Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72

Overview

General Information

Sample URL:http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72
Analysis ID:1579581
Infos:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
AI detected suspicious URL
HTML body contains low number of good links
HTML body contains password input but no form action
HTML title does not match URL

Classification

  • System is w10x64
  • chrome.exe (PID: 2332 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 2472 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2376,i,8405439244769221643,11633367070896645104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6532 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.krJoe Sandbox AI: Score: 9 Reasons: The brand 'Traveloka' is well-known and primarily associated with the domain 'traveloka.com'., The URL 'mail-hdel.lvdd.info' does not match the legitimate domain of Traveloka., The domain 'lvdd.info' is unrelated to Traveloka and appears suspicious., The use of a subdomain 'mail-hdel' and the unrelated main domain 'lvdd.info' suggests a phishing attempt., The presence of an email input field with a non-Traveloka domain (hdsl.co.kr) further indicates potential phishing. DOM: 2.1.pages.csv
Source: EmailJoe Sandbox AI: AI detected IP in URL: http://217.28.130.10
Source: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.krHTTP Parser: Number of links: 0
Source: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.krHTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.krHTTP Parser: Title: Document does not match URL
Source: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.krHTTP Parser: <input type="password" .../> found
Source: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.krHTTP Parser: No favicon
Source: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.krHTTP Parser: No <meta name="author".. found
Source: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.krHTTP Parser: No <meta name="copyright".. found
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownTCP traffic detected without corresponding DNS query: 23.54.80.57
Source: unknownTCP traffic detected without corresponding DNS query: 23.54.80.57
Source: unknownTCP traffic detected without corresponding DNS query: 217.28.130.10
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /?email=br.sung@hdel.co.kr HTTP/1.1Host: mail-hdel.lvdd.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: http://217.28.130.10/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /index.php?csrftoken=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ== HTTP/1.1Host: mail-hdel.lvdd.infoConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: http://217.28.130.10/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
Source: global trafficHTTP traffic detected: GET /check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=%27%27 HTTP/1.1Host: mail-hdel.lvdd.infoConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: http://217.28.130.10/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
Source: global trafficHTTP traffic detected: GET /auth?email=&sessid=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ%3D%3D HTTP/1.1Host: mail-hdel.lvdd.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://mail-hdel.lvdd.info/check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=%27%27Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
Source: global trafficHTTP traffic detected: GET /auth/?email=&sessid=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ%3D%3D HTTP/1.1Host: mail-hdel.lvdd.infoConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://mail-hdel.lvdd.info/check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=%27%27Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
Source: global trafficHTTP traffic detected: GET /auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr& HTTP/1.1Host: mail-hdel.lvdd.infoConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://mail-hdel.lvdd.info/check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=%27%27Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mail-hdel.lvdd.infoConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
Source: global trafficHTTP traffic detected: GET /8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72 HTTP/1.1Host: 217.28.130.10Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 217.28.130.10Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: mail-hdel.lvdd.info
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: unknownHTTP traffic detected: POST /report/v4?s=8IOhjvpP1svgqtTCTmXj3SsMyOenUFQuP1ewyx5P18tgXhaMQUrBNV9aOLsj5dXDd%2BVia03ttgRcQFCDZ%2Ff0I7CcaveOohJfd4poScFKDmqdezUUmOSkxMgjTG%2FFYwkKwT%2BBUFh3 HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 495Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 23 Dec 2024 02:15:29 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeCache-Control: private, no-cache, max-age=0pragma: no-cachex-turbo-charged-by: LiteSpeedvary: Accept-EncodingCF-Cache-Status: BYPASSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8IOhjvpP1svgqtTCTmXj3SsMyOenUFQuP1ewyx5P18tgXhaMQUrBNV9aOLsj5dXDd%2BVia03ttgRcQFCDZ%2Ff0I7CcaveOohJfd4poScFKDmqdezUUmOSkxMgjTG%2FFYwkKwT%2BBUFh3"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8f64d81339844343-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1737&min_rtt=1723&rtt_var=674&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2814&recv_bytes=1283&delivery_rate=1590413&cwnd=244&unsent_bytes=0&cid=d558b8739d5fe1ed&ts=969&x=0"
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 23 Dec 2024 02:15:04 GMTServer: Apache/2.4.41 (Ubuntu)Content-Length: 275Keep-Alive: timeout=5, max=99Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 32 31 37 2e 32 38 2e 31 33 30 2e 31 30 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at 217.28.130.10 Port 80</address></body></html>
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: classification engineClassification label: mal52.phis.win@17/10@6/6
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2376,i,8405439244769221643,11633367070896645104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2376,i,8405439244769221643,11633367070896645104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Browser Extensions
1
Process Injection
1
Process Injection
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
mail-hdel.lvdd.info
172.67.191.167
truetrue
    unknown
    a.nel.cloudflare.com
    35.190.80.1
    truefalse
      high
      www.google.com
      172.217.19.228
      truefalse
        high
        NameMaliciousAntivirus DetectionReputation
        https://mail-hdel.lvdd.info/auth/?email=&sessid=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ%3D%3Dfalse
          unknown
          https://mail-hdel.lvdd.info/index.php?csrftoken=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ==false
            unknown
            https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.krtrue
              unknown
              https://a.nel.cloudflare.com/report/v4?s=8IOhjvpP1svgqtTCTmXj3SsMyOenUFQuP1ewyx5P18tgXhaMQUrBNV9aOLsj5dXDd%2BVia03ttgRcQFCDZ%2Ff0I7CcaveOohJfd4poScFKDmqdezUUmOSkxMgjTG%2FFYwkKwT%2BBUFh3false
                high
                https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&false
                  unknown
                  http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72false
                    unknown
                    https://mail-hdel.lvdd.info/favicon.icofalse
                      unknown
                      https://mail-hdel.lvdd.info/?email=br.sung@hdel.co.krfalse
                        unknown
                        http://217.28.130.10/favicon.icotrue
                          unknown
                          https://mail-hdel.lvdd.info/check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=%27%27false
                            unknown
                            https://mail-hdel.lvdd.info/auth?email=&sessid=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ%3D%3Dfalse
                              unknown
                              • No. of IPs < 25%
                              • 25% < No. of IPs < 50%
                              • 50% < No. of IPs < 75%
                              • 75% < No. of IPs
                              IPDomainCountryFlagASNASN NameMalicious
                              172.217.19.228
                              www.google.comUnited States
                              15169GOOGLEUSfalse
                              172.67.191.167
                              mail-hdel.lvdd.infoUnited States
                              13335CLOUDFLARENETUStrue
                              239.255.255.250
                              unknownReserved
                              unknownunknownfalse
                              35.190.80.1
                              a.nel.cloudflare.comUnited States
                              15169GOOGLEUSfalse
                              217.28.130.10
                              unknownUnited Kingdom
                              15839COBWEB-NETGBtrue
                              IP
                              192.168.2.4
                              Joe Sandbox version:41.0.0 Charoite
                              Analysis ID:1579581
                              Start date and time:2024-12-23 03:13:54 +01:00
                              Joe Sandbox product:CloudBasic
                              Overall analysis duration:0h 3m 22s
                              Hypervisor based Inspection enabled:false
                              Report type:full
                              Cookbook file name:browseurl.jbs
                              Sample URL:http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72
                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                              Number of analysed new started processes analysed:8
                              Number of new started drivers analysed:0
                              Number of existing processes analysed:0
                              Number of existing drivers analysed:0
                              Number of injected processes analysed:0
                              Technologies:
                              • HCA enabled
                              • EGA enabled
                              • AMSI enabled
                              Analysis Mode:default
                              Analysis stop reason:Timeout
                              Detection:MAL
                              Classification:mal52.phis.win@17/10@6/6
                              EGA Information:Failed
                              HCA Information:
                              • Successful, ratio: 100%
                              • Number of executed functions: 0
                              • Number of non-executed functions: 0
                              • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                              • Excluded IPs from analysis (whitelisted): 172.217.21.35, 172.217.17.78, 64.233.162.84, 172.217.17.46, 199.232.214.172, 192.229.221.95, 172.217.17.74, 172.217.21.42, 172.217.17.42, 172.217.19.234, 142.250.181.42, 172.217.19.202, 216.58.208.234, 172.217.19.170, 142.250.181.74, 142.250.181.106, 142.250.181.138, 172.217.17.35, 2.16.229.162, 20.109.210.53, 13.107.246.63
                              • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, otelrules.azureedge.net, ajax.googleapis.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
                              • Not all processes where analyzed, report is missing behavior information
                              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                              • VT rate limit hit for: http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72
                              No simulations
                              No context
                              No context
                              No context
                              No context
                              No context
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with no line terminators
                              Category:downloaded
                              Size (bytes):40
                              Entropy (8bit):4.477567157116928
                              Encrypted:false
                              SSDEEP:3:mSVgYFICnfHiCkY:mSVgVYCCR
                              MD5:2C969A1E16B466364C3D29AAB559396A
                              SHA1:5A908877FF4BD48BD8D5FC90FE44FACDB0CFB27C
                              SHA-256:1EF2230A1DA6EAB68881292F3CAF5BF5BBAD946CAF7340BE12AE98DE4130DF84
                              SHA-512:5B82784AE33CC0E318915A1C9CF723E60FBFB6B1BE234C30095B554B6672861BE5A590793D631B3379A003F0FC1DAD29741A94FB612F47D64C0DA0590C9BE299
                              Malicious:false
                              Reputation:low
                              URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgnGSY53tZffWhIFDfJM4hkSBQ1iWEepEgUNgbgvGA==?alt=proto
                              Preview:ChsKBw3yTOIZGgAKBw1iWEepGgAKBw2BuC8YGgA=
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text, with CRLF, LF line terminators
                              Category:downloaded
                              Size (bytes):1249
                              Entropy (8bit):5.242453121762845
                              Encrypted:false
                              SSDEEP:24:hYYIzD6yJRA3ZsjNQCRtgoLY95Mu56+eDHHLFCOXAkRcfRrzd0Ll72rKQk:rq6Kj2CZLY5Mc6NDLYzkYKLlOM
                              MD5:F58515DFE987F7E027C8A71BBC884621
                              SHA1:BEC6AEBF5940EA88FBBFF5748D539453D49FA284
                              SHA-256:679E7E62B81267C93D0778083AE0FD0EFE24172FF0AC581835B54165B3D9ED43
                              SHA-512:F085346A38318F7935D76909DB0367862924CC9B0D96256F7FF4E8999C041E610BBCDE8CA56C92673BDE0991C85E9C9D9B6726ABD91D0C3177462C80D4A99140
                              Malicious:false
                              Reputation:low
                              URL:https://mail-hdel.lvdd.info/favicon.ico
                              Preview:<!DOCTYPE html>.<html style="height:100%">.<head>.<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">.<title> 404 Not Found..</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head>.<body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">.<div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">. <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1>.<h2 style="margin-top:20px;font-size: 30px;">Not Found..</h2>.<p>The resource requested could not be found on this server!</p>.</div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:HTML document, ASCII text
                              Category:downloaded
                              Size (bytes):275
                              Entropy (8bit):5.239363258542399
                              Encrypted:false
                              SSDEEP:6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoIR+knCXIcXaoD:J0+oxBeRmR9etdzRxGezH0qCXIma+
                              MD5:F8B1968EA59666D8C762F26C13EBDA04
                              SHA1:F3D908EBFDB3EA84F44037B085680E57C3A37AF9
                              SHA-256:0D0B08D4FF1512F171A369D6720A9333DECB5FFD2F88D4C1B8C2E2DAB596E405
                              SHA-512:02EE6E2EBE082AD00ADC638066B5F7868C3ABAED859EFAC39625EDDF86AB860B371C34547DF8F7AD2BB69FBA0D41BC2141FEA450294190FEFD5AA39742491FFE
                              Malicious:false
                              Reputation:low
                              URL:http://217.28.130.10/favicon.ico
                              Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.<hr>.<address>Apache/2.4.41 (Ubuntu) Server at 217.28.130.10 Port 80</address>.</body></html>.
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text, with very long lines (65451)
                              Category:downloaded
                              Size (bytes):89166
                              Entropy (8bit):5.289013695909453
                              Encrypted:false
                              SSDEEP:1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakU:AYh8eip3huuf6IidlrvakdtQ47GKE
                              MD5:E422394640E6B0859FEFA04074D7A19C
                              SHA1:514027A8B7C00C611C1B2BEECF93A43374EAA986
                              SHA-256:532627A12FEF57F15C830263F7FCA46BAF80A627C87D7597D4A0CAF3BBCD47D1
                              SHA-512:4903A073E4AD42916ABB49F4115A93970A92363E124707B7951D92DD945836ADE44183F43B74116D79E1C87F09E1B4B6212DB697BDB99FADA5D865830310C6C1
                              Malicious:false
                              Reputation:low
                              URL:https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
                              Preview:/*! jQuery v3.5.1 | (c) JS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"o
                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                              File Type:ASCII text
                              Category:downloaded
                              Size (bytes):3
                              Entropy (8bit):0.9182958340544896
                              Encrypted:false
                              SSDEEP:3:t:t
                              MD5:0D43126FAD68FE2C979D6A117AE97CC5
                              SHA1:79598FD5A47CD4CD6ABF84A090310F1EF6B2977B
                              SHA-256:FC1FD07C7CC51C082ECA5BBB70FEC30C863B608B78BA6913E39165433972C386
                              SHA-512:7DEAEC454DD216866A2D6093A0C352839C184462B31117E53B375D60D61DC4FE2BFD0BD92D58BF37DD9E0F49058D09DCF9BF13663834A25D80939BDC4F4A0AC6
                              Malicious:false
                              Reputation:low
                              URL:http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72
                              Preview:. .
                              No static file info
                              TimestampSource PortDest PortSource IPDest IP
                              Dec 23, 2024 03:14:56.764393091 CET49675443192.168.2.4173.222.162.32
                              Dec 23, 2024 03:15:01.818267107 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:01.818315029 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:01.820000887 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:01.820000887 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:01.820060968 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:03.515147924 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:03.543940067 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:03.543977022 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:03.544965029 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:03.545032978 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:03.551645041 CET4974180192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:03.551757097 CET4974280192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:03.551898003 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:03.551971912 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:03.600512028 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:03.600522995 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:03.653558016 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:03.671406031 CET8049741217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:03.671420097 CET8049742217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:03.671483994 CET4974180192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:03.671499968 CET4974280192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:03.672077894 CET4974280192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:03.791510105 CET8049742217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:04.773977041 CET8049742217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:04.814335108 CET4974280192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:04.826539040 CET4974280192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:04.946135044 CET8049742217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:05.148627996 CET8049742217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:05.190226078 CET4974280192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:05.301739931 CET49744443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:05.301774025 CET44349744172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:05.302030087 CET49744443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:05.302369118 CET49745443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:05.302402020 CET44349745172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:05.302541018 CET49745443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:05.302943945 CET49744443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:05.302953005 CET49745443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:05.302958965 CET44349744172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:05.302963972 CET44349745172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.521433115 CET44349745172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.522769928 CET49745443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.522789955 CET44349745172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.523797035 CET44349745172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.523874044 CET49745443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.528532028 CET49745443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.528597116 