024 09:31:05.597790003 CEST	138	138	192.168.2.16	192.168.2.255
Jul 5, 2024 09:31:53.675184965 CEST	53	57878	1.1.1.1	192.168.2.16
Jul 5, 2024 09:31:55.126504898 CEST	64991	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:31:55.126651049 CEST	59613	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:31:55.134135962 CEST	53	59613	1.1.1.1	192.168.2.16
Jul 5, 2024 09:31:55.140063047 CEST	53	64991	1.1.1.1	192.168.2.16
Jul 5, 2024 09:31:56.124079943 CEST	58173	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:31:56.124250889 CEST	57508	53	192.168.2.16	1.1.1.1
Jul 5, 2024 09:31:56.131293058 CEST	53	57508	1.1.1.1	192.168.2.16
Jul 5, 2024 09:31:56.133723021 CEST	53	58173	1.1.1.1	192.168.2.16

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:55 UTC	724	OUT	GET /mdod/tharep/dl.html?x=guettrich@granatapet-international.com HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:55 UTC	293	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:24 GMT Content-Type: text/html Content-Length: 9493 Last-Modified: Mon, 27 May 2024 23:42:11 GMT Connection: close ETag: "66551a53-2515" Expires: Thu, 01 Jan 1970 00:00:01 GMT Cache-Control: no-cache Accept-Ranges: bytes
2024-07-05 07:29:55 UTC	3803	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 4d 79 20 57 6f 72 6b 53 70 61 63 65 20 2d 20 53 68 61 72 65 20 44 72 69 76 65 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 27 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 62 6f 6f 74 73 74 72 61 70 2f 63 73 73 2f 62 6f 6f 74 73 74 72 61 70 2e 6d 69 Data Ascii: <!DOCTYPE html><html> <head> <meta charset="UTF-8"> <title>My WorkSpace - Share Drive</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no' name='viewport'> <link href="bootstrap/css/bootstrap.mi
2024-07-05 07:29:55 UTC	4096	IN	Data Raw: 69 67 68 74 65 72 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 3b 63 6f 6c 6f 72 3a 62 6c 75 65 3b 22 20 63 6c 61 73 73 3d 22 66 61 20 66 61 2d 63 6f 64 65 70 65 6e 22 3e 3c 2f 73 70 61 6e 3e 20 47 6f 20 50 72 65 6d 69 75 6d 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 68 72 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 70 3e 39 37 39 2e 31 4d 42 20 75 73 65 64 20 6f 66 20 35 47 42 3c 2f 70 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 23 22 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 62 6c 75 65 3b 22 3e 47 65 74 20 74 68 65 20 4f 6e 65 44 72 69 76 65 20 41 70 70 73 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 73 Data Ascii: ighter!important;font-size:20px;color:blue;" class="fa fa-codepen"></span> Go Premium</p> </div> <hr> <p>979.1MB used of 5GB</p> <a href="#" style="color:blue;">Get the OneDrive Apps</a> </div> </s
2024-07-05 07:29:55 UTC	1594	IN	Data Raw: 72 74 20 61 6c 65 72 74 2d 64 61 6e 67 65 72 22 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 22 3e 0a 20 20 20 20 49 6e 76 61 6c 69 64 20 54 72 79 20 41 67 61 69 6e 2e 2e 0a 3c 2f 64 69 76 3e 0a 3c 2f 64 69 76 3e 0a 0a 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 6d 6f 64 61 6c 2d 62 6f 64 79 22 3e 0a 20 20 3c 70 3e 50 6c 65 61 73 65 20 73 69 67 6e 20 69 6e 20 66 69 72 73 74 20 74 6f 20 63 6f 6e 74 69 6e 75 65 20 64 6f 77 6e 6c 6f 61 64 2e 3c 2f 70 3e 0a 20 20 3c 64 69 76 20 69 64 3d 22 66 6f 72 6d 5f 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 20 20 3c 69 6e 70 75 74 20 70 6c 61 63 65 68 6f 6c 64 65 72 3d 22 45 6d 61 69 6c 22 20 72 65 61 64 6f 6e 6c 79 20 63 6c 61 73 73 3d 22 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 22 20 69 64 3d 22 78 31 22 20 74 Data Ascii: rt alert-danger" style="display: none;"> Invalid Try Again..</div></div> <div class="modal-body"> <p>Please sign in first to continue download.</p> <div id="form_container"> <input placeholder="Email" readonly class="form-control" id="x1" t

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:55 UTC	644	OUT	GET /mdod/tharep/bootstrap/css/bootstrap.min.css HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:56 UTC	304	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:24 GMT Content-Type: text/css Content-Length: 121173 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-1d955" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:56 UTC	3792	IN	Data Raw: 2f 2a 21 0d 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 37 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 36 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0d 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0d 0a 20 2a 2f 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 33 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 68 75 62 2e 63 6f 6d 2f 6e 65 63 6f 6c 61 73 2f 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 2a 2f 68 74 6d 6c 7b 66 6f Data Ascii: /! Bootstrap v3.3.7 (http://getbootstrap.com) * Copyright 2011-2016 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) //! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normalize.css */html{fo
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 6f 7a 2d 6f 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 67 72 61 79 73 63 61 6c 65 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 73 74 65 72 69 73 6b 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 30 30 32 61 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 70 6c 75 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 30 30 32 62 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 65 75 72 3a 62 65 66 6f 72 65 2c 2e 67 6c 79 70 68 69 63 6f 6e 2d 65 75 72 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 32 30 61 63 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6d 69 6e 75 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 32 32 31 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 63 6c 6f 75 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 32 36 30 31 22 7d Data Ascii: oz-osx-font-smoothing:grayscale}.glyphicon-asterisk:before{content:"\002a"}.glyphicon-plus:before{content:"\002b"}.glyphicon-eur:before,.glyphicon-euro:before{content:"\20ac"}.glyphicon-minus:before{content:"\2212"}.glyphicon-cloud:before{content:"\2601"}
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 6e 74 65 6e 74 3a 22 5c 65 30 39 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 72 72 6f 77 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 39 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 72 72 6f 77 2d 75 70 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 39 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 61 72 72 6f 77 2d 64 6f 77 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 39 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 68 61 72 65 2d 61 6c 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 39 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 73 69 7a 65 2d 66 75 6c 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 30 39 36 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 72 65 73 69 7a 65 Data Ascii: ntent:"\e091"}.glyphicon-arrow-right:before{content:"\e092"}.glyphicon-arrow-up:before{content:"\e093"}.glyphicon-arrow-down:before{content:"\e094"}.glyphicon-share-alt:before{content:"\e095"}.glyphicon-resize-full:before{content:"\e096"}.glyphicon-resize
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 38 38 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 75 6e 64 2d 73 74 65 72 65 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 38 39 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 75 6e 64 2d 64 6f 6c 62 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 39 30 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 75 6e 64 2d 35 2d 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 39 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 75 6e 64 2d 36 2d 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 39 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 73 6f 75 6e 64 2d 37 2d 31 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 31 39 33 22 7d 2e 67 6c 79 70 68 Data Ascii: :before{content:"\e188"}.glyphicon-sound-stereo:before{content:"\e189"}.glyphicon-sound-dolby:before{content:"\e190"}.glyphicon-sound-5-1:before{content:"\e191"}.glyphicon-sound-6-1:before{content:"\e192"}.glyphicon-sound-7-1:before{content:"\e193"}.glyph
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 2d 72 61 64 69 75 73 3a 36 70 78 7d 2e 69 6d 67 2d 74 68 75 6d 62 6e 61 69 6c 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 34 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 34 32 38 35 37 31 34 33 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 64 64 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 32 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 2d 6f 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 32 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 74 72 61 6e 73 69 74 69 6f 6e Data Ascii: -radius:6px}.img-thumbnail{display:inline-block;max-width:100%;height:auto;padding:4px;line-height:1.42857143;background-color:#fff;border:1px solid #ddd;border-radius:4px;-webkit-transition:all .2s ease-in-out;-o-transition:all .2s ease-in-out;transition
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 6e 74 65 6e 74 3a 27 5c 32 30 31 34 20 5c 30 30 41 30 27 7d 2e 62 6c 6f 63 6b 71 75 6f 74 65 2d 72 65 76 65 72 73 65 2c 62 6c 6f 63 6b 71 75 6f 74 65 2e 70 75 6c 6c 2d 72 69 67 68 74 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 30 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 3b 62 6f 72 64 65 72 2d 72 69 67 68 74 3a 35 70 78 20 73 6f 6c 69 64 20 23 65 65 65 3b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 30 7d 2e 62 6c 6f 63 6b 71 75 6f 74 65 2d 72 65 76 65 72 73 65 20 2e 73 6d 61 6c 6c 3a 62 65 66 6f 72 65 2c 2e 62 6c 6f 63 6b 71 75 6f 74 65 2d 72 65 76 65 72 73 65 20 66 6f 6f 74 65 72 3a 62 65 66 6f 72 65 2c 2e 62 6c 6f 63 6b 71 75 6f 74 65 2d 72 65 76 65 72 73 65 20 73 6d 61 6c 6c 3a 62 65 66 6f 72 65 Data Ascii: ntent:'\2014 \00A0'}.blockquote-reverse,blockquote.pull-right{padding-right:15px;padding-left:0;text-align:right;border-right:5px solid #eee;border-left:0}.blockquote-reverse .small:before,.blockquote-reverse footer:before,.blockquote-reverse small:before
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 33 33 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 78 73 2d 6f 66 66 73 65 74 2d 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 37 36 38 70 78 29 7b 2e 63 6f 6c 2d 73 6d 2d 31 2c 2e 63 6f 6c 2d 73 6d 2d 31 30 2c 2e 63 6f 6c 2d 73 6d 2d 31 31 2c 2e 63 6f 6c 2d 73 6d 2d 31 32 2c 2e 63 6f 6c 2d 73 6d 2d 32 2c 2e 63 6f 6c 2d 73 6d 2d 33 2c 2e 63 6f 6c 2d 73 6d 2d 34 2c 2e 63 6f 6c 2d 73 6d 2d 35 2c 2e 63 6f 6c 2d 73 6d 2d 36 2c 2e 63 6f 6c 2d 73 6d 2d 37 2c 2e 63 6f 6c 2d 73 6d 2d 38 2c 2e 63 6f 6c 2d 73 6d 2d 39 7b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 63 6f 6c 2d 73 6d 2d 31 32 7b 77 69 64 74 68 3a 31 30 30 25 7d 2e 63 6f 6c 2d 73 6d 2d 31 31 7b 77 69 64 74 68 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f Data Ascii: 33333333%}.col-xs-offset-0{margin-left:0}@media (min-width:768px){.col-sm-1,.col-sm-10,.col-sm-11,.col-sm-12,.col-sm-2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9{float:left}.col-sm-12{width:100%}.col-sm-11{width:91.66666667%}.co
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 31 30 7b 72 69 67 68 74 3a 38 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 39 7b 72 69 67 68 74 3a 37 35 25 7d 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 38 7b 72 69 67 68 74 3a 36 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 37 7b 72 69 67 68 74 3a 35 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 36 7b 72 69 67 68 74 3a 35 30 25 7d 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 35 7b 72 69 67 68 74 3a 34 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 34 7b 72 69 67 68 74 3a 33 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 6c 67 2d 70 75 6c 6c 2d 33 7b 72 69 67 68 74 Data Ascii: :91.66666667%}.col-lg-pull-10{right:83.33333333%}.col-lg-pull-9{right:75%}.col-lg-pull-8{right:66.66666667%}.col-lg-pull-7{right:58.33333333%}.col-lg-pull-6{right:50%}.col-lg-pull-5{right:41.66666667%}.col-lg-pull-4{right:33.33333333%}.col-lg-pull-3{right
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 3e 74 68 2e 69 6e 66 6f 2c 2e 74 61 62 6c 65 3e 74 68 65 61 64 3e 74 72 2e 69 6e 66 6f 3e 74 64 2c 2e 74 61 62 6c 65 3e 74 68 65 61 64 3e 74 72 2e 69 6e 66 6f 3e 74 68 2c 2e 74 61 62 6c 65 3e 74 68 65 61 64 3e 74 72 3e 74 64 2e 69 6e 66 6f 2c 2e 74 61 62 6c 65 3e 74 68 65 61 64 3e 74 72 3e 74 68 2e 69 6e 66 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 39 65 64 66 37 7d 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 2e 69 6e 66 6f 3a 68 6f 76 65 72 3e 74 64 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 2e 69 6e 66 6f 3a 68 6f 76 65 72 3e 74 68 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 3a 68 6f 76 65 72 3e 2e 69 6e 66 6f 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e Data Ascii: >th.info,.table>thead>tr.info>td,.table>thead>tr.info>th,.table>thead>tr>td.info,.table>thead>tr>th.info{background-color:#d9edf7}.table-hover>tbody>tr.info:hover>td,.table-hover>tbody>tr.info:hover>th,.table-hover>tbody>tr:hover>.info,.table-hover>tbody>
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 20 2e 31 35 73 2c 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 3b 2d 6f 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 2c 62 6f 78 2d 73 68 61 64 6f 77 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 2c 62 6f 78 2d 73 68 61 64 6f 77 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 2e 31 35 73 7d 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 3a 66 6f 63 75 73 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 36 36 61 66 65 39 3b 6f 75 74 6c 69 6e 65 3a 30 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 69 6e Data Ascii: .15s,-webkit-box-shadow ease-in-out .15s;-o-transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s;transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s}.form-control:focus{border-color:#66afe9;outline:0;-webkit-box-shadow:in

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:56 UTC	647	OUT	GET /mdod/tharep/bootstrap/css/font-awesome.min.css HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:56 UTC	302	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:24 GMT Content-Type: text/css Content-Length: 29067 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-718b" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:56 UTC	3794	IN	Data Raw: 2f 2a 21 0d 0a 20 2a 20 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 34 2e 36 2e 33 20 62 79 20 40 64 61 76 65 67 61 6e 64 79 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 20 2d 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 0d 0a 20 2a 20 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 2f 6c 69 63 65 6e 73 65 20 28 46 6f 6e 74 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 53 53 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0d 0a 20 2a 2f 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 41 77 65 73 6f 6d 65 27 3b 73 72 63 3a 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 77 65 62 66 6f 6e 74 2e 65 6f 74 3f 76 3d 34 2e 36 2e 33 27 Data Ascii: /! Font Awesome 4.6.3 by @davegandy - http://fontawesome.io - @fontawesome * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License) */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot?v=4.6.3'
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 64 22 7d 2e 66 61 2d 73 65 61 72 63 68 2d 70 6c 75 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 30 65 22 7d 2e 66 61 2d 73 65 61 72 63 68 2d 6d 69 6e 75 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 30 22 7d 2e 66 61 2d 70 6f 77 65 72 2d 6f 66 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 31 22 7d 2e 66 61 2d 73 69 67 6e 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 32 22 7d 2e 66 61 2d 67 65 61 72 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 63 6f 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 33 22 7d 2e 66 61 2d 74 72 61 73 68 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 34 22 7d 2e 66 61 2d Data Ascii: re{content:"\f00d"}.fa-search-plus:before{content:"\f00e"}.fa-search-minus:before{content:"\f010"}.fa-power-off:before{content:"\f011"}.fa-signal:before{content:"\f012"}.fa-gear:before,.fa-cog:before{content:"\f013"}.fa-trash-o:before{content:"\f014"}.fa-
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 30 38 30 22 7d 2e 66 61 2d 74 77 69 74 74 65 72 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 31 22 7d 2e 66 61 2d 66 61 63 65 62 6f 6f 6b 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 32 22 7d 2e 66 61 2d 63 61 6d 65 72 61 2d 72 65 74 72 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 33 22 7d 2e 66 61 2d 6b 65 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 34 22 7d 2e 66 61 2d 67 65 61 72 73 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 63 6f 67 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 35 22 7d 2e 66 61 2d 63 6f 6d 6d 65 6e 74 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 38 36 22 7d 2e 66 61 2d 74 68 75 6d 62 Data Ascii: 080"}.fa-twitter-square:before{content:"\f081"}.fa-facebook-square:before{content:"\f082"}.fa-camera-retro:before{content:"\f083"}.fa-key:before{content:"\f084"}.fa-gears:before,.fa-cogs:before{content:"\f085"}.fa-comments:before{content:"\f086"}.fa-thumb
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 6e 74 65 6e 74 3a 22 5c 66 30 66 61 22 7d 2e 66 61 2d 66 69 67 68 74 65 72 2d 6a 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 62 22 7d 2e 66 61 2d 62 65 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 63 22 7d 2e 66 61 2d 68 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 64 22 7d 2e 66 61 2d 70 6c 75 73 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 66 65 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 64 6f 75 62 6c 65 2d 6c 65 66 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 30 22 7d 2e 66 61 2d 61 6e 67 6c 65 2d 64 6f 75 62 6c 65 2d 72 69 67 68 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 30 31 22 7d 2e 66 61 2d Data Ascii: ntent:"\f0fa"}.fa-fighter-jet:before{content:"\f0fb"}.fa-beer:before{content:"\f0fc"}.fa-h-square:before{content:"\f0fd"}.fa-plus-square:before{content:"\f0fe"}.fa-angle-double-left:before{content:"\f100"}.fa-angle-double-right:before{content:"\f101"}.fa-
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 3a 22 5c 66 31 36 35 22 7d 2e 66 61 2d 79 6f 75 74 75 62 65 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 36 22 7d 2e 66 61 2d 79 6f 75 74 75 62 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 37 22 7d 2e 66 61 2d 78 69 6e 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 38 22 7d 2e 66 61 2d 78 69 6e 67 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 39 22 7d 2e 66 61 2d 79 6f 75 74 75 62 65 2d 70 6c 61 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 61 22 7d 2e 66 61 2d 64 72 6f 70 62 6f 78 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 62 22 7d 2e 66 61 2d 73 74 61 63 6b 2d 6f 76 65 72 66 6c 6f 77 3a 62 65 66 6f Data Ascii: :"\f165"}.fa-youtube-square:before{content:"\f166"}.fa-youtube:before{content:"\f167"}.fa-xing:before{content:"\f168"}.fa-xing-square:before{content:"\f169"}.fa-youtube-play:before{content:"\f16a"}.fa-dropbox:before{content:"\f16b"}.fa-stack-overflow:befo
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 64 30 22 7d 2e 66 61 2d 67 65 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 65 6d 70 69 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 64 31 22 7d 2e 66 61 2d 67 69 74 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 64 32 22 7d 2e 66 61 2d 67 69 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 64 33 22 7d 2e 66 61 2d 79 2d 63 6f 6d 62 69 6e 61 74 6f 72 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 79 63 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 68 61 63 6b 65 72 2d 6e 65 77 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 64 34 22 7d 2e 66 61 2d 74 65 6e 63 65 6e 74 2d 77 65 69 62 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e Data Ascii: content:"\f1d0"}.fa-ge:before,.fa-empire:before{content:"\f1d1"}.fa-git-square:before{content:"\f1d2"}.fa-git:before{content:"\f1d3"}.fa-y-combinator-square:before,.fa-yc-square:before,.fa-hacker-news:before{content:"\f1d4"}.fa-tencent-weibo:before{conten
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 72 73 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 34 31 22 7d 2e 66 61 2d 62 61 74 74 65 72 79 2d 32 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 62 61 74 74 65 72 79 2d 68 61 6c 66 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 34 32 22 7d 2e 66 61 2d 62 61 74 74 65 72 79 2d 31 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 62 61 74 74 65 72 79 2d 71 75 61 72 74 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 34 33 22 7d 2e 66 61 2d 62 61 74 74 65 72 79 2d 30 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 62 61 74 74 65 72 79 2d 65 6d 70 74 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 34 34 22 7d 2e 66 61 2d 6d 6f 75 73 65 2d 70 6f 69 6e 74 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 34 35 22 7d 2e Data Ascii: rs:before{content:"\f241"}.fa-battery-2:before,.fa-battery-half:before{content:"\f242"}.fa-battery-1:before,.fa-battery-quarter:before{content:"\f243"}.fa-battery-0:before,.fa-battery-empty:before{content:"\f244"}.fa-mouse-pointer:before{content:"\f245"}.
2024-07-05 07:29:56 UTC	697	IN	Data Raw: 6e 74 3a 22 5c 66 32 61 39 22 7d 2e 66 61 2d 76 69 61 64 65 6f 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 61 61 22 7d 2e 66 61 2d 73 6e 61 70 63 68 61 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 61 62 22 7d 2e 66 61 2d 73 6e 61 70 63 68 61 74 2d 67 68 6f 73 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 61 63 22 7d 2e 66 61 2d 73 6e 61 70 63 68 61 74 2d 73 71 75 61 72 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 61 64 22 7d 2e 66 61 2d 70 69 65 64 2d 70 69 70 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 61 65 22 7d 2e 66 61 2d 66 69 72 73 74 2d 6f 72 64 65 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 32 62 30 22 7d 2e 66 61 2d 79 Data Ascii: nt:"\f2a9"}.fa-viadeo-square:before{content:"\f2aa"}.fa-snapchat:before{content:"\f2ab"}.fa-snapchat-ghost:before{content:"\f2ac"}.fa-snapchat-square:before{content:"\f2ad"}.fa-pied-piper:before{content:"\f2ae"}.fa-first-order:before{content:"\f2b0"}.fa-y

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:56 UTC	638	OUT	GET /mdod/tharep/dist/css/AdminLTE.min.css HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:56 UTC	303	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:24 GMT Content-Type: text/css Content-Length: 93983 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-16f1f" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:56 UTC	3793	IN	Data Raw: 40 69 6d 70 6f 72 74 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 53 6f 75 72 63 65 2b 53 61 6e 73 2b 50 72 6f 3a 33 30 30 2c 34 30 30 2c 36 30 30 2c 37 30 30 2c 33 30 30 69 74 61 6c 69 63 2c 34 30 30 69 74 61 6c 69 63 2c 36 30 30 69 74 61 6c 69 63 29 3b 20 2f 2a 21 0d 0a 20 2a 20 20 20 41 64 6d 69 6e 4c 54 45 20 76 32 2e 30 2e 33 0d 0a 20 2a 20 20 20 41 75 74 68 6f 72 3a 20 41 6c 6d 73 61 65 65 64 20 53 74 75 64 69 6f 0d 0a 20 2a 09 20 57 65 62 73 69 74 65 3a 20 41 6c 6d 73 61 65 65 64 20 53 74 75 64 69 6f 20 3c 68 74 74 70 3a 2f 2f 61 6c 6d 73 61 65 65 64 73 74 75 64 69 6f 2e 63 6f 6d 3e 0d 0a 20 2a 20 20 20 4c 69 63 65 6e 73 65 3a 20 4f 70 65 6e 20 73 6f 75 72 63 65 20 2d 20 4d 49 Data Ascii: @import url(//fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic); /! AdminLTE v2.0.3 * Author: Almsaeed Studio * Website: Almsaeed Studio <http://almsaeedstudio.com> * License: Open source - MI
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 74 6f 70 2d 6e 61 76 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 3e 20 2e 6e 61 76 62 61 72 20 7b 0d 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 7d 0d 0a 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 23 6e 61 76 62 61 72 2d 73 65 61 72 63 68 2d 69 6e 70 75 74 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 32 29 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 0d 0a 7d 0d 0a 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 23 6e 61 76 62 61 72 2d 73 65 61 72 63 68 2d 69 6e 70 75 74 3a 66 6f 63 75 73 2c 0d 0a 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 23 6e 61 76 62 61 72 2d 73 65 61 72 63 68 2d 69 6e 70 75 74 3a 61 Data Ascii: top-nav .main-header > .navbar { margin-left: 0 !important;}.main-header #navbar-search-input { background: rgba(255, 255, 255, 0.2); border-color: transparent;}.main-header #navbar-search-input:focus,.main-header #navbar-search-input:a
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 7b 0d 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0d 0a 20 20 74 6f 70 3a 20 30 3b 0d 0a 20 20 6c 65 66 74 3a 20 30 3b 0d 0a 20 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 35 30 70 78 3b 0d 0a 20 20 6d 69 6e 2d 68 65 69 67 68 74 3a 20 31 30 30 25 3b 0d 0a 20 20 77 69 64 74 68 3a 20 32 33 30 70 78 3b 0d 0a 20 20 7a 2d 69 6e 64 65 78 3a 20 38 31 30 3b 0d 0a 20 20 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 20 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 20 30 2e 33 73 0d 0a 20 20 20 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 33 32 2c 20 31 2e 32 35 2c 20 30 2e 33 37 35 2c 20 31 2e 31 35 29 3b 0d 0a 20 20 2d 6d 6f 7a 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 20 2d 6d 6f 7a 2d 74 72 61 6e 73 66 6f 72 6d 20 30 2e 33 73 20 Data Ascii: { position: absolute; top: 0; left: 0; padding-top: 50px; min-height: 100%; width: 230px; z-index: 810; -webkit-transition: -webkit-transform 0.3s cubic-bezier(0.32, 1.25, 0.375, 1.15); -moz-transition: -moz-transform 0.3s
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 6e 61 76 62 61 72 2d 6e 61 76 20 3e 20 2e 74 61 73 6b 73 2d 6d 65 6e 75 20 7b 0d 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0d 0a 7d 0d 0a 2e 6e 61 76 62 61 72 2d 6e 61 76 20 3e 20 2e 6e 6f 74 69 66 69 63 61 74 69 6f 6e 73 2d 6d 65 6e 75 20 3e 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2c 0d 0a 2e 6e 61 76 62 61 72 2d 6e 61 76 20 3e 20 2e 6d 65 73 73 61 67 65 73 2d 6d 65 6e 75 20 3e 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2c 0d 0a 2e 6e 61 76 62 61 72 2d 6e 61 76 20 3e 20 2e 74 61 73 6b 73 2d 6d 65 6e 75 20 3e 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 7b 0d 0a 20 20 77 69 64 74 68 3a 20 32 38 30 70 78 3b 0d 0a 20 20 70 61 64 64 69 6e 67 3a 20 30 20 30 20 30 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 6d 61 72 Data Ascii: navbar-nav > .tasks-menu { position: relative;}.navbar-nav > .notifications-menu > .dropdown-menu,.navbar-nav > .messages-menu > .dropdown-menu,.navbar-nav > .tasks-menu > .dropdown-menu { width: 280px; padding: 0 0 0 0 !important; mar
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 6c 69 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 61 3a 62 65 66 6f 72 65 2c 0d 0a 2e 6e 61 76 62 61 72 2d 6e 61 76 20 3e 20 2e 6d 65 73 73 61 67 65 73 2d 6d 65 6e 75 20 3e 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 3e 20 6c 69 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 61 3a 61 66 74 65 72 20 7b 0d 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 20 22 3b 0d 0a 20 20 64 69 73 70 6c 61 79 3a 20 74 61 62 6c 65 3b 0d 0a 7d 0d 0a 2e 6e 61 76 62 61 72 2d 6e 61 76 20 3e 20 2e 6d 65 73 73 61 67 65 73 2d 6d 65 6e 75 20 3e 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 3e 20 6c 69 20 2e 6d 65 6e 75 20 3e 20 6c 69 20 3e 20 61 3a 61 66 74 65 72 20 7b 0d 0a 20 20 63 6c 65 61 72 3a 20 62 6f 74 68 3b 0d 0a 7d 0d 0a 2e 6e 61 76 62 61 72 2d 6e 61 76 20 3e 20 2e 74 61 73 6b 73 Data Ascii: li .menu > li > a:before,.navbar-nav > .messages-menu > .dropdown-menu > li .menu > li > a:after { content: " "; display: table;}.navbar-nav > .messages-menu > .dropdown-menu > li .menu > li > a:after { clear: both;}.navbar-nav > .tasks
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 3a 20 70 65 72 73 70 65 63 74 69 76 65 28 34 30 30 70 78 29 20 72 6f 74 61 74 65 33 64 28 31 2c 20 30 2c 20 30 2c 20 2d 35 64 65 67 29 3b 0d 0a 20 20 7d 0d 0a 20 20 31 30 30 25 20 7b 0d 0a 20 20 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 70 65 72 73 70 65 63 74 69 76 65 28 34 30 30 70 78 29 3b 0d 0a 20 20 7d 0d 0a 7d 0d 0a 2e 6e 61 76 62 61 72 2d 63 75 73 74 6f 6d 2d 6d 65 6e 75 20 3e 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 3e 20 6c 69 20 7b 0d 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0d 0a 7d 0d 0a 2e 6e 61 76 62 61 72 2d 63 75 73 74 6f 6d 2d 6d 65 6e 75 20 3e 20 2e 6e 61 76 62 61 72 2d 6e 61 76 20 3e 20 6c 69 20 3e 20 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 20 7b 0d 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b Data Ascii: : perspective(400px) rotate3d(1, 0, 0, -5deg); } 100% { transform: perspective(400px); }}.navbar-custom-menu > .navbar-nav > li { position: relative;}.navbar-custom-menu > .navbar-nav > li > .dropdown-menu { position: absolute;
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 20 20 20 74 72 61 6e 73 70 61 72 65 6e 74 20 37 35 25 2c 0d 0a 20 20 20 20 74 72 61 6e 73 70 61 72 65 6e 74 0d 0a 20 20 29 3b 0d 0a 7d 0d 0a 2e 70 72 6f 67 72 65 73 73 2d 62 61 72 2d 67 72 65 65 6e 2c 0d 0a 2e 70 72 6f 67 72 65 73 73 2d 62 61 72 2d 73 75 63 63 65 73 73 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 30 30 61 36 35 61 3b 0d 0a 7d 0d 0a 2e 70 72 6f 67 72 65 73 73 2d 73 74 72 69 70 65 64 20 2e 70 72 6f 67 72 65 73 73 2d 62 61 72 2d 67 72 65 65 6e 2c 0d 0a 2e 70 72 6f 67 72 65 73 73 2d 73 74 72 69 70 65 64 20 2e 70 72 6f 67 72 65 73 73 2d 62 61 72 2d 73 75 63 63 65 73 73 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 2d 77 65 62 6b 69 74 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 0d Data Ascii: transparent 75%, transparent );}.progress-bar-green,.progress-bar-success { background-color: #00a65a;}.progress-striped .progress-bar-green,.progress-striped .progress-bar-success { background-image: -webkit-linear-gradient(
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 6f 75 6e 64 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 31 29 3b 0d 0a 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 0d 0a 7d 0d 0a 2e 73 6d 61 6c 6c 2d 62 6f 78 20 3e 20 2e 73 6d 61 6c 6c 2d 62 6f 78 2d 66 6f 6f 74 65 72 3a 68 6f 76 65 72 20 7b 0d 0a 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 3a 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 2e 31 35 29 3b 0d 0a 7d 0d 0a 2e 73 6d 61 6c 6c 2d 62 6f 78 20 68 33 20 7b 0d 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 38 70 78 3b 0d 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0d 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 30 20 31 30 70 78 20 30 3b 0d 0a 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b Data Ascii: ound: rgba(0, 0, 0, 0.1); text-decoration: none;}.small-box > .small-box-footer:hover { color: #fff; background: rgba(0, 0, 0, 0.15);}.small-box h3 { font-size: 38px; font-weight: bold; margin: 0 0 10px 0; white-space: nowrap;
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 0a 2e 62 6f 78 20 2e 62 6f 78 2d 67 72 6f 75 70 20 3e 20 2e 62 6f 78 20 7b 0d 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 35 70 78 3b 0d 0a 7d 0d 0a 2e 62 6f 78 20 2e 6b 6e 6f 62 2d 6c 61 62 65 6c 20 7b 0d 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 63 6f 6c 6f 72 3a 20 23 33 33 33 3b 0d 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 31 30 30 3b 0d 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0d 0a 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 20 30 2e 33 65 6d 3b 0d 0a 7d 0d 0a 2e 62 6f 78 20 3e 20 2e 6f 76 65 72 6c 61 79 2c 0d 0a 2e 62 6f 78 20 3e 20 2e 6c 6f 61 64 69 6e 67 2d 69 6d 67 20 7b 0d 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0d 0a 20 20 74 6f 70 3a 20 30 3b 0d Data Ascii: .box .box-group > .box { margin-bottom: 5px;}.box .knob-label { text-align: center; color: #333; font-weight: 100; font-size: 12px; margin-bottom: 0.3em;}.box > .overlay,.box > .loading-img { position: absolute; top: 0;
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 7b 0d 0a 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 35 70 78 3b 0d 0a 20 20 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0d 0a 7d 0d 0a 2e 74 6f 64 6f 2d 6c 69 73 74 20 3e 20 6c 69 3a 68 6f 76 65 72 20 2e 74 6f 6f 6c 73 20 7b 0d 0a 20 20 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0d 0a 7d 0d 0a 2e 74 6f 64 6f 2d 6c 69 73 74 20 3e 20 6c 69 2e 64 6f 6e 65 20 7b 0d 0a 20 20 63 6f 6c 6f 72 3a 20 23 39 39 39 3b 0d 0a 7d 0d 0a 2e 74 6f 64 6f 2d 6c 69 73 74 20 3e 20 6c 69 2e 64 6f 6e 65 20 2e 74 65 78 74 20 7b 0d 0a 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6c 69 6e 65 2d 74 68 72 6f 75 67 68 3b 0d 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 35 30 30 3b 0d 0a 7d 0d 0a 2e 74 6f 64 6f 2d 6c 69 73 74 20 3e 20 6c 69 Data Ascii: { margin-right: 5px; cursor: pointer;}.todo-list > li:hover .tools { display: inline-block;}.todo-list > li.done { color: #999;}.todo-list > li.done .text { text-decoration: line-through; font-weight: 500;}.todo-list > li

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:56 UTC	646	OUT	GET /mdod/tharep/dist/css/skins/_all-skins.min.css HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:56 UTC	302	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:24 GMT Content-Type: text/css Content-Length: 24131 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-5e43" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:56 UTC	3794	IN	Data Raw: 2e 73 6b 69 6e 2d 62 6c 75 65 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 2e 6e 61 76 62 61 72 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 30 30 37 38 64 34 3b 0d 0a 7d 0d 0a 2e 73 6b 69 6e 2d 62 6c 75 65 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 2e 6e 61 76 62 61 72 20 2e 6e 61 76 20 3e 20 6c 69 20 3e 20 61 20 7b 0d 0a 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 7d 0d 0a 2e 73 6b 69 6e 2d 62 6c 75 65 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 2e 6e 61 76 62 61 72 20 2e 6e 61 76 20 3e 20 6c 69 20 3e 20 61 3a 68 6f 76 65 72 2c 0d 0a 2e 73 6b 69 6e 2d 62 6c 75 65 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 2e 6e 61 76 62 61 72 20 2e 6e 61 76 20 3e 20 6c 69 20 3e 20 61 3a 61 63 74 69 76 65 2c 0d 0a 2e 73 6b 69 6e 2d 62 6c 75 65 Data Ascii: .skin-blue .main-header .navbar { background-color: #0078d4;}.skin-blue .main-header .navbar .nav > li > a { color: #fff;}.skin-blue .main-header .navbar .nav > li > a:hover,.skin-blue .main-header .navbar .nav > li > a:active,.skin-blue
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 72 74 61 6e 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 32 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 32 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 7d 0d 0a 2e 73 6b 69 6e 2d 62 6c 75 65 2e 6c 61 79 6f 75 74 2d 74 6f 70 2d 6e 61 76 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 3e 20 2e 6c 6f 67 6f 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 30 30 37 38 64 34 3b 0d 0a 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 Data Ascii: rtant; border-top-right-radius: 2px !important; border-bottom-right-radius: 2px !important; border-bottom-left-radius: 0 !important;}.skin-blue.layout-top-nav .main-header > .logo { background-color: #0078d4; color: #fff; border-bott
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 33 32 2c 20 31 2e 32 35 2c 20 30 2e 33 37 35 2c 20 31 2e 31 35 29 3b 0d 0a 20 20 74 72 61 6e 73 69 74 69 6f 6e 3a 20 61 6c 6c 20 30 2e 33 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 33 32 2c 20 31 2e 32 35 2c 20 30 2e 33 37 35 2c 20 31 2e 31 35 29 3b 0d 0a 7d 0d 0a 2e 73 6b 69 6e 2d 62 6c 61 63 6b 20 2e 73 69 64 65 62 61 72 2d 66 6f 72 6d 20 69 6e 70 75 74 5b 74 79 70 65 3d 22 74 65 78 74 22 5d 20 7b 0d 0a 20 20 63 6f 6c 6f 72 3a 20 23 36 36 36 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 32 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d Data Ascii: cubic-bezier(0.32, 1.25, 0.375, 1.15); transition: all 0.3s cubic-bezier(0.32, 1.25, 0.375, 1.15);}.skin-black .sidebar-form input[type="text"] { color: #666; border-top-left-radius: 2px !important; border-top-right-radius: 0 !important;
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 32 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 7d 0d 0a 2e 73 6b 69 6e 2d 67 72 65 65 6e 20 2e 73 69 64 65 62 61 72 2d 66 6f 72 6d 20 69 6e 70 75 74 5b 74 79 70 65 3d 22 74 65 78 74 22 5d 3a 66 6f 63 75 73 2c 0d 0a 2e 73 6b 69 6e 2d 67 72 65 65 6e 20 2e 73 69 64 65 62 61 72 2d 66 6f 72 6d 20 69 6e 70 75 74 5b 74 79 70 65 3d 22 74 65 78 74 22 5d 3a 66 6f 63 75 73 20 2b 20 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2d 62 74 6e 20 2e 62 74 6e 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d Data Ascii: t; border-bottom-right-radius: 0 !important; border-bottom-left-radius: 2px !important;}.skin-green .sidebar-form input[type="text"]:focus,.skin-green .sidebar-form input[type="text"]:focus + .input-group-btn .btn { background-color: #fff;
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 75 70 2d 62 74 6e 20 2e 62 74 6e 20 7b 0d 0a 20 20 62 6f 72 64 65 72 2d 6c 65 66 74 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 7d 0d 0a 2e 73 6b 69 6e 2d 72 65 64 20 2e 73 69 64 65 62 61 72 2d 66 6f 72 6d 20 2e 62 74 6e 20 7b 0d 0a 20 20 63 6f 6c 6f 72 3a 20 23 39 39 39 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 74 6f 70 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 74 6f 70 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 32 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 72 69 67 68 74 2d 72 61 64 69 75 73 3a 20 32 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 Data Ascii: up-btn .btn { border-left-color: #fff;}.skin-red .sidebar-form .btn { color: #999; border-top-left-radius: 0 !important; border-top-right-radius: 2px !important; border-bottom-right-radius: 2px !important; border-bottom-left-radius:
2024-07-05 07:29:56 UTC	3953	IN	Data Raw: 20 32 70 78 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 20 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 6c 65 66 74 2d 72 61 64 69 75 73 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0d 0a 7d 0d 0a 2e 73 6b 69 6e 2d 70 75 72 70 6c 65 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 2e 6e 61 76 62 61 72 20 7b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 36 30 35 63 61 38 3b 0d 0a 7d 0d 0a 2e 73 6b 69 6e 2d 70 75 72 70 6c 65 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 2e 6e 61 76 62 61 72 20 2e 6e 61 76 20 3e 20 6c 69 20 3e 20 61 20 7b 0d 0a 20 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0d 0a 7d 0d 0a 2e 73 6b 69 6e 2d 70 75 72 70 6c 65 20 2e 6d 61 69 6e 2d 68 65 61 64 65 72 20 2e 6e 61 76 62 61 72 20 2e 6e 61 76 20 3e 20 6c 69 20 3e 20 61 3a 68 6f Data Ascii: 2px !important; border-bottom-left-radius: 0 !important;}.skin-purple .main-header .navbar { background-color: #605ca8;}.skin-purple .main-header .navbar .nav > li > a { color: #fff;}.skin-purple .main-header .navbar .nav > li > a:ho

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:56 UTC	633	OUT	GET /mdod/tharep/plugins/jQuery/jQuery-2.1.3.min.js HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:56 UTC	317	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:25 GMT Content-Type: application/javascript Content-Length: 84322 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-14962" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:56 UTC	3779	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 32 2e 31 2e 33 20 7c 20 28 63 29 20 32 30 30 35 2c 20 32 30 31 34 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 2c 20 49 6e 63 2e 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 61 2e 64 6f 63 75 6d 65 6e 74 3f 62 28 61 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 61 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 65 72 79 20 72 65 71 75 69 72 65 73 20 61 20 77 69 6e Data Ascii: /! jQuery v2.1.3 \| (c) 2005, 2014 jQuery Foundation, Inc. \| jquery.org/license /!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a win
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 75 6d 65 6e 74 73 2c 32 29 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 61 70 70 6c 79 28 62 7c 7c 74 68 69 73 2c 65 2e 63 6f 6e 63 61 74 28 64 2e 63 61 6c 6c 28 61 72 67 75 6d 65 6e 74 73 29 29 29 7d 2c 66 2e 67 75 69 64 3d 61 2e 67 75 69 64 3d 61 2e 67 75 69 64 7c 7c 6e 2e 67 75 69 64 2b 2b 2c 66 29 3a 76 6f 69 64 20 30 7d 2c 6e 6f 77 3a 44 61 74 65 2e 6e 6f 77 2c 73 75 70 70 6f 72 74 3a 6b 7d 29 2c 6e 2e 65 61 63 68 28 22 42 6f 6f 6c 65 61 6e 20 4e 75 6d 62 65 72 20 53 74 72 69 6e 67 20 46 75 6e 63 74 69 6f 6e 20 41 72 72 61 79 20 44 61 74 65 20 52 65 67 45 78 70 20 4f 62 6a 65 63 74 20 45 72 72 6f 72 22 2e 73 70 6c 69 74 28 22 20 22 29 2c 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 68 5b 22 5b 6f 62 6a 65 63 74 20 22 2b 62 2b 22 Data Ascii: uments,2),f=function(){return a.apply(b\|\|this,e.concat(d.call(arguments)))},f.guid=a.guid=a.guid\|\|n.guid++,f):void 0},now:Date.now,support:k}),n.each("Boolean Number String Function Array Date RegExp Object Error".split(" "),function(a,b){h["[object "+b+"
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 6e 28 62 29 7b 76 61 72 20 63 3d 62 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 72 65 74 75 72 6e 28 22 69 6e 70 75 74 22 3d 3d 3d 63 7c 7c 22 62 75 74 74 6f 6e 22 3d 3d 3d 63 29 26 26 62 2e 74 79 70 65 3d 3d 3d 61 7d 7d 66 75 6e 63 74 69 6f 6e 20 6f 62 28 61 29 7b 72 65 74 75 72 6e 20 69 62 28 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 20 62 3d 2b 62 2c 69 62 28 66 75 6e 63 74 69 6f 6e 28 63 2c 64 29 7b 76 61 72 20 65 2c 66 3d 61 28 5b 5d 2c 63 2e 6c 65 6e 67 74 68 2c 62 29 2c 67 3d 66 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 67 2d 2d 29 63 5b 65 3d 66 5b 67 5d 5d 26 26 28 63 5b 65 5d 3d 21 28 64 5b 65 5d 3d 63 5b 65 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 70 62 28 61 29 7b 72 65 74 75 72 6e 20 61 26 26 Data Ascii: n(b){var c=b.nodeName.toLowerCase();return("input"===c\|\|"button"===c)&&b.type===a}}function ob(a){return ib(function(b){return b=+b,ib(function(c,d){var e,f=a([],c.length,b),g=f.length;while(g--)c[e=f[g]]&&(c[e]=!(d[e]=c[e]))})})}function pb(a){return a&&
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 6e 26 26 6d 28 61 29 2c 62 3d 62 2e 72 65 70 6c 61 63 65 28 55 2c 22 3d 27 24 31 27 5d 22 29 2c 21 28 21 63 2e 6d 61 74 63 68 65 73 53 65 6c 65 63 74 6f 72 7c 7c 21 70 7c 7c 72 26 26 72 2e 74 65 73 74 28 62 29 7c 7c 71 26 26 71 2e 74 65 73 74 28 62 29 29 29 74 72 79 7b 76 61 72 20 64 3d 73 2e 63 61 6c 6c 28 61 2c 62 29 3b 69 66 28 64 7c 7c 63 2e 64 69 73 63 6f 6e 6e 65 63 74 65 64 4d 61 74 63 68 7c 7c 61 2e 64 6f 63 75 6d 65 6e 74 26 26 31 31 21 3d 3d 61 2e 64 6f 63 75 6d 65 6e 74 2e 6e 6f 64 65 54 79 70 65 29 72 65 74 75 72 6e 20 64 7d 63 61 74 63 68 28 65 29 7b 7d 72 65 74 75 72 6e 20 67 62 28 62 2c 6e 2c 6e 75 6c 6c 2c 5b 61 5d 29 2e 6c 65 6e 67 74 68 3e 30 7d 2c 67 62 2e 63 6f 6e 74 61 69 6e 73 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 Data Ascii: n&&m(a),b=b.replace(U,"='$1']"),!(!c.matchesSelector\|\|!p\|\|r&&r.test(b)\|\|q&&q.test(b)))try{var d=s.call(a,b);if(d\|\|c.disconnectedMatch\|\|a.document&&11!==a.document.nodeType)return d}catch(e){}return gb(b,n,null,[a]).length>0},gb.contains=function(a,b){retu
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 3d 61 2e 72 65 70 6c 61 63 65 28 63 62 2c 64 62 29 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 28 62 2e 74 65 78 74 43 6f 6e 74 65 6e 74 7c 7c 62 2e 69 6e 6e 65 72 54 65 78 74 7c 7c 65 28 62 29 29 2e 69 6e 64 65 78 4f 66 28 61 29 3e 2d 31 7d 7d 29 2c 6c 61 6e 67 3a 69 62 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 57 2e 74 65 73 74 28 61 7c 7c 22 22 29 7c 7c 67 62 2e 65 72 72 6f 72 28 22 75 6e 73 75 70 70 6f 72 74 65 64 20 6c 61 6e 67 3a 20 22 2b 61 29 2c 61 3d 61 2e 72 65 70 6c 61 63 65 28 63 62 2c 64 62 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 3b 64 6f 20 69 66 28 63 3d 70 3f 62 2e 6c 61 6e 67 3a 62 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 78 6d 6c 3a 6c 61 6e 67 Data Ascii: =a.replace(cb,db),function(b){return(b.textContent\|\|b.innerText\|\|e(b)).indexOf(a)>-1}}),lang:ib(function(a){return W.test(a\|\|"")\|\|gb.error("unsupported lang: "+a),a=a.replace(cb,db).toLowerCase(),function(b){var c;do if(c=p?b.lang:b.getAttribute("xml:lang
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 28 6e 75 6c 6c 2c 61 5b 69 5d 2e 6d 61 74 63 68 65 73 29 2c 63 5b 75 5d 29 7b 66 6f 72 28 65 3d 2b 2b 69 3b 66 3e 65 3b 65 2b 2b 29 69 66 28 64 2e 72 65 6c 61 74 69 76 65 5b 61 5b 65 5d 2e 74 79 70 65 5d 29 62 72 65 61 6b 3b 72 65 74 75 72 6e 20 77 62 28 69 3e 31 26 26 74 62 28 6d 29 2c 69 3e 31 26 26 72 62 28 61 2e 73 6c 69 63 65 28 30 2c 69 2d 31 29 2e 63 6f 6e 63 61 74 28 7b 76 61 6c 75 65 3a 22 20 22 3d 3d 3d 61 5b 69 2d 32 5d 2e 74 79 70 65 3f 22 2a 22 3a 22 22 7d 29 29 2e 72 65 70 6c 61 63 65 28 52 2c 22 24 31 22 29 2c 63 2c 65 3e 69 26 26 78 62 28 61 2e 73 6c 69 63 65 28 69 2c 65 29 29 2c 66 3e 65 26 26 78 62 28 61 3d 61 2e 73 6c 69 63 65 28 65 29 29 2c 66 3e 65 26 26 72 62 28 61 29 29 7d 6d 2e 70 75 73 68 28 63 29 7d 72 65 74 75 72 6e 20 74 62 28 Data Ascii: (null,a[i].matches),c[u]){for(e=++i;f>e;e++)if(d.relative[a[e].type])break;return wb(i>1&&tb(m),i>1&&rb(a.slice(0,i-1).concat({value:" "===a[i-2].type?"*":""})).replace(R,"$1"),c,e>i&&xb(a.slice(i,e)),f>e&&xb(a=a.slice(e)),f>e&&rb(a))}m.push(c)}return tb(
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 63 5d 29 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 72 65 74 75 72 6e 20 64 3d 6c 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 63 5b 32 5d 29 2c 64 26 26 64 2e 70 61 72 65 6e 74 4e 6f 64 65 26 26 28 74 68 69 73 2e 6c 65 6e 67 74 68 3d 31 2c 74 68 69 73 5b 30 5d 3d 64 29 2c 74 68 69 73 2e 63 6f 6e 74 65 78 74 3d 6c 2c 74 68 69 73 2e 73 65 6c 65 63 74 6f 72 3d 61 2c 74 68 69 73 7d 72 65 74 75 72 6e 20 61 2e 6e 6f 64 65 54 79 70 65 3f 28 74 68 69 73 2e 63 6f 6e 74 65 78 74 3d 74 68 69 73 5b 30 5d 3d 61 2c 74 68 69 73 2e 6c 65 6e 67 74 68 3d 31 2c 74 68 69 73 29 3a 6e 2e 69 73 46 75 6e 63 74 69 6f 6e 28 61 29 3f 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 79 2e 72 65 61 64 79 3f 79 2e 72 65 61 64 79 28 61 29 3a 61 28 6e 29 3a 28 76 6f 69 64 20 Data Ascii: c]);return this}return d=l.getElementById(c[2]),d&&d.parentNode&&(this.length=1,this[0]=d),this.context=l,this.selector=a,this}return a.nodeType?(this.context=this[0]=a,this.length=1,this):n.isFunction(a)?"undefined"!=typeof y.ready?y.ready(a):a(n):(void
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 20 61 3d 67 26 26 67 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3b 61 26 26 6e 2e 69 73 46 75 6e 63 74 69 6f 6e 28 61 2e 70 72 6f 6d 69 73 65 29 3f 61 2e 70 72 6f 6d 69 73 65 28 29 2e 64 6f 6e 65 28 63 2e 72 65 73 6f 6c 76 65 29 2e 66 61 69 6c 28 63 2e 72 65 6a 65 63 74 29 2e 70 72 6f 67 72 65 73 73 28 63 2e 6e 6f 74 69 66 79 29 3a 63 5b 66 5b 30 5d 2b 22 57 69 74 68 22 5d 28 74 68 69 73 3d 3d 3d 64 3f 63 2e 70 72 6f 6d 69 73 65 28 29 3a 74 68 69 73 2c 67 3f 5b 61 5d 3a 61 72 67 75 6d 65 6e 74 73 29 7d 29 7d 29 2c 61 3d 6e 75 6c 6c 7d 29 2e 70 72 6f 6d 69 73 65 28 29 7d 2c 70 72 6f 6d 69 73 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 61 3f 6e 2e 65 78 74 65 6e 64 28 61 2c 64 29 3a 64 7d 7d 2c 65 Data Ascii: a=g&&g.apply(this,arguments);a&&n.isFunction(a.promise)?a.promise().done(c.resolve).fail(c.reject).progress(c.notify):c[f[0]+"With"](this===d?c.promise():this,g?[a]:arguments)})}),a=null}).promise()},promise:function(a){return null!=a?n.extend(a,d):d}},e
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 29 26 26 28 64 3d 6e 2e 63 61 6d 65 6c 43 61 73 65 28 64 2e 73 6c 69 63 65 28 35 29 29 2c 50 28 66 2c 64 2c 65 5b 64 5d 29 29 29 3b 4c 2e 73 65 74 28 66 2c 22 68 61 73 44 61 74 61 41 74 74 72 73 22 2c 21 30 29 7d 72 65 74 75 72 6e 20 65 7d 72 65 74 75 72 6e 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 61 3f 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 4d 2e 73 65 74 28 74 68 69 73 2c 61 29 7d 29 3a 4a 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 63 2c 64 3d 6e 2e 63 61 6d 65 6c 43 61 73 65 28 61 29 3b 69 66 28 66 26 26 76 6f 69 64 20 30 3d 3d 3d 62 29 7b 69 66 28 63 3d 4d 2e 67 65 74 28 66 2c 61 29 2c 76 6f 69 64 20 30 21 3d 3d 63 29 72 65 74 75 72 6e 20 63 3b 69 66 28 63 3d 4d 2e 67 65 74 28 66 2c 64 29 2c 76 Data Ascii: )&&(d=n.camelCase(d.slice(5)),P(f,d,e[d])));L.set(f,"hasDataAttrs",!0)}return e}return"object"==typeof a?this.each(function(){M.set(this,a)}):J(this,function(b){var c,d=n.camelCase(a);if(f&&void 0===b){if(c=M.get(f,a),void 0!==c)return c;if(c=M.get(f,d),v
2024-07-05 07:29:56 UTC	4096	IN	Data Raw: 61 2c 70 2c 72 2e 68 61 6e 64 6c 65 29 21 3d 3d 21 31 7c 7c 6e 2e 72 65 6d 6f 76 65 45 76 65 6e 74 28 61 2c 6f 2c 72 2e 68 61 6e 64 6c 65 29 2c 64 65 6c 65 74 65 20 69 5b 6f 5d 29 7d 65 6c 73 65 20 66 6f 72 28 6f 20 69 6e 20 69 29 6e 2e 65 76 65 6e 74 2e 72 65 6d 6f 76 65 28 61 2c 6f 2b 62 5b 6a 5d 2c 63 2c 64 2c 21 30 29 3b 6e 2e 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 28 69 29 26 26 28 64 65 6c 65 74 65 20 72 2e 68 61 6e 64 6c 65 2c 4c 2e 72 65 6d 6f 76 65 28 61 2c 22 65 76 65 6e 74 73 22 29 29 7d 7d 2c 74 72 69 67 67 65 72 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 2c 64 2c 65 29 7b 76 61 72 20 66 2c 67 2c 68 2c 69 2c 6b 2c 6d 2c 6f 2c 70 3d 5b 64 7c 7c 6c 5d 2c 71 3d 6a 2e 63 61 6c 6c 28 62 2c 22 74 79 70 65 22 29 3f 62 2e 74 79 70 65 3a 62 2c 72 3d 6a 2e Data Ascii: a,p,r.handle)!==!1\|\|n.removeEvent(a,o,r.handle),delete i[o])}else for(o in i)n.event.remove(a,o+b[j],c,d,!0);n.isEmptyObject(i)&&(delete r.handle,L.remove(a,"events"))}},trigger:function(b,c,d,e){var f,g,h,i,k,m,o,p=[d\|\|l],q=j.call(b,"type")?b.type:b,r=j.