CET44349745172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.528834105 CET49745443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.528842926 CET44349745172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.528928995 CET49745443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.528947115 CET49745443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.529292107 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.529323101 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.529386997 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.529738903 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.529756069 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.530337095 CET44349744172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.534424067 CET49744443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.534434080 CET44349744172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.535865068 CET44349744172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.535923958 CET49744443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.536770105 CET49744443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.536783934 CET49744443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.536823034 CET49744443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.537013054 CET44349744172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.537061930 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.537092924 CET49744443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.537095070 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:06.537151098 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.537424088 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:06.537437916 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.761497974 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.761817932 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:07.761850119 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.763029099 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.763118982 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:07.767038107 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:07.767117023 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.768161058 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:07.768174887 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.812007904 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:07.850044966 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.850260019 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:07.850280046 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.853770018 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.853831053 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:07.854144096 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:07.854310036 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.905605078 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:07.905615091 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:07.952678919 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:08.853893042 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:08.854077101 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:08.854140043 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:08.856087923 CET49746443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:08.856106043 CET44349746172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:08.858778954 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:08.899362087 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:09.734014988 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:09.734087944 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:09.734255075 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:09.737068892 CET49747443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:09.737081051 CET44349747172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:09.737081051 CET49748443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:09.737169027 CET44349748172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:09.737550020 CET49748443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:09.737550020 CET49748443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:09.737627983 CET44349748172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:10.154979944 CET8049742217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:10.155081987 CET4974280192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:10.948438883 CET44349748172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:10.948664904 CET49748443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:10.948709965 CET44349748172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:10.949621916 CET44349748172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:10.949688911 CET49748443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:10.950006962 CET49748443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:10.950007915 CET49748443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:10.950046062 CET49748443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:10.950074911 CET44349748172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:10.950138092 CET49748443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:10.950376034 CET49750443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:10.950418949 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:10.950509071 CET49750443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:10.950735092 CET49750443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:10.950758934 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:12.143069029 CET4974280192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:12.160928011 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:12.165297031 CET49750443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:12.165344000 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:12.165643930 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:12.168706894 CET49750443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:12.168780088 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:12.168888092 CET49750443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:12.211329937 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:12.262609959 CET8049742217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:13.120806932 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:13.120899916 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:13.120970964 CET49750443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:13.152292967 CET49750443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:13.152358055 CET44349750172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:13.182912111 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:13.182998896 CET44349752172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:13.183043957 CET49753443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:13.183089972 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:13.183095932 CET44349753172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:13.183146954 CET49753443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:13.183456898 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:13.183495045 CET44349752172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:13.183784962 CET49753443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:13.183799028 CET44349753172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:13.200727940 CET4972380192.168.2.4199.232.210.172
                              Dec 23, 2024 03:15:13.258788109 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:13.258837938 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:13.258907080 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:13.320725918 CET8049723199.232.210.172192.168.2.4
                              Dec 23, 2024 03:15:13.320815086 CET4972380192.168.2.4199.232.210.172
                              Dec 23, 2024 03:15:14.140295029 CET49739443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:15:14.140305996 CET44349739172.217.19.228192.168.2.4
                              Dec 23, 2024 03:15:14.395102024 CET44349752172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.395431995 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.395464897 CET44349752172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.396512985 CET44349752172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.396590948 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.397017002 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.397051096 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.397092104 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.397119045 CET44349752172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.397280931 CET44349752172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.397353888 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.397355080 CET49752443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.397438049 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.397512913 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.397594929 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.397794962 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.397825956 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.402498007 CET44349753172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.402678013 CET49753443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.402702093 CET44349753172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.406227112 CET44349753172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.406297922 CET49753443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.406651020 CET49753443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.406663895 CET49753443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.406692028 CET49753443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.406775951 CET44349753172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.406831980 CET49753443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.406903028 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.406969070 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:14.407042027 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.407202005 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:14.407233953 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.622585058 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.639134884 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.663832903 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:15.663873911 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.664779902 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.664856911 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:15.665990114 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:15.666026115 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.666651964 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:15.666714907 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.666991949 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.667061090 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:15.680556059 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:15.680684090 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.682890892 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:15.682909012 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.724066973 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:15.724186897 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:15.724212885 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:15.770061970 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:16.620306969 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:16.620392084 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:16.620455027 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:16.620836973 CET49756443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:16.620871067 CET44349756172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:16.622764111 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:16.667330027 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:17.586086035 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:17.586153030 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:17.586229086 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:17.587610006 CET49757443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:17.587656021 CET44349757172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:17.588387012 CET49759443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:17.588439941 CET44349759172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:17.588526011 CET49759443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:17.588788033 CET49759443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:17.588820934 CET44349759172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:18.798042059 CET44349759172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:18.798295975 CET49759443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:18.798346043 CET44349759172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:18.799210072 CET44349759172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:18.799285889 CET49759443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:18.799592972 CET49759443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:18.799624920 CET49759443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:18.799649000 CET49759443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:18.799668074 CET44349759172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:18.799730062 CET49759443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:18.799868107 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:18.799902916 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:18.799968958 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:18.800139904 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:18.800156116 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:20.013670921 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:20.014056921 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:20.014069080 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:20.014518023 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:20.016058922 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:20.016135931 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:20.016237020 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:20.063332081 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.661887884 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.661948919 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.661990881 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.662002087 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.662014008 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.662059069 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.662061930 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.662075043 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.662122965 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.662128925 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.676896095 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.676930904 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.676968098 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.676975012 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.677136898 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.684844971 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.725289106 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.781541109 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.825562000 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.825570107 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.857683897 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.857764959 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.857770920 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.865433931 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.865494967 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.865502119 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.873322964 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.873383999 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.873389006 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.881303072 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.881465912 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.881472111 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.889137030 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.889193058 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.889199018 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.897048950 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.897114992 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.897124052 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.904891014 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.904959917 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.904968023 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.920624018 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.920691967 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.920829058 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.920845032 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.920891047 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.927062988 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.933531046 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.933588982 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.933594942 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.939985037 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.940051079 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.940057993 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.946717024 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:21.946768045 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:21.946773052 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.005693913 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.046093941 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.049186945 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.049352884 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.049361944 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.062227964 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.062235117 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.062407970 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.062414885 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.075119972 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.075292110 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.075303078 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.075357914 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.087933064 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.087941885 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.088013887 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.094360113 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.094547033 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.107487917 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.107496977 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.107563972 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.112185001 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.112193108 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.112268925 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.121741056 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.121748924 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.121815920 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.131252050 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.131436110 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.131450891 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.131496906 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.140779018 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.140842915 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.145715952 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.145874023 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.155286074 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.155360937 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.164730072 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.164891005 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.263653994 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.263825893 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.269579887 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.269654989 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.273474932 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.273542881 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.280668020 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.280749083 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.287741899 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.287826061 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.291213989 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.291285992 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.297844887 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.297914028 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.304511070 