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:56 UTC	674	OUT	GET /mdod/tharep/assets/icon.png HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:57 UTC	303	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:25 GMT Content-Type: image/png Content-Length: 31455 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-7adf" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:57 UTC	3793	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 28 00 00 00 21 08 06 00 00 00 ab f1 e9 a5 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0e c3 00 00 0e c3 01 c7 6f a8 64 00 00 00 1f 74 45 58 74 53 6f 66 74 77 61 72 65 00 4d 61 63 72 6f 6d 65 64 69 61 20 46 69 72 65 77 6f 72 6b 73 20 38 b5 68 d2 78 00 00 00 16 74 45 58 74 43 72 65 61 74 69 6f 6e 20 54 69 6d 65 00 30 39 2f 33 30 2f 32 31 89 d4 8a 77 00 00 02 04 70 72 56 57 78 9c ed d7 6d 52 83 30 10 06 e0 b8 b1 09 0a 88 95 c5 1c a4 77 ca 6f af 93 cb 78 00 27 77 f1 06 62 c2 47 1d b5 28 c4 16 bf de c0 d2 76 68 e7 d9 84 0d a4 0f 4f f7 8f e2 4e dc b5 b1 79 df 85 f7 de b5 ad f3 61 f7 ce 85 dd 59 df 5a ef ad 0b bb b3 d6 5b 1b 8e 76 e7 fc ce b9 9d f5 3b 1b 8e 56 58 2f 6c f8 Data Ascii: PNGIHDR(!sBIT\|dpHYsodtEXtSoftwareMacromedia Fireworks 8hxtEXtCreation Time09/30/21wprVWxmR0wox'wbG(vhONyaYZ[v;VX/l
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: dd 33 2e 21 d9 19 c7 73 cf 28 27 cb 06 93 65 a3 92 65 19 f6 ec ce 22 26 61 de 79 c0 90 f1 b2 e3 8c b2 72 92 f3 99 e4 fc 58 c3 36 78 c3 70 41 df 00 1c ea 31 39 3b a3 90 1e 36 78 03 92 e5 c7 73 ca cb 35 52 e3 06 03 6e 5b 5a 04 d1 76 4b 8f 7d 33 62 df cc d8 b7 fe 40 30 38 9e 84 f0 8f e9 9d 65 b3 17 05 04 f0 06 c7 8f 53 8e 97 7b 9a 1a 7b 98 5a d5 59 ca d8 ab 6d 42 64 18 e2 11 48 65 76 fc 38 e5 78 39 69 d5 99 b4 ea 95 b4 ca 79 17 2e 0d 2e e7 82 b4 66 c7 8f 53 8e 97 93 96 c5 a4 65 55 d2 2a 22 ad c7 5c 5a 4d 9a dc 0e d0 78 cc 65 12 1c 3d 96 1e 2d 27 27 8f c9 c9 ab e4 54 a6 57 bd a3 d4 cb 51 82 03 67 c7 8f 53 8e 97 93 d6 88 49 6b 54 49 ab 88 b4 82 80 46 8f 4c 6c f6 16 34 d1 bd 9a 95 88 ee d5 ac a4 9c cc 86 4c 66 c3 4a 66 73 65 36 dd a5 00 76 19 9c d6 38 4e 58 82 Data Ascii: 3.!s('ee"&ayrX6xpA19;6xs5Rn[ZvK}3b@08eS{{ZYmBdHev8x9iy..fSeU*"\ZMxe=-''TWQgSIkTIFLl4LfJfse6v8NX
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 90 b4 67 78 0c 34 ea d2 60 88 e9 9b 5a 91 d6 cf af 44 e3 95 ac 01 db 8e 80 d5 36 67 95 b1 8a 34 56 91 5a b0 a2 e9 6e af 75 33 d9 3d 3a 41 70 76 8f de d3 c6 81 6f 86 0d db f7 6c cb 08 ca a6 1f b8 a2 05 03 c2 6e 8b 2a db 6d bd 61 4c 86 ff e1 db 1e 2a 78 eb 2d 56 d4 39 41 c9 eb 60 17 fc af f2 7f c0 f8 57 04 cc 15 ec bb b4 6a 00 47 21 e6 d5 b3 35 7c 17 94 63 d3 04 a6 ef 01 3b ec c0 79 81 37 7f 46 7c 3f a4 6b 59 b4 e7 2b dd e5 4a 61 6f 0d be 82 ba da c4 97 63 85 ad 48 7d ad fc 03 78 fa c3 f4 c8 21 d2 3b 72 b6 48 85 ff 1f 76 76 a6 ea a3 99 23 7a 00 00 00 be 6d 6b 42 53 78 9c 5d 4e cb 0e 82 30 10 ec cd df f0 13 00 83 e0 11 ca c3 86 ad 1a a8 11 bc 81 b1 09 57 4d 9a 98 cd fe bb 2d 20 07 e7 32 93 99 9d cd c8 2a 35 58 d4 7c 44 9f 5a e0 1a 3d ea 66 ba 89 4c 63 10 ee Data Ascii: gx4`ZD6g4VZnu3=:ApvolnmaLx-V9A`WjG!5\|c;y7F\|?kY+JaocH}x!;rHvv#zmkBSx]N0WM- 2*5X\|DZ=fLc
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: dd b5 bf 8e 19 9e f6 54 07 a7 f6 bf 15 ea 6f e0 1a 94 77 af 7c 53 66 17 ae fb dc c1 d3 9f 94 7f 2b 9f d6 e9 29 b3 b7 ce 3b 19 17 b4 ec cc 46 01 e5 16 b3 b4 3b 3a 78 0d fb eb d8 c9 c7 f7 e2 29 2f 88 4f 53 ce 0b 79 b2 eb 55 fa 93 f2 6f e1 d3 32 de ce 65 03 ca 29 56 65 33 27 77 ae 94 e7 91 67 47 67 99 8e 3d ef 4a fe ae 5e 83 c1 60 30 18 0c 06 83 c1 0a c4 be 88 f9 9c 82 75 20 6b 98 55 2c aa 4b 13 73 db 1d fe e7 1e d8 91 35 80 6e 1e 59 e6 ae 2c f7 06 e7 62 58 77 7b 0c 7f 05 e2 1f ac bf 77 d6 26 dd fa f5 99 fb 19 33 ae 51 d7 94 81 f8 4e ac f0 51 65 76 d7 1f 09 8f 5d 07 a8 af c6 b7 ba f6 af 67 63 48 af fa cb 9e e7 19 ee 69 bd 9d f7 8a 7b ee 97 f4 cc 41 a6 33 9e e9 f4 49 7f f3 38 86 c7 68 b3 f2 77 f2 ca 64 cc d2 75 d7 77 cb c8 f4 b8 83 55 1c 49 f7 e4 57 e7 71 94 Data Ascii: Tow\|Sf+);F;:x)/OSyUo2e)Ve3'wgGg=J^`0u kU,Ks5nY,bXw{w&3QNQev]gcHi{A3I8hwduwUIWq
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: d6 e1 69 83 60 14 86 51 07 71 11 07 71 10 17 71 10 07 71 11 07 b1 bc 81 0b b7 a6 21 ff 8a 09 e7 81 43 9b 4f fb eb 4d 6c ce 53 92 24 49 92 24 49 92 24 49 92 24 49 92 24 49 92 24 49 1f d1 71 1c e7 be ef 4f e7 39 cb b5 77 f7 bf ba 4f f7 6f 5d d7 73 1c c7 73 9a a6 c7 cf ec 18 fd 2c f7 d4 bd 75 16 cb b2 3c 5e c7 30 0c 7f be 87 74 ef b2 63 95 7d b3 61 76 ad cd fb 3d b5 7f d5 37 bf fe 8d ee 5f b6 eb 7b 56 39 eb 9f e5 7a 9d 7d fb c6 d9 bf ba 5e d3 fd cb 73 be ef 5f ff d7 e7 79 7e da 3f d7 ec ff 7d 65 db 7a ee d7 ef db b6 fd fa cc f7 e7 bf fd bf af fa 1e d7 f7 ab f7 40 ae d5 77 fb 9c 45 d5 9f 1d d7 6b 92 24 49 92 24 49 92 24 49 fa f7 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 40 Data Ascii: i`Qqqqq!COMlS$I$I$I$I$I$IqO9wOo]ss,u<^0tc}av=7_{V9z}^s_y~?}ez@wEk$I$I$I@
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 64 98 49 81 e9 fe 6c fe f4 f2 27 4e 0d 61 86 64 c4 a2 47 33 b9 25 8d 86 bc 23 ab 29 3f e8 bc cf 24 05 01 73 1f 1c df 09 03 5f 35 3d 13 b2 ed 59 1c c7 42 52 23 2d 6b 22 71 47 50 2d d0 65 12 fe 22 e7 66 ad c1 08 c2 e1 25 d6 a9 2d cf 93 33 1e 37 ea d0 e4 cc c8 38 d4 4d 39 99 19 81 cf 8a 19 8a 2c 1b ac e8 e4 5f 2a 6e 3b 48 82 c1 fa c6 45 16 42 c6 b1 86 1d d6 63 6c bf 7e f8 ce ee b1 e7 0d cb 9d 5b 83 8e 2f 73 61 9f 67 b8 49 15 17 45 08 32 e5 2c 7a 03 d2 31 da 17 74 81 1b 3a 92 6b 4c c6 d3 e7 ce c1 06 a1 cd ed 1c c8 99 08 0f e5 a3 8b 47 29 e6 1c d4 7b 12 37 ca 6f f0 cb c5 6e 64 a8 f8 a4 e8 b7 f0 e1 95 7b 40 72 f5 50 98 3e 10 c6 6b c2 77 8c 6b d7 bd be a1 0b 23 b8 0f 6b 58 17 66 79 91 12 d6 45 c7 f7 9a c8 41 a9 cd 42 c2 39 c2 75 4d 10 b0 db de 34 50 3d b9 5f 04 Data Ascii: dIl'NadG3%#)?$s_5=YBR#-k"qGP-e"f%-378M9,_*n;HEBcl~[/sagIE2,z1t:kLG){7ond{@rP>kwk#kXfyEAB9uM4P=_
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 7c ec 59 cd 59 fc 99 8e 36 fd 6a 1b 97 72 03 31 d1 31 15 6b 34 f8 fa 69 27 58 c9 19 fc 66 83 5c 3a dc 65 ae de bc f7 20 dc 7e b9 50 39 9a e5 d2 31 ed df 8d 8f b3 0a f6 1f 86 26 37 8e 38 51 a1 61 70 65 f5 c7 f1 ef 86 e8 f6 88 35 20 39 6f 73 a6 4d da 79 97 09 f5 4b 04 2d d1 db 75 8a a4 75 16 39 e6 dc 07 42 64 78 37 48 87 56 99 be d6 d8 26 a6 5f 0f a8 af 9d 21 43 f2 a3 6c 01 18 67 4c 0e 20 ff 30 34 89 b1 7f b7 79 53 f7 02 a5 7d 7c fe 71 d9 b3 de 6b d0 f0 ec 01 d9 fa cc 62 ae 73 3a 01 66 ba 27 2f d0 fc 82 c0 0e 1d e3 bc b3 40 21 fe 5d 25 b9 83 dc 7a 23 d7 3d c4 4a a4 73 c7 60 33 97 7f 57 20 65 7a 3c 8d 50 49 47 f2 0f 43 93 82 ae fb 30 a8 40 e8 34 ed c7 fb bf 0b 03 d5 de 1e fb 35 b8 02 35 67 b5 95 78 ff 63 8e ed 54 bf 47 f4 dc fb 55 19 f4 23 af 52 d4 1b 43 43 Data Ascii: \|YY6jr11k4i'Xf\:e ~P91&78Qape5 9osMyK-uu9Bdx7HV&_!ClgL 04yS}\|qkbs:f'/@!]%z#=Js`3W ez<PIGC0@455gxcTGU#RCC
2024-07-05 07:29:57 UTC	3086	IN	Data Raw: 6a 06 68 53 49 58 55 0e 93 91 22 31 41 35 46 1e 7f 72 34 06 d7 12 7b fc e1 dc eb 41 e4 97 e9 6c 6a 9f 77 b8 54 f0 ce e1 96 dd 74 36 3c 1d ef 2f 4e c1 a0 20 8d 5c fb a4 f5 f3 ab 52 a5 74 c7 fb 0e 98 61 7c 0c c6 69 a8 cc cd 3e 89 54 2e 9a 57 6f 3e 3e ff 78 8c 95 cf af bc 59 bc e6 c8 7b e7 b7 b7 00 6d 2c 07 4a b2 7b 67 67 7d c9 76 7e 29 ea 5d 0f 17 d1 e6 73 21 3f 77 f8 e8 f7 58 9b 89 81 e6 e8 98 1e 47 97 46 b0 a5 6c 21 37 8e 86 55 9c d6 7c 43 6e e1 16 66 ef b3 85 3a 2e 40 6d 71 25 ae c1 e8 87 94 b1 7f dc ff d3 52 06 17 75 3f 07 2e 96 8f 3a af e8 61 42 eb bc d6 ba cc cc 0f 45 23 47 1c 83 67 27 79 58 ab 44 e5 ff 75 87 53 57 ba e4 99 c7 8a 44 29 8c 98 32 31 d7 d1 b5 19 89 56 b5 88 61 67 57 ac e0 50 8e b3 b2 71 8d bd e7 ab cf c8 92 cf 0b 03 cd 16 73 94 1f 3f 7f Data Ascii: jhSIXU"1A5Fr4{AljwTt6</N \Rta\|i>T.Wo>>xY{m,J{gg}v~)]s!?wXGFl!7U\|Cnf:.@mq%Ru?.:aBE#Gg'yXDuSWD)21VagWPqs?

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:57 UTC	670	OUT	GET /mdod/tharep/default.png HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:57 UTC	304	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:25 GMT Content-Type: image/png Content-Length: 68377 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-10b19" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:57 UTC	3792	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 4c 00 00 01 7e 08 06 00 00 00 e9 dc 23 f9 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 20 00 49 44 41 54 78 9c ec bd 7d b0 65 d7 55 1f f8 5b f7 dd f7 d1 af bf 5b ad 96 90 e4 76 23 0b 59 58 42 06 cb 36 c6 b8 1f 32 f1 28 8c cb 50 8c 71 39 04 1c 27 90 84 30 24 01 82 1d 28 17 e3 64 3c 94 cb e3 a2 18 26 95 30 14 31 a9 40 11 86 22 19 92 4c 51 0c f9 60 fa 25 ad c9 8c 03 09 21 7c 18 07 8c 89 64 01 fe 90 65 e9 bd 56 77 eb f5 7b 77 cd 1f 67 af b5 7f 6b 9d 7d ee 7b b2 d5 fd ba 5b 67 49 af ef bd 67 ef bd f6 da eb ec fd db 6b ad bd cf 3e c0 48 23 8d 34 d2 48 23 8d 34 d2 48 23 8d 34 d2 48 23 8d 34 d2 48 23 8d 34 d2 48 23 8d 34 d2 48 23 8d 34 d2 48 23 8d 34 d2 48 23 8d 34 d2 48 23 8d 34 d2 Data Ascii: PNGIHDRL~#pHYs+ IDATx}eU[[v#YXB62(Pq9'0$(d<&01@"LQ`%!\|deVw{wgk}{[gIgk>H#4H#4H#4H#4H#4H#4H#4H#4H#4H#4
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: ad 7b d2 9a 60 38 2f ba 70 ce 48 fb 40 23 60 ee 23 0d b9 c3 39 6d 37 6b 25 e7 6f a5 b7 f2 0f f1 6c 01 cb 90 3c 2d 57 b8 d5 b6 bd 80 5e 8b cf 6e a0 97 ad c3 21 d0 6c a5 e7 36 0c c9 b4 5b da 10 a0 b6 f2 ce 0b 81 b4 ca b4 26 22 2d e7 a5 8e 74 ed 69 54 fc 3e 51 76 b7 80 61 70 68 95 cd 94 79 71 5e be 3e 8f e7 6e f5 cf 03 90 96 fc ad eb 5c 57 2e 6b 9f fc d7 b2 b6 e6 c9 39 64 6d b6 64 9d 47 cc 67 1e c8 0e 4d 6a 43 80 b7 5b b9 dc 4e e6 47 bc 0e cc 15 7e a4 ab 46 23 60 ee 13 b5 40 a0 95 a7 b5 10 d0 ba 3e 94 36 6f a0 b6 80 67 68 a0 ee c5 3a cd ed da 6b fa 3c d0 d9 0d 58 32 9f 56 fb f9 b3 65 c1 0e f1 ca 7a 1d 72 d1 5b 32 64 3d 73 dd 43 f7 34 e7 6f d5 db 6a c3 48 d7 8e 46 97 fc 3a a3 d6 00 de 2d ae d8 72 f1 96 a6 0b b8 f5 f8 21 3c f4 f2 d3 b8 e7 ce 93 38 72 70 05 8b Data Ascii: {`8/pH@#`#9m7k%ol<-W^n!l6[&"-tiT>Qvaphyq^>n\W.k9dmdGgMjC[NG~F#`@>6ogh:k<X2Vezr[2d=sC4ojHF:-r!<8rp
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: cc ab 41 eb 9b b7 03 f2 6e 40 d6 a1 fa 4e a8 d6 c0 94 10 2c a8 62 f3 ce 97 e3 e2 c9 97 f4 ac 4a b6 2c 4e 9f 3a 1e b6 af d4 ed 39 d5 da 89 ee 6e 39 54 c2 06 9c da 43 84 ea 96 1c 87 0e 3d 56 e7 e9 7c 02 10 0f 68 24 eb b0 ca d2 c9 50 42 02 5c 58 2b cc 18 2f a1 46 34 82 00 ce 2f 5f 03 50 b7 40 15 3e f5 49 1a 83 3e 2b af 01 c0 f8 74 a2 0e c4 34 ea 0b 04 78 66 2d 5b de f2 3d cc 23 5a f7 5a 22 c8 6a a8 4e d6 73 6e 64 35 aa fd 7e 9a ce 56 57 96 71 cf 4b be 08 2d 12 11 28 c7 b1 b9 2f 01 af 85 ea 3f 84 ea cf 63 7d e3 cb 47 e0 bc 3a 34 02 e6 0b 49 eb 1b 4b 58 df 58 03 f0 73 00 de 0f e0 0e 88 4c 68 54 74 f9 7c f0 0a 74 61 11 97 6e 29 cf 86 37 40 53 d0 ed c1 24 cf 14 be b5 a7 2c 1c d8 b8 a9 eb 18 e6 67 c3 d1 91 42 76 34 e8 c9 8d 36 b7 d5 40 22 14 90 3a 2e 1d 63 68 fb Data Ascii: An@N,bJ,N:9n9TC=V\|h$PB\X+/F4/_P@>I>+t4xf-[=#ZZ"jNsnd5~VWqK-(/?c}G:4IKXXsLhTt\|tan)7@S$,gBv46@":.ch
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: d3 65 84 19 a5 b4 35 2a 6c 9e 59 9e a8 97 37 ff 36 e3 41 bd 7d 29 fb ab a0 f8 07 38 b7 f1 c0 de 2b bd f1 e9 c5 01 98 dd 29 d3 7f 1b 22 df 07 85 bd c3 14 f5 53 d3 6f 1a fd 36 13 2b fa 2e d0 9e a8 65 91 a6 df a5 ce d9 e2 32 76 56 56 6b b9 c8 a5 c9 bb 79 5d 64 20 3f 31 ab e3 b9 c5 20 8a d8 9b 50 e6 24 49 ba 2e 69 be 50 f8 3b 7d 3a 77 bf 3c 25 94 8c 7b 36 b4 f8 d5 1a 6c bc 66 99 55 b5 58 c3 55 88 e0 42 13 3f 05 bb d7 f5 40 66 ab c3 f3 0b f3 50 d4 ed 58 f1 94 28 b8 8c fd 49 a0 16 8f c2 9b b5 9d cf 1b 35 6e f6 73 67 69 19 b3 85 29 bc 3f d6 20 72 64 d6 5f ed 4a 02 30 e5 3e c8 bc 92 02 5a f9 3b 59 1e 06 e4 43 58 df bc a7 51 c1 4d 49 37 3f 60 ae 6f 1e 02 e4 03 50 bc 1b c0 8a 77 2a ff 04 3c 5e e9 53 bc 8d 14 36 3d 1a 9d 14 88 83 c0 b6 62 04 14 a9 ee 6c af 9c fb 3b Data Ascii: e5lY76A})8+)"So6+.e2vVVky]d ?1 P$I.iP;}:w<%{6lfUXUB?@fPX(I5nsgi)? rd_J0>Z;YCXQMI7?`oPw<^S6=bl;
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 72 dd 65 60 86 77 ce 80 ce 7f cc 03 01 c6 a7 e3 51 37 6e 77 6d ce ef c5 71 3e 86 3d 25 96 ba 63 ea 08 ac ab 4c c1 d2 2a 72 d4 3b 65 ff d6 b6 44 8c ab b2 bb 74 b6 e0 64 93 01 b3 76 73 3b 1a 49 be ed 08 9a d4 65 d0 5d ad 2e de d4 ef 21 09 11 c2 9d 78 2f fb 5d 80 00 14 12 0c c0 d9 6c 07 dd 0a 79 d9 f7 aa c0 53 ba 8c 5f d5 5b 42 b9 c0 79 60 4e 6e c7 e9 5b e8 da 28 dc 33 06 1a e5 68 e2 68 b2 e3 fe e4 1e 80 e7 98 42 f1 bd 80 be e9 46 d9 9f 79 fd 03 e6 fa e6 04 aa ef 82 94 b8 25 80 fe 9d b4 1b 92 6f 24 fd 08 9d 98 ca db 48 f3 d1 a9 e8 bb 2f cc 23 93 d6 72 06 9c f9 5c 4c 5e b6 ee c9 de d1 bf d1 53 f8 94 ae 54 0c d1 0e 94 66 69 2f 9e 8b ea 31 4a ed 0d a1 a8 8b fa 0c ba 00 fe b8 7c 18 f4 61 42 a8 b2 c5 b7 3d 96 2d 37 04 90 51 4b 1a ca a8 a8 03 08 54 b1 20 9d 4c 79 Data Ascii: re`wQ7nwmq>=%cL*r;eDtdvs;Ie].!x/]lyS_[By`Nn[(3hhBFy%o$H/#r\L^STfi/1J\|aB=-7QKT Ly
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 2c c2 da ad b4 8c 59 a9 a0 2e 24 86 d2 6e 01 8d a2 1a df 68 c5 8b 87 7e c3 5e d6 d2 87 6a f9 38 81 db 5c 72 41 27 f8 ed ed 95 6e ef 69 e8 47 cd 1b 8b 36 51 d9 1c db ee 14 15 d3 f8 06 b6 56 bb ad 62 6b 58 ae 96 e3 26 c1 53 49 79 78 08 b7 e4 0a 8a a7 4f 96 a1 eb c0 67 00 bc 73 3f 8f 80 db 9f 8a d7 37 00 c5 5f 06 70 06 40 e3 66 29 f2 00 ea bd d0 29 cc 9c e5 9a e4 32 80 5f e4 ce e2 65 f3 8c 6c 1d a3 d5 f1 10 eb 34 f3 c8 67 4d ad 7d 79 68 96 ec 4d 02 74 9d 3b 5c c6 50 55 ec 40 f0 c4 6c 19 db 69 c0 e4 d5 65 d3 45 05 bb 2a 90 4f 03 6a 7d 5c 5c 74 03 16 cb ef 56 9d 58 ba 59 76 9e 52 41 23 75 f4 ce 6a ca 20 41 4d 53 7a e2 a5 7c cf 8b b3 b5 95 4a 0f a9 58 3e f1 5b 54 c7 bc b9 c9 da b3 9b 33 59 db 6b 1c 92 26 01 ca 24 fe be f2 50 91 f3 40 02 60 ef 3a 2e bc 22 17 f5 Data Ascii: ,Y.$nh~^j8\rA'niG6QVbkX&SIyxOgs?7_p@f))2_el4gM}yhMt;\PU@lieE*Oj}\\tVXYvRA#uj AMSz\|JX>[T3Yk&$P@`:."
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: fe be 0f b4 d4 b5 03 c1 ef 5c 59 c1 67 67 53 13 24 95 4b fd 22 eb dd 6e 10 a3 bd a6 ef 82 9a 27 1b 10 42 bc a8 98 97 f1 4c 45 9e a0 3b 92 c9 fb 3c 0d 68 a1 7c fc f4 5e 93 08 98 43 15 52 f5 e2 c5 0d b8 a5 96 b3 1b d3 d1 31 40 fe 5b ac 6f 5c 35 5c bb 3a 8c 3b 77 fc cf 75 ab 57 36 43 a1 ea c6 95 c3 00 92 66 c5 68 96 d5 74 df 69 cd d7 9d 49 fd 74 d0 a3 0e 68 ca ed bd a7 27 75 1c 01 81 64 40 f6 ca 8f ad cc fc ce e8 3c 19 b0 5c a1 43 a2 ca 9f 81 b7 b7 10 54 e5 9e 01 f8 fd 9d 83 b8 a8 53 ea bb 75 5f a3 86 ea 88 bf 74 af 8e e8 eb 9e eb 97 92 cf 54 a0 55 1f 79 bc 19 8c 95 7a a5 b4 c7 36 19 f1 38 8d ab f2 12 c1 97 ba 47 50 15 2d 9c 94 ea c8 d5 97 00 70 42 03 2c 3c 09 6e 73 43 b1 40 39 ae 1b 40 bc 0c f8 c8 db 00 12 ce df af 49 75 fb 9b 31 d4 ea cf 23 58 d3 e5 d2 05 Data Ascii: \YggS$K"n'BLE;<h\|^CR1@[o\5\:;wuW6CfhtiIth'ud@<\CTSu_tTUyz68GP-pB,<nsC@9@Iu1#X
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: c0 f6 35 9e 04 e0 fc a9 a4 73 ae 55 1e 71 3d d3 97 42 c4 af 4d 6d 00 82 15 c6 37 e4 07 79 ae d1 69 9b 6d b0 bd 25 ff 09 be 04 3a c8 76 c3 b5 c6 73 25 7a d9 5e dd be a4 a5 c5 53 44 01 0f ed ba 87 60 ec a8 a8 f5 ed 1e d3 0f a3 47 a5 b6 0c 1f 50 db 11 e2 97 fd 90 e5 63 be c7 32 df 86 8f 9d bd 24 c9 e1 a5 58 d4 39 83 ea fb 47 24 47 9b ba 00 f0 ec a9 a6 33 88 8a 34 c0 e2 8c a8 dc 53 2a e3 91 46 92 72 10 e9 bb c2 05 f1 4d 73 b9 1f 68 99 62 99 16 f1 cc 1d ef fc e4 88 4a 47 78 c9 65 b2 d1 35 67 ab 4d c4 65 63 92 c0 52 43 8f f4 f2 f9 d5 15 78 4e 37 71 a5 2e 31 be 9c 20 be 44 82 fa 2a 8e 8b 03 86 d1 14 a0 d9 bf 92 99 b0 e7 d1 15 e8 5f aa e7 03 89 d2 8e bd 28 92 f2 a0 82 6d a5 cb 1f 60 1a d8 84 cf 22 89 13 7b cb 2d 14 9c 94 5e cc 8c 75 6a fd b8 b1 af 54 93 0c 26 d4 Data Ascii: 5sUq=BMm7yim%:vs%z^SD`GPc2$X9G$G34SFrMshbJGxe5gMecRCxN7q.1 D_(m`"{-^ujT&
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 3a c6 92 38 28 46 f6 eb 26 bd 9c 21 fa 16 6c 30 9f e4 3d 92 2a df 76 6d 40 36 b2 6b 3b 0a 09 35 53 15 19 62 5d a9 67 ff 19 0f 52 38 0e 9f 67 52 57 f2 37 e5 f5 4b 9c aa 6f 9b 26 50 63 d5 69 54 f9 ac ec a2 f0 7a 6a 98 e1 e7 77 af c6 0f bd f4 96 71 ad 65 c8 6c 04 55 01 d4 96 06 0d 80 60 bd fe e7 fd cc 36 0d b4 3e c1 7a 21 5b cc ef 02 98 56 e9 43 6f 87 7d 25 f3 66 bc bb 3e 32 4d ee 14 00 79 d5 87 a6 b2 a4 57 ef 20 e5 e7 c9 17 83 ef 68 6a 43 6b 19 a5 32 5c 97 db a9 c7 75 b8 fd ec a1 13 c5 c3 01 a6 ea 26 54 af 8d 9e 0f d4 a8 c4 80 55 ee 87 61 b1 19 0a 85 0e ce 40 33 40 5a 78 77 63 60 70 a2 ce 60 7e b2 97 65 a0 82 d1 d1 ca a7 90 91 73 94 55 ba d9 80 58 8a 6a 9e b1 22 de 03 d1 09 d1 4f a3 71 e5 fb cc 6f 25 d8 77 1c 96 d3 87 4d e3 ac dd 43 c3 0e fe f6 de ad f8 c5 Data Ascii: :8(F&!l0=*vm@6k;5Sb]gR8gRW7Ko&PciTzjwqelU`6>z![VCo}%f>2MyW hjCk2\u&TUa@3@Zxwc`p`~esUXj"Oqo%wMC
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: b1 1b 4b 44 bd d4 a1 b0 16 36 68 d1 78 27 5b ee 65 8e 06 7a cb 95 62 b9 9a 63 ef 00 38 bb bb 07 99 08 26 22 d8 da dc 18 01 75 0e c8 6c 1b d3 c9 04 22 e3 4e 41 c3 6a 85 f9 7c 1f 07 07 7b d0 61 00 44 30 34 cb 81 10 80 a1 bf 54 c9 9e 25 53 2d 20 15 76 3f a2 a1 ed 64 32 c1 d6 e6 06 ae 38 7e 0c 57 f8 17 40 a9 ef 82 6d b1 be 19 d8 aa 8e ba 76 1b ec 92 69 17 90 c9 c0 e2 e0 4b c0 90 6d 8b e4 0b c0 c3 b7 b2 b9 35 f6 49 c9 4a 64 b4 d0 4b 36 1f 6c 98 78 55 3a 0f 3c 66 7f 2b 7f 43 e6 99 ed 9f ea 75 6d 9f 13 1b ed e8 e3 6b 3f 8e 90 61 f6 40 d3 98 ea a0 60 2f bb 04 10 17 55 a7 fb 76 78 13 a9 d3 bc ad 0e 40 d9 45 00 ec 86 20 75 e2 85 8e 4e 87 e5 b1 1c 4f 4e 3b 3d 06 eb 94 41 e4 80 c0 6f e4 85 ea 3b 2d d6 71 b9 0e ed 30 2f c4 a3 b5 df cc cf 02 b3 e9 04 57 1e 3f 86 83 cd Data Ascii: KD6hx'[ezbc8&"ul"NAj\|{aD04T%S- v?d28~W@mviKm5IJdK6lxU:<f+Cumk?a@`/Uvx@E uNON;=Ao;-q0/W?