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.304579973 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.307910919 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.307971001 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.314517021 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.314582109 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.321129084 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.321192980 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.327775002 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.327869892 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.327886105 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.334382057 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.334454060 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.334461927 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.334506035 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.337831020 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.337904930 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.346023083 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.346080065 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.349431038 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.349487066 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.356152058 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.356208086 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.362621069 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.363095999 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.369249105 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.370459080 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.372570038 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.372641087 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.379234076 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.379303932 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.382635117 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.382694960 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.455578089 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.455641031 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.459228039 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.459284067 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.461914062 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.461966991 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.466952085 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.467005014 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.484453917 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.484462023 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.484529972 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.484532118 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.484570026 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.484599113 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.484618902 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.496964931 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.497020006 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.497023106 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.497042894 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.497070074 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.511598110 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.511612892 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.511668921 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.511677980 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.511708021 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.520802021 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.520818949 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.520857096 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.520863056 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.520901918 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.526099920 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.526149988 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.526156902 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.526171923 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.526204109 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.533551931 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.533612967 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.533623934 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.533644915 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.533677101 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.533689976 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.541806936 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.541851997 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.541874886 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.541881084 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.541920900 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.592375040 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.651448965 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.651469946 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.651539087 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.651546955 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.651590109 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.658056021 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.658071041 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.658117056 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.658121109 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.658174992 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.661437035 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.661498070 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.669554949 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.669570923 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.669615030 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.669619083 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.669666052 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.673290014 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.673350096 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.673356056 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.673397064 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.680886030 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.680905104 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.680949926 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.680963039 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.680994034 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.681003094 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.688293934 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.688309908 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.688374043 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.688379049 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.688421011 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.695205927 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.695278883 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.695281029 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.695307970 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.695336103 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.695374012 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:22.695415974 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.715034008 CET49761443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:22.715054035 CET44349761172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:25.813884974 CET49763443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:25.813905001 CET44349763172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:25.813977957 CET49763443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:25.814402103 CET49763443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:25.814408064 CET44349763172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:27.023854017 CET44349763172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:27.024187088 CET49763443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:27.024197102 CET44349763172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:27.025037050 CET44349763172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:27.025104046 CET49763443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:27.025497913 CET49763443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:27.025515079 CET49763443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:27.025543928 CET44349763172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:27.025568008 CET49763443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:27.025620937 CET49763443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:27.025909901 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:27.025959015 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:27.026026964 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:27.026211023 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:27.026233912 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:28.237602949 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:28.237951040 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:28.237993002 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:28.238853931 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:28.238925934 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:28.239238977 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:28.239296913 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:28.239370108 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:28.239379883 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:28.279426098 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:29.201160908 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:29.201273918 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:29.201339006 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:29.204283953 CET49765443192.168.2.4172.67.191.167
                              Dec 23, 2024 03:15:29.204301119 CET44349765172.67.191.167192.168.2.4
                              Dec 23, 2024 03:15:29.341219902 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:29.341306925 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:29.341408968 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:29.341614962 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:29.341651917 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:30.555649996 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:30.556189060 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:30.556253910 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:30.557250023 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:30.557332993 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:30.558640003 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:30.558701992 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:30.558932066 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:30.558942080 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:30.607333899 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:31.011879921 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:31.011945963 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:31.012018919 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:31.012254953 CET49766443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:31.012298107 CET4434976635.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:31.013159990 CET49767443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:31.013185024 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:31.013258934 CET49767443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:31.013480902 CET49767443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:31.013489008 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:32.223639965 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:32.223922014 CET49767443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:32.223932981 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:32.224214077 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:32.224514008 CET49767443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:32.224555016 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:32.224627018 CET49767443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:32.267333984 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:32.684781075 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:32.684848070 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:32.685193062 CET49767443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:32.685201883 CET4434976735.190.80.1192.168.2.4
                              Dec 23, 2024 03:15:32.685226917 CET49767443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:32.685255051 CET49767443192.168.2.435.190.80.1
                              Dec 23, 2024 03:15:48.684890985 CET4974180192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:48.804449081 CET8049741217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:56.205574036 CET8049741217.28.130.10192.168.2.4
                              Dec 23, 2024 03:15:56.205790997 CET4974180192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:56.294629097 CET4972480192.168.2.423.54.80.57
                              Dec 23, 2024 03:15:56.414841890 CET804972423.54.80.57192.168.2.4
                              Dec 23, 2024 03:15:56.415036917 CET4972480192.168.2.423.54.80.57
                              Dec 23, 2024 03:15:58.140048981 CET4974180192.168.2.4217.28.130.10
                              Dec 23, 2024 03:15:58.259685040 CET8049741217.28.130.10192.168.2.4
                              Dec 23, 2024 03:16:01.733413935 CET49804443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:16:01.733479977 CET44349804172.217.19.228192.168.2.4
                              Dec 23, 2024 03:16:01.733572006 CET49804443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:16:01.733870029 CET49804443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:16:01.733903885 CET44349804172.217.19.228192.168.2.4
                              Dec 23, 2024 03:16:03.426645994 CET44349804172.217.19.228192.168.2.4
                              Dec 23, 2024 03:16:03.427056074 CET49804443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:16:03.427112103 CET44349804172.217.19.228192.168.2.4
                              Dec 23, 2024 03:16:03.427468061 CET44349804172.217.19.228192.168.2.4
                              Dec 23, 2024 03:16:03.427918911 CET49804443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:16:03.427997112 CET44349804172.217.19.228192.168.2.4
                              Dec 23, 2024 03:16:03.482307911 CET49804443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:16:13.130893946 CET44349804172.217.19.228192.168.2.4
                              Dec 23, 2024 03:16:13.130958080 CET44349804172.217.19.228192.168.2.4
                              Dec 23, 2024 03:16:13.131071091 CET49804443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:16:14.139902115 CET49804443192.168.2.4172.217.19.228
                              Dec 23, 2024 03:16:14.139993906 CET44349804172.217.19.228192.168.2.4
                              TimestampSource PortDest PortSource IPDest IP
                              Dec 23, 2024 03:14:58.058067083 CET53499121.1.1.1192.168.2.4
                              Dec 23, 2024 03:14:58.061101913 CET53610311.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:00.828028917 CET53565671.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:01.670741081 CET5334253192.168.2.41.1.1.1
                              Dec 23, 2024 03:15:01.670741081 CET5925253192.168.2.41.1.1.1
                              Dec 23, 2024 03:15:01.807754993 CET53533421.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:01.808113098 CET53592521.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:04.819080114 CET5938553192.168.2.41.1.1.1
                              Dec 23, 2024 03:15:04.819586992 CET5008753192.168.2.41.1.1.1
                              Dec 23, 2024 03:15:05.300631046 CET53593851.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:05.301009893 CET53500871.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:07.880897045 CET138138192.168.2.4192.168.2.255
                              Dec 23, 2024 03:15:17.823823929 CET53588391.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:22.883148909 CET53601151.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:25.949390888 CET53581441.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:29.203035116 CET5752853192.168.2.41.1.1.1
                              Dec 23, 2024 03:15:29.203125954 CET5383653192.168.2.41.1.1.1
                              Dec 23, 2024 03:15:29.339978933 CET53538361.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:29.340498924 CET53575281.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:36.512286901 CET53573301.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:57.716243982 CET53596051.1.1.1192.168.2.4
                              Dec 23, 2024 03:15:59.527671099 CET53500261.1.1.1192.168.2.4
                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                              Dec 23, 2024 03:15:01.670741081 CET192.168.2.41.1.1.10x5a14Standard query (0)www.google.com65IN (0x0001)false
                              Dec 23, 2024 03:15:01.670741081 CET192.168.2.41.1.1.10x697aStandard query (0)www.google.comA (IP address)IN (0x0001)false
                              Dec 23, 2024 03:15:04.819080114 CET192.168.2.41.1.1.10xf6f5Standard query (0)mail-hdel.lvdd.infoA (IP address)IN (0x0001)false
                              Dec 23, 2024 03:15:04.819586992 CET192.168.2.41.1.1.10x8533Standard query (0)mail-hdel.lvdd.info65IN (0x0001)false
                              Dec 23, 2024 03:15:29.203035116 CET192.168.2.41.1.1.10x4997Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                              Dec 23, 2024 03:15:29.203125954 CET192.168.2.41.1.1.10xb054Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                              Dec 23, 2024 03:15:01.807754993 CET1.1.1.1192.168.2.40x5a14No error (0)www.google.com65IN (0x0001)false
                              Dec 23, 2024 03:15:01.808113098 CET1.1.1.1192.168.2.40x697aNo error (0)www.google.com172.217.19.228A (IP address)IN (0x0001)false
                              Dec 23, 2024 03:15:05.300631046 CET1.1.1.1192.168.2.40xf6f5No error (0)mail-hdel.lvdd.info172.67.191.167A (IP address)IN (0x0001)false
                              Dec 23, 2024 03:15:05.300631046 CET1.1.1.1192.168.2.40xf6f5No error (0)mail-hdel.lvdd.info104.21.60.51A (IP address)IN (0x0001)false
                              Dec 23, 2024 03:15:05.301009893 CET1.1.1.1192.168.2.40x8533No error (0)mail-hdel.lvdd.info65IN (0x0001)false
                              Dec 23, 2024 03:15:29.340498924 CET1.1.1.1192.168.2.40x4997No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                              • 217.28.130.10
                                • mail-hdel.lvdd.info
                              • https:
                              • a.nel.cloudflare.com
                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.449742217.28.130.10802472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              Dec 23, 2024 03:15:03.672077894 CET540OUTGET /8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72 HTTP/1.1
                              Host: 217.28.130.10
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Accept-Encoding: gzip, deflate
                              Accept-Language: en-US,en;q=0.9
                              Dec 23, 2024 03:15:04.773977041 CET276INHTTP/1.1 200 OK
                              Date: Mon, 23 Dec 2024 02:15:04 GMT
                              Server: Apache/2.4.41 (Ubuntu)
                              refresh: 0;url=https://mail-hdel.lvdd.info/?email=br.sung@hdel.co.kr
                              Content-Length: 3
                              Keep-Alive: timeout=5, max=100
                              Connection: Keep-Alive
                              Content-Type: text/html; charset=UTF-8
                              Data Raw: 0a 20 0a
                              Data Ascii:
                              Dec 23, 2024 03:15:04.826539040 CET482OUTGET /favicon.ico HTTP/1.1
                              Host: 217.28.130.10
                              Connection: keep-alive
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Referer: http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72
                              Accept-Encoding: gzip, deflate
                              Accept-Language: en-US,en;q=0.9
                              Dec 23, 2024 03:15:05.148627996 CET491INHTTP/1.1 404 Not Found
                              Date: Mon, 23 Dec 2024 02:15:04 GMT
                              Server: Apache/2.4.41 (Ubuntu)
                              Content-Length: 275
                              Keep-Alive: timeout=5, max=99
                              Connection: Keep-Alive
                              Content-Type: text/html; charset=iso-8859-1
                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 32 31 37 2e 32 38 2e 31 33 30 2e 31 30 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at 217.28.130.10 Port 80</address></body></html>