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:57 UTC	664	OUT	GET /mdod/tharep/1.png HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:57 UTC	304	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:25 GMT Content-Type: image/png Content-Length: 66707 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-10493" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:57 UTC	3792	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 bd 00 00 00 83 08 06 00 00 00 d8 a7 1a ed 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0e 74 00 00 0e 74 01 6b 24 b3 d6 00 00 00 1f 74 45 58 74 53 6f 66 74 77 61 72 65 00 4d 61 63 72 6f 6d 65 64 69 61 20 46 69 72 65 77 6f 72 6b 73 20 38 b5 68 d2 78 00 00 04 97 70 72 56 57 78 9c ed 58 6d 7a a3 36 10 1e a1 38 1b 87 12 8f 8d 17 57 49 55 bc 67 e0 1e 7b 0c ff de eb f8 32 3d 40 1f ee d2 1b d4 3b fa 02 41 2c 0c 36 71 ba 4f f5 62 30 20 31 ef 7c 69 24 f8 fb df bf fe 81 1f f0 fd a4 50 d3 76 aa e9 78 3c 1d e9 77 38 1d 8e a7 03 1d ab d3 01 4e 55 75 aa a0 d6 9d 6a bd d7 f5 91 b6 fa 48 c7 43 7d 38 d6 07 3a 56 75 75 a8 2b 3a c2 51 37 2b 1c 14 aa aa 82 88 88 88 88 10 50 ff dc 9f 39 Data Ascii: PNGIHDRsBIT\|dpHYsttk$tEXtSoftwareMacromedia Fireworks 8hxprVWxXmz68WIUg{2=@;A,6qOb0 1\|i$Pvx<w8NUujHC}8:Vuu+:Q7+P9
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 9c 9e fa 28 bb cc 20 5f 21 5c 5c f5 a8 9e 3c b6 ce e0 49 bd e9 50 f9 8a 64 62 45 4b 2c 55 be d0 a3 e9 46 8b 05 69 07 a6 e8 04 3e 81 fd 37 94 f0 9a f5 f8 e9 32 26 b0 55 3c 01 2b 60 58 9f 6d 34 c2 f2 54 c1 9d 5e d2 f4 0d 75 10 6b f3 47 94 2b bc 73 1d 4c 55 52 1a 52 25 ac 3b c9 c5 ae 40 6a 35 e4 eb 87 42 81 af 2f a7 40 99 3f 28 a6 71 a6 cb 5c dc 8b 89 e7 b1 99 ba c2 0d d6 2c 66 96 ed 72 da fa 3c 8a 9c 2f 29 94 f9 08 c0 f3 47 24 f2 75 76 79 05 71 79 76 da 91 3e 22 87 79 90 18 e2 7a 99 15 98 2c ad 65 fe 8d 9b 0e 02 67 21 f8 22 86 e0 3f 29 89 b3 4d 99 8a d2 18 52 62 b0 c4 c3 ae 11 8e e6 ec 50 7a ee f5 01 8c 95 0b 18 21 4a 42 f8 35 49 41 3a 15 f9 d0 8e f0 43 b8 fc d2 e1 ce 24 de 22 5b 90 8d 79 97 e2 ca e1 2c 29 fc cc a5 f0 86 56 bc 7c aa 7e bd a6 c5 07 64 60 cc Data Ascii: ( _!\\<IPdbEK,UFi>72&U<+`Xm4T^ukG+sLURR%;@j5B/@?(q\,fr</)G$uvyqyv>"yz,eg!"?)MRbPz!JB5IA:C$"[y,)V\|~d`
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 7d f7 4f 26 5b 42 26 b1 47 88 62 8f ab f5 dc f3 47 b1 6a 59 59 77 69 5f 13 b2 fa 89 d6 64 47 3c 7e 74 01 db 11 ff 84 4f 06 7b b4 76 3b 95 d6 93 e9 1a e2 4a e5 93 ee f7 2e 24 52 03 39 d4 28 f7 58 a3 1c 24 fe b6 c9 32 5a e4 21 ad 2a c2 65 6f b6 48 3e 27 18 be fb f2 98 30 c3 d8 65 55 35 e3 df 4b 9f 8b be 3f ef ae c0 fc 9a 58 3b 54 fe 99 ed ea ed 15 ab 7d df a5 58 e1 96 ff ec 7a fa 4d 63 f7 e7 0d 16 96 70 64 f6 1b 2c c4 e7 ef ab 37 58 dc f7 37 58 c8 b9 38 7c d3 e0 01 e9 ca 65 c5 c3 0b f1 b0 d8 4f c5 c3 f7 97 87 45 b6 bb 3f 2c 2c 72 6b c5 c2 0f 97 85 e9 6d 9c 93 23 17 68 78 d2 d9 e9 dd 8e 1b bb ed d1 38 08 54 fa 37 69 b1 6f 75 fa 37 69 75 22 b6 7e 42 ab 25 ef a7 ef b2 88 7c e7 20 e5 3b 9f 66 b6 74 9b 27 fd 31 f4 d2 6b 8c 70 b3 d7 a2 8d 7b 34 1a eb f0 ad 37 1a Data Ascii: }O&[B&GbGjYYwi_dG<~tO{v;J.$R9(X$2Z!*eoH>'0eU5K?X;T}XzMcpd,7X7X8\|eOE?,,rkm#hx8T7iou7iu"~B%\| ;ft'1kp{47
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 37 d5 5a 6f da 72 9e ad e7 6a ad 7d 58 5b de ff 3f f2 25 22 b6 88 a9 1c 62 6e 97 fe 43 2c eb 1c f3 b2 66 ff 6c 56 df ae 99 fe 1f b7 ff 52 1e 63 ae 39 07 72 1d e8 b9 0e 94 b9 c7 78 b9 ff db b6 6b bd e5 f8 3f f2 67 fc a7 eb bf f7 bc fb 8d cd fd 9f cb 7d ac e5 7b cc b9 0e 94 32 c4 21 ef fd 63 ef d9 7f db 67 ad ff ff dd ff 5c ee e2 79 7c 7c ed 3f c6 21 8f d7 7f 3f fd 4f d9 7f bd f6 3f 66 ff 9a fd a7 ec 3f e9 bf 93 fe 73 bb cb f6 0f 69 c8 b1 64 fb b6 c6 90 4a d5 7f 0f fd 7b bf cb 3d c0 43 ca fd 5e 9d 63 a8 e7 18 6b ee 01 4b d7 7f 07 fd 5b ff 1a ad fe 88 96 6b 7f 2b 4b 94 f1 25 9f 03 e7 9c 0b 93 fe 3b e8 5f fb 7d 8e e1 29 db e7 71 c3 73 ca 39 31 bc e4 9c 58 f4 df 45 ff 6f 39 86 43 f6 ef d1 b3 7f cf fe fd d2 bf e8 bf 8f fe 0f 39 86 63 3e ef a7 ec 7e 8e e9 18 31 Data Ascii: 7Zorj}X[?%"bnC,flVRc9rxk?g}{2!cg\y\|\|?!?O?f?sidJ{=C^ckK[k+K%;_})qs91XEo9C9c>~1
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 60 27 9f 7c 72 82 df 73 ce 39 27 b1 85 be f6 b5 af 25 5b 74 05 b6 3f 7a 0d 3f 17 d8 53 b9 c9 c3 e9 ff a1 62 fa e8 37 f8 11 3a 90 9f 2f 7e 84 1e b0 a7 b5 7e 0c 00 7d d0 36 f8 95 8d a7 3c 6d c5 7c 95 03 00 7f d3 26 b4 88 6d c7 73 a4 07 b8 0f fc a2 1b 24 1b b0 31 34 6f 04 3a 50 5c 11 99 a4 f9 68 f2 f3 39 a6 5d f9 a5 dc cf b1 f2 d7 e3 b8 42 94 03 c3 41 e4 7b d9 7e f4 01 ef 45 df 41 c3 c8 ff f7 be f7 bd 89 cf 87 8c c2 16 38 ed b4 d3 12 7b 8f f3 47 1f 7d 74 62 0b d2 37 f4 8b 60 4f d0 40 e4 6b 70 14 e5 bc 7c 3f c5 b5 14 07 12 6e a1 73 fa 55 f8 a7 0f a3 6f a8 31 67 c9 5a da 80 76 62 3c 31 c6 b8 79 1e fd 83 9c c0 ce c7 0e c0 76 86 ff 01 fc 37 0a 7d 84 cd 4c 1d 0a fe 84 fc 7e f8 87 67 e0 f7 21 6b 34 a7 0c 1b 11 9a 91 7f 09 4d d1 36 cf 92 1e 96 cd b0 ab f2 5f f2 3a Data Ascii: `'\|rs9'%[t?z?Sb7:/~~}6<m\|&ms$14o:P\h9]BA{~EA8{G}tb7`O@kp\|?nsUo1gZvb<1yv7}L~g!k4M6_:
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 94 9f fb 3a ff 0b e0 3f f0 a4 ff b7 a1 0b 18 8f 24 b6 bc 3b 05 bc 6a 9d 14 e2 1a c4 a9 39 e6 59 c4 c3 89 9b b3 e5 3c eb 2d 68 1d 1e e2 dc d8 a3 d4 1d ae e8 5f d4 43 95 91 ee df dd ef db 9b 0b 10 6d 60 c6 1f 90 bf c8 66 c6 2c 95 b3 b2 3b 85 f6 69 87 e7 69 7d 0a e5 55 68 ed 7b ad 83 18 73 64 f4 4f 55 ad 7d 3f 54 d1 ff 57 86 2a 23 dd 3f d2 fb 6b ad fe f1 2a bb db ff c3 15 e1 5d 80 fe 97 3f 19 ff 87 b2 3b 05 be d7 5c 6b fd 33 12 19 23 fc 6a ed 2b e1 5a 6b 69 20 0f 90 0d bb 8b df 91 ee 1f e9 fd a1 c9 f1 2c 63 49 5b 92 fb d2 95 c8 4b d1 46 82 b7 4a cd 72 a5 9a e5 8b 55 2b 17 4a 49 29 f8 3e a5 58 cc 5b b9 98 b5 6a 21 6b b5 7c ce aa 79 ef 6b fa bc 94 f3 92 f7 eb de b7 05 e7 ff 42 af d5 0b 3d 56 29 96 ac 54 ad 59 b9 bf 6c a5 81 a2 e5 6b 45 cb 78 1b b9 7c c9 aa 65 Data Ascii: :?$;j9Y<-h_Cm`f,;ii}Uh{sdOU}?TW#?k]?;\k3#j+Zki ,cI[KFJrU+JI)>X[j!k\|ykB=V)TYlkEx\|e
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: b9 cf ea 57 4b f8 fb e0 bf bc a3 09 f0 ef de 42 52 ca 8e e8 81 c1 7a 52 f0 f9 93 d0 80 df 5e ef 7f ed 1a 52 93 65 f4 ca 48 50 7f 85 06 5e cb 86 83 3b ae 0c 26 0c ee 5b da 19 f0 b3 f5 a4 18 b4 04 fe a8 96 ec ef a8 c3 d5 81 70 3b 5b 36 b5 57 4a c3 95 8e 26 79 7f 2c e1 ff 01 c7 00 3b e5 9a 59 1f 62 00 00 0e d7 6d 6b 42 54 fa ce ca fe 00 7f 92 81 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 9c ed 9d 8d 91 1c 29 0c 85 1d 88 13 71 20 0e c4 89 38 10 07 e2 44 1c c8 5e e9 ea 3e d7 bb 67 49 40 cf cf fe 58 af 6a 6a 67 bb 69 10 12 08 d0 83 9e 97 97 c1 60 30 18 0c 06 83 c1 60 30 18 0c 06 83 c1 e0 3f fc fa f5 Data Ascii: WKBRzR^ReHP^;&[p;[6WJ&y,;YbmkBTx)q 8D^>gI@Xjjgi`0`0?
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 55 be 7f 79 79 39 d8 63 eb f4 af ad f4 ff fb fb fb 2f 4a 75 ac 7a 3f a3 ff 69 fb cf e0 ff 99 3e 3e 3e 7e da 00 73 01 6d a3 ae 2b 8c 76 c1 75 85 d5 91 f8 15 ce bd 59 9a 75 cc 38 b3 b4 fa b3 75 4e 19 d2 3f a4 57 50 3e ca 31 4a 73 a4 8a 57 69 56 ff e7 fc 91 fd 5f 75 4b f0 45 1f ff 89 cf b8 88 2f 72 9c cc f9 a3 c2 88 5f e2 9a 67 4b 95 57 5d d7 b1 9e 99 cd 45 59 1e f2 63 6c ca f3 2c 5b a6 9f 54 9c 59 1b 48 bb 54 be cf e0 ff 0e b6 9b f9 ff ed ed ed f0 8e 88 7d 78 a6 f7 c7 4c 23 7d 41 9b 20 bc d2 e2 9c f6 47 fc 9e 56 1d cb 37 bc 97 91 5e f7 7d 3e 93 69 d2 9e ba b2 2d e7 1c f8 e8 fe 9f 69 e6 ff ec 3b 7d 9e 4c 4a f8 b0 ec 58 ed 26 c7 54 ca 50 f7 33 fd 54 de 23 af f4 df a8 1d 67 ff ae f0 4a 1f 1f d6 f9 6c 0e 20 1e 65 e4 fd 27 ef 3d 8a d6 f8 3f 85 cd 98 6f e9 e7 f9 Data Ascii: Uyy9c/Juz?i>>>~sm+vuYu8uN?WP>1JsWiV_uKE/r_gKW]EYcl,[TYHT}xL#}A GV7^}>i-i;}LJX&TP3T#gJl e'=?o
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: bf eb 29 67 52 02 6d 20 c3 24 ac 35 bf 2c 20 94 45 83 78 fc 28 3f aa 3a 13 b6 67 c0 55 eb b5 85 17 46 bc 34 9e 99 ea c0 20 09 e8 e0 16 08 f3 b5 df b9 c3 45 34 8c 81 06 21 96 b3 71 3f 10 6c e4 98 07 90 f5 41 ae f5 0e 88 9f 16 59 76 b4 ee 73 3a 6d 52 1e aa 28 47 07 ff b0 5a df 79 da 47 71 84 2b 77 30 11 29 4e 7a fb f6 e7 e1 75 88 59 f4 2d c5 26 95 a7 8f e8 c0 22 a2 59 10 09 3d 27 49 86 fd ce 1d 83 38 f0 b7 e8 18 7b bb 99 6d 88 1b 4c 2f 7e 84 b9 8f 19 83 c2 21 fe 8f c7 fb ff 2e e3 42 ef ae e0 d8 d1 cc 41 3d a8 9e f8 e7 bc b1 59 99 cb 0c 7c 7a 04 f4 f0 3a 66 89 1b 23 c2 ac 7f 6f 68 b9 32 58 6a 81 f8 c7 bc 49 7c 31 d6 d8 69 33 13 41 28 7c f9 a7 76 10 66 31 c5 03 13 a5 d6 0d 4e 4b 80 88 9a 4c c0 cd ab 1a da 2e 9f eb d3 eb 3f d2 72 d9 5d c3 71 42 53 a0 5e 23 6f Data Ascii: )gRm $5, Ex(?:gUF4 E4!q?lAYvs:mR(GZyGq+w0)NzuY-&"Y='I8{mL/~!.BA=Y\|z:f#oh2XjI\|1i3A(\|vf1NKL.?r]qBS^#o
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: b5 38 5a 58 5d 38 c3 f8 5e 70 85 aa 77 51 eb 16 45 be e7 0d 26 08 ef 8c 87 ad 31 16 66 72 13 52 9a 03 c1 4b 69 fb f1 e7 d0 24 10 47 a4 16 ce 13 d3 f0 d4 dd 9c 9d 8f db c7 01 d0 95 18 1e 8c af f0 68 33 27 81 c0 ae c2 f8 94 b7 93 06 c7 7b bc 1c 14 01 b1 9a 1e 1e 3b 3b d6 7e 46 a0 f6 4b ee 33 37 d0 6b 9a 14 96 cc 75 3c 08 70 f6 b5 64 ca 8e e5 e8 88 2b 43 a8 7f 19 9a a4 08 99 0c 8d 52 e1 0f 91 f7 4d 7a b9 c6 8f e7 bf 37 1b 29 6e 00 d2 80 08 a9 e6 04 f6 d4 20 6c 45 03 0e 47 1d 1b 79 cd 6c bd 87 3a 12 cc 91 ff 49 8d de ed 92 6f 1f b1 42 ec 3c 41 5c 8e 8c 9a 5c 36 8f 64 f0 e8 fd 46 a6 e0 71 1f e0 cf a1 c9 85 51 89 5b e2 b5 31 3c 6b a8 ee dd 4e c3 3e de ff 97 53 25 7c eb 82 ce d0 95 ef 73 01 54 75 c6 6c 65 c1 f5 92 62 9a 41 7d 41 b8 eb e6 ed 16 9e cd b4 fe 31 e3 Data Ascii: 8ZX]8^pwQE&1frRKi$Gh3'{;;~FK37ku<pd+CRMz7)n lEGyl:IoB<A\\6dFqQ[1<kN>S%\|sTulebA}A1

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:57 UTC	664	OUT	GET /mdod/tharep/2.png HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:57 UTC	304	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:26 GMT Content-Type: image/png Content-Length: 79748 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-13784" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:57 UTC	3792	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c1 00 00 00 82 08 06 00 00 00 ff 8e ac 5e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0e 74 00 00 0e 74 01 6b 24 b3 d6 00 00 00 1f 74 45 58 74 53 6f 66 74 77 61 72 65 00 4d 61 63 72 6f 6d 65 64 69 61 20 46 69 72 65 77 6f 72 6b 73 20 38 b5 68 d2 78 00 00 09 1f 70 72 56 57 78 9c ed 5b 4d 96 db 36 12 06 a9 80 ac f4 b8 d1 e6 b4 62 c7 b2 3d 54 ce d0 2b df 21 5b 5f 41 eb f1 45 bc d7 15 7c 88 2c bd c8 d3 2d 7c 80 dc 60 7a aa 00 7c 64 11 02 d4 92 5a 6c 77 5e 5c 24 44 10 00 51 ff 05 88 20 fe fc df 1f 7f 99 ff 9a df ef 05 76 7c dc ef f8 77 bb f3 37 3b 9f 76 7c cb c7 fd fd d6 57 6c fd fd d6 a7 cd ee 7e b3 db 6d 76 9c d9 6c b6 bb 0d 97 6c 37 0c 77 5b 3e ef ee 36 77 66 b7 31 bb Data Ascii: PNGIHDR^sBIT\|dpHYsttk$tEXtSoftwareMacromedia Fireworks 8hxprVWx[M6b=T+![_AE\|,-\|`z\|dZlw^\$DQ v\|w7;v\|Wl~mvll7w[>6wf1
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: d6 1a b2 13 23 f9 d8 1d 50 82 e9 23 4f 34 7d 24 b6 4a 62 87 5e 23 a5 2d 31 02 22 69 aa 09 47 96 c5 4d 29 47 56 3a 19 49 17 8b 66 c4 bd 3b c5 ae 38 54 e1 8c 6c 47 10 65 2b 9a 98 7f f3 65 33 12 b3 d6 99 b4 35 8d d1 e7 48 26 dd 99 9e c5 fd fa 69 26 09 3d 55 ca 24 39 c3 12 78 3e 4e b8 f9 17 cb 5d 73 2f b8 90 25 98 c6 15 4c d3 08 2c c4 31 0e d6 0f 1c ac 13 5c 32 e0 10 3d 8d c2 73 f4 ad 30 dd 36 cb bb f2 e6 2d 4e c0 68 66 16 4c 86 10 5a 86 a1 50 98 6a 23 85 4e 05 96 5a 81 74 06 ee 25 0f 8b 83 a5 3b 2c f6 a1 48 67 87 02 36 52 3e db 66 91 8f 89 5b 4a 27 ce c4 f0 55 0c 43 cc 18 61 b1 87 4b 7e aa c7 bd b2 7c 1b e1 49 13 6c 05 20 c5 4c 56 ce d2 8c ef 31 50 75 0e aa af 0b f9 b5 01 cf 11 31 c3 3d 23 c2 04 d5 65 b0 3a 1c 57 87 01 eb 3b 0c 58 9f 03 eb 3b 62 bc 8e 1f ba Data Ascii: #P#O4}$Jb^#-1"iGM)GV:If;8TlGe+e35H&i&=U$9x>N]s/%L,1\2=s06-NhfLZPj#NZt%;,Hg6R>f[J'UCaK~\|Il LV1Pu1=#e:W;X;b
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 9f af 2c de 95 f5 5d d6 9a a3 fc 4c f2 10 7d 8a 58 3d ca b5 d5 85 28 03 f5 c1 4b e4 e3 28 8b 46 2b 9c 43 41 f6 8f 32 b3 9f f2 4c c6 fc 11 c2 46 2c 7f 83 b2 1c 64 32 c9 63 c0 f9 33 65 8b 10 f5 af 11 53 f1 1c 66 29 99 6f c0 1e 64 b2 5b d2 a4 55 b2 80 ac e7 45 e6 fa 30 9a eb c6 bd 9b eb 9b 53 2b 46 57 bb 54 46 34 f3 af 27 fb 1d 10 d5 7e a7 77 3b 3e 6b ef e2 1f 7f 7c c7 36 93 e9 3e dd b2 d8 5e fc 30 11 7c 30 b2 23 4b bf 26 ae 0e 2c f3 9a cf 42 db b8 f8 55 4b 69 f7 2b e5 80 7a fd 3b 44 8e b8 0e f1 85 74 13 a5 87 cc bb 4a 6d 2f 32 92 45 b4 7f 10 69 bf 7e ef b4 ff 29 d8 2a 26 fb d9 f6 6d 13 8e 3d 27 8b 16 c5 b6 42 1f f2 4c 3e 7a ac 69 5c 8b f4 f8 92 b2 0b 77 61 4f 7f 88 3f b5 b1 22 3d 4b f6 59 d6 7e ea 64 3f 35 ae 25 bf 50 b6 6e a0 d8 92 68 38 cc 8d ac 30 1a 2e Data Ascii: ,]L}X=(K(F+CA2LF,d2c3eSf)od[UE0S+FWTF4'~w;>k\|6>^0\|0#K&,BUKi+z;DtJm/2Ei~)*&m='BL>zi\waO?"=KY~d?5%Pnh80.
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: ff 3a 7e 1f 9f a6 cb d3 d9 a3 5e 01 6c a0 69 0f c5 6e e7 35 1a 39 af b3 a9 17 9e 57 c7 cf 7e b7 5c 3b 14 db 3f 76 fe 6e 8e 97 ed bb f6 e7 92 36 65 cc 72 a5 df d1 fd bf f3 55 62 53 7e 76 f9 a7 fe a3 5e b9 f7 55 0c 4f 37 4f 28 e9 7c 3b 2b f9 53 cf e9 47 f4 fc 34 7c 3f d8 66 ed 1f b4 ff d0 f7 b6 2a 3f c7 72 8e 97 f7 57 7e cf 32 cf 6f c5 4e fe 96 d9 9f ca 7f a5 ff 53 fe 39 ff d7 7e 64 8e 61 ab e7 98 e7 f2 ee d6 87 dc c9 df 6d 14 48 8b 36 f6 ec 6d c0 58 ff 5b ff dd 4a fe 85 fd 90 7e ce 73 2e e3 12 da 03 79 9c d1 ff 90 6d 83 34 d9 b6 4f dc ed ef 15 7c 42 1e ff ad 64 fc 9e f2 f7 f8 2f e7 f8 d9 07 98 fe c1 62 35 fe db c9 bf c8 79 fe dd f8 ef 55 e4 3f 0c c3 30 0c c3 30 0c c3 30 0c c3 30 0c c3 30 0c c3 30 0c c3 30 bc 2e c4 50 16 97 7e 0f 04 1f fe 2a d6 ce 31 40 47 Data Ascii: :~^lin59W~\;?vn6erUbS~v^UO7O(\|;+SG4\|?f?rW~2oNS9~damH6mX[J~s.ym4O\|Bd/b5yU?0000000.P~1@G
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: fd 64 0d 70 b9 c7 eb bb fe 5f b0 f9 7f 1f ff 72 dc 65 7d 68 50 d3 64 a3 09 7a 5a 23 a8 30 04 d2 04 05 19 35 8d 0c db e6 34 ef ff 47 76 39 a5 41 51 73 50 8c 22 52 7a 9e 90 21 18 25 64 de 07 c5 c8 22 a9 19 48 a8 ba 00 e7 b9 ae 62 64 90 e6 ef bc 4a fe 80 f4 0d 32 c4 bb 42 cf 8f c5 13 50 35 2a a7 7b 14 be 47 20 73 03 b8 dc e6 bf 32 ff d5 75 3e d5 b1 2a e4 55 e5 4a 27 85 bc 79 b1 68 2a 6d 96 fd 0c 09 3d eb f0 5c a9 3a 8a 24 c9 45 b5 0c 1a 5d 64 e8 26 f2 54 96 4f d3 4d 29 3a 4f 5b ea f1 75 d6 02 f4 1e f2 59 a5 7c 36 63 98 f9 e2 da 31 80 ad ff 6b e3 bf e6 b4 a6 fe 97 7d c0 d4 ff 99 6c 01 46 b6 78 9d 7f a1 a0 89 a7 bc 52 86 f4 75 14 88 e7 1c 95 65 89 fb 6c f2 7a 1f 10 fd 80 f9 cf ad 72 2e fa 00 e5 0b f9 1c 32 06 f5 9f a2 d4 f2 05 33 6f 05 cc be 62 f3 5f 99 ff aa Data Ascii: dp_re}hPdzZ#054Gv9AQsP"Rz!%d"HbdJ2BP5{G s2u>UJ'yh*m=\:$E]d&TOM):O[uY\|6c1k}lFxRuelzr.23ob_
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: ed 7a 14 7f 79 e0 59 1c 0b 8f 20 42 8c a7 32 fa ea c7 c9 e2 fb 5f f0 fe 10 05 e4 38 d0 e0 fd 61 8c 8c cd ff 47 c0 3f f3 9c 4a a5 56 f7 6f 92 fb f9 6a 24 8f a3 17 c7 d1 37 e6 40 e7 70 3f 3a 87 06 c8 d6 93 bf 4f 7c 0f 76 f4 61 b4 6b 00 03 ed dd b8 32 30 84 c5 ce 3e 92 ff 56 bc be 78 1e bf bb f3 41 7c fe d4 77 c9 e7 bb 1f 77 9e da 86 4f bc 7a 2f ee d9 f3 04 be f4 eb a7 70 46 99 c2 65 d5 85 44 36 7d 7d 83 d1 1b f8 2f 0a df 0f 3c d7 cb b0 f9 df 54 fe 99 67 b9 cf 33 8f 17 f2 5c 0b 8f ab c6 62 31 5c 23 b9 3f d7 db 8e 56 47 17 ba c7 06 d1 3f 36 84 fe 01 3a 92 dc 8f 77 0e e0 52 df 08 2e 0e 8d 61 a4 a3 1b 93 a7 cf a3 b5 f5 24 0e 87 87 f0 c5 03 cf 60 cb ce bf c2 6d c7 bf 8d 5b df 7e 00 7f b8 ef 69 7c 69 e7 93 68 55 2f 61 8e b8 cf 22 2b be 3b 17 df 14 16 cc bd c6 78 Data Ascii: zyY B2_8aG?JVoj$7@p?:O\|vak20>VxA\|wwOz/pFeD6}}/<Tg3\b1\#?VG?6:wR.a$`m[~i\|ihU/a"+;x
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: ff 5d fb a3 17 3d 8f e9 32 07 f4 6c 8f 42 d3 65 36 56 7d 65 f6 f7 b9 88 9e ad ab f2 52 fd 28 b7 d8 e9 c3 cb e1 de 09 56 fe df 65 ca f6 5a 54 1c a1 eb 84 34 dd fb 1f ef 61 7f 64 a2 ad 65 32 07 de 92 fd 2b 6e f1 59 f6 cf e6 7f f8 42 f5 97 ba 8f 02 9f 54 71 84 ae 53 fc 7f d7 ff 03 bb fe 0e df 94 e9 3c 9b c3 ef f8 7f ad 5b 26 cf 3d fc 7f 66 ff 8e 5b 7c 86 ff f7 0f f5 f7 73 b0 7a ee 50 e7 29 19 47 e8 e5 e8 d9 c1 aa 7d 7b 5a d7 85 ce 33 ab b3 99 6e 37 c5 6a fe 17 70 fb 57 f3 bf ce 77 66 e5 74 f6 ef b8 45 bf 77 cf f9 df 5b c7 bd d7 3b 83 f7 85 b1 ff 60 6c 3f 18 0c 06 83 c1 60 30 18 0c 06 83 c1 60 30 18 0c 06 83 c1 60 f0 f7 e1 11 7b d1 d9 fb f4 91 c1 7e 13 ff ac f6 bd b3 c7 d2 df 69 11 60 6f 4c f6 79 84 3e 75 6f a9 c3 df 69 5c 71 89 ec 4b f3 7c 7d ff 08 ef 00 d2 Data Ascii: ]=2lBe6V}eR(VeZT4ade2+nYBTqS<[&=f[\|szP)G}{Z3n7jpWwftEw[;`l?`0`0`{~i`oLy>uoi\qK\|}
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: bb 7a bb 9d bb 6a ab 7d f9 e1 f5 76 de 43 4f d9 77 d6 6d b3 3d b5 81 4d b8 52 49 79 fd 72 d5 ba 15 2b 15 b7 35 2e 7b 3e ce 6b ce eb b2 b7 17 fe 4f ba 1e 80 a6 bc 2f a0 69 1f d7 a2 4c a3 b2 00 b9 7e 68 b8 1e 68 16 5e 35 cd d4 b2 b6 3f 7d d8 9e de ba de 36 ef dd 66 93 e5 94 a5 ea ae 97 1a 79 9b 28 cd 1c 55 de 8b 92 d7 7d ba e2 b8 cd 75 00 44 db c7 0b 99 40 f4 07 d7 e0 7d c7 e7 61 31 06 c0 fe 97 4a 25 2b 94 bd 0f 2a 4d db 9d ca db 5d 4f af b3 eb 56 2c b7 b5 7b f7 da 98 eb fb a9 49 7f df 71 db b5 17 5e 6d 4f 3e f6 b4 8d 65 f3 b6 17 1b eb bc 3f e8 ba 65 2a 93 73 39 2b da 43 5b b6 db e5 2b 1e b3 4d 6e f3 37 e7 5b b6 7e b2 62 37 2c 7f d6 5e 72 fb 7e f1 1d 6b ec ea 07 36 d8 77 9f d8 67 d7 ad d9 6b df 7c 60 b3 7d e3 47 db ec ab 2b b6 db e7 1e da 62 e7 3c ba c3 3e Data Ascii: zj}vCOwm=MRIyr+5.{>kO/iL~hh^5?}6fy(U}uD@}a1J%+M]OV,{Iq^mO>e?es9+C[+Mn7[~b7,^r~k6wgk\|`}G+b<>
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 39 bc 46 b6 b9 cf 11 f9 94 1e 41 86 90 1b e9 58 e9 6b d9 5d ae 49 77 a3 27 90 27 de 21 6f f2 42 d6 18 4f 3c 03 ef 68 3b 47 da a9 3a 50 47 f9 26 78 9f fb bc 8b 8c 50 07 d5 87 67 29 1f bd 42 9d d1 31 94 c9 78 e7 5c ed 41 bf 50 37 95 cd 35 e5 05 51 77 de a1 7c fa 06 a2 3c f2 25 3f ea c3 6f ca e0 37 75 e7 1e cf d3 36 ea aa 7e a6 ae e4 cd 7d 8e 31 e6 a2 2c de 67 dc d3 06 ae 51 4f 12 7c 10 1e a3 7c 7e d3 c7 9a 53 60 13 e8 a3 d8 de cb b6 0a 67 c7 73 e9 38 c5 f6 1f fe 50 2f d9 19 e9 18 61 7f 7e 4b 9e e2 79 78 7c 8c f1 ac ec 96 b0 91 ca 91 5e a0 0d d2 4d b1 4d 55 52 dd 65 0f 65 a3 93 be 20 12 7c 93 ad e4 be 7c 17 4a 49 9f 85 e4 53 73 68 d9 e5 38 5f ca d5 18 4a a6 d8 6e cb 7e c6 63 8d 63 8c 93 e3 3a 90 e2 b2 a9 8b ca 4e 62 3f 95 af 7c 54 6f d9 78 61 d5 d8 cf 16 db Data Ascii: 9FAXk]Iw''!oBO<h;G:PG&xPg)B1x\AP75Qw\|<%?o7u6~}1,gQO\|\|~S`gs8P/a~Kyx\|^MMURee \|\|JISsh8_Jn~cc:Nb?\|Toxa
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 7e 89 d7 61 95 84 7b b1 cf d8 6e 6c 2c e7 3c 0b 1f b1 f5 e4 83 7d c3 2e 63 ef c0 1a d8 49 62 73 59 5f 01 ff 28 9e 83 fe c6 56 b2 be 83 ad c4 f6 f2 2c d7 14 af 8b 5c b1 2e 45 df 73 5d fb c8 28 17 2c 40 ec 30 ed 20 5f ec 3e 76 9c 67 b4 76 03 1f 59 6b 82 8f 5c 03 3b 80 07 28 0f 1c c2 f3 d4 57 44 de d8 7c c6 10 b8 93 f5 28 9e 47 e6 c8 5f f5 97 1f 2a 8e 39 4c fa b5 49 49 7f 63 32 c9 36 08 e7 2d 66 ff e3 c4 b5 78 ff 0f a4 bf 07 29 bf 90 d6 81 20 e4 02 99 46 2f 22 f3 da 8b 8c 5c 68 1c f0 1b 59 97 9e 97 ff 50 f3 4b 7e 93 07 6b a0 bc 27 bd 41 fb 35 96 b9 47 5e e0 69 d6 77 79 86 f1 cb 98 e3 3a bf 35 3f 41 2f c0 77 7e 33 7e 19 5f e0 66 f4 12 cf d2 26 8d 45 f2 46 df 50 0e 63 9e 77 d1 31 f0 96 bc 35 3e e1 15 fa 85 e7 78 8f 7c 68 3f 63 82 32 d0 1d ac 61 72 ce fb 3c 4b Data Ascii: ~a{nl,<}.cIbsY_(V,\.Es](,@0 _>vgvYk\;(WD\|(G_*9LIIc26-fx) F/"\hYPK~k'A5G^iwy:5?A/w~3~_f&EFPcw15>x\|h?c2ar<K