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.449741217.28.130.10802472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              Dec 23, 2024 03:15:48.684890985 CET6OUTData Raw: 00
                              Data Ascii:


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              0192.168.2.449746172.67.191.1674432472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-12-23 02:15:07 UTC705OUTGET /?email=br.sung@hdel.co.kr HTTP/1.1
                              Host: mail-hdel.lvdd.info
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: document
                              Referer: http://217.28.130.10/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-12-23 02:15:08 UTC1163INHTTP/1.1 302 Found
                              Date: Mon, 23 Dec 2024 02:15:08 GMT
                              Content-Type: text/html; charset=UTF-8
                              Transfer-Encoding: chunked
                              Connection: close
                              Set-Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui; path=/
                              expires: Thu, 19 Nov 1981 08:52:00 GMT
                              Cache-Control: no-store, no-cache, must-revalidate
                              pragma: no-cache
                              location: https://mail-hdel.lvdd.info/index.php?csrftoken=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ==
                              x-turbo-charged-by: LiteSpeed
                              cf-cache-status: DYNAMIC
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAbcHU669MKjCblcxNgDAoJWeA757%2FwmOZpXiMTa2HQz5%2BcpGQwFZCRY436ezTN8Z32CmA3Hk5s7lrq5VTXYRXg8s5xFU1nWP3L7ZPsy3me6keA2B1BJNmDaE1JUIa2CkM6reshr"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 8f64d7932d6bc445-EWR
                              alt-svc: h3=":443"; ma=86400
                              server-timing: cfL4;desc="?proto=TCP&rtt=1504&min_rtt=1498&rtt_var=573&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2816&recv_bytes=1283&delivery_rate=1888745&cwnd=227&unsent_bytes=0&cid=479ff830b6ec5998&ts=1112&x=0"
                              2024-12-23 02:15:08 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              1192.168.2.449747172.67.191.1674432472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-12-23 02:15:08 UTC858OUTGET /index.php?csrftoken=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ== HTTP/1.1
                              Host: mail-hdel.lvdd.info
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Referer: http://217.28.130.10/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
                              2024-12-23 02:15:09 UTC1085INHTTP/1.1 302 Found
                              Date: Mon, 23 Dec 2024 02:15:09 GMT
                              Content-Type: text/html; charset=UTF-8
                              Transfer-Encoding: chunked
                              Connection: close
                              expires: Thu, 19 Nov 1981 08:52:00 GMT
                              Cache-Control: no-store, no-cache, must-revalidate
                              pragma: no-cache
                              location: check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=''
                              x-turbo-charged-by: LiteSpeed
                              cf-cache-status: DYNAMIC
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RC6Q5RQ0CNJ1Igk4fznwGtUKXOdQLquoQh1NrmdQ3tJYV5E1rjU3Rw0UvpJzJ8xbhsJ5WlC3lIJk3SF4G%2BvEOq8VPIo8F%2FOe52QgLt4WY1brwdf0b8zL9XRZnGOEUjE1cUtCz3UL"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 8f64d79958bc4273-EWR
                              alt-svc: h3=":443"; ma=86400
                              server-timing: cfL4;desc="?proto=TCP&rtt=1949&min_rtt=1934&rtt_var=756&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2815&recv_bytes=1436&delivery_rate=1417475&cwnd=229&unsent_bytes=0&cid=e5840424eb1fcaee&ts=1872&x=0"
                              2024-12-23 02:15:09 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              2192.168.2.449750172.67.191.1674432472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-12-23 02:15:12 UTC870OUTGET /check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=%27%27 HTTP/1.1
                              Host: mail-hdel.lvdd.info
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: cross-site
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Referer: http://217.28.130.10/
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
                              2024-12-23 02:15:13 UTC956INHTTP/1.1 200 OK
                              Date: Mon, 23 Dec 2024 02:15:12 GMT
                              Content-Type: text/html; charset=UTF-8
                              Transfer-Encoding: chunked
                              Connection: close
                              expires: Thu, 19 Nov 1981 08:52:00 GMT
                              Cache-Control: no-store, no-cache, must-revalidate
                              pragma: no-cache
                              vary: Accept-Encoding
                              x-turbo-charged-by: LiteSpeed
                              cf-cache-status: DYNAMIC
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sX%2Bp6wW4gWNn6tPX5vmQqroG%2B9n%2B6ZmeIBAsedEluKdZfASiZcWKeZhfRy7u4vbIyZedZeSWxHlkqzxGDZLhmMQGav9jwbTjcc5VzEfOv3jszAxx4pXN%2BcJ6klhqN94E4gxbe3ym"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 8f64d7aeb8310f6d-EWR
                              alt-svc: h3=":443"; ma=86400
                              server-timing: cfL4;desc="?proto=TCP&rtt=1540&min_rtt=1521&rtt_var=584&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2814&recv_bytes=1448&delivery_rate=1919789&cwnd=239&unsent_bytes=0&cid=190cbb57114ad37e&ts=964&x=0"
                              2024-12-23 02:15:13 UTC363INData Raw: 31 36 34 0d 0a 3c 68 74 6d 6c 3e 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 27 61 75 74 68 27 20 6d 65 74 68 6f 64 3d 27 47 45 54 27 20 6e 61 6d 65 3d 27 72 65 64 69 72 65 63 74 27 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 27 68 69 64 64 65 6e 27 20 6e 61 6d 65 3d 27 65 6d 61 69 6c 27 20 76 61 6c 75 65 3d 27 27 3e 3c 69 6e 70 75 74 20 74 79 70 65 3d 27 68 69 64 64 65 6e 27 20 6e 61 6d 65 3d 27 73 65 73 73 69 64 27 20 76 61 6c 75 65 3d 27 4d 54 63 7a 4e 44 6b 79 4d 44 45 77 4f 44 41 78 4d 7a 5a 68 5a 54 4e 6a 4d 7a 68 6a 4e 32 46 6c 4d 7a 51 34 4d 6d 4a 68 4f 54 67 31 4d 32 45 31 5a 6d 59 30 4e 54 45 31 4f 44 51 79 4e 54 51 32 4e 6d 4a 6b 4d 47 45 31 4d 6d 4e 6b 4f 54 51 30 5a 57 56
                              Data Ascii: 164<html><!DOCTYPE html><html><body><form action='auth' method='GET' name='redirect'><input type='hidden' name='email' value=''><input type='hidden' name='sessid' value='MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWV
                              2024-12-23 02:15:13 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              3192.168.2.449756172.67.191.1674432472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-12-23 02:15:15 UTC1013OUTGET /auth?email=&sessid=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ%3D%3D HTTP/1.1
                              Host: mail-hdel.lvdd.info
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: document
                              Referer: https://mail-hdel.lvdd.info/check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=%27%27
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
                              2024-12-23 02:15:16 UTC1017INHTTP/1.1 301 Moved Permanently
                              Date: Mon, 23 Dec 2024 02:15:16 GMT
                              Content-Type: text/html
                              Transfer-Encoding: chunked
                              Connection: close
                              x-turbo-charged-by: LiteSpeed
                              location: https://mail-hdel.lvdd.info/auth/?email=&sessid=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ%3D%3D
                              vary: Accept-Encoding
                              cf-cache-status: DYNAMIC
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yID54UlGGhoYpEe5Kf3Ff0ghfuGeJ0GEYZ9BCocOyXVylBNtC5vsdeu9tm7mcWUk5I26DNZz7jfX4sVyM15AdjCh5SOCix7DvPKtCfgVEMr%2BDcQqDG9IosYQXFWmAkwrymFfhx0r"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 8f64d7c45848de97-EWR
                              alt-svc: h3=":443"; ma=86400
                              server-timing: cfL4;desc="?proto=TCP&rtt=1502&min_rtt=1490&rtt_var=582&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2815&recv_bytes=1613&delivery_rate=1841109&cwnd=231&unsent_bytes=0&cid=4300aac3334bf251&ts=1002&x=0"
                              2024-12-23 02:15:16 UTC352INData Raw: 33 33 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 3c 74 69 74 6c 65 3e 20 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72
                              Data Ascii: 332<!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><title> 301 Moved Permanently</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!impor
                              2024-12-23 02:15:16 UTC473INData Raw: 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c
                              Data Ascii: sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; l
                              2024-12-23 02:15:16 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              4192.168.2.449757172.67.191.1674432472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-12-23 02:15:16 UTC1014OUTGET /auth/?email=&sessid=MTczNDkyMDEwODAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmJkMGE1MmNkOTQ0ZWVkMmM5NTJkOTJjYWIxMTg0YzRlOQ%3D%3D HTTP/1.1
                              Host: mail-hdel.lvdd.info
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Referer: https://mail-hdel.lvdd.info/check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=%27%27
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
                              2024-12-23 02:15:17 UTC1026INHTTP/1.1 302 Found
                              Date: Mon, 23 Dec 2024 02:15:17 GMT
                              Content-Type: text/html; charset=UTF-8
                              Transfer-Encoding: chunked
                              Connection: close
                              expires: Thu, 19 Nov 1981 08:52:00 GMT
                              Cache-Control: no-store, no-cache, must-revalidate
                              pragma: no-cache
                              location: ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&#br.sung@hdel.co.kr
                              x-turbo-charged-by: LiteSpeed
                              cf-cache-status: DYNAMIC
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pvn%2BOBJF8Pc35WI5nCAYxf4fdsGXOqOHamjm89oKNAGfrtKhTucoXL9i%2BaffkD7vWLUZwHCV2MGqZZN%2FOzMf9zk5ezL9tlU6vCCQ8t2nskeUd19iXmSzudaF7BuoJzFfXBPjks0B"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 8f64d7c9ee9d420d-EWR
                              alt-svc: h3=":443"; ma=86400
                              server-timing: cfL4;desc="?proto=TCP&rtt=2091&min_rtt=1947&rtt_var=1019&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2815&recv_bytes=1614&delivery_rate=941328&cwnd=244&unsent_bytes=0&cid=1cde98d0852a5f31&ts=1955&x=0"
                              2024-12-23 02:15:17 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              5192.168.2.449761172.67.191.1674432472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-12-23 02:15:20 UTC943OUTGET /auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr& HTTP/1.1
                              Host: mail-hdel.lvdd.info
                              Connection: keep-alive
                              Upgrade-Insecure-Requests: 1
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: navigate
                              Sec-Fetch-Dest: document
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              sec-ch-ua-platform: "Windows"
                              Referer: https://mail-hdel.lvdd.info/check.php?newtoken=MTczNDkyMDEwOTAxMzZhZTNjMzhjN2FlMzQ4MmJhOTg1M2E1ZmY0NTE1ODQyNTQ2NmIxMDdlMjU3YTYyNjI0NmFmMGMwZTgxZjgyMjJiNWVhNQ==&email=%27%27
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
                              2024-12-23 02:15:21 UTC961INHTTP/1.1 200 OK
                              Date: Mon, 23 Dec 2024 02:15:21 GMT
                              Content-Type: text/html; charset=UTF-8
                              Transfer-Encoding: chunked
                              Connection: close
                              expires: Thu, 19 Nov 1981 08:52:00 GMT
                              Cache-Control: no-store, no-cache, must-revalidate
                              pragma: no-cache
                              vary: Accept-Encoding
                              x-turbo-charged-by: LiteSpeed
                              cf-cache-status: DYNAMIC
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmNXjhgLK5j%2Btb6gmpFX4rcj9xdxvXaKhd%2B2Sy6YX17aCyQEqo%2FpsICY0sFS8zgZpykscIeAHBHuvkxk6BfD8MOf%2FyYU4MvdwWpEziUMEH5yuPdKS69%2FF7RsamykoZ%2BlBbkqm2eU"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 8f64d7dfdc898c7d-EWR
                              alt-svc: h3=":443"; ma=86400
                              server-timing: cfL4;desc="?proto=TCP&rtt=1826&min_rtt=1810&rtt_var=711&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2814&recv_bytes=1521&delivery_rate=1505154&cwnd=239&unsent_bytes=0&cid=24bd2197a44c7d9f&ts=1656&x=0"
                              2024-12-23 02:15:21 UTC408INData Raw: 37 63 62 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 77
                              Data Ascii: 7cb7<!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Document</title> <style> body { margin: 0; padding: 0; w
                              2024-12-23 02:15:21 UTC1369INData Raw: 25 3b 0a 20 20 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 31 30 30 76 68 3b 20 2f 2a 20 46 75 6c 6c 20 76 69 65 77 70 6f 72 74 20 68 65 69 67 68 74 20 2a 2f 0a 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 20 75 72 6c 28 22 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 43 79 77 41 41 41 59 32 43 41 59 41 41 41 44 38 4f 4d 6d 43 41 41 41 4d 50 32 6c 44 51 31 42 4a 51 30 4d 67 55 48 4a 76 5a 6d 6c 73 5a 51 41 41 53 49 6d 56 56 77 64 59 55 38 6b 57 6e 6c 74 53 49 62 51 41 41 6c 4a 43 62 34 4b 41 6c 41 42 53 51 6d 67 42 70 42 66 42 52 6b 67 43 68 42 4a 6a 51 6c 43 78 6f 34 73 4b 72 6c 30 73 59 45 4e 58 52 52 51 37 49 48 62 45 7a 69 4c 59 2b
                              Data Ascii: %; height: 100vh; /* Full viewport height */ background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACywAAAY2CAYAAAD8OMmCAAAMP2lDQ1BJQ0MgUHJvZmlsZQAASImVVwdYU8kWnltSIbQAAlJCb4KAlABSQmgBpBfBRkgChBJjQlCxo4sKrl0sYENXRRQ7IHbEziLY+
                              2024-12-23 02:15:21 UTC1369INData Raw: 79 43 78 67 73 2b 45 55 51 4d 44 67 69 6e 76 4d 77 68 70 75 4c 6d 7a 73 41 38 75 2b 4c 38 76 58 31 4a 6b 37 78 33 55 44 30 57 37 35 7a 63 2f 38 41 77 4f 39 45 66 33 2f 2f 6b 65 39 63 78 41 6b 41 39 6e 6e 42 37 58 2f 34 4f 32 66 48 68 4a 38 4f 4e 51 44 4f 48 2b 62 4a 4a 49 56 4b 44 70 64 66 43 50 41 74 6f 51 6c 33 6d 69 45 77 42 5a 62 41 44 73 37 48 44 58 67 43 58 78 41 49 51 6b 41 45 69 41 47 4a 49 42 57 4d 68 39 46 6e 77 33 55 75 41 5a 50 42 64 44 41 48 6c 49 41 79 73 42 53 73 41 75 76 41 52 72 41 46 37 41 43 37 77 58 35 51 44 34 36 43 55 2b 41 73 75 41 54 61 77 48 56 77 46 36 36 65 54 76 41 43 39 49 4a 33 34 44 4f 43 49 43 53 45 68 74 41 52 51 38 51 4d 73 55 59 63 45 54 65 45 69 66 67 6a 49 55 67 55 45 6f 2b 6b 49 75 6c 49 46 69 4a 43 5a 4d 68 30 5a 43