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:57 UTC	664	OUT	GET /mdod/tharep/3.png HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:57 UTC	304	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:26 GMT Content-Type: image/png Content-Length: 75407 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-1268f" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:57 UTC	3792	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 c2 00 00 00 7f 08 06 00 00 00 bd b5 1d 9a 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0e 74 00 00 0e 74 01 6b 24 b3 d6 00 00 00 1f 74 45 58 74 53 6f 66 74 77 61 72 65 00 4d 61 63 72 6f 6d 65 64 69 61 20 46 69 72 65 77 6f 72 6b 73 20 38 b5 68 d2 78 00 00 05 d1 70 72 56 57 78 9c ed 5a 6b 76 eb 26 10 46 08 34 79 c8 72 9b 5c dd e4 ca cb f0 2e ba 10 ff be db d1 66 ba 80 1e ef a5 3b 68 3a c3 73 90 0d 76 94 f8 e6 f4 94 2f 46 02 84 18 e6 c1 30 82 fc f5 cf 9f 7f 8b 9f e2 8f 37 c2 11 ff de 8e c7 a3 c9 1d 4d 3a 1e 67 fc 3b ce f3 fc 66 ee 94 9b 0f 47 fc 1d 0e 98 99 0f 88 fd 3c ef 67 bc ee f7 87 83 38 e2 6f 2f e6 83 98 f7 a2 a2 a2 e2 bf 02 c0 3f 7f 61 59 5b e0 75 1f 49 50 20 4f Data Ascii: PNGIHDRsBIT\|dpHYsttk$tEXtSoftwareMacromedia Fireworks 8hxprVWxZkv&F4yr\.f;h:sv/F07M:g;fG<g8o/?aY[uIP O
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 8f b8 7f 8d 1f ba 01 86 4e 10 fa f5 02 8e 64 49 8f 62 98 06 75 81 6d 0c 61 64 88 0e cc 58 70 1d 68 5f 99 e8 3a d3 5e 13 86 b2 62 04 79 fc c7 31 35 64 98 7a 75 79 c0 d2 e0 d9 b5 06 2f ea 68 d8 2c 53 44 61 49 b0 46 de 9c 85 29 c1 9a b9 90 1d 4f 07 71 16 4d ff 03 60 74 c9 a1 cc 56 4f 6b 5e df a7 84 45 61 31 5f 24 f7 56 a2 0a 0b e2 43 a9 7a e2 fe 36 df df 66 fb 43 28 c9 5a d7 b8 b1 ae 31 0d 0d 20 25 05 3d 60 a1 61 b9 c9 fe 8e f0 cc b6 2e 71 0b 5d a8 6e b0 8c 2f c9 35 73 20 5d 0c 15 22 69 a9 75 49 4b 4c a4 55 c8 c4 2b 30 b9 2a 52 c4 9c f2 2c c8 29 40 75 41 86 fa 0b 39 e0 81 5b fe 88 83 68 28 ad 39 ca db 6a 45 9e a3 29 12 d2 18 71 17 27 0e 20 a8 8a 24 15 51 2c 6d a6 d7 25 b9 e0 03 66 a3 cb e0 f4 74 86 13 c4 81 fb e4 e6 fc 95 8d 98 d4 c0 14 7b f4 28 80 4c cb d7 Data Ascii: NdIbumadXph_:^by15dzuy/h,SDaIF)OqM`tVOk^Ea1_$VCz6fC(Z1 %=`a.q]n/5s ]"iuIKLU+0*R,)@uA9[h(9jE)q' $Q,m%ft{(L
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 6b 72 37 7c fa 53 c6 c8 e6 f6 a3 0b 5e 5f c6 bc 56 82 79 1f 81 b4 2f 15 f6 1c 59 30 ff 77 c8 f2 6c cf 5a 56 6c 75 d3 fa 2f a7 69 23 d2 19 ac 1b 47 0b eb 51 76 4d 25 3f eb 17 6a 19 f0 8a 0e 03 50 d1 c8 5b 67 cf 2a a0 ad 1d 91 c5 46 7f 6c 15 56 f7 27 d2 04 5c 35 bf 08 ef f8 3d c5 5f b8 15 eb 74 d3 56 31 5f 4a af 52 4c 0b 7e 50 76 a9 8f 2f 70 fe 75 b8 02 19 dd b7 aa 15 c8 68 9f 65 99 c5 a7 c8 89 71 b9 c7 7d ab 46 a4 1e 97 d5 67 ab 20 df f5 d6 67 6f d0 0c fd 2a 91 2d d6 07 35 48 ef 30 17 d9 10 10 f0 42 6c d2 cf 6c 50 ec 60 14 90 ef 2b 7a 72 81 61 7a 45 96 16 39 79 7b 0d 52 2f 32 92 b2 31 97 4e fe 15 fa 5d 0d d2 05 9b 22 aa 46 4c 17 06 14 73 37 62 ba 80 ff 7d 3a 76 35 d1 f7 ea 75 e1 47 ca 99 7f e5 08 b3 e7 37 be c2 67 93 e3 80 35 f1 7b 5c 47 a2 cf 89 61 0c c4 Data Ascii: kr7\|S^_Vy/Y0wlZVlu/i#GQvM%?jP[gFlV'\5=_tV1_JRL~Pv/puheq}Fg go-5H0BllP`+zrazE9y{R/21N]"FLs7b}:v5uG7g5{\Ga
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 9c ed 9d 8d 91 1c 29 0c 85 1d 88 13 71 20 0e c4 89 38 10 07 e2 44 1c c8 5e e9 ea 3e d7 bb 67 49 40 cf cf fe 58 af 6a 6a 67 bb 69 10 12 08 d0 83 9e 97 97 c1 60 30 18 0c 06 83 c1 60 30 18 0c 06 83 c1 e0 3f fc fa f5 eb e5 e7 cf 9f 7f 7c e2 3a f7 aa e7 e2 73 a5 ac 00 65 f8 f7 c1 ff 51 e9 f9 8a fe 33 7c ff fe fd e5 d3 a7 4f 7f 7c e2 3a f7 32 7c f9 f2 e5 df cf 2e be 7d fb f6 3b ef b0 37 65 04 f4 fb 47 46 d4 fb b4 9e 95 9e 4f f5 bf 02 36 d1 fe ae f6 5f f5 51 fa 76 95 a6 93 d7 ed df f9 9d 5d 54 f2 ac e4 04 5d 1a bd 5e a5 cb ae 67 ed bc 7b 3e 70 6a e7 ab 7a eb ec 1f e5 6b df 75 b9 b4 6f Data Ascii: x)q 8D^>gI@Xjjgi`0`0?\|:seQ3\|O\|:2\|.};7eGFO6_Qv]T]^g{>pjzkuo
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: ca f3 2c 5b a6 9f 54 9c 59 1b 48 bb 54 be cf e0 ff 0e b6 9b f9 ff ed ed ed f0 8e 88 7d 78 a6 f7 c7 4c 23 7d 41 9b 20 bc d2 e2 9c f6 47 fc 9e 56 1d cb 37 bc 97 91 5e f7 7d 3e 93 69 d2 9e ba b2 2d e7 1c f8 e8 fe 9f 69 e6 ff ec 3b 7d 9e 4c 4a f8 b0 ec 58 ed 26 c7 54 ca 50 f7 33 fd 54 de 23 af f4 df a8 1d 67 ff ae f0 4a 1f 1f d6 f9 6c 0e 20 1e 65 e4 fd 27 ef 3d 8a d6 f8 3f 85 cd 98 6f e9 e7 f9 6e 80 ed b1 61 f6 eb ec 9b f4 bd 7c 37 18 8d 15 f9 3e 9a fd 3f c7 90 f4 55 96 25 cb 3b ab ef 12 8f a2 ad fc 8f 2f f1 6d f6 b5 9e 4e 7f 2f e8 e3 49 8e b5 d9 f7 66 f3 51 d6 83 fc 7a 7b c8 f1 3c d3 64 cc e9 36 e9 64 99 6e f9 3b e8 af da ca ff a5 b2 51 be 03 96 6d fb 7b 7b f7 35 ed 24 fd c0 fb 04 69 d1 a6 78 e6 14 ff 67 3c c6 24 f2 22 cd 5e be 25 3d ea fc af 94 52 4a 29 a5 Data Ascii: ,[TYHT}xL#}A GV7^}>i-i;}LJX&TP3T#gJl e'=?ona\|7>?U%;/mN/IfQz{<d6dn;Qm{{5$ixg<$"^%=RJ)
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 71 c5 15 49 2e 45 db 70 ba 24 f1 7f 68 4e fc 1f bf 15 36 9f e6 8c f0 f3 a1 0b e0 ff 01 fe d0 fc 93 4f 3d 63 2f 2e 5b 91 6c 42 ae e3 af 07 3f 7a b6 ef 48 b4 0b bd 3f f9 e4 93 a9 4e 68 8e fa 81 2b b0 82 f6 a0 51 e8 13 fa 83 0e 19 7f fe e1 05 e8 21 3c 83 be f0 fc f3 cf a7 b2 e0 cc b3 cf 3e 9b e0 4a fd 8a 69 80 47 40 f3 e0 da dd 77 df 9d 62 1c 14 77 40 1d f0 19 e8 9d 7a 79 1e 5c 93 1e 22 1d 05 fc 82 77 20 87 a2 7c fa 5d 4e c2 73 c5 cd 00 27 c6 31 f9 02 46 c6 e7 30 c0 01 fc 7e fc 63 0f c2 e3 e1 07 9a df d4 1c 1c 38 82 5d c0 75 fc 7f 8c 21 f0 06 06 24 fd d3 26 6d 4d 95 76 65 83 49 a6 03 d7 68 a7 cb ff 43 42 de 93 e1 07 c8 7d e9 10 d2 15 94 b8 26 9d 84 72 d2 05 e4 07 9c 2e 29 f2 7f e0 af 98 1d cd 01 63 ff 23 ef 45 ff 9a 3f 47 ff 47 c7 7b e6 d9 e7 93 0c b8 f9 96 Data Ascii: qI.Ep$hN6O=c/.[lB?zH?Nh+Q!<>JiG@wbw@zy\"w \|]Ns'1F0~c8]u!$&mMveIhCB}&r.)c#E?GG{
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: b3 8a be 70 9f ba 69 4b 76 bc fc 39 b4 4d 5f 68 8b b6 f9 27 03 33 ae 53 07 e5 e9 bf fc 12 64 ca c8 2e 80 ff eb 1b 62 f4 03 3e 44 bf e8 2f ed 53 5e fb e2 31 46 ea 17 e7 f0 28 f5 9d fa e8 03 59 df 67 43 16 88 2e b5 3f 82 ec 56 60 02 0d a5 6f 6b 39 2c e1 01 e8 00 b2 ff 05 ff 18 ff 05 bd eb 38 ae 01 90 9e 47 92 3e 17 fd f0 9c d3 17 f8 22 b0 26 01 07 f8 9f c6 38 f9 a1 1c a6 bc 13 ba 2e 36 17 fa 3e 7c 97 f9 32 c9 17 f8 2f f6 17 bc 5b 72 13 3e 89 fc 80 17 02 5b f0 81 71 87 cf 72 1f 5c 82 ef 62 6b 50 96 36 e0 c9 c0 01 5a a6 5f 8c 3b f7 b8 ce b3 d8 2d c8 0a f8 36 75 80 bb 64 cd dd d3 27 e6 e8 38 a7 af ec 69 0c 1f 46 07 e7 5d 81 13 b0 a1 6e f6 c1 c5 b6 00 36 bc 3f 7d 85 cf 53 0f 7d 01 97 b4 87 0a 7d a7 6e e4 20 65 91 8f d8 26 bc 0b 75 73 9f 67 b0 83 b0 2f e8 27 f8 Data Ascii: piKv9M_h'3Sd.b>D/S^1F(YgC.?V`ok9,8G>"&8.6>\|2/[r>[qr\bkP6Z_;-6ud'8iF]n6?}S}}n e&usg/'
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: d9 09 3c ab 7a a9 43 fb a3 00 5b 78 28 e7 c8 77 d9 3d f0 5d c5 42 e3 47 e1 5c 7a 37 3e 18 ed e7 22 5b 44 31 d2 8a 29 57 bc 37 b2 5d 7b 1a 71 8f b2 f0 0f 3d a3 38 6f 7c 39 b2 fd b4 c7 0c c7 e8 ed f2 fd f1 af fa e9 17 ed cb 2f 89 4c e1 5d 14 43 ce 35 ce e5 4b 8c f1 dc ca d4 a3 31 54 d6 3b 28 7e 5e 73 ef f4 1f 5f 95 70 84 7f d1 bf d6 ff a6 38 8b 89 6f 7e 82 35 c0 1e 9a 46 06 c0 ff e3 1e f0 9a 17 24 f6 9f 79 01 e2 06 88 0f 8f 7b 60 69 cd 75 9a 57 9e e0 b3 5a 7f 09 0f 55 dc 89 e4 8f f6 50 a1 3c f7 b4 fe 8f e7 c0 4d cd 25 2a 76 0e fe 02 de 72 1d fe 0d bc c0 19 64 39 bc 4e b6 03 b0 42 5f 56 3f 78 16 9c 87 2f ca 77 2e fe af f5 82 f2 8d 70 ae 78 2f ae d3 1e 7d d2 ba 74 fa 49 1d 94 d3 7e ca f4 0b 1e 46 9d c0 44 b1 30 8c 35 e5 14 0b 4a 7b 8c 07 f5 a8 3e e9 9d 71 0e Data Ascii: <zC[x(w=]BG\z7>"[D1)W7]{q=8o\|9/L]C5K1T;(~^s_p8o~5F$y{`iuWZUP<M%*vrd9NB_V?x/w.px/}tI~FD05J{>q
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 39 5f 29 3b 5d d6 86 1d 7e 23 36 e0 b0 ce 35 89 d5 f5 ba dc 56 ac 41 17 35 87 7f b5 90 32 c7 85 46 c5 06 1d f6 c3 cd f1 78 2e e2 bc 89 ed 1f 71 da 4e 6b 3d 1a d5 f1 d8 af 5a c5 86 1c ee 83 5e 67 b1 0e 2e b3 6e a6 b2 cf 63 70 7e 97 73 dc 87 45 fc 9f 9c d6 1b b1 f7 77 a7 6d 23 ac a7 24 fe bf 58 31 2b 14 d3 5c f0 88 db f0 f0 f5 ad ae cf f7 8d 35 ad 53 71 59 52 6c a5 39 1d f4 bb 81 b1 b2 f5 7b ce 77 aa ce 0f ea 4e d7 2e 4b ba ce ef 1a 75 6b 38 ed 97 9d f6 8b 4e fb 25 cf 35 f6 ff a9 d4 ad 5b 71 be e0 b8 40 ee d0 b7 b4 26 ec 97 3c 77 26 bf f5 79 8f fc bf e1 3a 4b bd 6d 2d e0 5f 06 fe ae 7b 95 8b 56 70 1a ed 75 e9 bd dd 35 ba a1 4e cb ba 65 e7 23 c5 b6 c3 b6 e9 f8 e2 38 e1 b8 d1 eb 79 b8 e3 34 de a9 3b 8e d4 6d c0 71 80 18 52 da 2d 35 c7 61 cf 39 eb fe 1c d9 52 Data Ascii: 9_);]~#65VA52Fx.qNk=Z^g.ncp~sEwm#$X1+\5SqYRl9{wN.Kuk8N%5[q@&<w&y:Km-_{Vpu5Ne#8y4;mqR-5a9R
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: a1 a4 a0 11 06 ce 02 00 d5 67 eb f7 98 ee 1a 4d 1f ee 0b a8 3c 37 87 0c 4f 8b b7 3a c8 ed ca 5b f7 6d 36 75 ed 76 f6 8e dd c7 3b 33 8e e6 b5 3d c8 fc ee 77 1d e9 a7 77 8c 6e 1e e8 fb af ff f8 fa 8f 97 04 a4 a4 33 70 4b fe ce 4d a2 a4 b6 a5 83 a8 ab 7b f3 2e 00 74 0b ae 22 a1 03 f3 6e 74 9a 1a 3f 13 e0 eb 8d 64 69 f1 b0 62 cc 43 36 b3 f3 3d b0 ca 45 09 b3 19 a0 1e ad 1e d5 0e 85 2c 80 a5 1b d1 ae 4f c8 0a b2 9c f5 30 b9 68 fe 76 87 cb 47 17 8f 92 3b 1e 3d ba ef f5 4d 56 25 a5 13 f6 f7 9b ca aa 88 72 fc a7 00 c0 e4 c2 34 9d 48 18 0d 1d 38 72 e4 d9 d4 06 4b ec 8d 80 c9 78 ba ed 41 1c f4 3a ca 32 0d da 11 65 c0 2e a9 ac 01 d7 dd 9f 30 4e 3c 67 9d eb e4 83 f8 99 27 88 a6 ca ee cd 36 a3 e9 87 25 c1 c3 47 cc 31 d6 d6 b7 6d 7d ee a1 5e 6a ae 6e ed d2 bd d3 53 fd Data Ascii: gM<7O:[m6uv;3=wwn3pKM{.t"nt?dibC6=E,O0hvG;=MV%r4H8rKxA:2e.0N<g'6%G1m}^jnS

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:57 UTC	628	OUT	GET /mdod/tharep/bootstrap/js/bootstrap.min.js HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:57 UTC	316	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:26 GMT Content-Type: application/javascript Content-Length: 37051 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-90bb" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:57 UTC	3780	IN	Data Raw: 2f 2a 21 0d 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 33 2e 37 20 28 68 74 74 70 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 29 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 36 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0d 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 6c 69 63 65 6e 73 65 0d 0a 20 2a 2f 0d 0a 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 6a 51 75 65 72 79 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 42 6f 6f 74 73 74 72 61 70 27 73 20 4a 61 76 61 53 63 72 69 70 74 20 72 65 71 75 69 72 65 73 20 6a 51 75 65 72 79 22 29 3b 2b 66 75 6e 63 74 69 6f 6e 28 61 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 62 3d 61 2e 66 6e 2e Data Ascii: /! Bootstrap v3.3.7 (http://getbootstrap.com) * Copyright 2011-2016 Twitter, Inc. * Licensed under the MIT license */if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");+function(a){"use strict";var b=a.fn.
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 22 63 68 65 63 6b 62 6f 78 22 5d 27 29 7c 7c 28 63 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 2c 64 2e 69 73 28 22 69 6e 70 75 74 2c 62 75 74 74 6f 6e 22 29 3f 64 2e 74 72 69 67 67 65 72 28 22 66 6f 63 75 73 22 29 3a 64 2e 66 69 6e 64 28 22 69 6e 70 75 74 3a 76 69 73 69 62 6c 65 2c 62 75 74 74 6f 6e 3a 76 69 73 69 62 6c 65 22 29 2e 66 69 72 73 74 28 29 2e 74 72 69 67 67 65 72 28 22 66 6f 63 75 73 22 29 29 7d 29 2e 6f 6e 28 22 66 6f 63 75 73 2e 62 73 2e 62 75 74 74 6f 6e 2e 64 61 74 61 2d 61 70 69 20 62 6c 75 72 2e 62 73 2e 62 75 74 74 6f 6e 2e 64 61 74 61 2d 61 70 69 22 2c 27 5b 64 61 74 61 2d 74 6f 67 67 6c 65 5e 3d 22 62 75 74 74 6f 6e 22 5d 27 2c 66 75 6e 63 74 69 6f 6e 28 62 29 7b 61 28 62 2e 74 61 72 67 65 74 29 2e 63 6c 6f 73 65 73 74 28 22 Data Ascii: "checkbox"]')\|\|(c.preventDefault(),d.is("input,button")?d.trigger("focus"):d.find("input:visible,button:visible").first().trigger("focus"))}).on("focus.bs.button.data-api blur.bs.button.data-api",'[data-toggle^="button"]',function(b){a(b.target).closest("
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 6f 28 68 29 2c 63 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 7d 7d 3b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 63 61 72 6f 75 73 65 6c 2e 64 61 74 61 2d 61 70 69 22 2c 22 5b 64 61 74 61 2d 73 6c 69 64 65 5d 22 2c 65 29 2e 6f 6e 28 22 63 6c 69 63 6b 2e 62 73 2e 63 61 72 6f 75 73 65 6c 2e 64 61 74 61 2d 61 70 69 22 2c 22 5b 64 61 74 61 2d 73 6c 69 64 65 2d 74 6f 5d 22 2c 65 29 2c 61 28 77 69 6e 64 6f 77 29 2e 6f 6e 28 22 6c 6f 61 64 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 61 28 27 5b 64 61 74 61 2d 72 69 64 65 3d 22 63 61 72 6f 75 73 65 6c 22 5d 27 29 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 3d 61 28 74 68 69 73 29 3b 62 2e 63 61 6c 6c 28 63 2c 63 2e 64 61 74 61 28 29 29 7d 29 7d 29 7d 28 6a Data Ascii: o(h),c.preventDefault()}};a(document).on("click.bs.carousel.data-api","[data-slide]",e).on("click.bs.carousel.data-api","[data-slide-to]",e),a(window).on("load",function(){a('[data-ride="carousel"]').each(function(){var c=a(this);b.call(c,c.data())})})}(j
2024-07-05 07:29:57 UTC	4096	IN	Data Raw: 6c 74 50 72 65 76 65 6e 74 65 64 28 29 7c 7c 28 64 2e 61 74 74 72 28 22 61 72 69 61 2d 65 78 70 61 6e 64 65 64 22 2c 22 66 61 6c 73 65 22 29 2c 65 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 22 6f 70 65 6e 22 29 2e 74 72 69 67 67 65 72 28 61 2e 45 76 65 6e 74 28 22 68 69 64 64 65 6e 2e 62 73 2e 64 72 6f 70 64 6f 77 6e 22 2c 66 29 29 29 29 29 7d 29 29 7d 66 75 6e 63 74 69 6f 6e 20 64 28 62 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 3d 61 28 74 68 69 73 29 2c 64 3d 63 2e 64 61 74 61 28 22 62 73 2e 64 72 6f 70 64 6f 77 6e 22 29 3b 64 7c 7c 63 2e 64 61 74 61 28 22 62 73 2e 64 72 6f 70 64 6f 77 6e 22 2c 64 3d 6e 65 77 20 67 28 74 68 69 73 29 29 2c 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 62 26 Data Ascii: ltPrevented()\|\|(d.attr("aria-expanded","false"),e.removeClass("open").trigger(a.Event("hidden.bs.dropdown",f)))))}))}function d(b){return this.each(function(){var c=a(this),d=c.data("bs.dropdown");d\|\|c.data("bs.dropdown",d=new g(this)),"string"==typeof b&
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 6e 2e 64 69 73 6d 69 73 73 2e 62 73 2e 6d 6f 64 61 6c 22 29 2c 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 26 26 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 68 61 73 43 6c 61 73 73 28 22 66 61 64 65 22 29 3f 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 6f 6e 65 28 22 62 73 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 22 2c 61 2e 70 72 6f 78 79 28 74 68 69 73 2e 68 69 64 65 4d 6f 64 61 6c 2c 74 68 69 73 29 29 2e 65 6d 75 6c 61 74 65 54 72 61 6e 73 69 74 69 6f 6e 45 6e 64 28 63 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 44 55 52 41 54 49 4f 4e 29 3a 74 68 69 73 2e 68 69 64 65 4d 6f 64 61 6c 28 29 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 66 6f 72 63 65 46 6f 63 75 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 61 28 64 6f 63 75 6d 65 6e 74 29 2e 6f 66 66 28 Data Ascii: n.dismiss.bs.modal"),a.support.transition&&this.$element.hasClass("fade")?this.$element.one("bsTransitionEnd",a.proxy(this.hideModal,this)).emulateTransitionEnd(c.TRANSITION_DURATION):this.hideModal())},c.prototype.enforceFocus=function(){a(document).off(
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 3d 6e 75 6c 6c 2c 74 68 69 73 2e 74 69 6d 65 6f 75 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 68 6f 76 65 72 53 74 61 74 65 3d 6e 75 6c 6c 2c 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 69 6e 53 74 61 74 65 3d 6e 75 6c 6c 2c 74 68 69 73 2e 69 6e 69 74 28 22 74 6f 6f 6c 74 69 70 22 2c 61 2c 62 29 7d 3b 63 2e 56 45 52 53 49 4f 4e 3d 22 33 2e 33 2e 37 22 2c 63 2e 54 52 41 4e 53 49 54 49 4f 4e 5f 44 55 52 41 54 49 4f 4e 3d 31 35 30 2c 63 2e 44 45 46 41 55 4c 54 53 3d 7b 61 6e 69 6d 61 74 69 6f 6e 3a 21 30 2c 70 6c 61 63 65 6d 65 6e 74 3a 22 74 6f 70 22 2c 73 65 6c 65 63 74 6f 72 3a 21 31 2c 74 65 6d 70 6c 61 74 65 3a 27 3c 64 69 76 20 63 6c 61 73 73 3d 22 74 6f 6f 6c 74 69 70 22 20 72 6f 6c 65 3d 22 74 6f 6f 6c 74 69 70 22 3e 3c 64 69 76 Data Ascii: =null,this.timeout=null,this.hoverState=null,this.$element=null,this.inState=null,this.init("tooltip",a,b)};c.VERSION="3.3.7",c.TRANSITION_DURATION=150,c.DEFAULTS={animation:!0,placement:"top",selector:!1,template:'<div class="tooltip" role="tooltip"><div
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 22 72 69 67 68 74 22 3a 68 2c 66 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 6e 29 2e 61 64 64 43 6c 61 73 73 28 68 29 7d 76 61 72 20 70 3d 74 68 69 73 2e 67 65 74 43 61 6c 63 75 6c 61 74 65 64 4f 66 66 73 65 74 28 68 2c 6b 2c 6c 2c 6d 29 3b 74 68 69 73 2e 61 70 70 6c 79 50 6c 61 63 65 6d 65 6e 74 28 70 2c 68 29 3b 76 61 72 20 71 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 65 2e 68 6f 76 65 72 53 74 61 74 65 3b 65 2e 24 65 6c 65 6d 65 6e 74 2e 74 72 69 67 67 65 72 28 22 73 68 6f 77 6e 2e 62 73 2e 22 2b 65 2e 74 79 70 65 29 2c 65 2e 68 6f 76 65 72 53 74 61 74 65 3d 6e 75 6c 6c 2c 22 6f 75 74 22 3d 3d 61 26 26 65 2e 6c 65 61 76 65 28 65 29 7d 3b 61 2e 73 75 70 70 6f 72 74 2e 74 72 61 6e 73 69 74 69 6f 6e 26 26 74 68 69 73 2e 24 74 69 70 2e 68 61 73 43 Data Ascii: "right":h,f.removeClass(n).addClass(h)}var p=this.getCalculatedOffset(h,k,l,m);this.applyPlacement(p,h);var q=function(){var a=e.hoverState;e.$element.trigger("shown.bs."+e.type),e.hoverState=null,"out"==a&&e.leave(e)};a.support.transition&&this.$tip.hasC
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 61 74 65 2e 63 6c 69 63 6b 2c 63 2e 69 73 49 6e 53 74 61 74 65 54 72 75 65 28 29 3f 63 2e 65 6e 74 65 72 28 63 29 3a 63 2e 6c 65 61 76 65 28 63 29 29 3a 63 2e 74 69 70 28 29 2e 68 61 73 43 6c 61 73 73 28 22 69 6e 22 29 3f 63 2e 6c 65 61 76 65 28 63 29 3a 63 2e 65 6e 74 65 72 28 63 29 7d 2c 63 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 73 74 72 6f 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 3b 63 6c 65 61 72 54 69 6d 65 6f 75 74 28 74 68 69 73 2e 74 69 6d 65 6f 75 74 29 2c 74 68 69 73 2e 68 69 64 65 28 66 75 6e 63 74 69 6f 6e 28 29 7b 61 2e 24 65 6c 65 6d 65 6e 74 2e 6f 66 66 28 22 2e 22 2b 61 2e 74 79 70 65 29 2e 72 65 6d 6f 76 65 44 61 74 61 28 22 62 73 2e 22 2b 61 2e 74 79 70 65 29 2c 61 2e 24 74 69 70 26 26 61 2e 24 74 69 70 2e 64 Data Ascii: ate.click,c.isInStateTrue()?c.enter(c):c.leave(c)):c.tip().hasClass("in")?c.leave(c):c.enter(c)},c.prototype.destroy=function(){var a=this;clearTimeout(this.timeout),this.hide(function(){a.$element.off("."+a.type).removeData("bs."+a.type),a.$tip&&a.$tip.d
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 75 6e 63 74 69 6f 6e 28 29 7b 61 28 74 68 69 73 2e 73 65 6c 65 63 74 6f 72 29 2e 70 61 72 65 6e 74 73 55 6e 74 69 6c 28 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 74 61 72 67 65 74 2c 22 2e 61 63 74 69 76 65 22 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 22 61 63 74 69 76 65 22 29 7d 3b 76 61 72 20 64 3d 61 2e 66 6e 2e 73 63 72 6f 6c 6c 73 70 79 3b 61 2e 66 6e 2e 73 63 72 6f 6c 6c 73 70 79 3d 63 2c 61 2e 66 6e 2e 73 63 72 6f 6c 6c 73 70 79 2e 43 6f 6e 73 74 72 75 63 74 6f 72 3d 62 2c 61 2e 66 6e 2e 73 63 72 6f 6c 6c 73 70 79 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 66 6e 2e 73 63 72 6f 6c 6c 73 70 79 3d 64 2c 74 68 69 73 7d 2c 61 28 77 69 6e 64 6f 77 29 2e 6f 6e 28 22 6c 6f 61 64 2e 62 73 2e 73 63 72 6f 6c Data Ascii: unction(){a(this.selector).parentsUntil(this.options.target,".active").removeClass("active")};var d=a.fn.scrollspy;a.fn.scrollspy=c,a.fn.scrollspy.Constructor=b,a.fn.scrollspy.noConflict=function(){return a.fn.scrollspy=d,this},a(window).on("load.bs.scrol
2024-07-05 07:29:58 UTC	503	IN	Data Raw: 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 63 2e 52 45 53 45 54 29 2e 61 64 64 43 6c 61 73 73 28 69 29 2e 74 72 69 67 67 65 72 28 69 2e 72 65 70 6c 61 63 65 28 22 61 66 66 69 78 22 2c 22 61 66 66 69 78 65 64 22 29 2b 22 2e 62 73 2e 61 66 66 69 78 22 29 7d 22 62 6f 74 74 6f 6d 22 3d 3d 68 26 26 74 68 69 73 2e 24 65 6c 65 6d 65 6e 74 2e 6f 66 66 73 65 74 28 7b 74 6f 70 3a 67 2d 62 2d 66 7d 29 7d 7d 3b 76 61 72 20 64 3d 61 2e 66 6e 2e 61 66 66 69 78 3b 61 2e 66 6e 2e 61 66 66 69 78 3d 62 2c 61 2e 66 6e 2e 61 66 66 69 78 2e 43 6f 6e 73 74 72 75 63 74 6f 72 3d 63 2c 61 2e 66 6e 2e 61 66 66 69 78 2e 6e 6f 43 6f 6e 66 6c 69 63 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 66 6e 2e 61 66 66 69 78 3d 64 2c 74 68 Data Ascii: his.$element.removeClass(c.RESET).addClass(i).trigger(i.replace("affix","affixed")+".bs.affix")}"bottom"==h&&this.$element.offset({top:g-b-f})}};var d=a.fn.affix;a.fn.affix=b,a.fn.affix.Constructor=c,a.fn.affix.noConflict=function(){return a.fn.affix=d,th