                              Data Ascii: yCxgs+EUQMDginvMwhpuLmzsA8u+L8vX1Jk7x3UD0W75zc/8AwO9Ef3//ke9cxAkA9nnB7X/4O2fHhJ8ONQDOH+bJJIVKDpdfCPAtoQl3miEwBZbADs7HDXgCXxAIQkAEiAGJIBWMh9Fnw3UuAZPBdDAHlIAysBSsAuvARrAF7AC7wX5QD46CU+AsuATawHVwF66eTvAC9IJ34DOCICSEhtARQ8QMsUYcETeEifgjIUgUEo+kIulIFiJCZMh0ZC
                              2024-12-23 02:15:21 UTC1369INData Raw: 33 64 46 64 34 4c 37 42 2f 5a 59 48 33 57 4f 55 78 33 79 50 4a 6f 2b 76 6e 6c 36 65 45 73 39 61 7a 32 34 76 4b 36 39 30 72 30 71 76 6d 30 78 64 5a 69 78 7a 45 66 4f 38 4e 38 45 37 79 48 75 57 39 31 48 76 6a 7a 36 65 50 67 55 2b 2b 33 33 2b 38 6e 58 79 7a 66 58 64 36 64 73 31 30 6e 61 6b 59 4f 54 57 6b 59 2f 39 4c 50 79 34 66 70 76 39 4f 76 77 5a 2f 75 6e 2b 6d 2f 77 37 41 73 77 44 75 41 46 56 41 59 38 43 4c 51 50 35 67 64 73 43 6e 37 48 73 57 54 6d 73 58 61 79 58 51 53 35 42 6b 71 42 44 51 65 2f 5a 50 75 77 5a 37 4a 50 42 57 48 42 59 63 47 6c 77 61 34 68 4f 53 46 4c 49 75 70 41 48 6f 52 61 68 57 61 45 31 6f 62 31 68 48 6d 48 54 77 6b 36 47 45 38 49 6a 77 35 65 46 33 2b 53 59 63 48 69 63 61 6b 35 76 68 46 66 45 6a 49 6a 6d 53 50 58 49 68 4d 68 31 6b 59 2b
                              Data Ascii: 3dFd4L7B/ZYH3WOUx3yPJo+vnl6eEs9az24vK690r0qvm0xdZixzEfO8N8E7yHuW91Hvjz6ePgU++33+8nXyzfXd6ds10nakYOTWkY/9LPy4fpv9OvwZ/un+m/w7AswDuAFVAY8CLQP5gdsCn7HsWTmsXayXQS5BkqBDQe/ZPuwZ7JPBWHBYcGlwa4hOSFLIupAHoRahWaE1ob1hHmHTwk6GE8Ijw5eF3+SYcHicak5vhFfEjIjmSPXIhMh1kY+
                              2024-12-23 02:15:21 UTC1369INData Raw: 64 49 37 75 72 66 7a 6c 65 52 56 2f 2b 74 46 62 77 7a 66 62 48 2f 72 2f 72 61 70 4c 37 62 76 77 62 76 38 64 35 2f 66 6c 33 34 77 2f 4c 44 6a 49 2f 50 6a 75 55 38 70 6e 35 35 39 6e 76 79 46 39 47 58 4e 56 2f 75 76 6a 64 38 69 76 39 33 72 7a 2b 2f 76 46 33 4d 6c 58 4d 57 76 41 41 59 72 6d 70 6b 4a 77 4f 76 74 41 4e 42 53 41 61 44 44 38 78 6c 31 6a 50 4c 38 70 79 69 49 38 73 79 71 51 4f 41 2f 59 65 55 5a 55 56 45 38 41 61 69 46 2f 2b 39 78 50 66 44 76 35 69 59 41 65 37 66 43 34 78 66 55 31 78 77 4c 51 43 77 4e 67 45 52 76 67 49 34 59 4d 56 67 48 7a 6d 71 4b 63 36 57 38 45 4f 45 35 59 46 50 34 31 34 7a 38 44 50 42 76 69 76 4c 4d 2b 55 50 63 50 37 64 41 72 75 6f 4f 66 6d 37 2f 42 53 66 73 66 47 43 6e 57 5a 78 5a 41 41 41 41 6c 6d 56 59 53 57 5a 4e 54 51 41 71
                              Data Ascii: dI7urfzleRV/+tFbwzfbH/r/rapL7bvwbv8d5/fl34w/LDjI/PjuU8pn559nvyF9GXNV/uvjd8iv93rz+/vF3MlXMWvAAYrmpkJwOvtANBSAaDD8xl1jPL8pyiI8syqQOA/YeUZUVE8AaiF/+9xPfDv5iYAe7fC4xfU1xwLQCwNgERvgI4YMVgHzmqKc6W8EOE5YFP414z8DPBvivLM+UPcP7dAruoOfm7/BSfsfGCnWZxZAAAAlmVYSWZNTQAq
                              2024-12-23 02:15:21 UTC1369INData Raw: 45 38 4c 33 52 70 5a 6d 59 36 54 33 4a 70 5a 57 35 30 59 58 52 70 62 32 34 2b 43 69 41 67 49 43 41 67 49 44 77 76 63 6d 52 6d 4f 6b 52 6c 63 32 4e 79 61 58 42 30 61 57 39 75 50 67 6f 67 49 43 41 38 4c 33 4a 6b 5a 6a 70 53 52 45 59 2b 43 6a 77 76 65 44 70 34 62 58 42 74 5a 58 52 68 50 67 6f 75 47 6b 6b 75 41 41 42 41 41 45 6c 45 51 56 52 34 41 65 79 64 42 34 41 65 52 33 6e 2b 35 33 71 56 64 4a 49 73 39 33 4a 79 70 51 54 54 34 70 68 75 45 30 4a 78 49 50 51 4f 41 64 4d 44 42 4e 4f 43 2f 32 41 4d 47 44 43 59 61 6e 42 77 43 42 33 54 43 63 51 55 42 33 44 6f 42 68 78 4d 53 52 78 36 6a 47 33 63 69 37 70 30 75 74 37 2f 37 32 39 4f 37 38 64 6f 76 66 75 31 75 2b 39 30 70 33 74 65 65 37 58 66 37 63 37 4f 7a 76 35 32 5a 33 62 4b 4d 2b 38 32 50 65 43 45 46 38 78 75 32
                              Data Ascii: E8L3RpZmY6T3JpZW50YXRpb24+CiAgICAgIDwvcmRmOkRlc2NyaXB0aW9uPgogICA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgouGkkuAABAAElEQVR4AeydB4AeR3n+53qVdJIs93JypQTT4phuE0JxIPQOAdMDBNOC/2AMGDCYanBwCB3TCcQUB3DoBhxMSRx6jG3ci7p0ut7/729O78dovfu1u+90p3tee7Xf7c7Ozv52Z3bKM+82PeCEF8xu2
                              2024-12-23 02:15:21 UTC1369INData Raw: 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 67 52 56 50 6f 48 6c 32 64 6e 62 46 51 78 41 41 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 43 42 78 68 42 6f 62 6d 70 71 61 6b 7a 4d 69 6c 55 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 52 47 44 46 45 32 69 65 6d 5a 6c 5a 38 52 41 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41
                              Data Ascii: QAREQAREQAREQAREQAREQAREQgRVPoHl2dnbFQxAAERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERCBxhBobmpqakzMilUEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAEREAERGDFE2iemZlZ8RAEQAREQAREQAREQAREQA
                              2024-12-23 02:15:21 UTC1369INData Raw: 32 64 6e 5a 46 51 39 42 41 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 45 52 41 42 42 70 44 6f 4c 55 78 30 53 70 57 45 52 41 42 45 52 43 42 68 53 51 77 4d 54 6b 64 68 6b 62 47 77 38 54 6b 56 49 79 32 71 61 6b 70 72 74 76 62 57 6b 4a 76 64 30 64 6f 61 32 31 5a 79 4e 4d 70 4c 68 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 46 59 4d 41 4b 74 4c 6e 70 62 73 42 67 56 6b 51 69 49 67 41 69 49 51 4e 30
                              Data Ascii: 2dnZFQ9BAERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABERABBpDoLUx0SpWERABERCBhSQwMTkdhkbGw8TkVIy2qakprtvbWkJvd0doa21ZyNMpLhEQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQARFYMAKtLnpbsBgVkQiIgAiIQN0
                              2024-12-23 02:15:21 UTC1369INData Raw: 55 32 47 55 51 74 4c 75 58 62 67 32 74 57 68 75 37 4d 6a 74 4a 6b 59 55 53 59 43 49 72 43 38 43 56 42 48 38 59 58 38 37 51 74 58 68 65 41 59 38 37 70 50 57 74 2f 78 75 67 78 72 39 6e 73 59 78 4d 33 45 78 37 46 4d 32 70 4a 77 4f 53 4c 55 50 79 4b 77 59 67 68 34 65 63 4c 61 79 78 50 57 6d 4d 71 55 46 66 4d 59 36 45 4a 46 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 51 41 52 45 6f 47 45 45 57 68 47 70 4c 47 64 44 67 4f 4d 65 42 52 6c 51 52 33 7a 44 77 71 41 36 58 67 4c 39 62 38 4c 78 4f 32 74 73 78 39 6a 48 34 44 78 2f 2b 77 41 39 38 57 49 77 77 75 73 67 63 66 49 37 4c 35 34 59 55 50 2b 49 67 41 69 49 51 4a 55 45 70 71 64 6e 77 38 6a 59 52 4c 6a 35 39 6c 33 68
                              Data Ascii: U2GUQtLuXbg2tWhu7MjtJkYUSYCIrC8CVBH8YX87QtXheAY87pPWt/xugxr9nsYxM3Ex7FM2pJwOSLUPyKwYgh4ecLayxPWmMqUFfMY6EJFQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREQAREoGEEWhGpLGdDgOMeBRlQR3zDwqA6XgL9b8LxO2tsx9jH4Dx/+wA98WIwwusgcfI7L54YUP+IgAiIQJUEpqdnw8jYRLj59l3h
                              2024-12-23 02:15:21 UTC1369INData Raw: 34 6b 67 46 6a 35 32 6d 75 76 44 62 66 64 64 6c 76 59 73 57 4e 48 31 47 38 67 4d 4e 36 77 59 55 4d 34 39 74 68 6a 34 35 72 78 43 38 59 5a 38 6f 78 78 69 56 45 62 35 39 79 2b 66 58 75 34 38 63 59 62 77 35 59 74 57 38 4c 75 33 62 74 6a 2b 49 4d 4f 4f 69 67 63 65 75 69 68 34 61 69 6a 6a 67 70 72 31 71 7a 4a 4f 31 7a 62 52 45 41 45 52 45 41 45 52 45 41 45 52 45 41 45 6c 69 47 42 2f 4a 72 68 45 72 34 51 42 74 61 70 74 41 34 4d 44 4f 77 31 75 77 36 68 54 53 72 55 71 66 63 53 58 4e 7a 6a 49 68 37 2b 70 71 4c 73 73 77 4a 39 4e 70 2f 50 43 4a 52 6f 70 31 37 53 4f 6b 34 45 56 69 61 42 30 66 48 4a 73 48 6e 37 55 4c 6a 2b 35 70 33 68 6a 39 64 76 6d 2f 4f 73 50 44 73 54 56 76 64 32 6d 46 69 35 4c 39 7a 6c 6d 49 50 43 33 59 34 37 78 49 54 48 72 65 47 61 6d 37 65 47 6b
                              Data Ascii: 4kgFj52muvDbfddlvYsWNH1G8gMN6wYUM49thj45rxC8YZ8oxxiVEb59y+fXu48cYbw5YtW8Lu3btj+IMOOigceuih4aijjgpr1qzJO1zbREAEREAEREAEREAEliGB/JrhEr4QBtaptA4MDOw1uw6hTSrUqfcSXNzjIh7+pqLsswJ9Np/PCJRop17SOk4EViaB0fHJsHn7ULj+5p3hj9dvm/OsPDsTVvd2mFi5L9zlmIPC3Y47xITHreGam7eGk