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 143

Chrome Cache Entry: 144

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 150

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 162

Windows Analysis Report
https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:58 UTC	668	OUT	GET /mdod/tharep/bootstrap/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://lotpomu.ams.dom.my.id sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/bootstrap/css/font-awesome.min.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:58 UTC	305	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:26 GMT Content-Type: font/woff2 Content-Length: 71896 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-118d8" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:58 UTC	3791	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 01 18 d8 00 0e 00 00 00 02 54 c8 00 01 18 79 00 04 01 89 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3f 46 46 54 4d 1c 1a 20 06 60 00 86 02 11 08 0a 88 bb 50 86 e9 4b 01 36 02 24 03 95 00 0b 95 18 00 04 20 05 86 7c 07 b2 4c 3f 77 65 62 66 06 5b 38 e0 91 00 d6 6d 3b af 74 05 e9 cd fa d3 d5 e7 e8 00 63 36 c2 d6 9b 15 96 f0 3e bc 53 ad 38 ae 7b 1c 80 19 5d 3f fb ff ff ff 3f 3d 69 8c a1 25 81 e6 00 50 d5 da ae da ad fb ff cf 66 38 35 4a 88 30 aa b9 75 04 0f b2 98 66 b1 b0 c9 65 42 af 5c d8 eb a6 02 45 b9 6c fb fd e8 fd 81 41 77 98 d6 36 84 11 1c 66 b3 11 46 c0 8e a0 30 6c 9b 0d c3 b6 4d 81 60 3b 69 96 4f df 9e 55 13 cb d4 b1 e6 6b d9 b6 22 3d e8 cb b2 0b eb c3 ba 8a 96 f2 90 c1 2f 36 0f e1 2f 65 58 0d 71 a4 d5 76 66 Data Ascii: wOF2Ty?FFTM `PK6$ \|L?webf[8m;tc6>S8{]??=i%Pf85J0ufeB\ElAw6fF0lM`;iOUk"=/6/eXqvf
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 57 b8 a3 37 d6 32 82 93 1a b5 61 51 4b aa 4a 9f 27 32 dc c9 d8 90 fc fe 8a 7a 49 a1 72 04 34 c2 5e 94 6a 85 7c b8 1d f1 24 47 0d 85 6e f0 a2 a7 12 ee e8 25 9e f6 eb 4b 87 9a 56 22 e9 8c 44 ee 06 81 1b de e0 2a 38 5e c7 25 10 c1 e7 cf 5d 5a c5 29 88 2e de 9a fb d0 79 77 45 c7 46 5d a2 5c f4 96 5c e7 6b a6 58 b3 d0 c8 d8 7d f6 18 42 ac 89 75 33 b2 45 46 de ec b2 2c 68 70 e3 64 08 a4 5a ce 23 c9 59 b2 c7 07 47 52 a4 ab bf 79 d1 17 3d 91 36 92 ed af 37 fd 98 26 a8 bd 10 1a 32 6c 92 80 d9 b6 ab 9c 06 c9 24 23 54 d0 6a a7 28 2c a0 45 9f 99 5b ad 80 9c ef 5b 6d 67 10 6a 59 d6 cc 3f 85 58 1a 9a cb a8 f8 f4 9a 6b e2 39 68 46 52 51 b8 be 41 97 94 71 3a 28 bc d9 82 b9 a3 c9 6d 43 f7 2f 88 14 58 e5 dc 6a 48 53 66 de d6 a2 c3 d7 f6 e1 86 7a d1 0e a4 f0 c8 99 a1 be 60 Data Ascii: W72aQKJ'2zIr4^j\|$Gn%KV"D*8^%]Z).ywEF]\\kX}Bu3EF,hpdZ#YGRy=67&2l$#Tj(,E[[mgjY?Xk9hFRQAq:(mC/XjHSfz`
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 34 f4 32 e5 a7 5f e4 39 7a 53 fa 47 af ef af ab ec e3 17 09 03 9c de 62 7e f1 37 a0 cf 3a fa 20 27 f0 3c c3 0e ec 57 fd a6 85 1c b7 64 09 62 b9 96 74 16 6b 3d 1e 91 24 e0 61 b3 69 bc 13 c0 89 d6 c6 7a 04 7e 08 93 23 8b c0 17 66 b9 19 81 45 6f ab 05 a3 75 9d 53 3e 8c d8 d3 1b 00 ae d3 5e 07 f1 75 56 3c 10 b3 4b ab 01 ae d3 6c 02 30 61 a2 95 37 fa 90 cc 75 ee e4 e9 c7 5a 6a 93 96 2b 4c 54 8a b7 0d 38 f0 44 99 4b 25 2f de f9 ba 8c 4f a3 5c a8 d8 21 51 51 f5 8e b2 bc 7d 7b 8a 68 77 58 1b 64 ae ec 02 7a 31 7b 6d 2d 23 ab a8 ed 25 33 a4 3a a2 68 15 f9 cd d3 68 f3 10 48 cb ca 31 e0 dd 46 90 97 15 4e c7 24 2d 15 52 3f 66 cc 98 49 68 72 e0 29 65 bf 56 4c 2b 2c 5a 6e de b6 d0 95 9b 37 21 eb 2a a7 a5 44 65 39 2a 1d 5f 2d 59 47 44 47 49 04 2b 5f 24 3c 5f ca 8f 4a 18 Data Ascii: 42_9zSGb~7: '<Wdbtk=$aiz~#fEouS>^uV<Kl0a7uZj+LT8DK%/O\!QQ}{hwXdz1{m-#%3:hhH1FN$-R?fIhr)eVL+,Zn7!De9_-YGDGI+_$<_J
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 33 fa 24 85 97 7c 26 78 d4 04 e5 2f d6 b9 1c d9 06 9f f7 42 e8 59 78 31 68 a2 b4 c2 c7 4a ba fa ea f4 51 7b 37 38 a1 c1 d6 b8 a5 97 9b 44 5e e4 b1 e8 b6 92 c8 7a 73 29 20 00 0f b8 33 8f 18 89 b9 1d 06 2b 0a 2a 6f bf bf bd 7c 70 b4 ad db 44 52 dd 28 e1 ca 01 f8 1d 0b 10 ba 7d d7 9a c2 30 96 ff 70 34 35 e2 33 e9 7a 1b 82 c3 29 81 0e 67 79 f6 6d 93 1e 38 72 91 0f 8e 9e 67 c7 52 d7 0f 91 e4 96 47 6c 5c 05 31 9f 81 a3 d9 a6 6e 7b 45 5e b7 74 cb 6e d2 f8 7d bb c1 47 68 08 a3 74 d7 9e c2 ab c6 43 5e c2 89 2d 7b fe b0 9b b5 c0 71 6b ea b2 69 2d 7b 23 62 f9 44 76 f3 1a 6c 78 ff 6b 4b 26 3b 0b d2 24 09 91 68 d6 d0 d8 dd 88 0f 44 9d 3a 72 69 cb 2b 48 10 98 8e 33 a1 a0 7c 04 a6 d2 48 70 21 32 16 e4 d9 a9 02 ca 1b fa 6b 3b 92 45 79 0c 54 93 85 c2 20 eb dc 00 a7 94 f2 Data Ascii: 3$\|&x/BYx1hJQ{78D^zs) 3+*o\|pDR(}0p453z)gym8rgRGl\1n{E^tn}GhtC^-{qki-{#bDvlxkK&;$hD:ri+H3\|Hp!2k;EyT
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 56 3e 95 3f 08 9e ca 3d 7b b1 24 cf 2f 60 a8 f5 f3 fe eb 49 7d a3 a4 6d 23 33 d1 0e 7a 8a a5 6b 43 cb a1 2a 18 4c 37 23 4b de c4 48 75 e1 78 70 93 dd 83 8a c3 0b ee bf 30 d2 fb f2 a4 16 23 f3 0f 6c 87 e0 bc d8 ec 8e 1a 42 b6 76 e7 ff 90 1c 48 2d 36 9b 65 8b f2 eb 84 dd 59 09 f1 fb f2 1c ef 3e 98 1c 3e 74 20 db 63 e7 2b 8f 54 c2 ae 63 ad 53 e5 e6 d5 9b 0e d7 23 ce 83 4b fc d5 b8 7f 4f 12 1f 1e cc fa 31 14 cc fb ec 7c fd 20 aa 39 cc 94 fa 17 fc 45 f3 81 84 13 8f ff 42 1e f3 43 4b 0b a8 c0 b5 a8 80 d0 0d cf 58 70 f2 5c 5e d6 d9 bf 49 e3 4d 6d 07 d8 c3 dd 2c 9b 2d 1f 09 32 04 ca a0 59 fa 74 2e f5 c3 fc b8 66 d1 d9 b7 63 7f ec b3 55 71 45 d5 0f 84 2c ef b0 80 18 f8 43 0f 38 18 29 43 24 ca 53 52 19 d6 06 eb ca eb d6 65 b2 2b 28 14 1b cc be 5e 68 38 a0 02 2a 2f Data Ascii: V>?={$/`I}m#3zkCL7#KHuxp0#lBvH-6eY>>t c+TcS#KO1\| 9EBCKXp\^IMm,-2Yt.fcUqE,C8)C$SRe+(^h8/
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 96 75 d7 a8 b2 5c b9 45 47 98 82 df a0 ed 32 15 b8 3a ec 0d b0 97 ba 1a 65 ff c8 b0 b2 e2 8e 79 71 88 0d b1 5d f7 06 96 27 b8 1e b1 06 37 b1 6a 00 89 94 64 60 10 54 ea 0d 2e e1 82 be 2a d2 47 83 34 5f df fb 7c 63 7f d2 23 c7 03 f1 91 40 2f 1c e0 2a 02 56 da 4a 7c 37 f9 da 58 60 71 d8 6b 77 55 f0 da fe be 60 ba 04 80 0d 51 ff 37 ef df e4 b3 05 fd ef 0f e2 2e 42 21 5f 9a 10 d3 3a 18 1b 0b 8b e9 43 c8 d7 f9 8a dd 8d 77 f7 f7 3f c1 a0 b5 06 ca 9b 80 31 b3 91 59 4d 03 30 de a3 82 1a dd 01 f9 01 0d f7 5d aa b8 43 35 f1 1f 99 32 4e eb 5f 16 3b 7a dc 69 d5 2d f9 8f 3e 9f 4a 3c fc 6a 97 2e 15 82 6e ef 51 42 30 bd 22 05 93 2a 0b d5 87 9f c7 09 e2 66 9a ce bb 68 7a a0 37 cf f9 58 18 cf 5c 66 47 75 2d c7 44 10 46 1b 71 a7 0a f5 dd 3f 68 64 14 df d0 13 e6 59 6b c0 09 Data Ascii: u\EG2:eyq]'7jd`T.G4_\|c#@/VJ\|7X`qkwU`Q7.B!_:Cw?1YM0]C52N_;zi->J<j.nQB0"*fhz7X\fGu-DFq?hdYk
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: a1 c1 36 5a 40 22 01 13 a5 e8 13 b0 ef c2 ab 14 02 e6 f7 06 f1 50 02 36 2a 8a ab 2b 1d 35 96 ed 9d b8 33 12 03 2d ae cf b6 a3 7a 57 bb 77 f3 02 1d 9a 79 78 17 67 d0 e0 4b 1a 3f e6 d5 90 1c 1f 76 79 93 2f 47 e6 e1 a6 a4 f4 82 0d dd 2c e5 49 90 5e e4 ab 61 6b d4 b3 19 6f 8f 3d 15 30 e5 4a 5e a2 cc ee 82 16 d6 4a df 28 16 13 2a da 92 05 79 45 b3 5e ed a9 8c 29 7f 44 70 13 b8 31 e1 f5 4a 87 22 4f eb 22 16 f1 a8 b9 23 48 ba f4 5f 95 0b 94 fb 5e 13 12 f7 e6 e6 b9 63 b7 27 ef eb ab b0 bd e4 d3 1f bf 90 7f 28 87 31 51 65 e1 38 8f ab c4 dd dd e8 5e 78 b9 bc 3a 86 b7 66 d0 86 2c 86 3d c7 0f 64 b6 ec 1f 85 26 12 e8 45 73 cf 34 dd dd 55 ed 4a 85 aa 48 3b 06 42 fe ad 80 92 d7 11 c3 e9 4a 08 36 31 0b 70 98 3c 81 72 1c 96 e0 86 d8 f1 84 2f 18 9c 88 59 bf 01 f8 fd 0d b9 Data Ascii: 6Z@"P6+53-zWwyxgK?vy/G,I^ako=0J^J(yE^)Dp1J"O"#H_^c'(1Qe8^x:f,=d&Es4UJH;BJ61p<r/Y
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: ea 39 04 c2 d2 98 14 20 50 0f 22 46 83 16 12 4e 6e 4a 3e 06 d7 1d b3 08 b8 c0 51 79 37 0e 6c 67 b3 33 17 1d 19 6f de e6 48 a6 fb c2 c5 44 89 de 71 b2 3a f7 31 36 e9 a8 97 c8 2f 9c 67 a1 25 b4 04 0b cd eb d7 26 5f 2e c5 70 24 b2 2e 9c 97 6b 89 a4 25 7f fe 78 e6 ad c2 d5 52 d8 04 42 8f 5d 45 34 75 5c d8 57 e0 2c 34 a2 25 c0 93 30 7a b5 08 c6 2e ff e4 dc c0 82 0a 7f b6 51 c0 5e 0b ba 65 a9 83 69 a1 24 36 9c e8 1f 52 e9 68 52 46 73 b8 1d 17 d3 00 9f e4 45 19 69 f6 40 63 31 bf 79 a2 52 7b 2e c1 b3 c7 bc da 87 91 9e eb bc 7b fb 88 11 b3 7a dc 35 a3 c6 f6 cc fd 5c 62 86 1c ef 16 bb 0f ab c1 34 7a 88 a4 8d 34 52 dd de 00 ce 4b 3a 23 0e 3a 9b 03 18 65 38 d9 68 3e 1d 1f 3a bf de a3 d3 6b 62 ab 8d 80 a7 63 b4 e3 e7 17 da a8 b1 7b 05 44 b9 74 12 c3 c1 cc 8e df a9 da Data Ascii: 9 P"FNnJ>Qy7lg3oHDq:16/g%&_.p$.k%xRB]E4u\W,4%0z.Q^ei$6RhRFsEi@c1yR{.{z5\b4z4RK:#:e8h>:kbc{Dt
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 59 70 bf 77 18 30 87 20 8a 6d ca a8 6f b1 1b 0b 0b 21 23 21 11 4b 62 62 a0 22 09 ce dd 3d 0b b4 63 17 8b 21 eb 22 3b 2b fc 41 e9 ee 0e bc af 7b b9 f7 e5 f7 bb 30 a6 b2 92 43 27 12 58 aa 68 88 bb af ca 6b 38 ee f5 a2 91 de e5 d5 5d 9c 4a 68 e6 4b 28 15 5a fe b2 99 97 f9 64 c2 a6 72 f9 ed b2 0c cd f5 64 62 32 6b 22 f7 96 89 b0 f0 45 77 89 9e 19 03 96 c2 d8 3f e0 c5 c0 f0 33 68 18 3d 9b 0e 98 60 1c 44 20 fb e6 19 80 24 a9 91 91 ad f4 5c 04 82 95 09 34 73 d1 60 e1 35 98 15 7b b6 77 75 d5 3c 60 87 03 c1 21 ac 15 f0 9e 01 d1 9c 6a d7 2a 44 17 aa 83 69 bc 4a 83 8b 2b fd a6 6e 02 f5 9c 63 33 81 f8 3f 35 c0 cd 03 bb d2 e4 e5 c5 d0 5e d5 f9 4a fb 57 96 5f 09 2e 81 0f aa 25 2e 02 71 44 2c 57 c9 af 4c 61 76 1d d3 de 9f 13 e2 d3 63 b9 4e 04 17 41 18 67 75 19 fc 52 70 Data Ascii: Ypw0 mo!#!Kbb"=c!";+A{0C'Xhk8]JhK(Zdrdb2k"Ew?3h=`D $\4s`5{wu<`!j*DiJ+nc3?5^JW_.%.qD,WLavcNAguRp
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: c5 d7 b6 aa a8 87 6e 0c e2 ca 4f 9e d4 e1 ac 0c 08 29 35 e8 76 e5 d8 99 a3 f3 ca f6 34 dc a8 ab b9 f3 9f 82 9e 5c 9d ac 27 38 59 45 53 ba 09 c3 27 bf ef 3e e1 84 a7 dc 9a ba 09 d4 00 cb 91 53 1b 16 cb fa bb 02 45 23 67 a0 58 dd dc f3 6e cb fe c0 86 26 e1 9a 06 02 19 fe d1 e1 ee d8 03 bd 6c c3 ae 6e 42 55 95 e5 ab 24 b7 29 00 55 bc 04 77 f2 18 67 47 40 97 03 a0 88 1f f7 ae fb 3c 07 f0 83 cb b4 88 2a 03 50 86 9d 93 5f c3 81 49 8d c1 a0 b1 e2 44 5f 63 1f 06 ea c3 2f 4f de fa a1 1b 14 7e ac 7b 47 4c ea 9d fc da 86 3d 19 d2 48 eb 81 65 ca 8d 51 79 94 c4 cc b5 e4 fe b1 22 ab 9b 15 52 65 4f 80 40 c4 13 f6 22 77 6f ac 65 3f 6a b5 92 87 64 f6 73 c2 6b e0 09 d2 35 b2 90 9d 27 c3 8c 20 10 a3 b0 93 5b 64 21 6b e2 29 f2 77 46 0f 0a fb 28 09 e1 1a 61 28 33 2e 3f 21 1d Data Ascii: nO)5v4\'8YES'>SE#gXn&lnBU$)UwgG@<*P_ID_c/O~{GL=HeQy"ReO@"woe?jdsk5' [d!k)wF(a(3.?!

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:58 UTC	607	OUT	GET /mdod/tharep/index.js HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:58 UTC	314	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:26 GMT Content-Type: application/javascript Content-Length: 1461 Last-Modified: Mon, 24 Jun 2024 10:18:22 GMT Connection: close ETag: "667947ee-5b5" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:58 UTC	1461	IN	Data Raw: 2f 2f 20 59 6f 75 72 20 77 65 62 20 61 70 70 27 73 20 46 69 72 65 62 61 73 65 20 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 0a 76 61 72 20 66 69 72 65 62 61 73 65 43 6f 6e 66 69 67 20 3d 20 7b 0a 20 20 61 70 69 4b 65 79 3a 20 22 41 49 7a 61 53 79 41 4e 4c 63 55 33 50 5a 4a 78 61 72 52 6d 55 6f 77 43 6d 36 4c 61 4a 68 44 68 63 53 4e 4e 5f 4e 67 22 2c 0a 20 20 61 75 74 68 44 6f 6d 61 69 6e 3a 20 22 6d 6f 6c 6c 79 65 73 61 74 2e 66 69 72 65 62 61 73 65 61 70 70 2e 63 6f 6d 22 2c 0a 20 20 70 72 6f 6a 65 63 74 49 64 3a 20 22 6d 6f 6c 6c 79 65 73 61 74 22 2c 0a 20 20 73 74 6f 72 61 67 65 42 75 63 6b 65 74 3a 20 22 6d 6f 6c 6c 79 65 73 61 74 2e 61 70 70 73 70 6f 74 2e 63 6f 6d 22 2c 0a 20 20 6d 65 73 73 61 67 69 6e 67 53 65 6e 64 65 72 49 64 3a 20 22 38 32 32 33 30 Data Ascii: // Your web app's Firebase configurationvar firebaseConfig = { apiKey: "AIzaSyANLcU3PZJxarRmUowCm6LaJhDhcSNN_Ng", authDomain: "mollyesat.firebaseapp.com", projectId: "mollyesat", storageBucket: "mollyesat.appspot.com", messagingSenderId: "82230