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              6192.168.2.449765172.67.191.1674432472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-12-23 02:15:28 UTC705OUTGET /favicon.ico HTTP/1.1
                              Host: mail-hdel.lvdd.info
                              Connection: keep-alive
                              sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                              sec-ch-ua-mobile: ?0
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              sec-ch-ua-platform: "Windows"
                              Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              Sec-Fetch-Site: same-origin
                              Sec-Fetch-Mode: no-cors
                              Sec-Fetch-Dest: image
                              Referer: https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              Cookie: PHPSESSID=nak6as1th99ca1bb2or6f88bui
                              2024-12-23 02:15:29 UTC900INHTTP/1.1 404 Not Found
                              Date: Mon, 23 Dec 2024 02:15:29 GMT
                              Content-Type: text/html
                              Transfer-Encoding: chunked
                              Connection: close
                              Cache-Control: private, no-cache, max-age=0
                              pragma: no-cache
                              x-turbo-charged-by: LiteSpeed
                              vary: Accept-Encoding
                              CF-Cache-Status: BYPASS
                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8IOhjvpP1svgqtTCTmXj3SsMyOenUFQuP1ewyx5P18tgXhaMQUrBNV9aOLsj5dXDd%2BVia03ttgRcQFCDZ%2Ff0I7CcaveOohJfd4poScFKDmqdezUUmOSkxMgjTG%2FFYwkKwT%2BBUFh3"}],"group":"cf-nel","max_age":604800}
                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                              Server: cloudflare
                              CF-RAY: 8f64d81339844343-EWR
                              alt-svc: h3=":443"; ma=86400
                              server-timing: cfL4;desc="?proto=TCP&rtt=1737&min_rtt=1723&rtt_var=674&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2814&recv_bytes=1283&delivery_rate=1590413&cwnd=244&unsent_bytes=0&cid=d558b8739d5fe1ed&ts=969&x=0"
                              2024-12-23 02:15:29 UTC469INData Raw: 34 65 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 28 70 72 65 66 65 72 73 2d 63 6f 6c 6f 72 2d 73 63 68 65 6d 65 3a 64 61 72 6b 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 3c 2f
                              Data Ascii: 4e1<!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><title> 404 Not Found</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</
                              2024-12-23 02:15:29 UTC787INData Raw: 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72
                              Data Ascii: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource r
                              2024-12-23 02:15:29 UTC5INData Raw: 30 0d 0a 0d 0a
                              Data Ascii: 0