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:58 UTC	664	OUT	GET /mdod/tharep/4.png HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:58 UTC	303	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:27 GMT Content-Type: image/png Content-Length: 62491 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-f41b" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:58 UTC	3793	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b6 00 00 00 7b 08 06 00 00 00 d9 86 7a 6e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0e 74 00 00 0e 74 01 6b 24 b3 d6 00 00 00 1f 74 45 58 74 53 6f 66 74 77 61 72 65 00 4d 61 63 72 6f 6d 65 64 69 61 20 46 69 72 65 77 6f 72 6b 73 20 38 b5 68 d2 78 00 00 0b 4d 70 72 56 57 78 9c ed 1b 4d 6f db ca 71 b8 5c 72 25 91 b6 24 4b cf 8e ad 44 b1 ad be 07 a4 b9 14 70 81 5c fb 03 0a 14 bd b5 40 0f 3d 09 68 81 06 01 1e 8a 87 f7 1f da 53 4f ba f4 a7 14 41 2f 29 0a 21 3f 20 b7 14 49 9c 38 4e 1c 2b b6 f5 45 72 3b b3 4b 52 a4 44 c9 b4 63 3b 09 9e 86 5c 71 b9 5c ee ce ec ce d7 8e 96 ff 0d fe 75 04 8f e0 d7 92 a0 8b 87 ec 76 bb 2a d7 55 a9 db ed d0 21 65 a7 8b 27 65 3b 1d d9 51 97 76 Data Ascii: PNGIHDR{znsBIT\|dpHYsttk$tEXtSoftwareMacromedia Fireworks 8hxMprVWxMoq\r%$KDp\@=hSOA/)!? I8N+Er;KRDc;\q\uv*U!e'e;Qv
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 7e 19 5e 1a c3 c7 5c 3b 3e 6e a7 c1 d8 df 6d 24 48 ff 59 88 d7 47 f2 e9 7d d0 18 40 4e d2 a6 5d b2 9b 48 f9 5f 73 d1 3d c7 cb 30 7d 25 62 12 e1 57 fd e2 2a 65 57 18 64 1e c7 cc 1a d8 b9 6d e7 fc 83 12 1a 34 1d 8f 01 89 a6 a6 38 92 1d 22 ff 1b 40 f3 bc 10 92 81 9d c3 72 06 c2 72 a2 3f 91 13 c8 90 db 38 90 e4 93 2c 1f 47 84 cf 15 de 08 92 1b 73 4b c4 07 44 96 f9 25 e2 43 b7 30 c4 8f e3 c1 45 11 78 c9 66 cc 0c 27 48 9d 0b e3 3b e4 9e 09 5e 8c 00 d7 2b cb 06 b8 0b b8 9a c3 21 c3 4c 36 1a d9 98 cd e3 20 ab 49 d1 74 32 1d 64 df 2c 3e c6 43 f7 d8 31 19 74 0c c3 7c d8 19 c3 dc d4 18 2a 9e 19 c4 a0 db 08 a1 43 0b f2 95 6c e9 3c b1 59 3c 34 a3 10 61 ce dc 47 9e 81 6c d6 b8 97 42 41 49 4e b4 2c 53 85 56 85 a1 55 61 68 55 d8 50 66 04 88 1f fa 81 34 94 d1 c6 74 0f 0a Data Ascii: ~^\;>nm$HYG}@N]H_s=0}%bWeWdm48"@rr?8,GsKD%C0Exf'H;^+!L6 It2d,>C1t\|Cl<Y<4aGlBAIN,SVUahUPf4t
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: d9 36 9d cf fe bc d3 79 24 6e 7b 1a db d5 2c ea 56 c3 d4 ea b6 8b 32 61 45 1a eb b3 39 cd a4 3f 30 57 03 86 82 08 0a f4 04 f9 cb 84 1f 3d e4 34 3c 86 e7 20 7a 42 9f 6a c4 82 01 45 89 c8 6c 93 82 1c 60 e7 1e 95 c9 75 a0 77 af b7 69 23 ef ee 35 70 33 a6 05 ab cf 57 a5 b7 5f 4c ab 1c 6e ff 02 b2 7c 68 1f ab f0 63 c3 f9 f3 6b 55 d1 8c 95 23 b1 e6 bf 6e c6 2a 9f ee 6d d1 68 3d a7 11 18 93 bd f6 2b fe ac 48 03 67 f5 a2 98 1e f6 b5 3a e8 82 0f bf d1 f3 1a 92 c7 66 93 5d 12 7a 88 19 2e d4 c2 80 38 8f 69 0e 9e 8d 2c 88 da 3b 80 f3 e3 7a f8 9f d0 52 03 9e 2c a0 e7 66 7c f2 1e 9e f0 8a 38 05 2d d8 5f f0 fd 26 44 05 f5 e5 ff c2 e7 7b 44 2d 6f e3 ef d8 5d 1f 69 9e a4 23 df 41 cb 8e 74 8e 3f c3 37 94 19 eb 89 36 c8 ca 97 c5 b4 64 13 b4 74 00 7e d4 17 3a 7f 3b 32 c2 c4 Data Ascii: 6y$n{,V2aE9?0W=4< zBjEl`uwi#5p3W_Ln\|hckU#n*mh=+Hg:f]z.8i,;zR,f\|8-_&D{D-o]i#At?76dt~:;2
2024-07-05 07:29:58 UTC	4096	IN	Data Raw: 3b 57 6d c6 72 f5 35 9d fc 1d 6f e4 63 f6 1f b3 9f fe 49 7a ec 3f fa be 98 8f 91 4f ee f7 7a 78 f7 8c 7b b9 26 d8 c7 21 fb 85 65 b9 7a 2e fe a9 fc bb fd 9d fc d3 17 d4 c5 22 d1 af d1 ed a4 7f f4 0d b9 dd 31 fc 14 d6 f3 e4 c1 f1 47 67 d7 ff ed 7b 2b d2 8f 03 b7 92 7f d7 1e 6c fb 77 3c 01 fd 3d 7d 47 dd bd ec da 46 c6 a8 90 5e fa 29 1f f5 9d 81 b6 ec 7a 49 1d 70 e4 47 bf 95 fc 0b af e3 4b ec 00 ac d6 9c ce 7b cd 7b d9 c9 df 65 c8 ef 0b fb 9a 47 95 7f 91 31 32 e9 c7 db ad af cf 71 af a7 99 69 75 6d 66 17 97 93 3e bf 2e bf d5 fe dd 7d ac ae cd eb f2 9c ae 7e 9e 61 ec 3f 0c c3 30 0c c3 30 0c b0 9a 5b 75 b4 bf 9b 2b f0 37 f8 53 76 71 ac c3 ef ec e6 d6 ad f6 79 ce 85 e7 0a 1d bd 3f de 82 91 7f 8f 7d 18 b6 a1 e5 9c 1a 58 f9 e7 77 ed c5 b6 91 da 76 cc 3f df e5 b0 Data Ascii: ;Wmr5ocIz?Ozx{&!ez."1Gg{+lw<=}GF^)zIpGK{{eG12qiumf>.}~a?00[u+7Svqy?}Xwv?
2024-07-05 07:29:59 UTC	4096	IN	Data Raw: 87 39 23 8d f9 20 9d fe f0 ce 37 78 23 65 74 de 08 59 81 27 fc 83 7c 44 9d 9d 41 1e e0 49 5f c9 47 79 ed cf a6 cf 9e 8a 8f cf 75 7f 39 1d 94 37 d6 2d 59 14 1c 91 3f 41 f4 9f 26 8d 77 e4 20 f9 4f ab 0e e1 25 e9 ed 86 3f f3 ae 33 38 c8 1d 3a 0b 82 ec c5 7c 31 d7 cc a9 fc 25 e4 9f 08 8f 03 3f 24 e3 4b c6 e3 3b 7d 65 5c 8c 85 fa a8 0b 38 e9 4e 0b f2 ea 8c 21 f9 a9 5b 67 43 b4 36 c9 43 19 ea 61 3e a8 83 6f e0 2b 41 7e 02 9a 37 f9 cd 83 3b c0 9a 3a 91 b5 a4 77 e8 5c 8a fc ea d5 4f d2 63 9b 94 e7 9b 22 e5 55 0f e5 a9 57 e7 5b 24 ef d3 b6 fa 41 3a f3 c9 58 c8 47 1b 3a 63 43 3d bc 33 2e c1 58 fa 02 69 d0 27 9d f9 25 bd dd fe 9f cc 39 fe 4e d0 7d 68 2d eb 18 da 0d 1d 65 1d d3 3e ef d0 62 d1 64 e8 2d 3c 1c da 05 4d 63 8d b3 ce a0 bf ac 39 fc a6 58 ff ac 49 78 34 df Data Ascii: 9# 7x#etY'\|DAI_Gyu97-Y?A&w O%?38:\|1%?$K;}e\8N![gC6Ca>o+A~7;:w\Oc"UW[$A:XG:cC=3.Xi'%9N}h-e>bd-<Mc9XIx4
2024-07-05 07:29:59 UTC	4096	IN	Data Raw: 7d 80 06 c8 de 44 90 7e bf 18 f7 3b 7d 12 82 74 2b 05 cd cb 5c e9 8f 6c aa d2 c5 24 ab 03 9f e8 4f a3 fa 74 47 ab ca 2c 94 7f 83 d2 22 6d 8b 79 3f 0a 7d 5d 0c ff 8c d9 d2 d3 fd fc 30 65 3f 4c a4 6e d6 87 78 a2 d2 e7 1a a2 7d 4d b8 a3 f5 05 5f 46 c6 4e 8f 45 77 d8 2e 86 7e 7d 26 58 7e 1c f4 fb 4e 07 e6 01 9a 29 39 59 f7 d2 f2 24 5d f2 d6 e9 22 bc 43 f2 9a f6 f9 48 63 ed f7 7d e0 77 a9 3b 1a 75 67 23 e9 ba 1b f8 6c f5 9f 2d 22 cf 2b a6 bf e9 be e7 18 d3 72 ef 7c db 6f 77 ff 67 83 c1 99 ca 7c d8 c8 1c e8 2c 0c 38 20 f9 0c fd 5a ff 4d 74 a6 a8 7b cd b5 ef cc 3b 69 ba eb 4b 36 1b e9 ec f1 7f 47 c9 b3 d0 fa 32 6d c4 28 19 43 51 ff e5 a9 78 b6 f1 2d b6 be 9f ee 7f 3a b6 a3 4d d6 61 b4 8b 91 a6 7d 96 b9 f4 57 3e dc f2 5b 23 5d fb d1 7c 07 a7 b4 d7 2d 18 a8 7c 1a Data Ascii: }D~;}t+\l$OtG,"my?}]0e?Lnx}M_FNEw.~}&X~N)9Y$]"CHc}w;ug#l-"+r\|owg\|,8 ZMt{;iK6G2m(CQx-:Ma}W>[#]\|-\|
2024-07-05 07:29:59 UTC	4096	IN	Data Raw: e7 f9 14 e6 6c fc 8e d7 38 db 73 ce 73 86 13 e7 75 d7 ae 5d d3 6b bd 2e d7 7c d1 41 21 67 b2 a0 2d f9 fd fe 41 5e 5a 2f 94 a1 93 51 20 10 30 d7 f1 1a cd c9 9d dc 42 a1 90 d9 ea bd f4 33 b7 ce fa a0 a2 f5 27 fb f8 70 62 f9 bb e3 af 65 c7 3c 5a db d1 2a e4 eb f3 f9 70 e3 c6 0d 74 75 75 99 7a c1 f3 99 6b 93 61 34 1a fd 0e 0b 5e cf 73 f8 3d f7 79 8e 5e 43 75 fa 84 70 38 6c ee c9 fb 3b fd 87 ee 5b fe b9 e1 df d3 d3 63 ec fe c4 89 13 b8 70 e1 02 6a 6b 6b 4d 1e 45 76 e7 cf 9f c7 b9 73 e7 70 e4 c8 11 54 57 57 9b cf 6c 77 1d 3c 78 10 95 95 95 38 74 e8 10 4e 9f 3e 8d fa fa 7a 73 1e 95 d7 f3 33 db 64 3c 6f cf 9e 3d e6 18 d9 d0 57 90 2f 99 f3 fa c3 87 0f 9b 73 59 47 b2 59 5a fe b9 e1 cf 32 23 93 aa aa 2a 1c 3d 7a 14 3b 76 ec 30 4c 7b 7b 7b 0d 4f f2 21 27 7e c7 3a 52 Data Ascii: l8ssu]k.\|A!g-A^Z/Q 0B3'pbe<Zptuuzka4^s=y^Cup8l;[cpjkkMEvspTWWlw<x8tN>zs3d<o=W/sYGYZ2#=z;v0L{{{O!'~:R
2024-07-05 07:29:59 UTC	4096	IN	Data Raw: 3a 64 ea c0 c1 83 07 4d 1d d8 7e a8 16 6b 4f 87 31 6d e6 0e fc b4 bc 05 13 16 76 df e4 bf f0 0a ee 2b bf 86 47 2a fc 98 52 0e fc 78 56 0c 3f a9 48 61 e2 4c fa fd 3a 2c 3f d7 8f 06 f9 bd a0 58 7d 34 9d 32 f0 43 01 f6 23 85 65 37 63 fe f5 84 ad ff cf 35 7f fa 78 a7 d2 0f d4 d7 d7 e3 e4 c9 93 86 3d 95 dc 4f 9c 38 61 ea c3 b6 83 a7 b1 f2 70 2f fe a6 e8 00 9e 9e 23 dc 67 75 a2 a0 5c 7c c0 02 69 ef 15 5d c0 c4 0a c9 fd 5f f3 e1 e1 c2 00 9e 2a 6a c1 df 2d a8 c1 8a 93 bd b8 ce ba 66 9e f2 f0 3d b1 d9 73 44 fa cd bf 0c ec f8 af d1 72 73 f3 0c 97 6d 3e e7 58 51 b5 79 fa 00 8e cb 3e 7c f8 b0 b1 77 fa 7b 2a f7 79 8c ba f3 68 1d 36 d4 25 f0 27 2f 7f 8d c7 67 8a fd 17 06 f1 e0 dc 10 26 2c f2 e3 7e f1 07 0f 94 35 63 ca 02 3f 9e 2c b9 82 e7 e6 54 61 4d 5d 06 37 e4 ef 0d Data Ascii: :dM~kO1mv+GRxV?HaL:,?X}42C#e7c5x=O8ap/#gu\\|i]_j-f=sDrsm>XQy>\|w{*yh6%'/g&,~5c?,TaM]7
2024-07-05 07:29:59 UTC	4096	IN	Data Raw: 72 b2 ba c2 ff b8 ae 35 8e ef 32 a9 bd 88 53 3b 57 b8 8b ca ff 6b 8c 5f cf 4b d1 cf 94 f3 ad 38 42 2f 07 dd c1 9d 68 f9 e8 45 cf d5 a0 1f 97 27 8b 39 ea 77 3f 7f 4b 3b d2 78 3a f2 78 1b f0 ba 05 3c 96 ec 7c 40 b6 0f db 63 b3 c4 cf bd ae 15 87 a7 f9 56 fa e0 79 e2 c6 15 07 bb 63 7f f7 ff 40 db 96 8e 53 1e 77 cd 38 42 07 1c 95 f2 71 ae c3 ee ff 5d fb a3 17 3d 8f e9 32 07 f4 6c 8f 42 d3 65 36 56 7d 65 f6 f7 b9 88 9e ad ab f2 52 fd 28 b7 d8 e9 c3 cb e1 de 09 56 fe df 65 ca f6 5a 54 1c a1 eb 84 34 dd fb 1f ef 61 7f 64 a2 ad 65 32 07 de 92 fd 2b 6e f1 59 f6 cf e6 7f f8 42 f5 97 ba 8f 02 9f 54 71 84 ae 53 fc 7f d7 ff 03 bb fe 0e df 94 e9 3c 9b c3 ef f8 7f ad 5b 26 cf 3d fc 7f 66 ff 8e 5b 7c 86 ff f7 0f f5 f7 73 b0 7a ee 50 e7 29 19 47 e8 e5 e8 d9 c1 aa 7d 7b 5a Data Ascii: r52S;Wk_K8B/hE'9w?K;x:x<\|@cVyc@Sw8Bq]=2lBe6V}eR(VeZT4ade2+nYBTqS<[&=f[\|szP)G}{Z
2024-07-05 07:29:59 UTC	4096	IN	Data Raw: fd 34 0c 6e cb 19 cb 71 60 94 58 c6 93 f9 09 fa 76 cf b5 f6 e8 18 d9 2e 78 f5 48 6e 8c fb 8d 6f 72 9f 4a be 80 cf 35 ac f1 c1 e0 ff 48 e0 1c 75 a9 89 f1 ea eb 87 97 8f 0b 66 e0 a7 16 0c ed d7 d7 61 ec 18 95 86 89 5b 5a 17 19 3a 3e 3c c7 4d 40 4a a3 39 f3 02 fd 02 ac e2 24 d3 71 5d 15 01 a1 00 7d 3d 48 85 16 0c 6b 04 d0 fe 33 c6 ca 18 ba e3 af f9 e9 b2 ba 74 bf 51 93 3d 7f 82 01 2c 09 37 c6 c7 06 b5 df bb fd ec ea e7 73 0d c4 3e 90 e3 a2 33 f8 b6 ef de dc 36 5b a6 d1 67 95 a8 97 0c 52 4c 8d d8 8d aa a8 f9 11 ad 3f 17 b7 28 0c 8d 26 77 dd 2e 37 43 23 7e 42 7b 08 82 5d af d3 0a d7 e2 97 55 d4 57 02 b2 0c 37 99 d2 31 7f 6a 6b 7e 82 65 94 63 47 bb bf 72 16 cb c7 f9 1f d0 e3 44 d8 2e 1b 12 3d f4 cb 4b b4 dc ee eb 08 c5 40 dd 57 dd c7 b1 4d 12 03 fb 30 e5 80 90 Data Ascii: 4nq`Xv.xHnorJ5Hufa[Z:><M@J9$q]}=Hk3tQ=,7s>36[gRL?(&w.7C#~B{]UW71jk~ecGrD.=K@WM0

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:58 UTC	670	OUT	GET /mdod/tharep/loading.gif HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:58 UTC	302	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:27 GMT Content-Type: image/gif Content-Length: 4540 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-11bc" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:58 UTC	3794	IN	Data Raw: 47 49 46 38 39 61 dc 00 dc 00 f7 f8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: GIF89a
2024-07-05 07:29:58 UTC	746	IN	Data Raw: 80 25 52 f7 1d 82 fc 61 64 99 7d 28 3a 78 13 8b cf e1 88 10 82 04 e9 f8 9e 84 1b 5e 88 1d 8c 42 1a 04 64 82 3d 16 e9 5a 8a 05 f9 48 de 87 6c 39 39 d5 6d 00 5a 98 e4 45 31 f6 67 99 94 28 05 04 00 21 f9 04 05 0a 00 f8 00 2c 55 00 54 00 2e 00 30 00 00 08 ff 00 f1 09 1c 48 b0 a0 c1 81 fe f0 25 3c c8 b0 a1 43 86 fb 22 3e 9c 48 d1 e0 3e 7d 18 2b 6a ac 98 af e3 46 8d fc 42 f6 33 38 b2 63 be 83 fd 2e ee e3 b7 50 63 4a 8c fb 48 e2 33 79 70 9f 49 7d fc 3e be cc 58 b0 a4 c7 82 fc f4 01 18 9a 2f e7 c7 8b 3c 09 fa 3c 59 50 5f be a1 00 f4 b5 fc 88 51 5f cc 81 4b 81 3e 25 6a f4 23 3e a4 fa 7a ce fc 29 b0 9f 50 a8 61 bd 12 ac 7a 15 5f d6 81 36 a1 e6 1b a9 76 60 d5 b4 03 69 96 3d 0b 20 5f 5b 87 fd fa 4d 25 08 b6 a0 de af 5b a3 d2 35 d8 72 64 44 96 06 73 56 2d 1b 39 b1 df Data Ascii: %Rad}(:x^Bd=ZHl99mZE1g(!,UT.0H%<C">H>}+jFB38c.PcJH3ypI}>X/<<YP_Q_K>%j#>z)Paz_6v`i= _[M%[5rdDsV-9

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:29:58 UTC	667	OUT	GET /mdod/tharep/logo.png HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://lotpomu.ams.dom.my.id/mdod/tharep/dl.html?x=guettrich@granatapet-international.com Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:29:58 UTC	302	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:27 GMT Content-Type: image/png Content-Length: 7537 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-1d71" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:29:58 UTC	3794	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 40 00 00 00 cd 08 06 00 00 00 c9 c9 a9 18 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 20 63 48 52 4d 00 00 7a 26 00 00 80 84 00 00 fa 00 00 00 80 e8 00 00 75 30 00 00 ea 60 00 00 3a 98 00 00 17 70 9c ba 51 3c 00 00 00 06 62 4b 47 44 00 ff 00 ff 00 ff a0 bd a7 93 00 00 1c 88 49 44 41 54 78 da ed 9d 79 9c 5c 65 9d ee 9f df 7b ce a9 ad 97 da ba ba 43 48 b0 b3 40 42 a2 20 a0 e8 08 82 28 26 81 0b 82 38 64 1b 05 86 24 20 3b f1 22 e9 e8 bd 43 3b 3a 72 af 83 20 22 33 02 89 08 c3 22 81 e1 ca 05 49 82 20 30 08 e3 28 08 92 6e 92 08 dc 80 51 88 59 e9 4e 77 a7 6b 39 e7 77 ff a8 ec 6b 2f b5 9c aa 7a be 9f 8f 9f 8f e4 53 dd d5 f5 bc ef 79 ea f7 9c f7 77 de 57 40 48 a1 b9 64 d9 61 76 4e 5b d5 a0 55 15 Data Ascii: PNGIHDR@gAMAa cHRMz&u0`:pQ<bKGDIDATxy\e{CH@B (&8d$ ;"C;:r "3"I 0(nQYNwk9wk/zSywW@HdavN[U
2024-07-05 07:29:58 UTC	3743	IN	Data Raw: 0d 00 47 53 5c 52 c9 18 23 68 8c 87 10 4f 45 10 0c 59 07 49 c5 1e 7a b6 66 90 4d bb 14 ad 72 bf e4 7e 1b 93 dc 29 6f 5d 7d 64 7a b0 3f ba e7 1d df fc 76 f7 34 3f 52 b1 04 42 36 e2 4d 21 44 13 61 98 01 b4 af 58 b6 41 34 1e 42 26 9d 43 6f 77 16 ae cb 03 9a 2a af 10 c4 89 5d b0 be 0f e0 ca e1 45 60 d5 2f 51 4d 52 89 d4 47 83 18 3d 2e 8e b1 13 12 88 37 45 06 64 7e 7b 18 67 d0 46 ac 29 1f 8b 79 03 a8 02 3d 50 e5 8a a1 ac 0c cb 5e f1 f7 b7 00 3e 4e 39 49 25 60 db 06 d1 44 08 b1 a6 30 9c 40 e1 1e 81 63 2c ae d8 28 dc e5 c2 3b 66 cb 35 e3 fe 34 f8 08 dc f6 7a 1c 90 e3 f3 bb 54 13 e2 5f 42 11 07 b1 64 3e e6 16 63 0d 63 8f 58 dc 95 81 cb d5 e2 4a 89 c2 51 0b e6 6e a8 9e 3e d0 23 38 77 19 a0 ca e7 21 ca 7d 7d 88 3f bf dc 0d 50 df 18 44 22 15 41 b8 ce 29 c9 7b 06 82 Data Ascii: GS\R#hOEYIzfMr~)o]}dz?v4?RB6M!DaXA4B&Cow*]E`/QMRG=.7Ed~{gF)y=P^>N9I%`D0@c,(;f54zT_Bd>ccXJQn>#8w!}}?PD"A){

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:30:00 UTC	362	OUT	GET /mdod/tharep/4.png HTTP/1.1 Host: lotpomu.ams.dom.my.id Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-05 07:30:00 UTC	303	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 05 Jul 2024 07:29:28 GMT Content-Type: image/png Content-Length: 62491 Last-Modified: Wed, 09 Mar 2022 19:05:10 GMT Connection: close ETag: "6228fa66-f41b" Expires: Thu, 31 Dec 2037 23:55:55 GMT Cache-Control: max-age=315360000 Accept-Ranges: bytes
2024-07-05 07:30:00 UTC	3793	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 b6 00 00 00 7b 08 06 00 00 00 d9 86 7a 6e 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0e 74 00 00 0e 74 01 6b 24 b3 d6 00 00 00 1f 74 45 58 74 53 6f 66 74 77 61 72 65 00 4d 61 63 72 6f 6d 65 64 69 61 20 46 69 72 65 77 6f 72 6b 73 20 38 b5 68 d2 78 00 00 0b 4d 70 72 56 57 78 9c ed 1b 4d 6f db ca 71 b8 5c 72 25 91 b6 24 4b cf 8e ad 44 b1 ad be 07 a4 b9 14 70 81 5c fb 03 0a 14 bd b5 40 0f 3d 09 68 81 06 01 1e 8a 87 f7 1f da 53 4f ba f4 a7 14 41 2f 29 0a 21 3f 20 b7 14 49 9c 38 4e 1c 2b b6 f5 45 72 3b b3 4b 52 a4 44 c9 b4 63 3b 09 9e 86 5c 71 b9 5c ee ce ec ce d7 8e 96 ff 0d fe 75 04 8f e0 d7 92 a0 8b 87 ec 76 bb 2a d7 55 a9 db ed d0 21 65 a7 8b 27 65 3b 1d d9 51 97 76 Data Ascii: PNGIHDR{znsBIT\|dpHYsttk$tEXtSoftwareMacromedia Fireworks 8hxMprVWxMoq\r%$KDp\@=hSOA/)!? I8N+Er;KRDc;\q\uv*U!e'e;Qv
2024-07-05 07:30:00 UTC	4096	IN	Data Raw: 7e 19 5e 1a c3 c7 5c 3b 3e 6e a7 c1 d8 df 6d 24 48 ff 59 88 d7 47 f2 e9 7d d0 18 40 4e d2 a6 5d b2 9b 48 f9 5f 73 d1 3d c7 cb 30 7d 25 62 12 e1 57 fd e2 2a 65 57 18 64 1e c7 cc 1a d8 b9 6d e7 fc 83 12 1a 34 1d 8f 01 89 a6 a6 38 92 1d 22 ff 1b 40 f3 bc 10 92 81 9d c3 72 06 c2 72 a2 3f 91 13 c8 90 db 38 90 e4 93 2c 1f 47 84 cf 15 de 08 92 1b 73 4b c4 07 44 96 f9 25 e2 43 b7 30 c4 8f e3 c1 45 11 78 c9 66 cc 0c 27 48 9d 0b e3 3b e4 9e 09 5e 8c 00 d7 2b cb 06 b8 0b b8 9a c3 21 c3 4c 36 1a d9 98 cd e3 20 ab 49 d1 74 32 1d 64 df 2c 3e c6 43 f7 d8 31 19 74 0c c3 7c d8 19 c3 dc d4 18 2a 9e 19 c4 a0 db 08 a1 43 0b f2 95 6c e9 3c b1 59 3c 34 a3 10 61 ce dc 47 9e 81 6c d6 b8 97 42 41 49 4e b4 2c 53 85 56 85 a1 55 61 68 55 d8 50 66 04 88 1f fa 81 34 94 d1 c6 74 0f 0a Data Ascii: ~^\;>nm$HYG}@N]H_s=0}%bWeWdm48"@rr?8,GsKD%C0Exf'H;^+!L6 It2d,>C1t\|Cl<Y<4aGlBAIN,SVUahUPf4t
2024-07-05 07:30:00 UTC	4096	IN	Data Raw: d9 36 9d cf fe bc d3 79 24 6e 7b 1a db d5 2c ea 56 c3 d4 ea b6 8b 32 61 45 1a eb b3 39 cd a4 3f 30 57 03 86 82 08 0a f4 04 f9 cb 84 1f 3d e4 34 3c 86 e7 20 7a 42 9f 6a c4 82 01 45 89 c8 6c 93 82 1c 60 e7 1e 95 c9 75 a0 77 af b7 69 23 ef ee 35 70 33 a6 05 ab cf 57 a5 b7 5f 4c ab 1c 6e ff 02 b2 7c 68 1f ab f0 63 c3 f9 f3 6b 55 d1 8c 95 23 b1 e6 bf 6e c6 2a 9f ee 6d d1 68 3d a7 11 18 93 bd f6 2b fe ac 48 03 67 f5 a2 98 1e f6 b5 3a e8 82 0f bf d1 f3 1a 92 c7 66 93 5d 12 7a 88 19 2e d4 c2 80 38 8f 69 0e 9e 8d 2c 88 da 3b 80 f3 e3 7a f8 9f d0 52 03 9e 2c a0 e7 66 7c f2 1e 9e f0 8a 38 05 2d d8 5f f0 fd 26 44 05 f5 e5 ff c2 e7 7b 44 2d 6f e3 ef d8 5d 1f 69 9e a4 23 df 41 cb 8e 74 8e 3f c3 37 94 19 eb 89 36 c8 ca 97 c5 b4 64 13 b4 74 00 7e d4 17 3a 7f 3b 32 c2 c4 Data Ascii: 6y$n{,V2aE9?0W=4< zBjEl`uwi#5p3W_Ln\|hckU#n*mh=+Hg:f]z.8i,;zR,f\|8-_&D{D-o]i#At?76dt~:;2
2024-07-05 07:30:00 UTC	4096	IN	Data Raw: 3b 57 6d c6 72 f5 35 9d fc 1d 6f e4 63 f6 1f b3 9f fe 49 7a ec 3f fa be 98 8f 91 4f ee f7 7a 78 f7 8c 7b b9 26 d8 c7 21 fb 85 65 b9 7a 2e fe a9 fc bb fd 9d fc d3 17 d4 c5 22 d1 af d1 ed a4 7f f4 0d b9 dd 31 fc 14 d6 f3 e4 c1 f1 47 67 d7 ff ed 7b 2b d2 8f 03 b7 92 7f d7 1e 6c fb 77 3c 01 fd 3d 7d 47 dd bd ec da 46 c6 a8 90 5e fa 29 1f f5 9d 81 b6 ec 7a 49 1d 70 e4 47 bf 95 fc 0b af e3 4b ec 00 ac d6 9c ce 7b cd 7b d9 c9 df 65 c8 ef 0b fb 9a 47 95 7f 91 31 32 e9 c7 db ad af cf 71 af a7 99 69 75 6d 66 17 97 93 3e bf 2e bf d5 fe dd 7d ac ae cd eb f2 9c ae 7e 9e 61 ec 3f 0c c3 30 0c c3 30 0c b0 9a 5b 75 b4 bf 9b 2b f0 37 f8 53 76 71 ac c3 ef ec e6 d6 ad f6 79 ce 85 e7 0a 1d bd 3f de 82 91 7f 8f 7d 18 b6 a1 e5 9c 1a 58 f9 e7 77 ed c5 b6 91 da 76 cc 3f df e5 b0 Data Ascii: ;Wmr5ocIz?Ozx{&!ez."1Gg{+lw<=}GF^)zIpGK{{eG12qiumf>.}~a?00[u+7Svqy?}Xwv?
2024-07-05 07:30:00 UTC	4096	IN	Data Raw: 87 39 23 8d f9 20 9d fe f0 ce 37 78 23 65 74 de 08 59 81 27 fc 83 7c 44 9d 9d 41 1e e0 49 5f c9 47 79 ed cf a6 cf 9e 8a 8f cf 75 7f 39 1d 94 37 d6 2d 59 14 1c 91 3f 41 f4 9f 26 8d 77 e4 20 f9 4f ab 0e e1 25 e9 ed 86 3f f3 ae 33 38 c8 1d 3a 0b 82 ec c5 7c 31 d7 cc a9 fc 25 e4 9f 08 8f 03 3f 24 e3 4b c6 e3 3b 7d 65 5c 8c 85 fa a8 0b 38 e9 4e 0b f2 ea 8c 21 f9 a9 5b 67 43 b4 36 c9 43 19 ea 61 3e a8 83 6f e0 2b 41 7e 02 9a 37 f9 cd 83 3b c0 9a 3a 91 b5 a4 77 e8 5c 8a fc ea d5 4f d2 63 9b 94 e7 9b 22 e5 55 0f e5 a9 57 e7 5b 24 ef d3 b6 fa 41 3a f3 c9 58 c8 47 1b 3a 63 43 3d bc 33 2e c1 58 fa 02 69 d0 27 9d f9 25 bd dd fe 9f cc 39 fe 4e d0 7d 68 2d eb 18 da 0d 1d 65 1d d3 3e ef d0 62 d1 64 e8 2d 3c 1c da 05 4d 63 8d b3 ce a0 bf ac 39 fc a6 58 ff ac 49 78 34 df Data Ascii: 9# 7x#etY'\|DAI_Gyu97-Y?A&w O%?38:\|1%?$K;}e\8N![gC6Ca>o+A~7;:w\Oc"UW[$A:XG:cC=3.Xi'%9N}h-e>bd-<Mc9XIx4
2024-07-05 07:30:00 UTC	4096	IN	Data Raw: 7d 80 06 c8 de 44 90 7e bf 18 f7 3b 7d 12 82 74 2b 05 cd cb 5c e9 8f 6c aa d2 c5 24 ab 03 9f e8 4f a3 fa 74 47 ab ca 2c 94 7f 83 d2 22 6d 8b 79 3f 0a 7d 5d 0c ff 8c d9 d2 d3 fd fc 30 65 3f 4c a4 6e d6 87 78 a2 d2 e7 1a a2 7d 4d b8 a3 f5 05 5f 46 c6 4e 8f 45 77 d8 2e 86 7e 7d 26 58 7e 1c f4 fb 4e 07 e6 01 9a 29 39 59 f7 d2 f2 24 5d f2 d6 e9 22 bc 43 f2 9a f6 f9 48 63 ed f7 7d e0 77 a9 3b 1a 75 67 23 e9 ba 1b f8 6c f5 9f 2d 22 cf 2b a6 bf e9 be e7 18 d3 72 ef 7c db 6f 77 ff 67 83 c1 99 ca 7c d8 c8 1c e8 2c 0c 38 20 f9 0c fd 5a ff 4d 74 a6 a8 7b cd b5 ef cc 3b 69 ba eb 4b 36 1b e9 ec f1 7f 47 c9 b3 d0 fa 32 6d c4 28 19 43 51 ff e5 a9 78 b6 f1 2d b6 be 9f ee 7f 3a b6 a3 4d d6 61 b4 8b 91 a6 7d 96 b9 f4 57 3e dc f2 5b 23 5d fb d1 7c 07 a7 b4 d7 2d 18 a8 7c 1a Data Ascii: }D~;}t+\l$OtG,"my?}]0e?Lnx}M_FNEw.~}&X~N)9Y$]"CHc}w;ug#l-"+r\|owg\|,8 ZMt{;iK6G2m(CQx-:Ma}W>[#]\|-\|
2024-07-05 07:30:00 UTC	4096	IN	Data Raw: e7 f9 14 e6 6c fc 8e d7 38 db 73 ce 73 86 13 e7 75 d7 ae 5d d3 6b bd 2e d7 7c d1 41 21 67 b2 a0 2d f9 fd fe 41 5e 5a 2f 94 a1 93 51 20 10 30 d7 f1 1a cd c9 9d dc 42 a1 90 d9 ea bd f4 33 b7 ce fa a0 a2 f5 27 fb f8 70 62 f9 bb e3 af 65 c7 3c 5a db d1 2a e4 eb f3 f9 70 e3 c6 0d 74 75 75 99 7a c1 f3 99 6b 93 61 34 1a fd 0e 0b 5e cf 73 f8 3d f7 79 8e 5e 43 75 fa 84 70 38 6c ee c9 fb 3b fd 87 ee 5b fe b9 e1 df d3 d3 63 ec fe c4 89 13 b8 70 e1 02 6a 6b 6b 4d 1e 45 76 e7 cf 9f c7 b9 73 e7 70 e4 c8 11 54 57 57 9b cf 6c 77 1d 3c 78 10 95 95 95 38 74 e8 10 4e 9f 3e 8d fa fa 7a 73 1e 95 d7 f3 33 db 64 3c 6f cf 9e 3d e6 18 d9 d0 57 90 2f 99 f3 fa c3 87 0f 9b 73 59 47 b2 59 5a fe b9 e1 cf 32 23 93 aa aa 2a 1c 3d 7a 14 3b 76 ec 30 4c 7b 7b 7b 0d 4f f2 21 27 7e c7 3a 52 Data Ascii: l8ssu]k.\|A!g-A^Z/Q 0B3'pbe<Zptuuzka4^s=y^Cup8l;[cpjkkMEvspTWWlw<x8tN>zs3d<o=W/sYGYZ2#=z;v0L{{{O!'~:R
2024-07-05 07:30:00 UTC	4096	IN	Data Raw: 3a 64 ea c0 c1 83 07 4d 1d d8 7e a8 16 6b 4f 87 31 6d e6 0e fc b4 bc 05 13 16 76 df e4 bf f0 0a ee 2b bf 86 47 2a fc 98 52 0e fc 78 56 0c 3f a9 48 61 e2 4c fa fd 3a 2c 3f d7 8f 06 f9 bd a0 58 7d 34 9d 32 f0 43 01 f6 23 85 65 37 63 fe f5 84 ad ff cf 35 7f fa 78 a7 d2 0f d4 d7 d7 e3 e4 c9 93 86 3d 95 dc 4f 9c 38 61 ea c3 b6 83 a7 b1 f2 70 2f fe a6 e8 00 9e 9e 23 dc 67 75 a2 a0 5c 7c c0 02 69 ef 15 5d c0 c4 0a c9 fd 5f f3 e1 e1 c2 00 9e 2a 6a c1 df 2d a8 c1 8a 93 bd b8 ce ba 66 9e f2 f0 3d b1 d9 73 44 fa cd bf 0c ec f8 af d1 72 73 f3 0c 97 6d 3e e7 58 51 b5 79 fa 00 8e cb 3e 7c f8 b0 b1 77 fa 7b 2a f7 79 8c ba f3 68 1d 36 d4 25 f0 27 2f 7f 8d c7 67 8a fd 17 06 f1 e0 dc 10 26 2c f2 e3 7e f1 07 0f 94 35 63 ca 02 3f 9e 2c b9 82 e7 e6 54 61 4d 5d 06 37 e4 ef 0d Data Ascii: :dM~kO1mv+GRxV?HaL:,?X}42C#e7c5x=O8ap/#gu\\|i]_j-f=sDrsm>XQy>\|w{*yh6%'/g&,~5c?,TaM]7
2024-07-05 07:30:00 UTC	4096	IN	Data Raw: 72 b2 ba c2 ff b8 ae 35 8e ef 32 a9 bd 88 53 3b 57 b8 8b ca ff 6b 8c 5f cf 4b d1 cf 94 f3 ad 38 42 2f 07 dd c1 9d 68 f9 e8 45 cf d5 a0 1f 97 27 8b 39 ea 77 3f 7f 4b 3b d2 78 3a f2 78 1b f0 ba 05 3c 96 ec 7c 40 b6 0f db 63 b3 c4 cf bd ae 15 87 a7 f9 56 fa e0 79 e2 c6 15 07 bb 63 7f f7 ff 40 db 96 8e 53 1e 77 cd 38 42 07 1c 95 f2 71 ae c3 ee ff 5d fb a3 17 3d 8f e9 32 07 f4 6c 8f 42 d3 65 36 56 7d 65 f6 f7 b9 88 9e ad ab f2 52 fd 28 b7 d8 e9 c3 cb e1 de 09 56 fe df 65 ca f6 5a 54 1c a1 eb 84 34 dd fb 1f ef 61 7f 64 a2 ad 65 32 07 de 92 fd 2b 6e f1 59 f6 cf e6 7f f8 42 f5 97 ba 8f 02 9f 54 71 84 ae 53 fc 7f d7 ff 03 bb fe 0e df 94 e9 3c 9b c3 ef f8 7f ad 5b 26 cf 3d fc 7f 66 ff 8e 5b 7c 86 ff f7 0f f5 f7 73 b0 7a ee 50 e7 29 19 47 e8 e5 e8 d9 c1 aa 7d 7b 5a Data Ascii: r52S;Wk_K8B/hE'9w?K;x:x<\|@cVyc@Sw8Bq]=2lBe6V}eR(VeZT4ade2+nYBTqS<[&=f[\|szP)G}{Z
2024-07-05 07:30:00 UTC	4096	IN	Data Raw: fd 34 0c 6e cb 19 cb 71 60 94 58 c6 93 f9 09 fa 76 cf b5 f6 e8 18 d9 2e 78 f5 48 6e 8c fb 8d 6f 72 9f 4a be 80 cf 35 ac f1 c1 e0 ff 48 e0 1c 75 a9 89 f1 ea eb 87 97 8f 0b 66 e0 a7 16 0c ed d7 d7 61 ec 18 95 86 89 5b 5a 17 19 3a 3e 3c c7 4d 40 4a a3 39 f3 02 fd 02 ac e2 24 d3 71 5d 15 01 a1 00 7d 3d 48 85 16 0c 6b 04 d0 fe 33 c6 ca 18 ba e3 af f9 e9 b2 ba 74 bf 51 93 3d 7f 82 01 2c 09 37 c6 c7 06 b5 df bb fd ec ea e7 73 0d c4 3e 90 e3 a2 33 f8 b6 ef de dc 36 5b a6 d1 67 95 a8 97 0c 52 4c 8d d8 8d aa a8 f9 11 ad 3f 17 b7 28 0c 8d 26 77 dd 2e 37 43 23 7e 42 7b 08 82 5d af d3 0a d7 e2 97 55 d4 57 02 b2 0c 37 99 d2 31 7f 6a 6b 7e 82 65 94 63 47 bb bf 72 16 cb c7 f9 1f d0 e3 44 d8 2e 1b 12 3d f4 cb 4b b4 dc ee eb 08 c5 40 dd 57 dd c7 b1 4d 12 03 fb 30 e5 80 90 Data Ascii: 4nq`Xv.xHnorJ5Hufa[Z:><M@J9$q]}=Hk3tQ=,7s>36[gRL?(&w.7C#~B{]UW71jk~ecGrD.=K@WM0

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:30:08 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-05 07:30:08 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=204039 Date: Fri, 05 Jul 2024 07:30:08 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:30:09 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-05 07:30:09 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=204054 Date: Fri, 05 Jul 2024 07:30:09 GMT Content-Length: 55 Connection: close X-CID: 2
2024-07-05 07:30:09 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:30:09 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=lcaSBH2vpHkbWK5&MD=RFCWrWUA HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-07-05 07:30:09 UTC	513	IN	HTTP/1.1 200 OK Content-Length: 24490 Connection: close Content-Type: application/octet-stream Date: Fri, 05 Jul 2024 07:30:09 GMT Cache-Control: no-cache ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT SLSVersion: 2.0 MS-CorrelationId: 56e8f3fc-7c7b-404d-aea4-9b9e215deae9 MS-RequestId: 552c17d5-a2ce-47a0-8bf9-2ed002a6003e MS-CV: B99UEIfh/0S7eMBF.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab
2024-07-05 07:30:09 UTC	3583	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-07-05 07:30:09 UTC	4096	IN	Data Raw: 43 6f 8f 4b 08 bf 90 5e dd e9 e0 ad 3a f3 6e f5 13 8d bc dc 4a e5 ce 08 39 bf 0b 6f 71 a1 bd f9 89 a4 0b 7e ad b7 07 c4 b2 4d 5e 04 10 a3 94 1f bf 5f 3c fe 61 32 7d 66 f8 c3 90 15 94 b5 2b 94 9b 3e b0 52 61 a7 8c f1 bd e1 aa d3 94 82 bb 52 af 1f 6d 5e f1 79 90 3d 67 86 9a ca 0e d4 c9 a5 cf cc 65 eb 98 57 b2 f6 7c f9 74 af d6 53 3e 74 b8 2f 8a b2 eb c5 bd 21 03 ca 11 15 fe 9e a3 b5 a5 1d 4a d2 07 d9 5f 47 e6 38 aa ce 22 44 4d 8f 54 6f 28 cd 68 29 54 2b d9 9c 1b 70 91 b0 4e 69 0b e6 9b 21 51 76 14 c9 c5 03 45 00 9e fe e9 d7 c5 85 c3 a1 28 3c 7d 17 58 d7 f6 5d ec 81 be 06 ac aa 84 41 e1 bf 8e 3d e0 a1 86 c4 14 5f 36 93 16 8a c8 c1 43 77 81 6b ab 04 5e 00 f7 0a fa b9 eb e3 96 e4 70 e8 6f 84 0e 4e 75 b3 27 fa 2f c5 52 e4 18 f8 52 50 fb e7 86 68 b1 f4 5c 91 75 Data Ascii: CoK^:nJ9oq~M^_<a2}f+>RaRm^y=geW\|tS>t/!J_G8"DMTo(h)T+pNi!QvE(<}X]A=_6Cwk^poNu'/RRPh\u
2024-07-05 07:30:09 UTC	4096	IN	Data Raw: f6 ba 1a 14 67 56 cc de df be 44 ef 34 be 5a 3d 68 d0 94 71 3a ec 86 ca 6c b7 75 9c 13 7f 71 8b bf 63 4d 32 13 26 f2 aa 5b ad 7f b0 1c 2c c0 c7 38 6e 5c de 9c bf 78 25 14 b9 27 fd 1d ce 80 5f 4a a7 25 65 f8 7c 62 0b cf 2d 1f ab cc e9 f1 ea 61 ab c3 35 7d 62 c3 39 ab 32 69 09 51 99 1d 23 bc fc 7a 36 35 36 af 83 6b 6f 89 11 f1 3d 8c a1 8e 1a 34 7e 5d ef bf 1b 4a cd 50 a1 ba 7e 8e e7 69 82 3e de 34 ac fe 6a c7 33 6b a8 50 09 e1 bf 29 fe 07 30 82 41 0f 06 09 2a 86 48 86 f7 0d 01 07 02 a0 82 41 00 30 82 40 fc 02 01 01 31 0f 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 30 81 9d 06 0a 2b 06 01 04 01 82 37 02 01 04 a0 81 8e 30 81 8b 30 56 06 0a 2b 06 01 04 01 82 37 02 01 1c a1 48 04 10 a6 b5 86 d5 b4 a1 24 66 ae 05 a2 17 da 8e 60 d6 04 34 31 32 30 30 06 0a 2b 06 Data Ascii: gVD4Z=hq:luqcM2&[,8n\x%'_J%e\|b-a5}b92iQ#z656ko=4~]JP~i>4j3kP)0A*HA0@10`He0+700V+7H$f`41200+
2024-07-05 07:30:09 UTC	4096	IN	Data Raw: 76 9b c2 1b 25 6c 3f 01 d0 b8 bb 6f e9 4d 62 55 f3 7a 5b c4 05 04 2e 09 48 41 fd e9 13 24 1e f0 71 f0 79 9e 8e a7 ea d7 72 49 9f 71 e8 41 4c 0a 8e 69 71 3c 8f e9 56 c5 9d a0 e6 3c df 48 88 1c cf 7f eb a0 34 f3 ff 37 ca 6d 9f c7 86 eb 12 35 0a 45 a5 81 a8 f8 53 6d c6 11 4e ef 37 77 2a 73 bf 08 f9 ee ba 8d b8 48 1a 93 32 44 3a cd 7c 41 2d e3 20 7e 34 a2 7c 2b 93 92 2f 0a 5f 17 c8 65 98 79 74 bb e7 1c 1a e2 6c a4 15 db cf ae 5b 18 f9 9a 82 ab 98 f5 13 93 f3 0f 89 71 a4 2f c0 7e 77 fb 64 26 22 e5 4e ad f6 92 18 a6 d3 94 cd 49 13 ad 79 db e2 53 23 d3 01 f4 55 10 41 0d 52 3e fd 89 9e 2a c8 0a d1 11 8b 87 81 95 4a 78 71 ab af 15 de f4 09 82 83 c6 11 e8 4d cf 5e c7 90 ea 63 c2 f2 61 65 db d9 2f 77 be a4 19 52 2e b5 62 7b 0f bb cd 6f d8 a4 a1 82 30 ab 30 82 12 e1 Data Ascii: v%l?oMbUz[.HA$qyrIqALiq<V<H47m5ESmN7wsH2D:\|A- ~4\|+/_eytl[q/~wd&"NIyS#UAR>JxqM^cae/wR.b{o00
2024-07-05 07:30:09 UTC	4096	IN	Data Raw: d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 82 03 0d 30 82 03 09 02 01 01 30 81 93 30 7c 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 Data Ascii: 06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1000\|10UUS10UWashingt
2024-07-05 07:30:09 UTC	4096	IN	Data Raw: 61 74 69 6f 6e 73 31 26 30 24 06 03 55 04 0b 13 1d 54 68 61 6c 65 73 20 54 53 53 20 45 53 4e 3a 31 32 42 43 2d 45 33 41 45 2d 37 34 45 42 31 25 30 23 06 03 55 04 03 13 1c 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 53 65 72 76 69 63 65 a0 82 0e 3c 30 82 04 f1 30 82 03 d9 a0 03 02 01 02 02 13 33 00 00 00 f8 c2 5f 33 d0 b5 8f 15 04 00 00 00 00 00 f8 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 7c 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 Data Ascii: ations1&0$UThales TSS ESN:12BC-E3AE-74EB1%0#UMicrosoft Time-Stamp Service<003_30*H0\|10UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp
2024-07-05 07:30:09 UTC	427	IN	Data Raw: 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 02 13 33 00 00 00 f8 c2 5f 33 d0 b5 8f 15 04 00 00 00 00 00 f8 30 22 04 20 7a de d8 d5 6f 69 33 d0 70 dc 4b 0a 87 20 2e 89 b9 7d 43 21 25 09 e9 8e e0 2f 61 63 6e 2e d3 c8 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 04 82 01 00 2d 46 01 d9 a2 c3 dc 11 ef 0b c9 9a 71 cb 9b d2 85 03 27 37 73 d7 48 58 97 ee 08 0c 34 5a 0a 0a d8 df 80 0a f3 3d 79 80 3f 16 0c dc 7c c5 78 09 cb 96 e0 3a a7 af 76 2e 9e f2 9d 5b 86 24 9a 4a ff 6d 1d cf 92 7d 03 90 a8 a0 be 00 b2 b0 9c d1 a3 2f 8d 33 d8 a2 96 c4 ce Data Ascii: 10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20103_30" zoi3pK .}C!%/acn.0*H-Fq'7sHX4Z=y?\|x:v.[$Jm}/3

Timestamp	Bytes transferred	Direction	Data
2024-07-05 07:30:46 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=lcaSBH2vpHkbWK5&MD=RFCWrWUA HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-07-05 07:30:46 UTC	513	IN	HTTP/1.1 200 OK Content-Length: 30005 Connection: close Content-Type: application/octet-stream Date: Fri, 05 Jul 2024 07:30:46 GMT Cache-Control: no-cache ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT SLSVersion: 2.0 MS-CorrelationId: f56afc86-ab3e-46bf-8f0f-bfe7e8b53a04 MS-RequestId: 5b2dcc91-39d2-4ba1-9112-552880ba9f64 MS-CV: vghc06/VQU2S4xQf.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab
2024-07-05 07:30:46 UTC	3583	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-07-05 07:30:46 UTC	4096	IN	Data Raw: a5 2c ce 99 83 9d 3d b1 fd 54 23 49 02 04 a2 83 f9 a0 d2 7e 49 71 fa 03 5a 2e d9 80 37 4e eb b4 9d 0d 01 82 5b b9 71 89 a8 4a 26 77 1f bb b7 98 57 8b 21 ad 17 b9 93 be f7 58 fd 9a f6 d2 41 4d c6 32 da a8 36 64 f2 15 ce 8c 13 9d 4d 6d 2f d9 cc 55 e6 fe 88 1d 8b c8 64 56 9a 22 ac 40 91 1d f8 70 7d 5f c8 f3 8c f0 84 e2 4f 6a e6 b5 1b 79 57 1d 17 33 e7 6a 86 17 9c 1f 45 e3 aa 1b e9 86 7f c2 ef d3 2e 88 e5 20 de 0a ba 6e 57 a0 11 dc 0c 2a 93 96 8a 01 6b 15 af b5 df a9 97 87 a6 1c 88 f6 1b 0b 9c 30 7c 63 d4 2d c7 be 7a 45 af cf fe 6d f4 39 8f 65 61 04 f2 2c 15 80 3c 4b 81 4a f1 80 80 f8 ff 34 74 fc d3 1c ed 58 ea 97 16 50 74 e8 02 be 6e 64 4c 28 e2 c4 f1 3c 14 35 93 ef 25 6c 04 2e 70 bc 95 04 e0 fa 7e 22 ec 30 f1 5c c3 29 ea 36 90 67 ca ff d4 20 4a c9 b4 56 e5 Data Ascii: ,=T#I~IqZ.7N[qJ&wW!XAM26dMm/UdV"@p}_OjyW3jE. nW*k0\|c-zEm9ea,<KJ4tXPtndL(<5%l.p~"0\)6g JV
2024-07-05 07:30:46 UTC	4096	IN	Data Raw: a9 dc 3e de 1b 4b b0 64 27 5a 7d 67 27 b9 f6 8a c2 ab e8 40 3c 32 2e 82 e2 a4 d2 6c c7 e6 cd b3 e3 81 ac 0b fb 4a 6e f3 27 9f 7c 14 e6 1d 94 ed 1c 9d 79 97 1b ee b3 5d 14 f5 79 20 4f 5e 8f d5 bf 23 65 95 73 ac 8e 86 a4 ca 77 f5 e0 da 64 4c e3 6d d7 db 21 f2 be f2 ec c4 84 31 e2 c1 29 83 92 2b 62 da 92 fc e5 f9 d2 97 22 54 8c 45 c5 42 2f 71 09 f7 74 97 34 d5 1b 28 bc b9 e0 67 1a 9b bb ec e4 43 44 a6 87 f7 71 f5 66 07 db 46 b9 30 7f cc 98 35 c3 c5 27 ef 3d c6 95 9e 8d e8 9f 49 7d c9 1e 56 9e 62 fb 6a 96 81 a5 ea fa 13 dd 2c aa a9 8e 16 41 a6 b7 d3 61 31 0c ee f9 f2 b0 85 0a 13 4b 6c b2 0e eb aa e5 d0 56 a9 d9 17 8d bc d7 00 24 9d e7 f7 1f 22 50 ce 11 49 67 85 aa 33 fb 81 2b a7 d3 44 55 a9 fe df d4 ea 61 70 02 48 68 3d ea 2d 73 2c 87 26 4f 1f 6f 9b ac dd ee Data Ascii: >Kd'Z}g'@<2.lJn'\|y]y O^#eswdLm!1)+b"TEB/qt4(gCDqfF05'=I}Vbj,Aa1KlV$"PIg3+DUapHh=-s,&Oo
2024-07-05 07:30:46 UTC	4096	IN	Data Raw: 9e 6b d5 a1 e0 c3 e3 f1 92 12 81 23 1d 9e 5b 8c 83 b9 a6 f2 ce fc 34 44 06 ee 97 6a 1a ad 7a 2a 89 47 bd 67 a2 d1 1b 21 b0 95 e8 29 23 38 98 10 56 c4 12 82 e9 48 03 14 04 7f bf 70 42 b6 d9 b6 04 1b 03 9c 67 15 67 02 d2 9d 6a ae 97 5b 7d 39 7e 4d a2 c1 ac 9f 7c 54 6e 51 8b bf 3d a5 80 c1 91 a9 64 bb 20 52 b5 85 97 b4 95 50 0a 41 6e 51 f1 ca cb 97 e4 bf 2a 74 93 cf a7 ba 48 88 0c 5f 19 af 70 7d 15 f1 9f 24 d6 9c 85 c7 06 de 82 3c 2b c3 8b fc 4e 4e e9 0e fa 79 68 26 98 fa e0 d5 1c 14 6c 0f 69 88 07 a2 6f 2b f4 1d d7 17 69 db af 23 90 15 84 fa fa c9 c9 5c b5 a9 30 09 8d 19 02 03 01 00 01 a3 82 01 9a 30 82 01 96 30 1f 06 03 55 1d 25 04 18 30 16 06 0a 2b 06 01 04 01 82 37 4c 06 01 06 08 2b 06 01 05 05 07 03 03 30 1d 06 03 55 1d 0e 04 16 04 14 05 8a 92 2b d9 f6 Data Ascii: k#[4DjzGg!)#8VHpBggj[}9~M\|TnQ=d RPAnQtH_p}$<+NNyh&lio+i#\000U%0+7L+0U+
2024-07-05 07:30:46 UTC	4096	IN	Data Raw: 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f 73 6f 66 74 20 49 72 65 6c 61 6e 64 20 4f 70 65 72 61 74 69 6f 6e 73 20 4c 69 6d 69 74 65 64 31 26 30 24 06 03 55 04 0b 13 1d 54 68 61 6c 65 Data Ascii: d10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Microsoft Ireland Operations Limited1&0$UThale
2024-07-05 07:30:46 UTC	4096	IN	Data Raw: 31 31 32 33 30 36 30 39 5a 30 77 30 3d 06 0a 2b 06 01 04 01 84 59 0a 04 01 31 2f 30 2d 30 0a 02 05 00 e9 e8 b6 61 02 01 00 30 0a 02 01 00 02 02 38 53 02 01 ff 30 07 02 01 00 02 02 11 fd 30 0a 02 05 00 e9 ea 07 e1 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 57 9e f9 80 71 d0 39 be 5c 97 fb 40 f8 9f 33 ba 15 78 47 ca 89 5e ad b0 80 83 a5 94 06 78 f7 e0 f0 18 5f 03 e1 27 ea 33 3e 9e 44 23 75 17 92 46 44 40 74 2f 11 f1 f6 5c 28 23 a4 bd fc 82 b3 53 5a 28 fb 97 94 b9 39 91 59 57 7d 96 ba ae 38 54 88 05 d0 39 21 9f c7 5b 81 f7 ef 49 7f 3d d4 cf 73 83 e1 aa 01 80 6b 6b 7b bd Data Ascii: 11230609Z0w0=+Y1/0-0a08S0006+Y1(0&0+Y0 00*HWq9\@3xG^x_'3>D#uFD@t/\(#SZ(9YW}8T9![I=skk{
2024-07-05 07:30:46 UTC	4096	IN	Data Raw: 19 24 81 38 a8 91 34 36 cf a1 82 17 28 30 82 17 24 06 0a 2b 06 01 04 01 82 37 03 03 01 31 82 17 14 30 82 17 10 06 09 2a 86 48 86 f7 0d 01 07 02 a0 82 17 01 30 82 16 fd 02 01 03 31 0f 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 30 82 01 59 06 0b 2a 86 48 86 f7 0d 01 09 10 01 04 a0 82 01 48 04 82 01 44 30 82 01 40 02 01 01 06 0a 2b 06 01 04 01 84 59 0a 03 01 30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 0e 37 92 54 86 51 4b c0 1c ca e2 b2 5b 5d 1e 39 12 d9 7b 3a 2a 7d 18 90 0b 35 b8 21 f9 5b ec e5 02 06 66 33 ab 3f 7f e4 18 13 32 30 32 34 30 35 31 30 31 36 34 32 33 31 2e 35 39 39 5a 30 04 80 02 01 f4 a0 81 d8 a4 81 d5 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 Data Ascii: $846(0$+710H010`He0YHHD0@+Y010`He 7TQK[]9{:*}5![f3?20240510164231.599Z0010UUS10UWashington10
2024-07-05 07:30:46 UTC	1846	IN	Data Raw: 2b e0 0d b8 e6 8c 99 d6 e1 22 ea f0 27 42 3d 25 94 e6 74 74 5b 6a d1 9e 3e ed 7e a0 31 33 7d bc cb e9 7b bf 38 70 44 d1 90 f1 c8 ab 3a 8a 3a 08 62 7f d9 70 63 53 4d 8d ee 82 6d a5 05 10 c1 71 06 6a 10 b4 1d 55 33 58 b3 a1 70 66 f2 a1 82 02 d3 30 82 02 3c 02 01 01 30 82 01 00 a1 81 d8 a4 81 d5 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f 73 6f 66 74 20 49 72 65 6c 61 6e 64 20 4f 70 65 72 61 74 69 6f 6e 73 20 4c 69 6d 69 74 65 64 31 26 30 24 06 03 55 04 0b 13 1d 54 68 61 6c 65 73 20 54 53 53 20 45 Data Ascii: +"'B=%tt[j>~13}{8pD::bpcSMmqjU3Xpf0<0010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Microsoft Ireland Operations Limited1&0$UThales TSS E