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              7192.168.2.44976635.190.80.14432472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-12-23 02:15:30 UTC544OUTOPTIONS /report/v4?s=8IOhjvpP1svgqtTCTmXj3SsMyOenUFQuP1ewyx5P18tgXhaMQUrBNV9aOLsj5dXDd%2BVia03ttgRcQFCDZ%2Ff0I7CcaveOohJfd4poScFKDmqdezUUmOSkxMgjTG%2FFYwkKwT%2BBUFh3 HTTP/1.1
                              Host: a.nel.cloudflare.com
                              Connection: keep-alive
                              Origin: https://mail-hdel.lvdd.info
                              Access-Control-Request-Method: POST
                              Access-Control-Request-Headers: content-type
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-12-23 02:15:31 UTC336INHTTP/1.1 200 OK
                              Content-Length: 0
                              access-control-max-age: 86400
                              access-control-allow-methods: OPTIONS, POST
                              access-control-allow-origin: *
                              access-control-allow-headers: content-length, content-type
                              date: Mon, 23 Dec 2024 02:15:30 GMT
                              Via: 1.1 google
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close


                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                              8192.168.2.44976735.190.80.14432472C:\Program Files\Google\Chrome\Application\chrome.exe
                              TimestampBytes transferredDirectionData
                              2024-12-23 02:15:32 UTC482OUTPOST /report/v4?s=8IOhjvpP1svgqtTCTmXj3SsMyOenUFQuP1ewyx5P18tgXhaMQUrBNV9aOLsj5dXDd%2BVia03ttgRcQFCDZ%2Ff0I7CcaveOohJfd4poScFKDmqdezUUmOSkxMgjTG%2FFYwkKwT%2BBUFh3 HTTP/1.1
                              Host: a.nel.cloudflare.com
                              Connection: keep-alive
                              Content-Length: 495
                              Content-Type: application/reports+json
                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                              Accept-Encoding: gzip, deflate, br
                              Accept-Language: en-US,en;q=0.9
                              2024-12-23 02:15:32 UTC495OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 33 33 38 38 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 6d 61 69 6c 2d 68 64 65 6c 2e 6c 76 64 64 2e 69 6e 66 6f 2f 61 75 74 68 2f 65 6e 74 2e 70 68 70 3f 63 3d 41 32 48 38 26 72 65 70 6c 61 63 65 43 75 72 72 65 6e 74 3d 31 26 75 72 6c 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 68 64 65 6c 2e 63 6f 2e 6b 72 26 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 31 39 31 2e 31 36 37
                              Data Ascii: [{"age":0,"body":{"elapsed_time":3388,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://mail-hdel.lvdd.info/auth/ent.php?c=A2H8&replaceCurrent=1&url=http%3A%2F%2Fhdel.co.kr&","sampling_fraction":1.0,"server_ip":"172.67.191.167
                              2024-12-23 02:15:32 UTC168INHTTP/1.1 200 OK
                              Content-Length: 0
                              date: Mon, 23 Dec 2024 02:15:32 GMT
                              Via: 1.1 google
                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                              Connection: close


                              Click to jump to process

                              Click to jump to process

                              Click to jump to process

                              Target ID:0
                              Start time:21:14:52
                              Start date:22/12/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              Target ID:2
                              Start time:21:14:56
                              Start date:22/12/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 --field-trial-handle=2376,i,8405439244769221643,11633367070896645104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:false

                              Target ID:3
                              Start time:21:15:02
                              Start date:22/12/2024
                              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                              Wow64 process (32bit):false
                              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://217.28.130.10/8265/568747470733a2f2f6d61696c2d6864656c2e6c7664642e696e666f2f3f656d61696c3d62722e73756e67406864656c2e636f2e6b72"
                              Imagebase:0x7ff76e190000
                              File size:3'242'272 bytes
                              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                              Has elevated privileges:true
                              Has administrator privileges:true
                              Programmed in:C, C++ or other language
                              Reputation:low
                              Has exited:true

                              No disassembly